Reference:Database Reference

From Netmon

Jump to: navigation, search

Contents

agg_netflow

Table Overview

Contains aggregated network traffic data from the NetFlow Collector service. This is the table which is used to construct Network Activity reports and Conversation Reports.

Column Definitions

Name Type Description
octets int8 Size of the payload (in octets)
out_iface int4 Source Interface
in_iface int4 Destination Interface
timestamp int4 Commit time
lowest_port int4 Lowest of the source/destination ports
flow_src inet Source device
dst_ip inet Destination IP Address
src_ip inet Source IP Address


agg_snmp_log

Table Overview

Contains aggregated bandwidth utilization information for SNMP devices

Column Definitions

Name Type Description
outresets int8 Number of resets sent
outoctets int8 Number of octets sent
inresets int8 Number of resets recieved
inoctets int8 Number of octets recieved
agg_log_id int8 Primary Key
timestamp int4 Date and time of commit
interface int4 The inteface number
ip inet IP Address of SNMP client


alert_commands

Table Overview

This table contains the custom commands to be triggered while dispatching alerts.

Column Definitions

Name Type Description
perform_on_recovery bool Whether this command should be triggered when the 'recovery' alert is dispatched.
perform_on_failure bool Whether this command should be triggered when the initial alert is dispatched.
async bool Whether to run the command asynchronously (true) or to wait for the command to complete and add its output to the alert email.
id int4 Primary key for this table
timeout int4 How long should we wait (in seconds) before considering the script unresponsive.
alert_type_id int4 Foreign key to alert_types.id
command varchar Template for the command to execute. Special variables will be substituted by alert parameters while generating the final command.
label varchar Label associated with this canned command.


alert_handler2command

Table Overview

This table maintains the associations between alert handlers and custom alert commands.

Column Definitions

Name Type Description
command_id int4 Foreign key that refers to alert_commands.id
handler_id int4 Foreign key that refers to alert_handlers.id


alert_handlers

Table Overview

Netmon's email and pager alerting mechanism relies on this table to determine how an alert should be dispatched.

Column Definitions

Name Type Description
alert_template_id int4 Foreign key for the template
trigger_id int4 Foreign key for the trigger
id int4 Primary Key
required_retries int4
user_id int4 Foreign key for the user
conditional_id int4 Foreign key for the conditional
media_id int4 Foreign key for the media


alert_medias

Table Overview

Contains information on how alerts are dispatched.

Column Definitions

Name Type Description
id int4 Primary key
name varchar pager, sms, email, console, etc...


alert_pending

Table Overview

Catalog of alerts waiting to be (re)processed

Column Definitions

Name Type Description
dispatch_timestamp int4 Each attempt to dispatch should update this value
trigger_timestamp int4
id int4
retries_processed int4 Number of retries that have already been processed.
handler_id int4 ID of the handler that generated this alert. (The handlers table also references to the triggers table so it is easy to retrieve the ID # of the trigger if you need it.)

The handler table specifies the number of retries to process, the media, etc... that the alert dispatcher will need.

parsed_alert_message text The Netmon daemons need to parse the custom_template from the alert_handler to dump parsed data into this field
parsed_subject varchar
sent bit 1 if this alert has been dispatched successfully, 0 otherwise.


alert_triggers

Table Overview

The alert_triggers table stores conditions that the system will attempt to match against the status of a particular service or device to determine whether or not to trigger the associated alert, which will, in turn, be dispatched through the use of the associated alert_handlers.

Column Definitions

Name Type Description
active bool
triggered bool Whether it has been triggered or not
throttle_interval int4
trigger_id int4 Primary Key
trigger_timeout int4 Timeout for alert
trigger_threshold int4 Threshold before firing alert.
reference_pkey_val int4 Primary key value from reference table
comp_exp varchar
label varchar The label of the alert
pattern varchar
reference_table_name varchar Name of reference table


alert_types

Table Overview

This table describes the conditions that constitute an alert situation.

Column Definitions

Name Type Description
id int4 Primary Key
original_template text
default_template text Default template to use for this type of alerts.
default_subject varchar
description varchar (short - 128chr) Description of the alert type
name varchar Type name of the alert (e.g. SMB_ABOVE_THRESHOLD, DF_SERVICE_DOWN, etc...)


alert_vars

Table Overview

This table describes what elements are available for a specific type of alerts.

Column Definitions

Name Type Description
id int4 Primary Key
alert_type_id int4 Defines the type of alert that export this var
label varchar
var_name varchar Name of the var that the C back-end will export.


backup_events

Table Overview

This table tracks individual events associated with Netmon backup.

Column Definitions

Name Type Description
timestamp int4 Timestamp for the event
backup_id int4 Foreign Key for the backup
id int4 Primary Key
event varchar


backups

Table Overview

This table maintains a history of all previous Netmon backups.

Column Definitions

Name Type Description
init_timestamp int4 Initial timestamp
id int4 Primary Key
description text Description of the backup
tables text Which tables to backup
status varchar Current status of the backup
notify varchar Whether to notify the owner when backup is finished
owner varchar Owner of the backup


conditionals

Table Overview

This table contains a list of IP addresses which Netmon can use to perform secondary checks before queuing an alert. See Alert Conditionals in the Netmon User Guide for more information on how Conditionals work.

Column Definitions

Name Type Description
cond_id int8 Primary Key
ip inet IP address to probe as a fallback.

Pick an IP that is always up such as your router, google, a root DNS server or something along those lines.

name varchar Friendly name for the conditional (e.g. google)


daemons

Table Overview

Contains a list of installed background services / daemons.

Column Definitions

Name Type Description
start_auto bool Whether to start the daemon automatically
id int4 Primary Key
description text Description of the daemon
name text Name of the daemon
component_type varchar


daemonsconfig

Table Overview

Contains configuration parameters for various Netmon background services (daemons).

Column Definitions

Name Type Description
id int4 Primary Key
daemon_id int4 Foreign key for the daemon
docstring_xml varchar Documentation string
value varchar Value of the config option
var varchar Name of the config option


devices

Table Overview

This table contains Netmon's master list of devices, along with a series of flags which denote various device capabilities configured in Netmon. Items in this table appear in the Devices Explorer.

Column Definitions

Name Type Description
enable_sflow bool
enable_netflow bool Whether netflow is enabled
enable_snmp bool Whether SNMP is enabled
examined bool
pending bool
index int4 The index of the device in its group
group_id int4 The ID of the group this device belongs to
timestamp int4 Timestamp
interval int4 Interval between requests, in seconds
snmp_port int4 Port to use for SNMP requests
id int4 Primary Key
sysdescr text
ip_address inet IP address of the device
status varchar Current status of the device
profile varchar Type of device
snmp_community varchar Community string
label varchar Label for the device


devices_notes

Table Overview

This table associates custom notes to specified devices

Column Definitions

Name Type Description
last_modified int4 Timestamp of when the note was last modified
created int4 Timestamp of creation
id int4 Primary Key
owner_id int4 Foreign Key for the owner
device_id int4 Foreign Key for the device
note text The note itself
subject varchar Subject of the note


df_server_log

Table Overview

This table contains historical records for Netmon's UNIX Disk/Partition Monitoring Service.

Column Definitions

Name Type Description
srv_id int8 Foreign Key for the server
log_id int8 Primary Key
total int4 Total space on drive
available int4 Total space on drive available
timestamp int4 Timestamp of check
status int4 Status of the monitor when check occured


df_servers

Table Overview

This table contains a list of UNIX/Linux disks, volumes or partitions which are currently being monitored by Netmon.

Column Definitions

Name Type Description
srv_id int8 Primary Key
available int4 Available drive space
total int4 Total drive space
timestamp int4 Timestamp of last check
status int4 Current status of the disk
threshold int4 Amount of space used before triggering alert
interval int4 Interval between checks
timeout int4 Timeout value
port int4 Port to request DF information on
ip inet IP address of server
pending varchar
message varchar The message for this monitor.
servername varchar Label for the server
partition varchar partition name, ie /dev/sda


fs_directories

Table Overview

This table contains a list of directories which should be included in Netmon's Files Explorer.

Column Definitions

Name Type Description
id int4 Primary Key
notes text Notes about this directory
permissions _varchar The permission for this directory
real_path varchar Actual filesystem path
label varchar Label for this directory


fs_files

Table Overview

This table contains a list of files which are currently available in the FILES console.

Column Definitions

Name Type Description
busy bool Whether the file is currently being written to
directory_id int4 Foreign Key the directory
id int4 Primary Key
description text Description of this file
filename varchar Actual file name
label varchar Label for this file


groups

Table Overview

This table simply specify what user groups are available. This can be used as Role Management, or simply User Grouping (recommended for flexibility)

Column Definitions

Name Type Description
id int4 Primary Key
group_name varchar Name of the user group.


hosts

Table Overview

This is a catalog of hosts that were identified on the network at some point.

Column Definitions

Name Type Description
id int4 Primary Key
timestamp int4 When was the name resolved (used for historical data and to make sure we always display the latest)
ip inet IP address of the host
node_type varchar Used for VNE Icons and possibly templates later on.
hostname varchar Hostname to display when we see this host in the VNE or reports or alerts.
host_name_type varchar Type of hostname (SMB host, Custom name, DNS resolved name, etc...)


ignored_http_extensions

Table Overview

This table contains a list of file extensions which will be ignored by Netmon's HTTP Request Analyzer service

Column Definitions

Name Type Description
id int4 Primary Key
extension varchar


interfaces

Table Overview

This table contains Netmon's master list of network interfaces. It is closely related to the devices table, as each interface in this table belongs to an entry in the devices table.

Column Definitions

Name Type Description
enable_shm bool Whether to use shared memory
enable_logging bool Whether to log this interface
homedisplay bool Whether to display on the home dashboard
shm_key int8 Key of shared memory
last_outbound int8
last_inbound int8
speed int8 Speed of the port
outresets int4 Number of resets sent
inresets int4 Number of resets received
device_id int4 Foreign Key to the device
interface int4 Interface Number
id int4 Primary Key
last_outbound_throughput float8
last_inbound_throughput float8
mac varchar MAC address of the interface
description varchar Description of the Interface
name varchar Name of the interface


localnets

Table Overview

This is a catalog of local networks on which the netmon box sits. Netmon uses the ranges defined in this table for several services, including the Background Port Scanning Service and ARP Probe Service.

Column Definitions

Name Type Description
enable_portscan bool Whether to port scan on this range
enable_snmp_discovery bool Whether to SNMP discover on this range
id int4 Primary Key
label varchar Label for this range
broadcast varchar
network varchar Network IP range


netflow

Table Overview

This table is a temporary storage location for incoming NetFlow datagrams. Every 30 minutes, data from this table is aggregated into agg_netflow, and the contents of this table are truncated.

Column Definitions

Name Type Description
packets int8 Number of packets transmitted
octets int8 Number of octets transmitted
protocol int2 Conversation protocol
out_iface int4 Out interface
in_iface int4 In interface
timestamp int4 Timestamp of commit
end_time int4 End time of conversation
start_time int4 Start time of conversation
dst_port int4 Destination port
src_port int4 Source port
flow_src inet Netflow source
dst_ip inet Destination IP address
src_ip inet Source IP address


netmon

Table Overview

This table is used internally to track registration information

Column Definitions

Name Type Description
devices int2
company_country varchar
registration_key varchar
contact_phone_ext varchar
contact_phone varchar
contact_email varchar
contact_last_name varchar
contact_first_name varchar
company_state varchar
company_city varchar
company_address varchar
activation_key varchar
company_name varchar Client company name
expires date
is_trial bit


netmon_auth

Table Overview

This table contains a record of Netmon login activity.

Column Definitions

Name Type Description
timestamp int4 Timestamp
id int4 Pkey
ip inet IP Address
medium varchar Web Interface, SSH, or Netmon Services Kit (NSK)
status varchar Success of Failed
username varchar User name


oid_log

Table Overview

This table contains the historical values of OIDs which are being monitored by Netmon's OID Tracker Service

Column Definitions

Name Type Description
oid_id int8 Foreign Key for the OID
timestamp int4 Timestamp of the log entry
id int4 Primary Key
message varchar Message of the log entry


oids

Table Overview

This table contains a list of OIDs being monitored by Netmon's OID Tracker Service.

Column Definitions

Name Type Description
homedisplay bool Whether to display this OID tracker on the home dashboard
enable_logging bool Whether to log history for this OID tracker
timestamp int4 Timestamp of last check
interval int4 Interval between checks
device_id int4 Foreign Key for the device
id int4 Primary Key
prev_message varchar The previous message
datatype varchar Datatype for this tracker
label varchar Label for this tracker
message varchar Message for the OID


permission2groups

Table Overview

Many-to-many relationships allowing groups to be assigned individual permission bits.

Column Definitions

Name Type Description
group_id int4 The ID # of the group to which this permission has been granted.
permission_id int4 The ID # of the permission


permission_categories

Table Overview

This is a catalog of the categories available for each permission (for sorting and clear presentation of permission bits)

Column Definitions

Name Type Description
id int4 Primary Key
name varchar Name of the major category (e.g. User Management, Administration, Reporting, etc...)


permissions

Table Overview

Permissions are simple bits that the system uses to determin is a specific user is allowed to perform a specific action at some point in time.

Column Definitions

Name Type Description
id int4 Primary Key
category_id int4 ID # of the category (group) to which this permission belongs.
name varchar Name of the permission (e.g. create_new_users, delete_users, edit_users, activity_report, portscan_report, etc...)


plugins

Table Overview

The plugins db table contains all plugins which are used by netmon daemons. Netmond reads the content of this table, loads and starts all plugins who have 'start_auto' set to 't'. Plugins (which are dlls or shared object) are found in /usr/local/lib

Column Definitions

Name Type Description
start_auto bool if set to 'true' daemon will load this plugin on startup, otherwise

it will not load it

daemon_id int4 id of the daemon whose plugin is this
id int4 ID of the plugin
description text Description of the plugin
running_ifaces varchar a list of eth devices on which the plugin is currently running
start_ifaces varchar a list of eth devices i.e. "eth0,eth1" on which the plugin should run
name varchar Name of the plugin


protocol_breakdown

Table Overview

This table is used to provide data for Netmon's Protocol Breakdown graphs (NetFlow).

Column Definitions

Name Type Description
timestamp int4
end_time int4
start_time int4
device int4
interface int4
id int4 Primary Key
ports _int4
octets _int8


protocols

Table Overview

This is a catalog of protocol/ports pairs (similar to /etc/services)

Column Definitions

Name Type Description
id int4
threat_level int4
port int4 Port # to use for mapping.
name varchar Name of hte protocol
protocol varchar Transport-layer protocol for the protocol.


server_log

Table Overview

This table contains a collection of server uptime and latency statistics over time.

Column Definitions

Name Type Description
srv_id int8 Foreign Key to server
log_id int8 Primary Key
log_timeout int4
interval int4
latency int4 Latency of check
timestamp int4 Timestamp of log entry
message varchar Message of check
status varchar Status when checked


servers

Table Overview

This table contains a list of UNIX/Linux disks, volumes or partitions which are currently being monitored by Netmon.

Column Definitions

Name Type Description
srv_id int8 Primary Key
log_timeout int4 Latency value before a log entry is recorded
latency int4 Latency of last check
timestamp int4 Timestamp of last check
timeout int4 Timeout value before alert is triggered
interval int4 Interval between checks
port int4 Port number
ip inet IP Address of server
pending varchar
message varchar Message of last check
status varchar Status of last check
protocol varchar Protocol (TCP or UDP)
name varchar Label of server


smb_hosts

Table Overview

smb_hosts inherits from hosts and adds the "domain" field to it.

Column Definitions

Name Type Description
id int4 Primary Key
timestamp int4 Timestamp of last check
ip inet IP address of SMB server
smb_domain varchar Netbios Domain to which this host belongs.
node_type varchar Node type
hostname varchar Hostname of hte SMB server
host_name_type varchar How the hostname was acquired


smb_server_log

Table Overview

This table contains historical disk utilization information for Netmon's Windows Share Monitoring Service

Column Definitions

Name Type Description
srv_id int8
log_id int8
timestamp int4
blocksize int4
available int4
total int4


smb_servers

Table Overview

This table contains a list of Windows shared folders / volumes which are being monitored by Netmon.

Column Definitions

Name Type Description
srv_id int8 Primary Key
threshold int4 For front-end only, not for alerts.
timestamp int4 Timestamp of last check
blocksize int4 Block size
available int4 Available drive space
total int4 Total drive space
status int4 Status of last check
interval int4 Interval between checks
timeout int4 Timeout value for the monitor before alert is triggered
ip inet IP Address of SMB host
pending varchar
message varchar Message of last check
domain varchar Domain of the SMB server
servername varchar Name of SMB server
password varchar Password for SMB share
username varchar Username for SMB share
share varchar Name of SMB share to monitor


snmp_log

Table Overview

This table contains historical bandwidth utilization data for network interfaces being monitored by Netmon's SNMP Interface Monitor service.

Column Definitions

Name Type Description
outresets int8 Number of resets sent
outoctets int8 Number of octets sent
inresets int8 Number of resets received
inoctets int8 Number of octets received
log_id int8 Primary Key
status int4 Status of log entry
timestamp int4 Timestamp of log entry
interface int4 Interface number
ip inet Ip address of SNMP device
pnotified bpchar
notified bpchar


snmp_mib_files

Table Overview

This table contains a reference of all the user-uploaded SNMP MIB files in the system

Column Definitions

Name Type Description
id int4 Primary Key
mib_path varchar Path to mib file
mib_file varchar Name of mib file


snmp_oid_trans

Table Overview

This table stores the OID to human-readable names. It is populated through calls to mib2xml

Column Definitions

Name Type Description
id int4 Primary Key
description text Description of OID
name varchar OID name


snmp_traps_trans

Table Overview

This table is used to translate an SNMP trap's OID to a human-readable format

Column Definitions

Name Type Description
mib_id int4 Foreign Key to mib
id int4 Primary Key
trap_description text Description of trap
trap_name varchar Name of trap
trap_oid varchar OID of Trap


snmpoids

Table Overview

This table is used to store the OIDs of received SNMP Trap messages. If the store flag is set to true for an snmpoid record, then Netmon will log all incoming traps for that OID.

Column Definitions

Name Type Description
store bool
id int4 Primary Key
snmpoid text OID
ip inet IP address of device


snmptrap_log

Table Overview

This table contains historical SNMP traps which have been collected by Nemton's SNMP Trap Handler.

Column Definitions

Name Type Description
id int8 Primary Key
timestamp int4 Timestamp of log entry
port int4 Port number
trapoid text OID of trap
ip inet IP address of device


snmptrapoids

Table Overview

This table is used to store the payloads of incoming SNMP traps messages.

Column Definitions

Name Type Description
log_id int4 Foreign Key to log entry
value text OID value
snmpoid text OID


syslog

Table Overview

This table contains historical SYSLOG message data.

Column Definitions

Name Type Description
msg_id int8 Primary Key
severity int4 Severity of the message
facility int4 Facility of syslog messages
timestamp int4 Timestamp of message
ip inet IP address of client
message varchar The syslog message


syslog_access

Table Overview

This table contains a list of SYSLOG clients which Netmon will accept incoming SYSLOG messages from.

Column Definitions

Name Type Description
syslog_id int8 Primary Key
severity int4 Severity
facility int4 Facility
ip inet IP address of syslog client


url_log

Table Overview

This table contains the historical status of websites and web applications being monitored by Netmon's URL Monitoring Service.

Column Definitions

Name Type Description
url_id int8 Foreign Key to URL
latency int4 Latency of check
timestamp int4 Timestamp of log entry
id int4 Primary Key
status varchar Status of check
message varchar Message of log entry


urls

Table Overview

This table contains a list of URLs being monitored by Netmon's URL Monitoring Service (websites and web applications).

Column Definitions

Name Type Description
enable_logging bool Whether to keep logs for this monitor
latency int4 Latency of last check
timestamp int4 Timestamp of last check
interval int4 Interval of checks
id int4 Primary Key
status varchar Status of last check
message varchar Message of last check
pattern varchar Pattern to search for
url varchar URL to monitor


user2groups

Table Overview

This many-to-many relationship allows users to belong to multiple groups.

Column Definitions

Name Type Description
group_id int4 ID # of the group to which this user belongs.
user_id int4 ID # identifying the user entry.


user_sessions

Table Overview

Sessions represent currently active users. This table is used to track active sessions (session variable can follow a user between requests) and meta-data allows the sessions to automagically expire, allow users to be kicked out of the system, etc...

Column Definitions

Name Type Description
session_userid int4 User ID # to whom this session belongs.

This allows you to kick a user out of the system by DELETE FROM user_sessions WHERE user_id = 2; for example

session_ttl int4 Time To Live for the session.

After that many seconds of inactivity, destroy the session.

session_start int4 When was this session initiated.
session_time int4 When was this session last accessed.
session_stack text Serialized stack containing all the session variables and data-structures.
session_id varchar The session_id is not sequence-based. It is generated by PHP using a uuid algorithm.


users

Table Overview

This table stores basic information about every user that has access to the system. This table should be used to retrieve pager #'s, email addresses, and other personal information while triggering alerts or generating reports.

Column Definitions

Name Type Description
active int2 Set to 0 if the user account is suspended
id int4 Primary Key
pager_terminal varchar Terminal number of pager service
passwd varchar SHA-1 encrypted password for the user. (This is a one-way hash-based encryption and cannot be decrypted so a lost password will need to be reset)
username varchar Username that this user can use to log-in.

If they do not remember their username, they can also use their email address.

pager_number varchar Pager # of the user (will be used to dispatch pager alerts)
email varchar Email address of the user (will be used to dispatch email alerts)
last_name varchar Last name of the user.
first_name varchar First name of the user.


web_traffic

Table Overview

This table contains a list of HTTP requests which have been sent from hosts defined in your Local Network range(s).

Column Definitions

Name Type Description
timestamp int4 Timestamp of traffic
id int4 Primary Key
dst_ip inet Destination IP Address
src_ip inet Source IP address
content_type varchar
host_name varchar Host name of requester
url varchar URL requested
Retrieved from "http://wiki.netmon.ca/index.php/Reference:Database_Reference"
Personal tools