Red Hat JBoss

• What is Discovered and Monitored
• Event Types
• Reports
• Configuration
• Settings for Access Credentials
• Sample Event for JBoss Metrics

What is Discovered and Monitored

Protocol	Information discovered	Metrics collected	Used for
JMX		Generic information: Application version, Application port Availability metrics: Uptime, Application Server State CPU metrics: Application server instance, CPU utilization Memory metrics: Heap utilization, Heap used memory, Heap free memory, Heap max memory, Heap commit memory, Max System dumps on disk, Max heap dumps on disk Servlet metrics: Application name, Web application name, Servlet Name, Invocation count, Request errors Database pool metrics: Application server instance, JDBC provider, Data source, Pool size, Closed connections, Active Connections, Requests wait for connections, Connection use time, Connection factory type, Peak connections Thread pool metrics: Application server instance, Thread pool name, Execute threads, Peak execute threads Application level metrics: Application name, Web application name, Application server instance, Web application context root, Active sessions, Peak active sessions EJB metrics: Application name, Application server instance, EJB component name	Performance Monitoring

Event Types

In ADMIN > Device Support > Event Types, search for "jboss" to see the event types associated with this device.

Reports

In RESOURCES > Reports, search for "jboss" in the main content panel Search... field to see the reports associated with this application or device.

Configuration

• Configuring JMX on the JBoss Application Server

• Configuring FortiSIEM to Use the JMX Protocol with JBoss Application Server

Configuring JMX on the JBoss Application Server

Changing the Default JMX Port

The default port for JMX is 1090. If you want to change it, modify the file ${JBoss_Home}\server\default\conf\bindingservice.beans\META-INF\bindings-jboss-beans.xml.

<bean class="org.boss.services.bindging.ServiceBindingMetadata">   <property name="serviceName">jboss.remoting:service=JMXConnectorServer,protocol=rmi</property>   <property name="port">1090</property>   <property name="description">RMI/JRMP socket for connecting to the JMX MBeanServer</property></bean>

1. Enable authentication security check. Open the file ${JBoss_Home}\server\default\deploy\jmx-jboss-beans.xml, find the JMXConnector bean, and uncomment the securityDomain property.

   <bean name="JMXConnector" class="org.boss.system.server.jmx.JMXConnector"><!-- configuration properties --> 
   <!-- To enable authentication security checks, uncomment the following --!><!--UNCOMMENT THIS --><property name="securityDomain">jmx-console</property>

2. Modify the file ${JBoss_Home}\server\default\conf\props\jmx-console-roles.properties to configure the JMX administrator role.

   admin=JBossAdmin,HttpInvoker
   

3. Modify the file ${JBoss_Home}\server\default\conf\props\jmx-console-users.properties to configure the username and password for JMX.

   admin=yourpassword
   

4. Configure DNS resolution for the JBOSS application server in your FortiSIEM Supervsior, Workers, and Collectors by adding the IP address and DNS name of the JBOSS application server to their /etc/hosts files. If DNS is already configured to resolve the JBOSS application server name, you can skip this step.
5. Start JBoss.

   ${JBoss_Home}/bin/run.sh   -b  0.0.0.0
   or
   ${JBoss_Home}/bin/run.sh   -b  ${Binding IP}
   

Configuring FortiSIEM to Use the JMX Protocol with JBoss Application Server

To configure JMX communications between your JBOSS application server and FortiSIEM, you must copy several files from your application server to the JBOSS configuration directory for each FortiSIEM virtual appliance that will be used for discovery and performance monitoring jobs. FortiSIEM does not include these files because of licensing restrictions.

JBOSS Version	Files to Copy
4.x, 5.x, 6.x	Copy ${JBoss_Home}/lib/jboss-bootstrap-api.jar to /opt/phoenix/config/JBoss/
7.0	No copying is necessary.
7.1	Copy ${JBoss_Home}/bin/client/jboss-client.jar to /opt/phoenix/config/JBoss/

You can configure FortiSIEM to communicate with your device, and then initiate discovery of the device. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.

Settings for Access Credentials

Use these Access Method Definition settings to allow FortiSIEM to access your Red Hat JBoss device over JMX:

Setting	Value
Name	jboss
Device Type	Redhat JBOSS App Server
Access Protocol	JMX
Pull Interval (minutes)	5
Port	8880
User Name	The user you created in step 2
Password	The password you created for the user in step 3

Sample Event for JBoss Metrics

<134>Feb 06 11:38:35 10.1.2.16 java: [PH_DEV_MON_JBOSS_CPU]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[appServerState]=STARTED,[sysUpTime]=6202359,[cpuUtil]=2


<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_MEMORY]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[appServerState]=STARTED,[freeMemKB]=264776,[freeSwapMemKB]=1427864,[memTotalMB]=4095,[memUtil]=94,[swapMemUtil]=83,[swapMemTotalMB]=8189,[virtMemCommitKB]=1167176,[heapUsedKB]=188629,[heapMaxKB]=466048,[heapCommitKB]=283840,[heapUtil]=66,[nonHeapUsedKB]=106751,[nonHeapMaxKB]=311296,[nonHeapCommitKB]=107264,[nonHeapUtil]=99


<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_APP]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[webContextRoot]=//localhost/,[webAppState]=RUNNING,[cacheMaxSize]=10240,[cacheTTL]=5000,[reqProcessTimeAvg]=10472,[startTime]=1353919592,[cookiesAllowed]=true,[cachingAllowed]=true,[linkingAllowed]=false,[crossContextAllowed]=true

<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_SERVLET]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[webAppName]=//localhost/admin-console,[servletName]=Faces Servlet,[totalRequests]=6,[reqErrors]=0,[loadTime]=0,[reqProcessTimeAvg]=10610

<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_DB_POOL]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[dataSource]=DefaultDS,[dataSourceState]=Started


<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_REQUEST_PROCESSOR]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[reqProcessorName]=ajp-0.0.0.0-8009,[recvBytes]=0,[sentBytes]=0,[reqProcessTimeAvg]=0,[reqProcessTimeMax]=0,[totalRequests]=0,[reqRate]=0,[reqErrors]=0

<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_EJB]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[ejbComponentName]=ejbjar.jar,[ejbBeanName]=HelloWorldBeanRemote,[ejbAvailCount]=0,[ejbCreateCount]=0,[ejbCurrCount]=0,[ejbMaxCount]=0,[ejbRemovedCount]=0,[ejbInstanceCacheCount]=null,[ejbPassivations]=null,[ejbTotalInstanceCount]=null

<134>Feb 06 11:38:36 10.1.2.16 java: [PH_DEV_MON_JBOSS_THREAD_POOL]:[eventSeverity]=PHL_INFO,[destIpAddr]=10.1.2.16,[hostIpAddr]=10.1.2.16,[hostName]=SH-WIN08R2-JMX,[destDevPort]=1090,[appVersion]=6.1.0.Final "Neo",[threadPoolName]=ajp-0.0.0.0-8009,[appPort]=8009,[totalThreads]=0,[busyThreads]=0,[maxThreads]=2048,[threadPriority]=5,[pollerSize]=32768,[threadPoolIsDaemon]=true