-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Edwin,
On 3/29/16 2:32 PM, Edwin Quijada wrote: > I am seeing Zabbix but about the secutiry problems with JMX The "security problems" with JMX mostly have to do with it being very easy to configure a server stupidly. For example, opening a JMX port with no required authentication to the whole Internet is, of course, tremendously stupid. But people do stupid things like that all the time. For my money, I wouldn't enable JMX because, for monitoring, JMX is a heavy-handed protocol: you either have to maintain a persistent connection to the server or you need to launch a whole JVM and connect over JMX to get e.g. a single sample value (such as current throughput). I would recommend enabling the JMXProxyServlet through the manager application, and then locking-down the manager application so you can only access it from localhost. Also use a non-trivial password for HTTP authentication for the manager. That ought to cover just about everything except for a local intrusion, in which case you've already been pwned. - -chris > ________________________________________ From: Leonardo > Santagostini <lsantagost...@gmail.com> Sent: Tuesday, March 29, > 2016 12:20 AM To: Tomcat Users List Subject: Re: Monitoring Tomcat > > My two cents: > > You can aldo use Zabbix to Monitor your Tomcar using JMX. > > Also Zabbix is used from templates. So once you got one machine > monitored as you expected you can easy deployit on other your > machine, and the best of all, you dont nees to use apps like > Jolokia. But bear in mind that there are some security concerns. > > Best regards El mar 28, 2016 8:56 p.m., "Edwin Quijada" > <listas_quij...@hotmail.com> escribió: > >> Thks! >> >> ________________________________________ From: Mark Eggers >> <its_toas...@yahoo.com.INVALID> Sent: Monday, March 28, 2016 >> 10:32 PM To: Tomcat Users List Subject: Re: Monitoring Tomcat >> >> https://tomcat.apache.org/tomcat-7.0-doc/monitoring.html >> https://wiki.apache.org/tomcat/FAQ/Monitoring >> >> Basically enable JMX, then use a wide variety of tools to query >> an even wider variety of information. >> >> Please note that there are security issues when enabling JMX. >> Read the first link above for details. >> >> . . . just my two cents /mde/ >> >> On 3/28/2016 3:23 PM, Edwin Quijada wrote: >>> Hi! I have an app with Tomcat+Grails+Vaadin+PostgreSQL and I >>> wanna monitor >> the speed and resources of this. I add to 1024mb to Tomcat >> because the app and DB is in the same server. >>> >>> What application can I use to monitor performance of this >>> Tomcat ? >>> >>> >>> TIA >>> >> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlb77QgACgkQ9CaO5/Lv0PAcOQCeMNlr+pYLD3H6Z9k/JNR4PYm/ vSkAnRvFDAeeyrq0U/2ca04bRxcc0bfv =DZU7 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
