Opmanager is attempting to contact Zoho Networks and SMTP
Introduction
A customer noted that the OpManager Probe server was attempting to send data to Manage Engine which was in violation of the Firewall rules that they had on their IP network.
Settings that may need to be changed to stop automated data collection
Settings -- Basic Settings -- System Settings -- Disable Send Usage Statistics & Send Benchmark Statistics.
This should take care of that. We get the Usage Stats and Benchmark data from customer installations and this is enabled by default. Check that these settings have been disabled in both Central & Probe
- Send Benchmark Statistics
- Send Usage Statistics
- Product promotions
- Chat support
Additional steps to take if issue continues require editing
The frequent contact to ZOHO Networks can be avoided by the below changes (to be made after stopping OpManager):
1. Got System Settings and disable "Product Promotions" (instruction above)
2. Connect to the DB via SSH and execute the below command:
- Stop OpManager "/etc/init.d/OpManagerServer stop"
- Connect to OpManager database by following steps including those in the link,
https://pitstop.manageengine.com/portal/kb/articles/connecting-to-the-opmanager-database - Run the below query:
- update ScheduleSPSettings set propval = 'false' where propname = 'SCHEDULE_UPGRADE';
- Restart OpManager. "/etc/init.d/OpManagerServer start"
To watch the OpManager services start and confirm HTTP is up use the following command
tail -F /opt/ManageEngine/OpManagerProbe/logs/wrapper.log
Sample output
[computer@Server2 ~]$ tail -F /opt/ManageEngine/OpManagerProbe/logs/wrapper.log
INFO | jvm 1 | 2018/10/05 09:40:57 | OpUtilsService [ STARTED ]
INFO | jvm 1 | 2018/10/05 09:41:00 | DService [ STARTED ]
INFO | jvm 1 | 2018/10/05 09:41:00 | LeaService [ STARTED ]
INFO | jvm 1 | 2018/10/05 09:41:00 | DataManagement [ STARTED ]
INFO | jvm 1 | 2018/10/05 09:41:00 | FWASSHDService [ STARTED ]
INFO | jvm 1 | 2018/10/05 09:41:17 | WebService [ STARTED ]
INFO | jvm 1 | 2018/10/05 09:41:18 |
INFO | jvm 1 | 2018/10/05 09:41:18 | Server started in :: [109459 ms]
INFO | jvm 1 | 2018/10/05 09:41:18 |
INFO | jvm 1 | 2018/10/05 09:41:18 | Connect to: [ https://localhost/ ]
This should stop the traffic from OpManager to ZOHO networks. We are checking other possibilities to fix this issue.
Last option is to change the SMTP settings to some bogus values, the example below is valid SMTP server in the tait network. Change the Server Name to smtp.GET_A_SERVER.null would stop emails being sent to a valid server.
Related Articles
Accessing OpManager PGSQL Database
INTRODUCTION OpManager tool relies on PostgreSQL (PGSQL) database for data storage. This document describes how to access the database to run customized reports METHODS OF ACCESS The PGSQL database can be accessed locally (or by using SSH session) ...SQL Database query for OpManager
SQL Database query for OpManager OpManager allows searches for database information, while logged into the server there is a link at the top right to various links for help and searches. The image that looks like headphones is the link to support ...How to apply OpManager PPM Update and com.zip Patches
Table of Contents Overview.. 2 Prep and file transfer. 2 Release Notes. 2 UpDate Manager for PPM... 2 Central Server upgrade. 4 Update files. 5 Discover Properties. 5 Edit list of Traps for auto-discovery. 7 Hardware Info in inventory. 7 To Enable ...OpManager Trap Processor Config
OpManager Trap Processor Config Trap processor can be edited to display a number of labels and information based on the markup language and variables (VarBinds) https://pitstop.manageengine.com/portal/kb/articles/how-to-configure-trap-message Changes ...Configuring configlets in OpManager NCM
Manage Engine has written instruction on using and creating configlets. The link in this KB may be changed if Manage Engine update it, but for now it is a source for other NCM info as well ...