Troubleshooting
Configuring resources or alerts results in a “403: Forbidden” response
When creating or modifying any form of resource or alert, if the
response returned from the monitor is 403: Forbidden this
indicates that the CLI is not authenticated to the monitor (or a
previous authenticated connection has timed out). To resolve simply
login to the monitor, for example:
# hamonitor resource add
Enter protocol [NFS, SMB]: SMB
IP address of the SMB server: 10.6.4.68
SMB share name: Acc_mnt
Mount options [return for None]:
Username [return for None]: admin
Password [return for None]:
Do you want to test the connection now? [y/n]y
403: Forbidden
# hamonitor login
Enter URL [https://localhost:13514 if empty]:
Enter Username:
Enter Password:
Welcome admin
# hamonitor resource add
Enter protocol [NFS, SMB]: SMB
IP address of the SMB server: 10.6.4.68
SMB share name: Acc_mnt
Mount options [return for None]:
Username [return for None]: admin
Password [return for None]:
Do you want to test the connection now? [y/n]y
Test successful
201: Created
Adding an SMB resource results in an unsuccessful test
If, at the final stage of adding an SMB resource to be monitored, the connection test fails then the underlying cause is likely to be recorded on the SMB server itself in system specific message files.
For example, in the case where the share name is incorrect you would see a log entry similar in format to:
```
Dec 9 12:14:35 NOTICE: smbd[MG\guest]: smb share not found
```
Or for an authentication issue:
Dec 9 12:19:22 NOTICE: smbd[MG\guest]: pool1_smb access denied: guest disabled.
Firewall settings
The following table lists the ports used by the monitor. Depending on which facilities are in use by the monitor and location of firewalls on the network it may be necessary to provide rules to allow traffic through.
| Protocol | Port | UDP/TCP | Description |
|---|---|---|---|
| SNMP | 162 | UDP | Uses UDP to send traps. Currently the monitor does not listen on port 161 (which is used by the “SNMP Manager” to talk to agents - in effect the port used for polling rather than traps). |
| Emai/TLS | 587 | TCP | The default TLS port on which connections to the email server are made - note that this setting can be re-configured in the monitor when email is configured. |
| Webhooks | 443 | TCP | When writing alerts to applications such as Teams/Slack the appropriate web hooks links are used - these are typically provided by the application vendors themselves. Addresses currently configured are for Slack https://hooks.slack.com and for Teams https://outlook.office.com |
| Hamonitor | 13514 | TCP | The hamonitor itself listens on port 13514 to accept incoming REST calls (login, create users, create alerts etc.). Typically, configuration is done on the hamonitor host machine therefore it is not necessary to open this port in a firewall. |