Netprobe whitelist
Overview
Netprobe has whitelist settings available for both plugins and commands.
Plugin whitelist
The plugIn whitelist is a list of plugin names that determines if a plugin can be used for sampling. If a plugin is not in the whitelist, then the sampler associated with it cannot perform sampling during runtime.
The whitelist is defined in the setup file.
Note
If no setup file is specified, or if the whitelist does not contain any valid plugin names, then all plugins are allowed by default.
When defined, plugin names should be the same as those listed under Plugin in the for them to be recognised.
Below is a screenshot of a disabled sampler:
Command whitelist
The command whitelist is a list of shell commands that can be used for sampling. If a shell command is not in the whitelist, then an error will be shown in the dataview.
The whitelist is defined in the setup file.
Note
If no setup file is specified, or if the whitelist does not contain any valid shell commands, then all shell commands are allowed by default.
Valid commands are as follows:
- Configurable plugin shell commands that are invoked by the plugins themselves.
- User commands specified in the that are manually invoked in the .
The command whitelist makes use of regular expressions, which follows the Perl-Compatible Regular Expressions (PCRE) syntax, to specify the allowed commands. When matching for exact strings, always terminate your regular expressions.
Below are screenshots of error messages:
Applicable plugins and features
Below is the list of plugins and features with user-configurable shell commands that can be used in the command whitelist:
Caution
In Toolkit plugin, you can use the Advanced settings to write the script to the server. Unless the Toolkit Advanced tab is secured by a hook validation, it is possible to work around the restriction set in the command whitelist.
- cpu
- toolkit
- network
- processes
- gl-orderbook
- fidessa
- flm
- gl-lostorders
- informix
- ipc
- market-data-monitor
- net-ping
- tcp-links
- unix-users
- veritas-cluster-server
Configuration settings
Plugin whitelist settings
pluginWhiteList
Contains the list of plugin names to be enabled.
Mandatory: No
pluginWhiteList > data
Specifies a plugin name to be enabled.
Mandatory: No
Command Whitelist Settings
commandWhiteList
Contains the list of shell commands to be enabled.
Mandatory: No
commandWhiteList > data
Specifies a shell command to be enabled.
Mandatory: No
Example configuration
Plugin Whitelist
This example shows that the CPU and TOP plugins are enabled.
<netprobe>
<pluginWhiteList>
<data>cpu</data>
<data>top</data>
</pluginWhiteList>
</netprobe>
Command Whitelist
This example shows that the commands echo test and cat <anything> are enabled.
<netprobe>
<commandWhiteList>
<data>echo test\b</data>
<data>^cat.*</data>
</commandWhiteList>
</netprobe>