Read only agent / collector

Professor

8 years ago

For me it's not the updating of the agent software that is the most costly element, it's the months and months of raising change requests, getting the approvals and negotiating change windows for thousands of machines. We would probably never be able to stay up to date because by the time we've been through one update cycle, it would be time to start planning the next update. This is why we got rid of our previous agent based solution. Sure, we can automate the updates, but not the human element of business and IT operations.

In an ideal world, yes we'd have the resources to do everything, but in practice we have to balance risks. So, what we're doing is to focus on access controls across the estate and security audits/alerts. We're comfortable with the security of our data centers; the primary surface area for malware in our environment is the end user compute space, but even so, regular users cannot perform WMI queries or issue commands to Windows servers, and the user VLANs and data center VLANs are firewalled. We limit the number of LM admins to a trusted few (just two people).

Forum Discussion

Related Content

Collectors: Open Telemetry vs. LM Collector

Collector Debug - removed?

Bug early release Collector Update V34.500

Event Sources SNMP and Windows collectors?

Auto Balanced Collector Group vs Failover?

Recent Discussions

Dashboard Sharing – An Inline Framing Method

2021-12-15 US Office Hours

Live Training - Tuning Datapoints and Alerts - 15th JUNE 2022 - APAC

Live Training - Introduction to Dashboards - 18th MAY 2022 - APAC

2022-05-11- APAC Product Overview -Collectors, Resources/Groups, Dashboards