I just stumbled across this https://github.com/vyos/vyos-salt-minion
and then did some additional searching to discover that VyOS should be able to run as a salt minion in version 1.2

When I used Puppet, I used Foreman and it would store Facts for viewing. Supposedly Foreman can also be used with Salt, but I hadn't tried it. If I ever am able to run Salt in production again I will be looking into it.

@dyasny said in Monitoring with SaltStack VS Zabbix:

@flaxking You mean actual graphs and reports on stats gathered over time? Grafana is all about that

I mean like if you wanted to report on all the different OSes you have running - which I didn't think was possible using Prometheus + Grafana without determining a numeric value for each OS, but it looks like I'm wrong about that.

@Obsolesce said in Monitoring with SaltStack VS Zabbix:

@flaxking said in Monitoring with SaltStack VS Zabbix:

@dyasny said in Monitoring with SaltStack VS Zabbix:

I do all my monitoring with prometheus and grafana. Stats are saved, everything looks nice, and alerts are fully customizable. Can't complain

What about for monitoring things that aren't naturally represented as metrics?

What kind of monitoring?

@dyasny Hmm, well I guess what I was thinking about probably falls under "reporting" rather than monitoring.

@dyasny said in Monitoring with SaltStack VS Zabbix:

I do all my monitoring with prometheus and grafana. Stats are saved, everything looks nice, and alerts are fully customizable. Can't complain

What about for monitoring things that aren't naturally represented as metrics?

Self hosted screenconnect. Not sure what we will turn to when they stop offering maintenance subscriptions and our version gets too old.

@tonyshowoff said in SQL security over the LAN:

@flaxking said in SQL security over the LAN:

@tonyshowoff said in SQL security over the LAN:

@flaxking That may work and is worth a try, but it's likely not to work because the client is passing along to SQL Server and it's not known whether or not they implemented, or allow, encrypted traffic within their SQL Server connection library. Even if implemented in the library, it doesn't mean the client allows it, and even may be intentionally disabled for God only knows what reason. It isn't an SQL client, it's an application which just connects to SQL Server or passes raw SQL along to an application server to avoid client connection licensing limits.

How would that avoid licencing? The MS SQL licencing doesn't care how a user connects, you have to get CALs for the actual users using it no matter the method used. (Unless using SQL Express)

Because it opens one connection between the application server and the SQL Server rather than a new one for every single client. You can avoid user CAL issues because it's one connection from one user.

I can't speak to there possibility being a point in time when this was true, but it is not true now. You have to get CALs for each actual person, even if they themselves are not in direct communication with the MS SQL Server

SQL Express supports the transport encryption method I gave instructions for.

@tonyshowoff said in SQL security over the LAN:

@flaxking That may work and is worth a try, but it's likely not to work because the client is passing along to SQL Server and it's not known whether or not they implemented, or allow, encrypted traffic within their SQL Server connection library. Even if implemented in the library, it doesn't mean the client allows it, and even may be intentionally disabled for God only knows what reason. It isn't an SQL client, it's an application which just connects to SQL Server or passes raw SQL along to an application server to avoid client connection licensing limits.

How would that avoid licencing? The MS SQL licencing doesn't care how a user connects, you have to get CALs for the actual users using it no matter the method used. (Unless using SQL Express)

Also using an encrypted password in the ini file is at least better than using Windows Authentication and each user actually having full permission on the database and could alter data with with a connection to SQL outside of the application