[Opendnssec-develop] Key (HSM) backup
Jakob Schlyter
jakob at kirei.se
Fri Aug 14 11:34:30 UTC 2009
On 14 aug 2009, at 10.59, John Dickinson wrote:
> The process will be completely different for every HSM. Usually (I
> expect) it will be totally out of band and a script will be able to
> do nothing.
I agree completely.
> IMHO a syslog message that can be parsed by a monitoring system like
> nagios is all we should do. If we want OpenDNSSEC to be more "pro-
> active" then send a SNMP trap. (If we want to future proof it then
> NETCONF it :) ).
>
> We could also write a net-snmp agent extension or nagios plugin to
> do the monitoring if so desired.
>
> We should not develop a whole notification system with emails/pages
> being sent out. That is a problem already solved by snmp/netconf/
> nagios etc.
++
j
More information about the Opendnssec-develop
mailing list