jimasecret

Organization of this page

Function
Format
Execution permission
Storage directory
Arguments
Notes
Return values
Log output
Example

Function

This command obfuscates the specified secret and add it to the secret management File. Added secret is read and used by JP1/IM-Agent service.

For information about the secrets that you can Setup with this command, see 9.5.7 secret obfuscation capabilities in JP1/Integrated Management 3 - Manager Overview and System Design Guide.

To Page Top

Format

To list the keys that added a secret:

jimasecret -list
                   [-l shared-directory]

To add or update a secret specifying the key:

jimasecret -add
                   -key key-name
                   -s secret
                   [-l shared-directory]

To delete the secret specifying the key:

jimasecret -rm
                   -key key-name
                   [-l shared-directory]

To Page Top

Execution permission

In Windows: Administrator permissions (if the Windows UAC feature is enabled, the command is executed from the administrator console)

In UNIX: Superuser permissions

To Page Top

Storage directory

In Windows:: Agent-path\tools\
In Linux:: /opt/jp1ima/tools/

To Page Top

Arguments

-list

Lists the keys for the secret that you add. The secrets are not displayed.

It cannot be specified together with -add, or -rm option.

-add

Add a new secret by keying it.

If you specify a key that has already been added, overwrite the secret. At this time, overwriting is not checked.

You can Add up to 1,000 secrets.

If you specify this option, you must also specify -key and -s options.

Cannot be specified together with -list or -rm option.

-rm

Delete the secret that is already added by keying.

If a key that does not exist is specified, Error is returned.

If you specify this option, you must also specify -key option.

Cannot be specified together with -list or -add option.

-key key-name

Specifies the key-name of the secret that you want to add, modify, or delete.

The characters that can be specified are 0x20 to 0x7e characters of ASCII.

The maximum length that can be specified is 1,024 characters.

The specific key format is shown below.

- Information about the manager of connection desitination:

Key for the proxy password to connect to the manager host

immgr.proxy_user.authentication-ID

For authentication-ID, specify the user ID specified in immgr.proxy_user in imagent configuration file (jpc_imagent.json).

- The key of initial secret to connect to the manager host:

immgr.initial_secret

- The key of client secret to connect to the manager host

immgr.client_secret

Important: Value specified in -key is not checked for correct format.

Note: Specify client secret only if you want to manually delete it.

- For Blackbox exporter:

Key to add password of the proxy authentication:

Blackbox.module-name.proxy_user.authentication-ID

For the module-name, specify the module name specified for Blackbox exporter configuration file (jpc_blackbox_exporter.yml).

For authentication-ID, specify the user ID specified for proxy_user in Blackbox exporter configuration file (jpc_blackbox_exporter.yml)

Keys used to Add Password of the monitored Web Server:

Blackbox.module-name.basic_auth.authentication-ID

For the module-name, specify the module name specified for Blackbox exporter configuration file (jpc_blackbox_exporter.yml).

For authentication-ID, specify the user ID specified for basic_auth.username in Blackbox exporter configuration file (jpc_blackbox_exporter.yml)

Key to add Bearer token of the monitored Web Server:

Blackbox.module-name.bearer_token

For the module-name, specify the module name specified for Blackbox exporter configuration file (jpc_blackbox_exporter.yml).

- For Primitor (add-on program provided by JP1/IM - Exporter)

Keys used to add client secret of the Resource Discovery:

Promitor.resource_discovery.env.AUTH_APPKEY

Key to add client secret key of the Scraper:

Promitor.scraper.env.AUTH_APPKEY

-s secret

Specifies the secret (Password) to be added or updated.

The characters that can be specified are 0x20 to 0x7e characters of ASCII.

The maximum length that can be specified is 1,024 characters.

-l shared-directory

For a Logical host environment, specify Logical host shared directory.

Specify a relative or absolute path.

The length of the path can be up to 63 bytes.

Character types are not checked.

To Page Top

Notes

The Value specified in -key is not checked for correct format.

To Page Top

Return values

0	Normal termination
1	Abnormal termination (user-caused Error)
2	Abnormal termination (miscellaneous Error)

To Page Top

Log output

Output destination

- In Windows:

Agent-path\logs\tools\

- In Linux:

/opt/jp1ima/logs/tools/

To Page Top

Example

To add a secret:

> jimasecret -add -key Blackbox.http1.proxy_user.p-user01 -s password01

To delete a secret:

> jimasecret -rm -key Blackbox.http1.proxy _user.p-user01

To list the keys that have been added

> jimasecret -list
Blackbox.http1.proxy_user.p-user01
Blackbox.http1.basic_auth.w-user01
immgr.proxy_user.user01

To Page Top