Components

SKOOR Engine

The SKOOR Engine architecture consists of the following components:

  • SKOOR Engine server

  • Configuration and history database (PostgreSQL)

  • Web server (apache)

  • SKOOR Engine Collector

    • This is the component that is actively measuring against the devices under management.

    • By default, the SKOOR Engine has its own collector-local collector running.

    • Additional external collectors can be attached, performing monitoring tasks in remote network segments and delivering their measurement results via a single TCP port to the SKOOR Engine server component. Those external collectors run in a separate independent operating system.

    • Each collector receives measurement directives from the server.

    • Each collector runs various subprocesses for each plugin type (e.g. ICMP, HTTP etc.)

  • SKOOR Engine Agent

    • Can be installed on monitored servers.

    • This agent monitors the CPU, Memory, Network Interface Card, Processes etc.).

    • Agents are available for various operating systems (Windows, Linux, FreeBSD, Solaris...).

    • The collector issues measurements on agents via a single TCP port and fetches the results.

    • Encrypted communication can be enabled for agents running on Windows

  • SKOOR Engine EEM (Enduser Experience Monitor) which runs synthetic user transactions on Windows PCs

  • 3rd party tools can feed their data into the collector using various methods.

    • Data can be fetched from a collector from a 3rd party tool via HTTP, FTP, SCP or other network protocols

    • A database client can be used/installed on the collector to run queries against remote databases.

    • The data is fed to the collector using e.g. parsefile, execute or fetchfile jobs.

SKOOR Auth

SKOOR Auth provides an authentication mechanism to other SKOOR components.

It can authenticate:

  • Local SKOOR users managed by the SKOOR Engine

  • External users managed by an Active Directory using LDAP.

  • External users managed by an authentication provider using OpenID Connect

SKOOR Webservice

The SKOOR Webservice connects the dashboards with the SKOOR or other data sources. To achieve this, it consolidates datasets from different adapters and provides them to the dashboards according to a well defined REST API.

SKOOR Dashboard

This is the core of the SKOOR Dashboard application. Besides acting as an editor for dashboards it can also be used as an interactive dashboard viewer.

Certain functionality (e.g. editing dashboards) is only available in the dashboard editor because the application has to directly communicate with the SKOOR Webservice.

The Dashboard Editor needs a direct connection to the SKOOR Webservice.

To use the dashboard editor, a valid SKOOR user is required.

SKOOR Dashboard Viewer

The Dashboard Viewer can be used when dashboards need to be accessible by external people. The Dashboard Viewer requires no direct connection to the SKOOR Webservice. Instead the Dashboard Viewer gathers its data data from the Viewer Service which itself receives its data from the Viewer Provider. Using this unidirectional data flow, the following, partly security relevant, aspects are covered:

  • There is no need for a connection from the DMZ to the internal network. The connection must only be possible from the Viewer Provider to the SKOOR Web Service (HTTP/s), from the Viewer Provider to the Viewer Service (HTTP/s) and, of course, from the Dashboard Viewer Web Application to the Viewer Service (HTTP/s).

  • To use the Dashboard Viewer no SKOOR user is required.

  • It is not possible to perform any manipulations on SKOOR objects. By design, the data flow is restricted to read operations. The only possible data manipulations are setting the own user password and sending access and error log messages.

  • The Viewer Service can be placed inside a DMZ or even within a customer's network.

  • Data integrity between Viewer Provider and Viewer Service is ensured by a HMAC based signature of the content.