Knowledge is PowerNeed to install and start MRTG service with Web server 2. Managed Devices 1)Linux...
Transcript of Knowledge is PowerNeed to install and start MRTG service with Web server 2. Managed Devices 1)Linux...
Knowledge is Power
He who gets wisdom loves his own
soul; he who cherishes understanding
prospers.
(Proverbs 19:8)
Monitoring Tool -MRTG on CentOS 6.4
Jeong Chul
tland12.wordpress.com www.youtube.com/user/tland12
Computer Science
ITC and RUPP in Cambodia
Monitoring Tool - MRTG
on CentOS 6.4 Part 1 Managed Devices • Chapter 1 Network Monitoring Structure
• Chapter 2 Basic Terminology
• Chapter 3 Testing Environment
• Chapter 4 Managed Devices
• Chapter 5 MRTG Configuration (1)
Part 2 NMS – MRTG • Chapter 5 MRTG Configuration (2)
• Chapter 6 Email Notification
• Chapter 7 MRTG Authentication
Chapter 1 Network Monitoring Structure
Chapter 2 Basic Terminology
1.SNMP - Simple Network Management Protocol • an application-layer protocol that facilitates the exchange of management information • works between a network management system (NMS), agents, and managed devices. • uses TCP/IP protocol suite.
2. Agent A network-management software module that resides in a managed device such as
the Cisco IOS software has local knowledge of management information makes that information available by using SNMP. 3. NMS - Network Management System Run applications that monitor and control managed devices. provide resources required for network management. NMS applications such as MRTG, Cacti or Nagios. 4. Managed Device Contain an SNMP agent and reside on a managed network. Collect and store management information and make it available to NMS by using
SNMP. Include Routers, Switches, Servers, Hosts, or Printers.
Chapter 3 Testing Environment 1.NMS – MRTG (Multi Router Traffic Grapher)
IP Address: 192.168.80.6
OS: CentOS 6.4
Hostname: client.chul.com
Need to install and start MRTG service with Web server
2. Managed Devices
1)Linux Server – 192.168.80.5 (CentOS 6.4)
Need to install net-snmp package and start SNMPD
2)Windows Server 2008 - 192.168.80.48
Need to install snmp file and start SNMP service
3) Cisco Router - DHCP
Configure snmp service and activate SNMP service
Chapter 4 Managed Devices 1. Linux Server a. Packages installation # yum install net-snmp-libs net-snmp net-snmp-utils b . File Configuration # vi /etc/snmp/snmpd.conf # sec.name source community com2sec local localhost jeong com2sec mynetwork 192.168.80.0/24 jeong # groupName securityModel securityName group MyROGroup v1 mynetwork group MyROGroup v2c mynetwork # Make at least snmpwalk -v 1 localhost -c public system fast again. # name incl/excl subtree mask(optional) #view systemview included .1.3.6.1.2.1.25.1.1 view all included .1 80 # Finally, grant the group read-only access to the systemview view. # group context sec.model sec.level prefix read write notif access MyROGroup "" any noauth exact all none none access MyRWGroup "" any noauth exact all all none # Check the / partition and make sure it contains at least 10 megs. disk / 10000
c. Service checking # service snmpd start # chkconfig snmpd on # ps –ef | grep snmpd ; netstat –nau | grep 161
Chapter 4 Managed Devices 2. Windows Server 2008 Install snmp files Start -> Administrative Tools -> Services -> SNMP Service – > Properties -> Security ① Add Community : jeong ② Add Hosts : 192.168.80.6 (NMS IP)
3. Cisco Router and Switch router# config terminal router(config)# snmp-server contact [email protected] router(config)# access-list 5 permit 192.168.80.6 router(config)# snmp-server community jeong RO 5 router(config)# snmp-server host 192.168.80.6 jeong router(config)# int lo 0 router(config)# ip address 1.1.1.1 255.255.255.0 router(config)# exit router(config)# snmp-server trap-source lo0 router(config)# snmp-server enable traps
Chapter 5 MRTG Configuration 1.MRTG Installation # yum install httpd php zlib libpng gd mrtg 2. Creating configuration files for each device
# cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/mrtg.cfg [email protected] // Linux Server # cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/windows.cfg [email protected] // Windows Server #cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/router.cfg [email protected] // Router # vi mrtg.sh //shell script to execute MRTG using cfg files #!/bin/bash LOCK=/var/lock/mrtg/mrtg_l CONFCACHE=/var/lib/mrtg/mrtg.ok env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file $LOCK --confcache-file $CONFCACHE env LANG=C /usr/bin/mrtg /etc/mrtg/windows.cfg --lock-file $LOCK --confcache-file $CONFCACHE env LANG=C /usr/bin/mrtg /etc/mrtg/router.cfg --lock-file $LOCK --confcache-file $CONFCACHE
# chmod 700 mrtg.sh
Chapter 5 MRTG Configuration 3. Editing cfg files for each Devices
a. Editing 3 files for managed devices
# vi mrtg.cfg windows.cfg router.cfg
Target[eth0]: \eth0:[email protected]:
SetEnv[eth0]: MRTG_INT_IP="192.168.80.5" MRTG_INT_DESCR="eth0"
MaxBytes[eth0]: 1250000
Title[eth0]: eth0 -- server.chul.com
PageTop[eth0]: <h1>eth0 -- server.chul.com</h1>
b. Executing shell script
# ./mrtg.sh
# ls –l /var/www/mrtg
c. Creating index file
# indexmaker –output=/var/www/mrtg/index.html mrtg.cfg windows.cfg router.cfg
d. Webserver reload
# service httpd restart
Chapter 5 MRTG Configuration 4. Access Control for MRTG Access
# vi /etc/httpd/conf.d/mrtg.conf
Alias /mrtg /var/www/mrtg
<Location /mrtg>
Order deny,allow
Deny from all
Allow from 127.0.0.1 192.168.80.0/24
</Location>
[root@centos ~]# service httpd reload
5. Crontab
#vi /etc/cron.d/mrtg
*/5 * * * * root /root/mrtg.sh
# service crond start
# chkconfig crond on
6. Testing MRTG Graph
http://localhost/mrtg/index.html
Chapter 6 Adding More Targets 1. CPU ## CPU Load Average ### Target[cpu]: .1.3.6.1.4.1.2021.10.1.5.1&.1.3.6.1.4.1.2021.10.1.5.2:[email protected] MaxBytes[cpu]: 100 Unscaled[cpu]: dwmy Options[cpu]: gauge, absolute, growright, noinfo, nopercent YLegend[cpu]: CPU Load(%) ShortLegend[cpu]: (%) LegendI[cpu]: 1 minute average LegendO[cpu]: 5 minute average Legend1[cpu]: 1 minute average(%) Legend2[cpu]: 5 minute average(%) Title[cpu]: CPU usage PageTop[cpu]: <H1>CPUusage</H1> ThreshMaxI[cpu]: 85 ThreshProgI[cpu]: /usr/local/sbin/notify.sh 2. Memory ### Memory Free #### Target[mem]: .1.3.6.1.4.1.2021.4.6.0&.1.3.6.1.4.1.2021.4.4.0:[email protected] MaxBytes1[mem]: 1030608 MaxBytes2[mem]: 2097144 LegendI[mem]: Real LegendO[mem]: Swap 3. Disk
Chapter 7 Email Notification 1. mrtg.cfg in /etc/mrtg a. Global section
WorkDir: /var/www/mrtg
ThreshDir: /var/run/mrtg
b. Per each Target
Target[cpu]:
Options[cpu]: growright, nopercent, gauge
ThreshMaxI[cpu]: 90
ThreshMinI[cpu]: 50
ThreshProgI[cpu]: /usr/local/sbin/notify.sh
2. Need to check SMTP working for email notification
3. /usr/local/sbin/notify.sh
#!/bin/sh
echo -e "Device: $1\\nThreshold Value : $2\\nCurrent Value: $3\\nDate/Time :
`date`\\n" | mail -s "Threshold Alert: '$1' Passed $2 Threshold"
Chapter 8 MRTG Authentication
1.Web server configuration # vi /etc/httpd/conf/httpd.conf <Directory /var/www/mrtg> AllowOverride FileInfo AuthConfig Limit Options MultiViews Indexes IncludesNoExec
</Directory> # service httpd reload 2. Creating htaccess and htpasswd # vi /var/www/mrtg/.htaccess AuthName “ Cambodia Network Administrator” AuthType Basic AuthUserFile /var/www/.htpasswd requre valid-user # htpasswd –c /var/www/.htpasswd tland Passwd: 3. Authentication Testing http://localhost/mrtg/index.html
Monitoring Tool – MRTG on CentOS 6.4
Summary 1. Network Monitoring Structure
2. How to setup Managed Devices Linux server, Windows Server and Cisco Router
3. How to setup MRTG as a monitoring tool
4. How to use MRTG Adding more target, Email notification
MRTG Authentication
Monitoring Tool - MRTG
on CentOS 6.4
Thank you & God bless you !!
tland12.wordpress.com
www.youtube.com/user/tland12