Knowledge is Power

He who gets wisdom loves his own

soul; he who cherishes understanding

prospers.

(Proverbs 19:8)

Monitoring Tool -MRTG on CentOS 6.4

Jeong Chul

tland12.wordpress.com www.youtube.com/user/tland12

Computer Science

ITC and RUPP in Cambodia

Monitoring Tool - MRTG

on CentOS 6.4 Part 1 Managed Devices • Chapter 1 Network Monitoring Structure

• Chapter 2 Basic Terminology

• Chapter 3 Testing Environment

• Chapter 4 Managed Devices

• Chapter 5 MRTG Configuration (1)

Part 2 NMS – MRTG • Chapter 5 MRTG Configuration (2)

• Chapter 6 Email Notification

• Chapter 7 MRTG Authentication

Chapter 1 Network Monitoring Structure

Chapter 2 Basic Terminology

1.SNMP - Simple Network Management Protocol • an application-layer protocol that facilitates the exchange of management information • works between a network management system (NMS), agents, and managed devices. • uses TCP/IP protocol suite.

2. Agent A network-management software module that resides in a managed device such as

the Cisco IOS software has local knowledge of management information makes that information available by using SNMP. 3. NMS - Network Management System Run applications that monitor and control managed devices. provide resources required for network management. NMS applications such as MRTG, Cacti or Nagios. 4. Managed Device Contain an SNMP agent and reside on a managed network. Collect and store management information and make it available to NMS by using

SNMP. Include Routers, Switches, Servers, Hosts, or Printers.

Chapter 3 Testing Environment 1.NMS – MRTG (Multi Router Traffic Grapher)

IP Address: 192.168.80.6

OS: CentOS 6.4

Hostname: client.chul.com

Need to install and start MRTG service with Web server

2. Managed Devices

1)Linux Server – 192.168.80.5 (CentOS 6.4)

Need to install net-snmp package and start SNMPD

2)Windows Server 2008 - 192.168.80.48

Need to install snmp file and start SNMP service

3) Cisco Router - DHCP

Configure snmp service and activate SNMP service

Chapter 4 Managed Devices 1. Linux Server a. Packages installation # yum install net-snmp-libs net-snmp net-snmp-utils b . File Configuration # vi /etc/snmp/snmpd.conf # sec.name source community com2sec local localhost jeong com2sec mynetwork 192.168.80.0/24 jeong # groupName securityModel securityName group MyROGroup v1 mynetwork group MyROGroup v2c mynetwork # Make at least snmpwalk -v 1 localhost -c public system fast again. # name incl/excl subtree mask(optional) #view systemview included .1.3.6.1.2.1.25.1.1 view all included .1 80 # Finally, grant the group read-only access to the systemview view. # group context sec.model sec.level prefix read write notif access MyROGroup "" any noauth exact all none none access MyRWGroup "" any noauth exact all all none # Check the / partition and make sure it contains at least 10 megs. disk / 10000

c. Service checking # service snmpd start # chkconfig snmpd on # ps –ef | grep snmpd ; netstat –nau | grep 161

Chapter 4 Managed Devices 2. Windows Server 2008 Install snmp files Start -> Administrative Tools -> Services -> SNMP Service – > Properties -> Security ① Add Community : jeong ② Add Hosts : 192.168.80.6 (NMS IP)

3. Cisco Router and Switch router# config terminal router(config)# snmp-server contact tland12@gmail.com router(config)# access-list 5 permit 192.168.80.6 router(config)# snmp-server community jeong RO 5 router(config)# snmp-server host 192.168.80.6 jeong router(config)# int lo 0 router(config)# ip address 1.1.1.1 255.255.255.0 router(config)# exit router(config)# snmp-server trap-source lo0 router(config)# snmp-server enable traps

Chapter 5 MRTG Configuration 1.MRTG Installation # yum install httpd php zlib libpng gd mrtg 2. Creating configuration files for each device

# cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/mrtg.cfg jeong@192.168.80.5 // Linux Server # cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/windows.cfg jeong@192.168.80.48 // Windows Server #cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/router.cfg jeong@192.168.80.60 // Router # vi mrtg.sh //shell script to execute MRTG using cfg files #!/bin/bash LOCK=/var/lock/mrtg/mrtg_l CONFCACHE=/var/lib/mrtg/mrtg.ok env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file $LOCK --confcache-file $CONFCACHE env LANG=C /usr/bin/mrtg /etc/mrtg/windows.cfg --lock-file $LOCK --confcache-file $CONFCACHE env LANG=C /usr/bin/mrtg /etc/mrtg/router.cfg --lock-file $LOCK --confcache-file $CONFCACHE

# chmod 700 mrtg.sh

Chapter 5 MRTG Configuration 3. Editing cfg files for each Devices

a. Editing 3 files for managed devices

# vi mrtg.cfg windows.cfg router.cfg

Target[eth0]: \eth0:public@192.168.80.5:

SetEnv[eth0]: MRTG_INT_IP="192.168.80.5" MRTG_INT_DESCR="eth0"

MaxBytes[eth0]: 1250000

Title[eth0]: eth0 -- server.chul.com

PageTop[eth0]: <h1>eth0 -- server.chul.com</h1>

b. Executing shell script

# ./mrtg.sh

# ls –l /var/www/mrtg

c. Creating index file

# indexmaker –output=/var/www/mrtg/index.html mrtg.cfg windows.cfg router.cfg

d. Webserver reload

# service httpd restart

Chapter 5 MRTG Configuration 4. Access Control for MRTG Access

# vi /etc/httpd/conf.d/mrtg.conf

Alias /mrtg /var/www/mrtg

<Location /mrtg>

Order deny,allow

Deny from all

Allow from 127.0.0.1 192.168.80.0/24

</Location>

[root@centos ~]# service httpd reload

5. Crontab

#vi /etc/cron.d/mrtg

*/5 * * * * root /root/mrtg.sh

# service crond start

# chkconfig crond on

6. Testing MRTG Graph

http://localhost/mrtg/index.html

Chapter 6 Adding More Targets 1. CPU ## CPU Load Average ### Target[cpu]: .1.3.6.1.4.1.2021.10.1.5.1&.1.3.6.1.4.1.2021.10.1.5.2:jeong@192.168.80.5 MaxBytes[cpu]: 100 Unscaled[cpu]: dwmy Options[cpu]: gauge, absolute, growright, noinfo, nopercent YLegend[cpu]: CPU Load(%) ShortLegend[cpu]: (%) LegendI[cpu]: 1 minute average LegendO[cpu]: 5 minute average Legend1[cpu]: 1 minute average(%) Legend2[cpu]: 5 minute average(%) Title[cpu]: ＣＰU usage PageTop[cpu]: <H1>ＣＰＵusage</H1> ThreshMaxI[cpu]: 85 ThreshProgI[cpu]: /usr/local/sbin/notify.sh 2. Memory ### Memory Free #### Target[mem]: .1.3.6.1.4.1.2021.4.6.0&.1.3.6.1.4.1.2021.4.4.0:jeong@192.168.80.5 MaxBytes1[mem]: 1030608 MaxBytes2[mem]: 2097144 LegendI[mem]: Real LegendO[mem]: Swap 3. Disk

Chapter 7 Email Notification 1. mrtg.cfg in /etc/mrtg a. Global section

WorkDir: /var/www/mrtg

ThreshDir: /var/run/mrtg

b. Per each Target

Target[cpu]:

Options[cpu]: growright, nopercent, gauge

ThreshMaxI[cpu]: 90

ThreshMinI[cpu]: 50

ThreshProgI[cpu]: /usr/local/sbin/notify.sh

2. Need to check SMTP working for email notification

3. /usr/local/sbin/notify.sh

#!/bin/sh

echo -e "Device: $1\\nThreshold Value : $2\\nCurrent Value: $3\\nDate/Time :

`date`\\n" | mail -s "Threshold Alert: '$1' Passed $2 Threshold"

tland12@gmail.com

Chapter 8 MRTG Authentication

1.Web server configuration # vi /etc/httpd/conf/httpd.conf <Directory /var/www/mrtg> AllowOverride FileInfo AuthConfig Limit Options MultiViews Indexes IncludesNoExec

</Directory> # service httpd reload 2. Creating htaccess and htpasswd # vi /var/www/mrtg/.htaccess AuthName “ Cambodia Network Administrator” AuthType Basic AuthUserFile /var/www/.htpasswd requre valid-user # htpasswd –c /var/www/.htpasswd tland Passwd: 3. Authentication Testing http://localhost/mrtg/index.html

Monitoring Tool – MRTG on CentOS 6.4

Summary 1. Network Monitoring Structure

2. How to setup Managed Devices Linux server, Windows Server and Cisco Router

3. How to setup MRTG as a monitoring tool

4. How to use MRTG Adding more target, Email notification

MRTG Authentication

Monitoring Tool - MRTG

on CentOS 6.4

Thank you & God bless you !!

tland12.wordpress.com

www.youtube.com/user/tland12