Cacti: Unterschied zwischen den Versionen

Aus crazylinux.de
Zur Navigation springen Zur Suche springen
Zeile 15: Zeile 15:
== Dovecot and Postfix (via SNMP) ==
== Dovecot and Postfix (via SNMP) ==
see [[Cacti/Dovecot Postfix]]
see [[Cacti/Dovecot Postfix]]
=== fail2ban ===
via snmp see https://www.pitt-pladdy.com/blog/_20130324-154457_0000_fail2ban_on_Cacti_via_SNMP/


== iptables  ==
== iptables  ==

Version vom 26. September 2015, 18:11 Uhr

Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.  http://cacti.net/

download einiger Scripts, siehe Files

Tips

Erweiterungen

Dovecot and Postfix (via SNMP)

see Cacti/Dovecot Postfix

fail2ban

via snmp see https://www.pitt-pladdy.com/blog/_20130324-154457_0000_fail2ban_on_Cacti_via_SNMP/

iptables

http://forums.cacti.net/about8091.html
download cacti templates. Da iptables als root ausgeführt werden muss, wird das script über sudo aufgerufen: /etc/sudoers

#logging
Defaults syslog = local2
# User privilege specification
www-data    ALL = NOPASSWD: /usr/share/cacti/site/scripts/iptables.pl

Damit der syslog nicht damit unnötig 'beloggt' wird, loggen wir an log-facility local2 und damit in ein eigenes Logfile /etc/syslog.conf:

...
*.*;auth,authpriv.none;mail.!*;daemon.!info;cron.!*;local2.none         -/var/log/syslog
...
local2.* /var/log/sudo.log
#!/usr/bin/perl
###
### This is a quick perl script to
### pull bandwidth usage from iptables chains
###
### If you use/optimize this script, please let me know.
### Brian Stanback : brian [at] stanback [dot] net
##
### Example iptables rule for web bandwidth usage:
### > iptables -N WWW
### > iptables -A WWW -j ACCEPT
### > iptables -A INPUT -p tcp -m tcp --dport 80 -j WWW
### > iptables -A OUTPUT -p tcp -m tcp --sport 80 -j WWW
###
### Run "iptables.pl WWW" as root to test, note that you can
### combine more than one protocol into a single chain.
###
### Sudo Configuration (/etc/sudoers)
### > www-data    ALL = NOPASSWD: /usr/share/cacti/scripts/iptables.pl
###
### The Input String should be set to "sudo <path_cacti>/scripts/iptables.pl <chain>"
### and you will need to setup an input field so that the <chain> argument can be passed.
###
### The data input type should be set to COUNTER
###
##
##
## modified by: Paul Campbell <forums@campbell-multimedia.co.uk>
## Now returns a seperate entry for each rule.  Output for a
## 3 rule chain might now be:
## rule1:123 rule2:456 rule3:789
#
if ($ARGV[0]) {
$chains = `/sbin/iptables --line-number -xnvL $ARGV[0]`;
@chains = split(/\n/, $chains);
shift(@chains);
shift(@chains);
foreach( @chains ) {
/(\d+)\W+[0-9]+\W+([0-9]+)\W+/;
print " rule$1:$2";
}
print "\n";
#$chains[2] =~ /[\W+]?[0-9]+\W+([0-9]+)\W+/;
} else {
print "Usage: $0 Chain\n";
}

Mysql

see http://forums.cacti.net/viewtopic.php?f=12&t=42427 OR


Percona Monitoring Plugins

The Percona Monitoring Plugins are high-quality components to add enterprise-grade MySQL capabilities to your existing in-house, on-premises monitoring solutions. The components are designed to integrate seamlessly with widely deployed solutions such as Nagios and Cacti, and are delivered in the form of templates, plugins, and scripts. More

Cacti-graph-set

Apache

ApacheStats 0.6 (PHP Script Server Version)

APC - PHP cache

see http://artur.ejsmont.org/blog/content/palm-v3-bundle-of-php-apache-linux-and-memcached-monitoring-scripts-and-cacti-graphs-apc

Qmail

snmpd erweitern: http://wotsit.thingy.com/haj/cacti/cacti-qmail.html

#/etc/snmp/snmpd.conf
...
extend .1.3.6.1.4.1.18689.1.3 qmail-message-status /usr/local/bin/qmailmrtg7 s /var/log/qmail
extend .1.3.6.1.4.1.18689.1.3 qmail-bytes-transfer /usr/local/bin/qmailmrtg7 b /var/log/qmail
extend .1.3.6.1.4.1.18689.1.3 qmail-smtp-concurrency /usr/local/bin/qmailmrtg7 t /var/log/qmail/smtpd
extend .1.3.6.1.4.1.18689.1.3 qmail-smtp-sessions /usr/local/bin/qmailmrtg7 a /var/log/qmail/smtpd
extend .1.3.6.1.4.1.18689.1.3 qmail-queue /usr/local/bin/qmailmrtg7 q /var/qmail/queue
extend .1.3.6.1.4.1.18689.1.3 qmail-messages /usr/local/bin/qmailmrtg7 m /var/log/qmail
extend .1.3.6.1.4.1.18689.1.3 qmail-concurrency /usr/local/bin/qmailmrtg7 c /var/log/qmail
#optional, a second smtp-service
extend .1.3.6.1.4.1.18689.1.3 qmail-mailout-smtp-concurrency /usr/local/bin/qmailmrtg7 t /var/log/qmail/smtpd_auth
extend .1.3.6.1.4.1.18689.1.3 qmail-mailout-sessions /usr/local/bin/qmailmrtg7 a /var/log/qmail/smtpd_auth
...

Werte abfragen: snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.18689.1.3

Cacti-Templates: http://forums.cacti.net/about3839.html

OIDs:

Qmail - Messages - Attempts .1.3.6.1.4.1.18689.1.3.4.1.2.14.113.109.97.105.108.45.109.101.115.115.97.103.101.115.2
Qmail - Messages - Deliveries .1.3.6.1.4.1.18689.1.3.4.1.2.14.113.109.97.105.108.45.109.101.115.115.97.103.101.115.1
Qmail - Bits Transfer .1.3.6.1.4.1.18689.1.3.4.1.2.20.113.109.97.105.108.45.98.121.116.101.115.45.116.114.97.110.115.102.101.114.1
Qmail - SMTP Concurrency .1.3.6.1.4.1.18689.1.3.4.1.2.22.113.109.97.105.108.45.115.109.116.112.45.99.111.110.99.117.114.114.101.110.99.121.1
Qmail - SMTP Totals - Allow .1.3.6.1.4.1.18689.1.3.4.1.2.19.113.109.97.105.108.45.115.109.116.112.45.115.101.115.115.105.111.110.115.1
Qmail - SMTP Totals - Deny .1.3.6.1.4.1.18689.1.3.4.1.2.19.113.109.97.105.108.45.115.109.116.112.45.115.101.115.115.105.111.110.115.2
Qmail - Queue Size .1.3.6.1.4.1.18689.1.3.4.1.2.11.113.109.97.105.108.45.113.117.101.117.101.1
Qmail - Queue Size - Unprocessed .1.3.6.1.4.1.18689.1.3.4.1.2.11.113.109.97.105.108.45.113.117.101.117.101.2
Qmail - Messages Status - Failures .1.3.6.1.4.1.18689.1.3.4.1.2.20.113.109.97.105.108.45.109.101.115.115.97.103.101.45.115.116.97.116.117.115.2
Qmail - Messages Status - Success .1.3.6.1.4.1.18689.1.3.4.1.2.20.113.109.97.105.108.45.109.101.115.115.97.103.101.45.115.116.97.116.117.115.1
Qmail - Local/Remote Concurrency - Local .1.3.6.1.4.1.18689.1.3.4.1.2.17.113.109.97.105.108.45.99.111.110.99.117.114.114.101.110.99.121.1
Qmail - Local/Remote Concurrency - Remote .1.3.6.1.4.1.18689.1.3.4.1.2.17.113.109.97.105.108.45.99.111.110.99.117.114.114.101.110.99.121.2
Qmail - SMTP_Auth Concurrency .1.3.6.1.4.1.18689.1.3.4.1.2.30.113.109.97.105.108.45.109.97.105.108.111.117.116.45.115.109.116.112.45.99.111.110.99.117.114.114.101.110.99.121.1
Qmail - SMTP_Auth Totals - Allow .1.3.6.1.4.1.18689.1.3.4.1.2.22.113.109.97.105.108.45.109.97.105.108.111.117.116.45.115.101.115.115.105.111.110.115.1
Qmail - SMTP_Auth Totals - Deny .1.3.6.1.4.1.18689.1.3.4.1.2.22.113.109.97.105.108.45.109.97.105.108.111.117.116.45.115.101.115.115.105.111.110.115.2

Qmail - SpamAssassin - Clean Qmail - SpamAssassin - Spam Qmail - Clamav - Error Qmail - Clamav - Found

courier

von http://xavier.perseguers.ch/open-source/cacti/
http://www.arschkrebs.de/postfix/couriergraph/
Files: http://crazylinux.de/files/it_stuff/cacti/courier/

/etc/snmp/snmpd.conf

exec   .1.3.6.1.4.5312.3.1   couriercount_imaps  /bin/cat /var/tmp/courierimaps
exec   .1.3.6.1.4.5312.3.2   couriercount_imap   /bin/cat /var/tmp/courierimap
exec   .1.3.6.1.4.5312.3.3   couriercount_pop3s  /bin/cat /var/tmp/courierpop3s
exec   .1.3.6.1.4.5312.3.4   couriercount_pop3   /bin/cat /var/tmp/courierpop3

Spamassassin

Als Vorlage diente qs2mrtg.pl. von qmail-scanner: Reporting: in the contrib directory there's qs2mrtg.pl. A perl script for monitoring your syslog files for qmail-scanner records. It then graphs how Qmail-Scanner is processing your emails. It creates different graphs for incoming vs outgoing email, as well as the flow of spam and viruses.

#/etc/snmp/snmpd.conf
extend .1.3.6.1.4.1.18696.1.3 spamd_spam  /bin/cat /var/qmail/log/spam.txt
extend .1.3.6.1.4.1.18696.1.3 spamd_rbl  /bin/cat /var/qmail/log/rbl.txt
extend .1.3.6.1.4.1.18696.1.3 spamd_tot_local  /bin/cat /var/qmail/log/totall.txt
extend .1.3.6.1.4.1.18696.1.3 spamd_tot_remote  /bin/cat /var/qmail/log/totalr.txt
extend .1.3.6.1.4.1.18696.1.3 spamd_quar_virus  /bin/cat /var/qmail/log/quarantinedv.txt
extend .1.3.6.1.4.1.18696.1.3 spamd_quar_policy  /bin/cat /var/qmail/log/quarantinedp.txt

HDDTemp

http://blog.gotchi.at/index.php?/archives/305-Monitoring-Hardware-mit-Cacti.html http://forums.cacti.net/about15743.html

LM Sensors

get some temperatures... see http://wiki.hetzner.de/index.php/Hardwaremonitoring

modprobe i2c-viapro && modprobe eeprom && modprobe w83627hf or put them into /etc/modules

for cacti start with http://www.wlug.org.nz/CactiLMSensors

#!/usr/bin/perl

@sensoroutput=`/usr/bin/sensors`;

foreach(@sensoroutput) {
chomp();
split();
#print $_[0],"-",$_[1],$_[2],"\n";
if ( $_[0] eq 'M/B' ) {
$temp1 = $_[2];
}
if ( $_[0] eq 'CPU' ) {
$temp2 = $_[2];
}
if ( $_[0] eq 'temp3:' ) {
$temp3 = $_[1];
}
if ( $_[0] eq 'fan1:' ) {
$fan1 = $_[1];
}
if ( $_[0] eq 'fan2:' ) {
$fan2 = $_[1];
}
if ( $_[0] eq 'fan3:' ) {
$fan3 = $_[1];
}
}

$temp1 =~ s/\+//;
$temp1 =~ s/\°C//;
$temp2 =~ s/\+//;
$temp2 =~ s/\°C//;
$temp3 =~ s/\+//;
$temp3 =~ s/\°C//;

print "temp1:$temp1 temp2:$temp2 temp3:$temp3\n";


Alternativ Solution

get lm_sensors-data via snmp (must be complied with)

ucd/net-SNMP lmSensors

SmartMonTools (smartctl)

found a better solution: https://www.pitt-pladdy.com/blog/_20091031-144604_0000_SMART_stats_on_Cacti_via_SNMP_/

old solution was:

http://forums.cacti.net/viewtopic.php?t=23959

  • HDD-Temp
  • HDD-Errors
  • Power-Up (not used)
#!/usr/bin/php
<?php
/*
 * 4 = value
 * 7 = Raw
 *
 * include this into the /etc/sudoers file!!
 * www-data    ALL= NOPASSWD: /usr/sbin/smartctl
 *
 */

if ($argc < 2) {
        die("USAGE: $argv[0] /dev/sdX\n");
}


$dev = $argv[1];
$smartCtl = exec('sudo /usr/sbin/smartctl -d ata --all ' . $dev,$output);
//print_r($output);
$_OUT = array();
$needle = "Temperature_Celsius,Reallocated_Sector_Ct,Power_On_Hours,Spin_Retry_Count,Seek_Error_Rate,Raw_Read_Error_Rate";


foreach ($output as $line) {
        if (preg_match('/^\s*(\d+)\s+(\w+)\s+(0x[0-9a-fA-F]+)\s+(\d+)\s+(\d+)\s+(\d+).*\s+\-\s+(\d+)/',$line,$match)) {
        //      print_r($match);
                if ( $match[2] == 'Temperature_Celsius') $_OUT['Temperature_Celsius'] = $match[7];
                if ( $match[2] == 'Reallocated_Sector_Ct') $_OUT['Reallocated_Sector_Ct'] = $match[7];
                if ( $match[2] == 'Power_On_Hours') $_OUT['Power_On_Hours'] = $match[7];
                if ( $match[2] == 'Spin_Retry_Count') $_OUT['Spin_Retry_Count'] = $match[7];
                if ( $match[2] == 'Seek_Error_Rate') $_OUT['Seek_Error_Rate'] = $match[7];
                if ( $match[2] == 'Raw_Read_Error_Rate') $_OUT['Raw_Read_Error_Rate'] = $match[7];
        }
}


$needle = explode(",",$needle);
foreach ( $needle as $need ) {
        if ( ! isset($_OUT[$need]) ) $_OUT[$need] = 0;
}


print (
        "Temperature_Celsius:" . $_OUT['Temperature_Celsius'] . " " .
        "Reallocated_Sector_Ct:" . $_OUT['Reallocated_Sector_Ct'] . " " .
        "Power_On_Hours:" . $_OUT['Power_On_Hours'] . " " .
        "Spin_Retry_Count:" . $_OUT['Spin_Retry_Count'] . " " .
        "Seek_Error_Rate:" . $_OUT['Seek_Error_Rate'] . " " .
        "Raw_Read_Error_Rate:" . $_OUT['Raw_Read_Error_Rate']
);


?>

Windows WMI

W32 System via WMI

Gets System Calls/sec, Context Switches/sec, Threads, Processes via WMI...
http://forums.cacti.net/about5226.html

#!/bin/sh

#get host
if [ "x$1" = "x" ]; then
        HOST=this.is.my.hostname
else
        HOST=$1;
fi;

/usr/share/cacti/site/scripts/check_nt -H $HOST -v WMICHECK \
 -l 'cimv2^select * from Win32_PerfFormattedData_PerfOS_System'|grep =|awk {'print $1 ":" int($3) " "'}|tr -d '\n'

interrupts/context switching

Graph templat for interrupts/context switching incl. threads and processes

http://forums.cacti.net/about8178.html

IIS via SNMP

http://forums.cacti.net/about12464.html

shoutcast

http://forums.cacti.net/about5286.html

HTTP/TCP-Response-Time

http://forums.cacti.net/about11020.html

Smoking Ping

http://forums.cacti.net/about7090.html