Cacti: Unterschied zwischen den Versionen

Aus crazylinux.de
Zur Navigation springen Zur Suche springen
(tags)
Zeile 6: Zeile 6:
[http://crazylinux.de/files/it_stuff/cacti/iptables/ download cacti templates]. Da iptables als root ausgeführt werden muss, wird das script über sudo aufgerufen:
[http://crazylinux.de/files/it_stuff/cacti/iptables/ download cacti templates]. Da iptables als root ausgeführt werden muss, wird das script über sudo aufgerufen:
/etc/sudoers
/etc/sudoers
#logging
#logging
Defaults syslog = local2
Defaults syslog = local2
# User privilege specification
# User privilege specification
www-data    ALL = NOPASSWD: /usr/share/cacti/site/scripts/iptables.pl
www-data    ALL = NOPASSWD: /usr/share/cacti/site/scripts/iptables.pl


Damit der syslog nicht damit unnötig 'beloggt' wird, loggen wir an log-facility local2 und damit in ein eigenes Logfile
Damit der syslog nicht damit unnötig 'beloggt' wird, loggen wir an log-facility local2 und damit in ein eigenes Logfile
/etc/syslog.conf:
/etc/syslog.conf:
...
...
*.*;auth,authpriv.none;mail.!*;daemon.!info;cron.!*;local2.none        -/var/log/syslog
*.*;auth,authpriv.none;mail.!*;daemon.!info;cron.!*;local2.none        -/var/log/syslog
...
...
local2.* /var/log/sudo.log
local2.* /var/log/sudo.log


<pre>
<pre>
Zeile 52: Zeile 52:
#
#
if ($ARGV[0]) {
if ($ARGV[0]) {
        $chains = `/sbin/iptables --line-number -xnvL $ARGV[0]`;
$chains = `/sbin/iptables --line-number -xnvL $ARGV[0]`;
        @chains = split(/\n/, $chains);
@chains = split(/\n/, $chains);
        shift(@chains);
shift(@chains);
        shift(@chains);
shift(@chains);
        foreach( @chains ) {
foreach( @chains ) {
                /(\d+)\W+[0-9]+\W+([0-9]+)\W+/;
/(\d+)\W+[0-9]+\W+([0-9]+)\W+/;
                print " rule$1:$2";
print " rule$1:$2";
        }
}
        print "\n";
print "\n";
        #$chains[2] =~ /[\W+]?[0-9]+\W+([0-9]+)\W+/;
#$chains[2] =~ /[\W+]?[0-9]+\W+([0-9]+)\W+/;
} else {
} else {
        print "Usage: $0 Chain\n";
print "Usage: $0 Chain\n";
}
}
</pre>
</pre>
Zeile 105: Zeile 105:


Werte abfragen:
Werte abfragen:
snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.50
snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.50


Cacti-Templates: http://forums.cacti.net/about3839.html
Cacti-Templates: http://forums.cacti.net/about3839.html
Zeile 185: Zeile 185:
http://forums.cacti.net/about15743.html
http://forums.cacti.net/about15743.html


[[Category:WWW]]
[[Kategorie:WWW]]
[[Kategorie:Cacti]]

Version vom 5. Februar 2008, 03:28 Uhr

Cacti

Erweiterungen

iptables

http://forums.cacti.net/about8091.html
download cacti templates. Da iptables als root ausgeführt werden muss, wird das script über sudo aufgerufen: /etc/sudoers

  1. logging

Defaults syslog = local2

  1. User privilege specification

www-data ALL = NOPASSWD: /usr/share/cacti/site/scripts/iptables.pl

Damit der syslog nicht damit unnötig 'beloggt' wird, loggen wir an log-facility local2 und damit in ein eigenes Logfile /etc/syslog.conf: ...

  • .*;auth,authpriv.none;mail.!*;daemon.!info;cron.!*;local2.none -/var/log/syslog

... local2.* /var/log/sudo.log 

#!/usr/bin/perl
###
### This is a quick perl script to
### pull bandwidth usage from iptables chains
###
### If you use/optimize this script, please let me know.
### Brian Stanback : brian [at] stanback [dot] net
##
### Example iptables rule for web bandwidth usage:
### > iptables -N WWW
### > iptables -A WWW -j ACCEPT
### > iptables -A INPUT -p tcp -m tcp --dport 80 -j WWW
### > iptables -A OUTPUT -p tcp -m tcp --sport 80 -j WWW
###
### Run "iptables.pl WWW" as root to test, note that you can
### combine more than one protocol into a single chain.
###
### Sudo Configuration (/etc/sudoers)
### > www-data    ALL = NOPASSWD: /usr/share/cacti/scripts/iptables.pl
###
### The Input String should be set to "sudo <path_cacti>/scripts/iptables.pl <chain>"
### and you will need to setup an input field so that the <chain> argument can be passed.
###
### The data input type should be set to COUNTER
###
##
##
## modified by: Paul Campbell <forums@campbell-multimedia.co.uk>
## Now returns a seperate entry for each rule.  Output for a
## 3 rule chain might now be:
## rule1:123 rule2:456 rule3:789
#
if ($ARGV[0]) {
$chains = `/sbin/iptables --line-number -xnvL $ARGV[0]`;
@chains = split(/\n/, $chains);
shift(@chains);
shift(@chains);
foreach( @chains ) {
/(\d+)\W+[0-9]+\W+([0-9]+)\W+/;
print " rule$1:$2";
}
print "\n";
#$chains[2] =~ /[\W+]?[0-9]+\W+([0-9]+)\W+/;
} else {
print "Usage: $0 Chain\n";
}

Mysql

http://forums.cacti.net/viewtopic.php?t=6108

Squid

in /etc/snmp/snmpd.conf 

proxy -v 1 -c public localhost:3401 .1.3.6.1.4.1.3495.1

und in /etc/squid/squid.conf 

acl snmppublic snmp_community public
snmp_access allow snmppublic localhost
snmp_access deny all
snmp_port 3401

http://forums.cacti.net/about4142-0-asc-0.html

Qmail

snmpd erweitern: http://wotsit.thingy.com/haj/cacti/cacti-qmail.html

#/etc/snmp/snmpd.conf
...
exec .1.3.6.1.4.1.2021.50.1 qmail-message-status  /usr/local/bin/qmailmrtg7 s /var/log/qmail
exec .1.3.6.1.4.1.2021.50.2 qmail-bytes-transfer /usr/local/bin/qmailmrtg7 b /var/log/qmail
exec .1.3.6.1.4.1.2021.50.3 qmail-smtp-concurrency /usr/local/bin/qmailmrtg7 t /var/log/qmail/smtpd
exec .1.3.6.1.4.1.2021.50.4 qmail-sessions /usr/local/bin/qmailmrtg7 a /var/log/qmail/smtpd
exec .1.3.6.1.4.1.2021.50.5 qmail-queue /usr/local/bin/qmailmrtg7 q /var/qmail/queue
exec .1.3.6.1.4.1.2021.50.6 qmail-messages /usr/local/bin/qmailmrtg7 m /var/log/qmail
exec .1.3.6.1.4.1.2021.50.7 qmail-concurrency /usr/local/bin/qmailmrtg7 c /var/log/qmail
exec .1.3.6.1.4.1.2021.50.8 qmail-smtp-concurrency /usr/local/bin/qmailmrtg7 t /var/log/qmail/smtpd_auth
exec .1.3.6.1.4.1.2021.50.9 qmail-sessions /usr/local/bin/qmailmrtg7 a /var/log/qmail/smtpd_auth
...

Werte abfragen: snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.50

Cacti-Templates: http://forums.cacti.net/about3839.html

OIDs:

Qmail - Messages - Attempts .1.3.6.1.4.1.2021.50.1.101.2
Qmail - Messages - Deliveries .1.3.6.1.4.1.2021.50.1.101.1
Qmail - Bits Transfer .1.3.6.1.4.1.2021.50.2.101.1
Qmail - SMTP Concurrency .1.3.6.1.4.1.2021.50.3.101.1
Qmail - SMTP Totals - Allow .1.3.6.1.4.1.2021.50.4.101.1
Qmail - SMTP Totals - Deny .1.3.6.1.4.1.2021.50.4.101.2
Qmail - Queue Size .1.3.6.1.4.1.2021.50.5.101.2
Qmail - Queue Size - Unprocessed .1.3.6.1.4.1.2021.50.5.101.1
Qmail - Messages Status - Failures .1.3.6.1.4.1.2021.50.6.101.2
Qmail - Messages Status - Success .1.3.6.1.4.1.2021.50.6.101.1
Qmail - Local/Remote Concurrency - Local .1.3.6.1.4.1.2021.50.7.101.1
Qmail - Local/Remote Concurrency - Remote .1.3.6.1.4.1.2021.50.7.101.2

Qmail - SpamAssassin - Clean Qmail - SpamAssassin - Spam Qmail - Clamav - Error Qmail - Clamav - Found

courier

von http://xavier.perseguers.ch/open-source/cacti/
Files: http://crazylinux.de/files/it_stuff/cacti/courier/

/etc/snmp/snmpd.conf 

exec   .1.3.6.1.4.5312.3.1   couriercount_imaps  /bin/cat /var/tmp/courierimaps
exec   .1.3.6.1.4.5312.3.2   couriercount_imap   /bin/cat /var/tmp/courierimap
exec   .1.3.6.1.4.5312.3.3   couriercount_pop3s  /bin/cat /var/tmp/courierpop3s
exec   .1.3.6.1.4.5312.3.4   couriercount_pop3   /bin/cat /var/tmp/courierpop3

Spamassassin

Als Vorlage diente qs2mrtg.pl. von qmail-scanner: Reporting: in the contrib directory there's qs2mrtg.pl. A perl script for monitoring your syslog files for qmail-scanner records. It then graphs how Qmail-Scanner is processing your emails. It creates different graphs for incoming vs outgoing email, as well as the flow of spam and viruses. 

#/etc/snmp/snmpd.conf
exec .1.3.6.1.4.1.2050.50.1 spamd_spam  /bin/cat /var/qmail/log/spam.txt
exec .1.3.6.1.4.1.2050.50.2 spamd_rbl  /bin/cat /var/qmail/log/rbl.txt
exec .1.3.6.1.4.1.2050.50.3 spamd_tot_local  /bin/cat /var/qmail/log/totall.txt
exec .1.3.6.1.4.1.2050.50.4 spamd_tot_remote  /bin/cat /var/qmail/log/totalr.txt
exec .1.3.6.1.4.1.2050.50.5 spamd_quar_virus  /bin/cat /var/qmail/log/quarantinedv.txt
exec .1.3.6.1.4.1.2050.50.6 spamd_quar_policy  /bin/cat /var/qmail/log/quarantinedp.txt

HDDTemp

http://blog.gotchi.at/index.php?/archives/305-Monitoring-Hardware-mit-Cacti.html http://forums.cacti.net/about15743.html

Abgerufen von „https://crazylinux.de/?title=Cacti&oldid=3713