Cacti: Unterschied zwischen den Versionen
K (→fail2ban: s) |
K (→shoutcast: ik) |
||
Zeile 355: | Zeile 355: | ||
http://forums.cacti.net/about12464.html | http://forums.cacti.net/about12464.html | ||
== HTTP/TCP-Response-Time == | == HTTP/TCP-Response-Time == |
Aktuelle Version vom 20. Oktober 2016, 02:41 Uhr
Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. http://cacti.net/
download einiger Scripts, siehe Files
Tips
Erweiterungen
- Plugin Architecture + Plugins
- Nagios Plugin for Cacti
- http://www.debianhelp.co.uk/cactitemplates.htm
Dovecot and Postfix (via SNMP)
fail2ban
via snmp see https://www.pitt-pladdy.com/blog/_20130324-154457_0000_fail2ban_on_Cacti_via_SNMP/
iptables
http://forums.cacti.net/about8091.html
download cacti templates. Da iptables als root ausgeführt werden muss, wird das script über sudo aufgerufen: /etc/sudoers
#logging Defaults syslog = local2 # User privilege specification www-data ALL = NOPASSWD: /usr/share/cacti/site/scripts/iptables.pl
Damit der syslog nicht damit unnötig 'beloggt' wird, loggen wir an log-facility local2 und damit in ein eigenes Logfile /etc/syslog.conf:
... *.*;auth,authpriv.none;mail.!*;daemon.!info;cron.!*;local2.none -/var/log/syslog ... local2.* /var/log/sudo.log
#!/usr/bin/perl
###
### This is a quick perl script to
### pull bandwidth usage from iptables chains
###
### If you use/optimize this script, please let me know.
### Brian Stanback : brian [at] stanback [dot] net
##
### Example iptables rule for web bandwidth usage:
### > iptables -N WWW
### > iptables -A WWW -j ACCEPT
### > iptables -A INPUT -p tcp -m tcp --dport 80 -j WWW
### > iptables -A OUTPUT -p tcp -m tcp --sport 80 -j WWW
###
### Run "iptables.pl WWW" as root to test, note that you can
### combine more than one protocol into a single chain.
###
### Sudo Configuration (/etc/sudoers)
### > www-data ALL = NOPASSWD: /usr/share/cacti/scripts/iptables.pl
###
### The Input String should be set to "sudo <path_cacti>/scripts/iptables.pl <chain>"
### and you will need to setup an input field so that the <chain> argument can be passed.
###
### The data input type should be set to COUNTER
###
##
##
## modified by: Paul Campbell <forums@campbell-multimedia.co.uk>
## Now returns a seperate entry for each rule. Output for a
## 3 rule chain might now be:
## rule1:123 rule2:456 rule3:789
#
if ($ARGV[0]) {
$chains = `/sbin/iptables --line-number -xnvL $ARGV[0]`;
@chains = split(/\n/, $chains);
shift(@chains);
shift(@chains);
foreach( @chains ) {
/(\d+)\W+[0-9]+\W+([0-9]+)\W+/;
print " rule$1:$2";
}
print "\n";
#$chains[2] =~ /[\W+]?[0-9]+\W+([0-9]+)\W+/;
} else {
print "Usage: $0 Chain\n";
}
Mysql
see http://forums.cacti.net/viewtopic.php?f=12&t=42427 OR
Percona Monitoring Plugins
The Percona Monitoring Plugins are high-quality components to add enterprise-grade MySQL capabilities to your existing in-house, on-premises monitoring solutions. The components are designed to integrate seamlessly with widely deployed solutions such as Nagios and Cacti, and are delivered in the form of templates, plugins, and scripts. More
Apache
ApacheStats 0.6 (PHP Script Server Version)
APC - PHP cache
Qmail
snmpd erweitern: http://wotsit.thingy.com/haj/cacti/cacti-qmail.html
#/etc/snmp/snmpd.conf
...
extend .1.3.6.1.4.1.18689.1.3 qmail-message-status /usr/local/bin/qmailmrtg7 s /var/log/qmail
extend .1.3.6.1.4.1.18689.1.3 qmail-bytes-transfer /usr/local/bin/qmailmrtg7 b /var/log/qmail
extend .1.3.6.1.4.1.18689.1.3 qmail-smtp-concurrency /usr/local/bin/qmailmrtg7 t /var/log/qmail/smtpd
extend .1.3.6.1.4.1.18689.1.3 qmail-smtp-sessions /usr/local/bin/qmailmrtg7 a /var/log/qmail/smtpd
extend .1.3.6.1.4.1.18689.1.3 qmail-queue /usr/local/bin/qmailmrtg7 q /var/qmail/queue
extend .1.3.6.1.4.1.18689.1.3 qmail-messages /usr/local/bin/qmailmrtg7 m /var/log/qmail
extend .1.3.6.1.4.1.18689.1.3 qmail-concurrency /usr/local/bin/qmailmrtg7 c /var/log/qmail
#optional, a second smtp-service
extend .1.3.6.1.4.1.18689.1.3 qmail-mailout-smtp-concurrency /usr/local/bin/qmailmrtg7 t /var/log/qmail/smtpd_auth
extend .1.3.6.1.4.1.18689.1.3 qmail-mailout-sessions /usr/local/bin/qmailmrtg7 a /var/log/qmail/smtpd_auth
...
Werte abfragen: snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.18689.1.3
Cacti-Templates: http://forums.cacti.net/about3839.html
OIDs:
Qmail - Messages - Attempts | .1.3.6.1.4.1.18689.1.3.4.1.2.14.113.109.97.105.108.45.109.101.115.115.97.103.101.115.2 |
Qmail - Messages - Deliveries | .1.3.6.1.4.1.18689.1.3.4.1.2.14.113.109.97.105.108.45.109.101.115.115.97.103.101.115.1 |
Qmail - Bits Transfer | .1.3.6.1.4.1.18689.1.3.4.1.2.20.113.109.97.105.108.45.98.121.116.101.115.45.116.114.97.110.115.102.101.114.1 |
Qmail - SMTP Concurrency | .1.3.6.1.4.1.18689.1.3.4.1.2.22.113.109.97.105.108.45.115.109.116.112.45.99.111.110.99.117.114.114.101.110.99.121.1 |
Qmail - SMTP Totals - Allow | .1.3.6.1.4.1.18689.1.3.4.1.2.19.113.109.97.105.108.45.115.109.116.112.45.115.101.115.115.105.111.110.115.1 |
Qmail - SMTP Totals - Deny | .1.3.6.1.4.1.18689.1.3.4.1.2.19.113.109.97.105.108.45.115.109.116.112.45.115.101.115.115.105.111.110.115.2 |
Qmail - Queue Size | .1.3.6.1.4.1.18689.1.3.4.1.2.11.113.109.97.105.108.45.113.117.101.117.101.1 |
Qmail - Queue Size - Unprocessed | .1.3.6.1.4.1.18689.1.3.4.1.2.11.113.109.97.105.108.45.113.117.101.117.101.2 |
Qmail - Messages Status - Failures | .1.3.6.1.4.1.18689.1.3.4.1.2.20.113.109.97.105.108.45.109.101.115.115.97.103.101.45.115.116.97.116.117.115.2 |
Qmail - Messages Status - Success | .1.3.6.1.4.1.18689.1.3.4.1.2.20.113.109.97.105.108.45.109.101.115.115.97.103.101.45.115.116.97.116.117.115.1 |
Qmail - Local/Remote Concurrency - Local | .1.3.6.1.4.1.18689.1.3.4.1.2.17.113.109.97.105.108.45.99.111.110.99.117.114.114.101.110.99.121.1 |
Qmail - Local/Remote Concurrency - Remote | .1.3.6.1.4.1.18689.1.3.4.1.2.17.113.109.97.105.108.45.99.111.110.99.117.114.114.101.110.99.121.2 |
Qmail - SMTP_Auth Concurrency | .1.3.6.1.4.1.18689.1.3.4.1.2.30.113.109.97.105.108.45.109.97.105.108.111.117.116.45.115.109.116.112.45.99.111.110.99.117.114.114.101.110.99.121.1 |
Qmail - SMTP_Auth Totals - Allow | .1.3.6.1.4.1.18689.1.3.4.1.2.22.113.109.97.105.108.45.109.97.105.108.111.117.116.45.115.101.115.115.105.111.110.115.1 |
Qmail - SMTP_Auth Totals - Deny | .1.3.6.1.4.1.18689.1.3.4.1.2.22.113.109.97.105.108.45.109.97.105.108.111.117.116.45.115.101.115.115.105.111.110.115.2 |
Qmail - SpamAssassin - Clean Qmail - SpamAssassin - Spam Qmail - Clamav - Error Qmail - Clamav - Found
courier
von http://xavier.perseguers.ch/open-source/cacti/
http://www.arschkrebs.de/postfix/couriergraph/
Files: http://crazylinux.de/files/it_stuff/cacti/courier/
/etc/snmp/snmpd.conf
exec .1.3.6.1.4.5312.3.1 couriercount_imaps /bin/cat /var/tmp/courierimaps exec .1.3.6.1.4.5312.3.2 couriercount_imap /bin/cat /var/tmp/courierimap exec .1.3.6.1.4.5312.3.3 couriercount_pop3s /bin/cat /var/tmp/courierpop3s exec .1.3.6.1.4.5312.3.4 couriercount_pop3 /bin/cat /var/tmp/courierpop3
Spamassassin
Als Vorlage diente qs2mrtg.pl. von qmail-scanner: Reporting: in the contrib directory there's qs2mrtg.pl. A perl script for monitoring your syslog files for qmail-scanner records. It then graphs how Qmail-Scanner is processing your emails. It creates different graphs for incoming vs outgoing email, as well as the flow of spam and viruses.
#/etc/snmp/snmpd.conf extend .1.3.6.1.4.1.18696.1.3 spamd_spam /bin/cat /var/qmail/log/spam.txt extend .1.3.6.1.4.1.18696.1.3 spamd_rbl /bin/cat /var/qmail/log/rbl.txt extend .1.3.6.1.4.1.18696.1.3 spamd_tot_local /bin/cat /var/qmail/log/totall.txt extend .1.3.6.1.4.1.18696.1.3 spamd_tot_remote /bin/cat /var/qmail/log/totalr.txt extend .1.3.6.1.4.1.18696.1.3 spamd_quar_virus /bin/cat /var/qmail/log/quarantinedv.txt extend .1.3.6.1.4.1.18696.1.3 spamd_quar_policy /bin/cat /var/qmail/log/quarantinedp.txt
HDDTemp
http://blog.gotchi.at/index.php?/archives/305-Monitoring-Hardware-mit-Cacti.html http://forums.cacti.net/about15743.html
LM Sensors
get some temperatures... see http://wiki.hetzner.de/index.php/Hardwaremonitoring
modprobe i2c-viapro && modprobe eeprom && modprobe w83627hf or put them into /etc/modules
for cacti start with http://www.wlug.org.nz/CactiLMSensors
#!/usr/bin/perl
@sensoroutput=`/usr/bin/sensors`;
foreach(@sensoroutput) {
chomp();
split();
#print $_[0],"-",$_[1],$_[2],"\n";
if ( $_[0] eq 'M/B' ) {
$temp1 = $_[2];
}
if ( $_[0] eq 'CPU' ) {
$temp2 = $_[2];
}
if ( $_[0] eq 'temp3:' ) {
$temp3 = $_[1];
}
if ( $_[0] eq 'fan1:' ) {
$fan1 = $_[1];
}
if ( $_[0] eq 'fan2:' ) {
$fan2 = $_[1];
}
if ( $_[0] eq 'fan3:' ) {
$fan3 = $_[1];
}
}
$temp1 =~ s/\+//;
$temp1 =~ s/\°C//;
$temp2 =~ s/\+//;
$temp2 =~ s/\°C//;
$temp3 =~ s/\+//;
$temp3 =~ s/\°C//;
print "temp1:$temp1 temp2:$temp2 temp3:$temp3\n";
Alternativ Solution
get lm_sensors-data via snmp (must be complied with)
SmartMonTools (smartctl)
found a better solution: https://www.pitt-pladdy.com/blog/_20091031-144604_0000_SMART_stats_on_Cacti_via_SNMP_/
old solution was:
http://forums.cacti.net/viewtopic.php?t=23959
- HDD-Temp
- HDD-Errors
- Power-Up (not used)
#!/usr/bin/php
<?php
/*
* 4 = value
* 7 = Raw
*
* include this into the /etc/sudoers file!!
* www-data ALL= NOPASSWD: /usr/sbin/smartctl
*
*/
if ($argc < 2) {
die("USAGE: $argv[0] /dev/sdX\n");
}
$dev = $argv[1];
$smartCtl = exec('sudo /usr/sbin/smartctl -d ata --all ' . $dev,$output);
//print_r($output);
$_OUT = array();
$needle = "Temperature_Celsius,Reallocated_Sector_Ct,Power_On_Hours,Spin_Retry_Count,Seek_Error_Rate,Raw_Read_Error_Rate";
foreach ($output as $line) {
if (preg_match('/^\s*(\d+)\s+(\w+)\s+(0x[0-9a-fA-F]+)\s+(\d+)\s+(\d+)\s+(\d+).*\s+\-\s+(\d+)/',$line,$match)) {
// print_r($match);
if ( $match[2] == 'Temperature_Celsius') $_OUT['Temperature_Celsius'] = $match[7];
if ( $match[2] == 'Reallocated_Sector_Ct') $_OUT['Reallocated_Sector_Ct'] = $match[7];
if ( $match[2] == 'Power_On_Hours') $_OUT['Power_On_Hours'] = $match[7];
if ( $match[2] == 'Spin_Retry_Count') $_OUT['Spin_Retry_Count'] = $match[7];
if ( $match[2] == 'Seek_Error_Rate') $_OUT['Seek_Error_Rate'] = $match[7];
if ( $match[2] == 'Raw_Read_Error_Rate') $_OUT['Raw_Read_Error_Rate'] = $match[7];
}
}
$needle = explode(",",$needle);
foreach ( $needle as $need ) {
if ( ! isset($_OUT[$need]) ) $_OUT[$need] = 0;
}
print (
"Temperature_Celsius:" . $_OUT['Temperature_Celsius'] . " " .
"Reallocated_Sector_Ct:" . $_OUT['Reallocated_Sector_Ct'] . " " .
"Power_On_Hours:" . $_OUT['Power_On_Hours'] . " " .
"Spin_Retry_Count:" . $_OUT['Spin_Retry_Count'] . " " .
"Seek_Error_Rate:" . $_OUT['Seek_Error_Rate'] . " " .
"Raw_Read_Error_Rate:" . $_OUT['Raw_Read_Error_Rate']
);
?>
Windows WMI
- WMI Monitoring with Cacti
- Enable WMI for windows-user
- http://www.microsoft.com/germany/technet/datenbank/articles/600682.mspx
- http://forums.cacti.net/about11752.html
- Exchange
- Service for Windows: http://www.shatterit.com/nc_net/
- W32 IIS W3SVC Perl Script via check_nt
- Useful WMI Classes for Monitoring Windows Servers
W32 System via WMI
Gets System Calls/sec, Context Switches/sec, Threads, Processes via WMI...
http://forums.cacti.net/about5226.html
#!/bin/sh
#get host
if [ "x$1" = "x" ]; then
HOST=this.is.my.hostname
else
HOST=$1;
fi;
/usr/share/cacti/site/scripts/check_nt -H $HOST -v WMICHECK \
-l 'cimv2^select * from Win32_PerfFormattedData_PerfOS_System'|grep =|awk {'print $1 ":" int($3) " "'}|tr -d '\n'
interrupts/context switching
Graph templat for interrupts/context switching incl. threads and processes
http://forums.cacti.net/about8178.html
IIS via SNMP
http://forums.cacti.net/about12464.html
HTTP/TCP-Response-Time
http://forums.cacti.net/about11020.html