Category Archives: Monitoring Tools

Tools using monitoring

Enabling and configuring SNMP on Windows

Below found good document to configuring SNMP under windows from Justin M. Brant

Enabling and configuring SNMP on Windows

How to Install SNMP and Configure the Community String-wk12

imple Network Management Protocol (SNMP) is an Internet-standard protocol for managing or monitoring devices on IP networks.

An SNMP-managed network consists of three key components:

Managed device
Agent — software which runs on managed devices
Network management station (NMS) — software which runs on the manager

Below is a document How to Install SNMP and Configure the Community String-wk12 server.

How to Install SNMP and Configure the Community String-wk12

Steps to install MRTG

Step # 1 : Make sure snmp server installed
Please note that snmpd configuration does not require using mrtg with remote network devices such as Routers and switches. If you just want mrtg graphs for router or switch then please refer to step # 4 (as all these devices comes preconfigured with snmpd software).

Run rpm commands query option to find out snmp server installed or not:

# rpm -qa | grep snmp
If snmp installed then please refer step # 2; otherwise snmp server and utils were not present and your need to install them using following steps (login as a root user):

(a) Visit rpmfind.net to get snmp server and utilities rpms. If you are fedora user then use yum command as follows to install it:

# yum install net-snmp-utils net-snmp
(b) If you are RHEL subscriber then use up2date command as follows to install:

#up2date -v -i net-snmp-utils net-snmp

Step # 2 : Determine if snmp server is running or not
Run ‘ps’ command to see if snmp server is running or not:

# ps -aux | grep snmp
Output:

root   5512  0.0  2.3  5872 3012 pts/0    S    22:04   0:00 /usr/sbin/snmpd
Alternatively, you can try any of the following two commands as well:

# lsof -i :199
Output:

COMMAND  PID USER   FD   TYPE DEVICE SIZE NODE NAMEsnmpd   5512 root    4u  IPv4  34432       TCP *:smux (LISTEN)
OR try out netstat command:

# netstat -natv | grep ‘:199’
Output:

tcp        0      0 0.0.0.0:199             0.0.0.0:*               LISTEN
If you found service is running or listing on port 199 then please see step #3; otherwise start service using following command:

# service snmpd start
Make sure snmpd service starts automatically, when linux comes us (add snmpd service):

# chkconfig –add snmpd

Step # 3 : Make sure snmp server configured properly
Run snmpwalk utility to request for tree of information about network entity. In simple words query snmp server for your IP address (assigned to eth0, eth1, lo etc):

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = 1
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.192.168.0.3 = 2
If you can see your IP address then please proceed to step 4; else it is a time to configure snmp server as follows (by default RHEL and RH 8/9 are not configured for snmp server for security reason):

Configure SNMP
(1) Edit file /etc/snmp/snmpd.conf using text editor: # vi /etc/snmp/snmpd.conf
Change/Modify line(s) as follows:

Find following Line:

com2sec notConfigUser  default       public
Replace with (make sure you replace 192.168.0.0/24 replace with your network IPs) following lines: com2sec local     localhost           public
com2sec mynetwork 192.168.0.0/24      public
Scroll down bit and change:

Find Lines:

group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser
Replace with:

group MyRWGroup v1         local
group MyRWGroup v2c        local
group MyRWGroup usm        local
group MyROGroup v1         mynetwork
group MyROGroup v2c        mynetwork
group MyROGroup usm        mynetwork
Again scroll down bit and locate following line:

Find line:

view    systemview     included      system
Replace with:

view all    included  .1                               80
Again scroll down bit and change:

Find line:

access  notConfigGroup “”      any       noauth    exact  systemview none none
Replace with:

access MyROGroup “”      any       noauth    exact  all    none   noneaccess MyRWGroup “”      any       noauth    exact  all    all    none
Scroll down bit and change:

Find lines:

syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root  (configure /etc/snmp/snmp.local.conf)
Replace with (make sure you supply appropriate values): syslocation Linux (RH3_UP2), Home Linux Router.syscontact Vivek G Gite <vivek@nixcraft.com>
For your convenient, here is my /etc/snmp/snmpd.conf file. Feel free to use this file. Make sure you make backup of your existing file if you use this file as it is.

Start your snmp server and test it:

(a) Make sure when linux comes up snmpd always starts:

# chkconfig snmpd on
(b) Make sure service start whenever Linux comes up (after reboot):

# service snmpd start
(c) Finally test your snmp server:

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

Step # 4 : Install mrtg if not installed
Mrtg software may install during initial installation; you can verify if MRTG installed or not with following RPM command:

rpm -qa | grep mrtg
If mrtg already installed please see step # 5; else use rpmfind.net to find MRTG rpm or up2date command to install MRTG software:

# up2date -v -i mrtg
Fedora Linux user can use yum command as follows to install MRTG:

# yum install mrtg

Step # 5 : Commands to Configure mrtg
(a) Create document root to store mrtg graphs/html pages:

# mkdir -p /var/www/html/mymrtg/
(b) Run any one of the following cfgmaker command to create mrtg configuration file:

#cfgmaker –global ‘WorkDir: /var/www/html/mymrtg’ –output /etc/mrtg/mymrtg.cfg public@localhost
OR (make sure your FQDN resolves, in following example i’m using rh9.test.com which is my router FQDN address)

# cfgmaker –global ‘WorkDir: /var/www/html/mymrtg’ –output /etc/mrtg/mymrtg1.cfg public@rh9.test.com
(c) Create default index page for your MRTG configuration:

# indexmaker –output=/var/www/html/mymrtg/index.html /etc/mrtg/mymrtg.cfg
(d) Copy all tiny png files to your mrtg path:

# cp -av /var/www/html/mrtg/*.png /var/www/html/mymrtg/

Step # 6 First test run of mrtg
(a) Run mrtg command from command line with your configuration file:

# mrtg /etc/mrtg/mymrtg.cfg
Note: You may get few warning message for first time; ignore them.

(b) Fire your favorite web browser (like FireFox 😀 ) and type url http://www.your.com/mymrtg/ or http://your-ip/mymrtg/

Step # 7 Create crontab entry so that mrtg graph / images get generated every 5 minutes
(a) Login as a root user or login as a mrtg user and type following command:

# crontab -e
(b) Add mrtg cron job entry to configuration file (append following line to it):

*/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg.cfg –logging /var/log/mrtg.log
Save file and you are done with MRTG config issues 🙂

Step # 8 Block ports 161 & 162 at firewall
You do not want to give access to everyone to your snmp server for security reasons. SNMP server uses UDP 161, 162 ports for communication. Use Linux IPTABLES firewall to restrict access to SNMP server

(a) Allow outgoing SNMP server request from your Linux computer. This is useful when you query remote host/router (replace SERVER IO with your real IP):

SERVER=”xxx.xxx.xxx.xxx”
iptables -A OUTPUT -p udp -s $SERVER –sport 1024:65535 -d 0/0 –dport 161:162 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -s 0/0 –sport 161:162 -d $SERVER –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT
(b )Allow incoming SNMP client request via iptables. This is useful when you wish to accept queries for rest of the world (replace SERVER IP with your real IP):

SERVER=”xxx.xxx.xxx.xxx”
iptables -A INPUT -p udp -s 0/0 –sport 1024:65535 -d $SERVER –dport 161:162 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s $SERVER –sport 161:162 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT
Pleae note that above two are just SNMP specific iptables rules. Please consult iptables(8) man page for complete information on iptables

Step # 9 Optional: Protect your MRTG graphs/html pages with password protected directory
Once again, you would like to restrict access to your MRTG reports. This can easily accomplished with Apache webserver’s .htaccess file. If you are on webhosting server with control panel (such as ensim or plesk) then you can use control panel itself to create password-protected directory.

Below is process outlined to protect graphs using apache’s .htaccess file and htpasswd command:

Step # 1: Create .htaccess file in /var/www/html/mymrtg/ directory (add text as follows):

vi /var/www/html/mymrtg/.htaccess
Add following text to file:

AuthName “MRTG Graphs/Html restricted access”
AuthType Basic
AuthUserFile /var/members/.htpasswd
require user mrtgadmin
Step # 2: Create a user and password name (-c assumes first time you are using .htpasswd file):

# htpasswd -c /var/members/.htpasswd mrtgadmin

TCP/IP Test Server

TCP/IP Test Server is a comprehensive testing tool that allows socket programmers to develop client side applications that open sockets and communicate with this server. The server allows the programmer to:

(1) Specify multiple IP Addresses and Ports to listen upon.
(2) Control the connection including forcing a disconnection.
(3) Send messages to a specific client connection.
(4) View messages received from clients.
(5) Log all messages received from clients.
(6) Send files of test data at a user controlled rate of Transmission.
(7) Echo all messages received back to the originating client.

Download it from
http://softadvice.informer.com/Download_Tcp_Ip_Test_Server_Software.html
http://www.brothersoft.com/tcp-ip-test-server-download-27898.html

tcp-ip testserver

VNStat : A console-based network traffic monitor for Linux

vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. This means that vnStat won’t actually be sniffing any traffic and also ensures light use of system resources. However, in Linux at least a 2.2 series kernel is required.

This program is open source / GPL’ed and can be installed either as root or as a single user.

[root@host]# yum install vnstat

[root@host]# vnstat –help
vnStat 1.4 by Teemu Toivola <tst at iki dot fi>

-q, –query             query database
-h, –hours             show hours
-d, –days              show days
-m, –months            show months
-w, –weeks             show weeks
-t, –top10             show top10
-s, –short             use short output
-u, –update            update database
-i, –iface             change interface (default: eth0)
-?, –help              short help
-v, –version           show version
-tr, –traffic          calculate traffic

See also “–longhelp” for complete options list and “man vnstat”.

[root@host]# vnstat -u -i eth0
New database generated.

[root@host]# vnstat -d
eth0: Not enough data available yet.

[root@host]# vnstat -u   (Tried to start with root ,it worked)

Database updated: Wed Jul 11 23:47:56 2007

eth0

received:           6.65 MB (46.2%)
transmitted:           7.26 MB (53.8%)
total:          13.91 MB

rx     |     tx     |  total
———————–+————+———–
today      6.65 MB |    7.26 MB |   13.91 MB
———————–+————+———–
estimated         6 MB |       7 MB |      13 MB

[root@host]# ifconfig
eth0      Link encap:Ethernet  HWaddr
inet addr:x.x.x.x  Bcast:y.y.y.y  Mask:z.z.z.z
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:134052 errors:0 dropped:0 overruns:0 frame:0
TX packets:133005 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:20290369 (19.3 MiB)  TX bytes:21380626 (20.3 MiB)

lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
UP LOOPBACK RUNNING  MTU:16436  Metric:1
RX packets:28253 errors:0 dropped:0 overruns:0 frame:0
TX packets:28253 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3646051 (3.4 MiB)  TX bytes:3646051 (3.4 MiB)

more info
http://humdi.net/vnstat/
http://www.thegeekstuff.com/2011/11/vnstat-network-traffic-monitor/
https://wiki.archlinux.org/index.php/vnStat

Using nagios as the monitoring system

Here is a documents for installing configuring Nagios

Using NAGIOS as monitoring system

ManageEngine OpManager

ManageEngine OpManager is a network management platformthat helps large enterprises, service providers and SMEs manage their data centers and IT infrastructure efficiently and cost effectively. Automated workflows, intelligent alerting engines, configurable discovery rules, and extendable templates enable IT teams to setup a 24×7 monitoring system within hours of installation. Do-it-yourself plug-ins extend the scope of management to include network change and configuration management and IP address management as well as monitoring of networks, applications, databases, virtualization and NetFlow-based bandwidth.

OpManager

 

Avalon network monitoring tool

1 Introduction

Percival is a Network Monitoring and Capacity Planning front-end to the excellent RRDtool software. It is based on our experience of providing customized network monitoring solutions to the ISPs, banks and large enterprises in Israel.

We found that existing commercial tools are too expensive and ill designed for this task while existing RRD frontends lack essential features such as user profiles, simple configuration model, customizable GUI, performance, reports etc.

We started with stock Cricket and with time we essentially rewrote it to address its shortcomings.

We also had to add number of bug fixes and improvements to the RRDtool. Percival is a subset of our Lancelot Monitoring Framework that can be released under the GPL.

Percival Features:
  • WEB User Interface
  • Themable user interface
  • Support of MIB2
  • Cisco, Linux and Windows
  • Configuration is stored in hierarchical database
  • Database supports on the fly editing, links and multiple users
  • Reports: top utilized interfaces, errors, discards etc
  • Totals: average, sum, many small graphs on one page
  • Drill-down on all graphs
  • Moving average smoothing
  • Percentile 95%
  • User profiles. Each user can see only his part of the configuration tree
  • Each device polled only once even if it appears in multiple profiles
  • Consistent CLI tools for the system configuration and maintanence
  • Modified RRDtool is used for the data storage
  • Designed to hold around 500 interfaces with 120 sec polling frequency
  • OS: Linux, Solaris(must built from source)

Percival is written in Perl so it should be pretty portable. The officially supported platforms are Linux and Solaris.

2.1 Installation from RPM

It is best to install Percival from RPM. Percival RPM can be installed on RedHat, Mandrake and Turbolinux. RPMS can be obtained from SourceForge http://percival.sourceforge.net. The installation is as simple as doing

rpm -ihv percival-1-1.i386.rpm

After successful completion of the command you have Percival up and running.

2.1.1 Verifying Installation

Connect to http://<yourhost&gt;:8181. You should see system login screen. The system comes with user guest and password guest. It is a good idea to change them.

Then do following commands:

su – avalon

cd /usr/local/percival/bin

./overlord.pl check

Command will produce following output:

konfigd – ok

kollector – ok

thaw – ok

querymaker – ok

Another check is to rebuild database:

./kompile

It will produce something like this:

[10-Mar-2003 17:11:29 :8336] Starting compile: Percival version 1.1.1 built on rothut.avalon-net.co.il at Sun Mar 9 16:05:50 IST 2003 by root features: light gpl

[10-Mar-2003 17:11:31 :8336] Processed 62 nodes (in 30 files) in 4 seconds.

2.2 Installing from Binaries

Binary installation is a little more tricky. Percival must be installed in the /usr/local/percival. It expects to find perl and all supporting packages in /usr/local/avalon. Other configurations are not supported at the moment. It is possible to relocate Percival and its supporting packages but you should be prepared to write some scripts.

First, you have to download following tarballs:

  • Percival-Perl.tar.gz
  • Percival-Apache.tar.gz
  • Percival-RRD.tar.gz
  • Percival-Source.tar.gz

I am assuming you have put all tarballs in /tmp. Next step is to open them:

cd /

gunzip -c Percival-Perl.tar.gz | tar -xvf –

gunzip -c Percival-Apache.tar.gz | tar -xvf –

gunzip -c Percival-RRD.tar.gz | tar -xvf –

gunzip -c Percival-Source.tar.gz | tar -xvf –

The last step is to add Percival to OS start up scripts. This is OS dependent. The example of such script is located in /usr/local/percival/bin/lancelotd

2.3 Building from Sources

Percival builds are done automagically from the unified source base. Still it should be perfectly possible to build Percival from its stand alone components. Percival expects to find its supporting packages at /usr/local/avalon. First, you will need Perl and following list of packages:

  • perl-5.6.1
  • Net-Telnet-3.02
  • Net-Radius-1.43
  • Statistics-Descriptive-2.4
  • AppConfig-1.52
  • Apache-Admin-Config-0.15
  • CGI-FastTemplate-1.09
  • CGI.pm-2.78
  • Cflow-1.025
  • Color-Object-0.1_02
  • Compress-Zlib-1.14
  • DB_File-1.76
  • Digest-MD5-2.12
  • File-Tail-0.98
  • HTML-Parser-3.23
  • HTML-Tagset-3.03
  • IO-stringy-1.220
  • MIME-Base64-2.12
  • MIME-tools-5.410
  • MailTools-1.15
  • Net-DNS-0.12
  • Net-Patricia-1.010
  • NetServer-Generic-1.03
  • Parse-Syslog-0.03
  • RadiusPerl-0.05
  • SNMP_Session-0.83
  • Storable-1.0.11
  • Template-Toolkit-2.02
  • Time-HiRes-01.20
  • TimeDate-1.10
  • URI-1.11
  • XML-Parser-2.30
  • libnet-1.0703
  • libwww-perl-5.50
  • IO-Tty-1.02
  • Expect-1.15
  • expat-1.95.2
  • zlib-1.1.3
  • db-4.0.14
  • BerkeleyDB-0.17

Then you need to have apache and mod_perl installed. We use following packages:

  • apache_1.3.26
  • mod_perl-1.26

After you have done with apache you have to build rrdtool that comes with Percival. Percival will not work with the standard rrdtool. You have to download rrdtool-1.0.28avalon.tar.gz from the Percival site and install it.

Finally, you have to untar Percival-Source.tar.gz

3 Percival Operation Basics

Despite its very simple look, Percival is a complex system. In this chapter you will learn how to operate Percival from command line. You will learn how to stop/start the system, what daemons(services) should be running, what each of them do. You will also learn how to manage network elements using konfne command and basic concepts of the Percival configuration database. In this chapter we try to keep things as single as possible, advanced concepts will be handled in the separate chapter.

All Percival commands a located in /usr/local/percival/bin.In the next sections we assume that you are working as user avalon you and you have this directory in your PATH variable or have done cd there. We also assume that Percival was installed from RPM on RedHat like linux distribution.

It is very important to operate Percival as user avalon and not as root!!! You can switch to avalon by typing su – avalon

3.1 Starting/Stopping Percival

As root execute

/etc/rc.d/init.d/lancelotd start

to start the system

/etc/rc.d/init.d/lancelotd stop

to stop the system. 1

3.2 Percival Daemons (Services) and Commands

There are several daemons that are required for Percival normal operation. The daemons are responsible for data collection, detection of not responding IPs, report generation, web user interface and managing Percival configuration by remote client applications such as Merlin. Every daemon except the webserver must be managed by overlord.pl command.

There are following Percival daemons:

kollector

does all data collection.

thawne.pl

detects not responding network devices.

querymaker.pl

generates all reports

konfigd

provides configuration API to the external clients

httpd

Apache webserver. Needed for Percival Web interface.

Apache is controlled with apachectl command. It is located in /usr/local/avalon/bin. Apache must be managed as user root.

apachectl start

starts apache

apachectl stop

stops apache.

Every other daemon is controlled with overlord.

3.2.1 Controlling Daemons with Overlord

Overlord was developed because amount of Percival daemons2 was increasing rapidly. It was clear that some master daemon is needed to rule them all. You need to know following basic overlord commands:

overlord.pl ping

tells status of each configured daemon

overlord.pl check

tells status of each configured daemon. Restart the daemon if it is not running

overlord.pl list

lists options for each configured daemon

overlord.pl tail <name>

shows last lines of the daemon log

overlord.pl –help

shows all available options and short help

overlord.pl modify <name> <param=value> …

tweaks daemon options. If you installed from RPM system has very reasonable default values. You should not change them unless you really know what you are doing.

3.2.2 Common Command Line Options

Every Percival process be it a command or daemon understand some common options. These are:

–help

show help message and exit

–version

show version information and exit

–loglevel <level>

controls process output. Level can be either Debug, Info, Warn or Error. Default level is Info. Debug is the most verbose and must not be used in production.

–logfile <file>

controls where to send process output. By default all output goes to STDOUT

Following options are accepted by any process but the process may ignore them. After all it makes no sense to run device configurator command (konfne) as daemon.

–daemon

if specified process becomes a daemon(service)

–interval <seconds>

controls how often daemon should work. For example kollector is run every 120s

Next options are available in Lancelot only. In Percival they will generate an error message.

–cached

turns on Perl based in memory cache. The cache is optimized to be very memory friendly and produces nice speed up. The option is obsoleted.

–hdb

turns on alternative implementation of the configuration database (HDB). HDB database is optimized for speed and provides order of magnitude (and in some cases even more) speedup in comparison with Percival implementation. It is also fully backward compatible with the old database on the API level.

3.2.3 Commands

Percival only has four commands and you already know everything you need about overlord. It leaves three others. One, target.pl, is used for debugging of the configuration database and out of the scope of this chapter. The other, konfne 3, is how you add, update or remove network devices from Percival. In upcoming chapters we will deal with it a lot. The last one, kompile, produces binary database from Percival text based configuration database and downloads device configuration files from device modules. You need to issue this command every time you edit configuration database by hand or if you suspect that Percival database is corrupted.

3.3 Managing Devices

By the time you get to this section you dont want to read anything about processes, commands, daemons and options. You want to add your new Cisco router to the Percival NOW. This is how you do it:

konfne -af –ip <your router ip> –community <snmp community> cfg /Tree/Routers/dummyname

Thats all. Now you see the device once you login into the Percival as user guest.

Percival configuration is based on the concept of the “device”. Device can be a router, computer, switch or other network element. In this case we call it “real” device. There is another class of device such as reports, summary graphs(totals), profile etc… These devices can be created based only on information in the database. We call such devices “Virtual”.

3.3.1 Configuration Database Basics

Percival keeps its configuration information in the hierarchical(tree) database. The database is completely text based. It makes it very easy to backup and you can modify it using standard Unix CLI tools. Each user has its own view of the database.4

Percival converts textual database into binary format. Lancelot uses alternative implementation of the database , called HDB, that works directly over text files. kompile converts database into binary form usable by Percival and konfne. konfne works on both binary and text database.Thus you don’t need to worry about keeping database copies in sync with each other.

The database is located in /usr/local/percival/etc/lancelot-config directory. Directory in the filesytem represents directory in the database. However one file can have several database child nodes. Each database entry can have many properties in form of attribute=value pairs. Node attributes can be inherited. Database node may have a reference (link) to another node. It work pretty much as symbolic links in Unix or shortcuts in Windows.

Percival and Lancelot come with several preconfigured database entries:

Defaults

has system wide settings such as skin, location of rrd files and others

SysProfiles

has default system profile. The only way to change administrator username or password is to edit this file.

daemons

contains settings for all system services. overlord.pl is the preferred way to manage it.

profiles

contains definitions of Percival users. Percival comes with preconfigured with guest account with the root at /Tree. konfne is the preferred way to manage users.

/Devices

directory contains all currently configured network devices. It also contains instructions how devices should be processed.

/Tree

is root of preconfigured guest profile.

NOTE: remember to run kompile if you changed database manually.

3.3.2 konfne Basics

konfne will be your main tool for managing Percival. When you configure new or already existing devices several things happen:

  • device might be snmp scanned
  • device global configuration is placed under /Devices according to element classes. For example Router may have interfaces and chassis. Interfaces are placed under /Devices/Interfaces/<routername>/ and chassis configuration is placed under /Devices/Routers/. Some devices, such as report, may not have global configuration.
  • If global configuration already exists, it is updated.
  • Links and other needed device elements are created in the specified path

konfne has several standard options:

–devlist

shows all available devices

–autotype or -a

guess device type automagically

–ip or -i

device ip address or hostname

–community or -c

device SNMP community. If not specified defaults to public

–fetchname or -f

fetch device name from sysName. Everything after the last / in the path is replaced by the fetched name

–recursively or -r

apply command to all devices in specified subtree. Usually used for automatic reconfiguration of already configured devices. For example, konfne -r /Tree will reconfigure whole guest profile.

–tag or -t <attribute>=<value>

apply device specific parameters. Each device may have specific configuration options.

konfne has following basic commands:

help

show help for specified device or path. To get help for profile configuration you can do:

konfne help Devices::Virtual::Profile

or

konfne help /Tree

cfg

will configure new device or update already configured device

del

deletes profile visible device configuration. Device is still collected.

DELETE

deletes profile visible device configuration and delete global device configurationtion. There is no concept of device usage count. So if you have device configured in other profiles it will stop working there. Already collected data are not removed.

DEMOLISH

deletes device configuration from profile, from the database and removes all collected data.

probe

check if device is responding to SNMP

3.3.3 Managing User Profiles

Percival supports concept of user. Each user must have different profile. For example, you can have one profile with the access to all of your routers. On the other hand your customer profile will give access only to specific router interface. Profile creation is governed by several simple rules:

  • Nested profiles are not allowed
  • All devices, except folders, must be created under profile
  • Profiles with the same root are not allowed
  • Profile name must be unique

Profile has three basic parameters:

  1. Profile name. In this document it is also referred as user name.
  2. Profile password
  3. Profile root. The closes analogy to profile root is user home directory in Unix.

Device Devices::Virtual::Profile provides all necessary profile management.

Profile has following device specific options:

profile

specifies profile name

auth

specifies profile authentication mode. Only local mode, which is a default, is supported in the Percival

editable

if option is present and equal to true profile user can use Merlin to manage profile.

alt-legend

can be either true or false. If present and is true then graph legend is displayed under the graph in MRTG like style.

su-allowed

user of this profile can switch to another profile without performing an authentication. This is mostly useful for large installation when you want to have ‘master’ account.

Example of creating new profile foobar with the root at /MyProfiles/FoobarTree:

konfne –device Devices::Virtual::Profile -t profile=foobar -t password=secret -t ‘alt-legend=true’ cfg /MyProfiles/FoobarTree

3.3.4 Automatic Configuration of Network Devices

Percival has ability to automatically detect type of the network devices and invoke correct device module. Auto-detection works in many cases and is the easiest way to add new equipment. The downside of auto-detection is that you can not pass device specific options to the konfne. The auto-detection will not work for virtual devices.

This is how you autodect device:

konfne –autotype –ip <ip> –community <secret> cfg /Tree/Routers/myrouter

3.3.5 Standard Device Options

Every Percival device must support following standard options:

display-name

if specified it overrides device name specified in the path. Unlike path it may have embedded HTML tags and spaces.

3.3.6 Configuring Generic MIB2 Device

Almost any SNMP manageable equipment implements MIB2. Percival uses MIB2 to obtain netwrok interface statistics. If there is no specific Percival device for your equipment you can use Devices::Routers::Generic to obtain traffic statistics.

Options supported by Devices::Routers::Generic must be supported by any other device dealing with network interfaces. Following options are supported:

namedonly

configure only named interfaces. That is interfaces which have description set in ifAlias.

config-v2c

if true, try to use 64 bit high performance counters (ifHCInOctets, ifHCOutOctets) for the high speed interfaces. Device checks if interface can really return high speed counters. In our experience ther are a lot of problems with 64 bit counters on CISCO routers. Care must be taken when invoking this option.

config-v2c-speed

64 bit counters can be used if interface speed is greater then specified threshold. Speed is given in megabits. Default speed value is 100M.

use-if-name

by default ifDescr is used to get interface names. Some devices may have identical ifDescr but different ifName. In this case this option should be set to true.

if-types

list of symbolic interface types that should be configured. Interface will not be configured if this option was specified and interface type does not match.

if-match-regexp

only configure interfaces that match given regexp.

keepabsent

do not remove interface from configuration if it does not present on router anymore. Instead the interface is marked as “frozen”. It will have word frozen added to the description and its default graphs will display will end at the time the interface was “frozen”. This feature is useful to keep graph of old lines.

3.3.7 Configuring CISCO Equipment

It is well known fact that majority of the network equipment is manufactured by CISCO. Percival and Lancelot have very good support for the CISCO routers and switches, including advanced features such as SAA, Netflow and Quality of Service monitoring.5

3.3.7.1 Cisco Routers

CISCO routers are configured with the Devices::Routers::Cisco device. The devices has following options:

setup-pptp-session

normally PPTP sessions are ignored unless the value of this option is true.

ppp-names

normally interfaces with ifType ppp are not configured. This option accepts a regular expression. If the expression match interface name as given in ifDescr and interface type is ppp then interface will be configured.

config-virtual

normally interfaces with the world “virtual” in ifDescr are skipped unless this option is true.

telnet-login

user on the router for doing login. This is needed for configuring either BGP or Pings.

telnet-password

password of the user that was specified with previous option

pings

configure pings from Cisco router. The option accepts coma separated list of ips or hostnames.

3.3.7.2 Cisco IOS Switches

CISCO IOS switches are configured with Devices::Switches::IOS. The device does not have any specific options.

3.3.7.3 Cisco Catalyst Switches

CISCO Catalyst switches are configured with Devices::Switches::Catalyst. There are no device specific options.

3.3.8 Configuring Linux

We support UCD-SNMP or NET-SNMP agents on linux. We have encountered problems with the packaged snmp agent on RedHat 7.3. You can download our build of NET-SNMP that fixed that proble from percival site on SourceForge.

Linux computers are configured with Devices::Computers::Linux. There are no device specific options. Linux device supports monitoring of CPU load average, memory and disk usage in addition to the interface monitoring.

3.3.9 Configuring Windows 2000

Percival can configure Windows2000 with Host MIB or with Compaq Insight Manager MIB. The correct MIB is auto-detected. Windows 2000 computers are configured with Devices::Computers::Win2000. Device supports monitoring of CPU, memory and disk usage.

The device has following options:

process-watchdog

gather service uptime statistics. Accepts coma separated list of services.

3.3.10 Configuring Windows NT

NT has very basic SNMP support. To get advanced statistics you must install SNMP4C from http://www.wtcs.org cess-watchdoghttp://www.wtcs.org. Windows NT computers are configured with Devices::Computers::WinNT. There e are no device specific options.

3.3.11 Configuring Reports

Reports in Percival provides you with high level system summary. Using reports you will be able quickly determine problems in your network and zoom to the problem area to view detailed statistics. Reports are configured with Devices::Virtual::Report. Following options are supported:

type

report type. There are several builtin reports:

utilization

compares network interface utilization over the period of time. Utilization is computed as traffic/bandwidthwhere bandwidth value is take from ifSpeed of the interface. Results will not be valid if your interface speed is set wrong.

errors

sort interfaces by error count over the period of time. Presence of errors on the interface usually indicates hardware problems.

discards

sort interfaces by discarded packets over the period of time. Packets are discarded when router queue is getting long. Presence of discard indicates routing problems or lack of bandwidth.

overloaded

show interfaces that are consistently utilized with over 70% of capacity.

idle

inverse of previous report.

limit

how many results to show. Must be positive number.

desc

detailed report description. HTML tags may be used here.

archive

how to process data. Can be either AVERAGE or MAX.

sort

sort report in either ascendant or descendant order. Can be either asc or desc.

range

range of report in seconds.

subtrees

specifies on what devices to report. Subtrees are specification is absolute to the configuration root. Subtrees are in coma separated list.

3.3.12 Configuring Totals

Percival has ability to combine several graphs into one. This is useful when you want to see average utilization of some several interfaces, or your total international traffic or to see all graphs on one page. Device Devices::Virtual::Total provides this functionality. It can be configured with following options:

long-desc

defines long description of the total. HTML tags and spaces are allowed.

subtrees

list of subtrees to search for report targets.

regexp

match target name based on given regexp. Must be used with the subtree tag.

selection

coma separated list of targets.

type

report type. Can be one of the following:

report

show small graphs for every interface or other target on one page.

sum

show graph that sums all information.

contrib

show stack graph for all interfaces

avg

show graph that averages all information.

Percival is smart enough to figure out how to aggregate information from different devices. The details of this process are out of the scope of this manual.

3.4 Logfiles

Percival daemons are supposed to write their log files under the /usr/local/percival/var/lancelot-logs/ directory. While it is possible to change that using –logfile option and overlord.pl, it is p probably best to stick to the convention. Overlord has command rotate that can be used to rotate logs periodically. In particularly log of kollector can grow quite large.

Logs format is:

[dd-Mon-yyyy hh:mm:ss :pid] free text

Log of every kollector measurement is written in following format:

[time] Retrieved data for <path>(inst)[error] : <ds1>@timestamp[low_bound-upper_bound],<ds2>,…,<dsn>

where

time

log time stamp

path

location of the element in configuration database

inst

element instance as determined by mapping. Can be empty.

error

provides a precision estimation based on error in time measurement and database sampling interval.

timestamp

in milliseconds. Actual time that goes to database

low_bound

in fractional seconds. Shows when measurement was started.

upper_bound

in fractional seconds. Shows when measurement was completed.

ds1..dsn

datasourcses. Things like ifInOctets, ifOutOctets etc..

3.5 Backup Procedures

As a bare minimum you need to backup configuration and data directories. They are located in /usr/local/percival/etc/lancelot-config and /usr/local/perciva/var/lancelot-data. Since the Percival keeps both configuration and data in files there is no need to in any special agent. Backup can be done with standard Unix tools like tar, cpio, or dump.

To perform a full rertore do:

  1. stop the system
  2. restore data and configuration
  3. use kompile to rebuild database
  4. start the system

3.6 Upgrading the system

Before you do upgrade make sure to backup your data first. Upgrading from RPM is quite easy. First stop the system:

/etc/rc.d/init.d/lancelotd stop

Remove installed RPM:

rpm -e percival

this will not remove your configuration and data. You will see some messages about directory not being empty. Install new RPM:

rpm -ihv precival-1-1.x.i386.rpm

Rebuild configuration database:

kompile

Restart the system:

/etc/rc.d/init.d/lancelotd stop

/etc/rc.d/init.d/lancelotd start

root@squid Win2000]# pwd

/usr/local/percival/etc/lancelot-config/Devices/Computers/Win2000

“= /usr/local/percival/etc/lancelot-config/Devices/Computers/Win2000/10.1.0.100/

 

muninconfig

Munim another open source utility to monitor server

muninconfig

Installing monit on ubuntu

How to install and configure monit a tool to monitor the server on ubuntu

Installing monit on ubuntu

%d bloggers like this: