Minggu, 12 Januari 2014

step by step Cacti Plugin

A big strength of Cacti is its possibility to use other tools into plugins in its web interface. The plugins will be useful if you want to group some network related softwares into one interface.
On the cactiusers.org website, you can find and download all the available plugins. We chose here the tutorials about three very useful plugins: NTOP, syslog-ng and PHP Weathermap.

The first thing to do is to install a mandatory plugin, which is required before installing the other one, it is called the "architecture" plugin.

- For Cacti 0.8.6i & j, it can be downloaded (1.1) on the cactiusers.org website.
- For Cacti 0.8.6h, it can be downloaded (1.0) on our website.

If you install cacti with apt (packaged install), you can know your cacti version with the "apt-cache policy cacti" command.

Uncompress the file you just downloaded.

#tar -xvf /home/user/Desktop/cacti-plugin-arch.tar.gz
Move the files inside the architecture plugin directory you just downloaded into the directory containing the cacti website.

#cp /home/user/Desktop/cacti-plugin-arch/* /usr/share/cacti/site/ -R
#cd /usr/share/cacti/site/
Then run the command below:
Just be CAREFUL to run the patch matching your cacti version.

For cacti-0.8.6h:

#patch -p1 -N < cacti-plugin-0.8.6h.diff
For cacti-0.8.6i:

#patch -p1 -N < cacti-plugin-0.8.6i.diff
For cacti-0.8.6j:

#patch -p1 -N < cacti-plugin-0.8.6j.diff

THE CACTI PLUGINS:

1. NTOP (v 0.1) 2. PHP WEATHERMAP (v 0.82) 3. SYSLOG-NG (v 0.4)

1. NTop PLUGIN

NTop is a tool that will provide statistics about network usage.

cacti ntop plugin ip summary traffic    cacti ntop plugin all protocols throughput

#apt-get install ntop
download the plugin and uncompress it in the ntop directory.

#tar -xvf /home/user/Desktop/ntop-0.1.tar.gz
Copy the ntop directory in the /usr/share/cacti/site/plugins/ directory

#cp /home/user/Desktop/ntop /usr/share/cacti/site/plugins/ -R
We have to edit the /usr/share/cacti/site/include/config.php file and add just after the line beginning with "$plugins = array();":

$plugins[] = ‘ntop’;
Run ntop

ntop -u user -w 3000
Under the cacti web interface, don't forget to enable the NTOP plugin:

Login in to your cacti interface -> click on the console tab -> click on "User Management" in the "Utilities" section -> click on an user -> enable the "View NTop" checkbox.
cacti ntop plugin user management view ntop


2. PHP WEATHERMAP PLUGIN

For more information about PHP Weathermap, read the the PHP Weathermap tutorial.

Download the plugin and uncompress it in the weathermap directory. Enter the following command from where you downloaded Weathermap:

#tar -xvf /home/user/Desktop/php-weathermap-0.82.zip
Copy the weathermap directory in the /usr/share/cacti/site/plugins/ directory

#cp /home/user/Desktop/weathermap/ /usr/share/cacti/site/plugins -R
We have to edit the /usr/share/cacti/site/include/config.php file and add just after the line beginning with "$plugins = array();":

$plugins[] = ‘weathermap’;
Under the cacti web interface, don't forget to enable the weathermap plugin:

Login in to your cacti interface -> click on the console tab -> click on "User Management" in the "Utilities" section -> click on an user -> enable the "View Weathermaps" checkbox.
cacti php weathermap plugin user management configure weathermap

See the weathermap tutorial for help to configure the tool.



3. SYSLOG-NG PLUGIN (0.4)

An impressive plugin that permit to read the syslog-ng messages.

cacti plugin php syslog-ng

You can trigger alerts or remove logs from the interface.

cacti plugin php syslog-ng alerts    cacti plugin php syslog-ng removal


For more information about syslog-ng, read the the php-syslog-ng tutorial.

download the plugin and uncompress it in the haloe directory. Enter the following command from where you downloaded haloe:

#tar -xvf /home/user/Desktop/haloe-0.4.tar.gz
Copy the haloe directory in the /usr/share/cacti/site/plugins/ directory

#cp /home/user/Desktop/haloe /usr/share/cacti/site/plugins/ -R
We have to edit the /usr/share/cacti/site/include/config.php file and add just after the line beginning with "$plugins = array();":

$plugins[] = ‘haloe’;
If you don't already have it, you have to install syslog-ng et forward the logs collect by it towards the MySQL database.

Install syslog-ng:

#apt-get install syslog-ng
Syslog-ng will uninstall the default syslog server.
We have to configure the /etc/syslog-ng/syslog-ng.conf file

Syslog changes

To receive logs from a remote machine trough the network, uncomment (ie remove the #) the line containing udp();

# use the following line if you want to receive remote UDP logging messages
# (this is equivalent to the "-r" syslogd flag)
udp();
Forward the logs to the MySQL database.

Add the lines below always in the /etc/syslog-ng/syslog-ng.conf file:

log {
source(s_all);
destination(d_mysql);
};

# pipe messages to /var/log/mysql.pipe to be processed by mysql
destination d_mysql {
pipe("/var/log/mysql.pipe"
template("INSERT INTO syslog_incoming
(facility, priority, date, time, host, message, seq, status)
VALUES ( '$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$HOST', '$MSG', '$SEQ', '$STATUS' );\n") template-escape(yes));

};
Database settings.

We need to create the MySQL database and then import the tables with the sql file.

#mysqladmin -u root -p create haloe
#mysql -u root -p haloe < /home/user/Desktop/haloe/syslog.sql
We give all the rights to a new MySQL user called haloeuser on the haloe database:

#mysql -u root -p haloe
>GRANT ALL ON haloe.* TO haloeuser@localhost IDENTIFIED BY 'haloepassword';
>flush privileges;
Configure the MySQL connection settings in the /usr/share/cacti/site/plugins/haloe/config.php file:

$haloedb_type = "mysql";
$haloedb_default = "haloe";
$haloedb_hostname = "localhost";
$haloedb_username = "haloeuser";
$haloedb_password = "haloepassword";
In the same file, to see colored lines in your syslog plugin, you need to change the lines beginning with "$haloe_colors" by the lines below:

$haloe_colors["emerg"] = "FF0000";
$haloe_colors["crit"] = "FF0000";
$haloe_colors["alert"] = "FF0000";
$haloe_colors["err"] = "FFAB00";
$haloe_colors["warning"] = "FFFF00";
$haloe_colors["notice"] = "FFAB00";
// $haloe_colors["info"] = "FFAB00";
// $haloe_colors["debug"] = "D0D0D0";
The MySQL pipe file.

Now, we have to create the temporary MySQL insertion file (pipe file):

#mkfifo /var/log/mysql.pipe
We have to push the logs inside the database with a bash script:

Create a new file and insert the line below, save the file as syslog2mysql.sh in the /usr/share/cacti/site/plugings/haloe directory.
Don't forget to change the MySQL username and password.

#!/bin/bash

if [ ! -e /var/log/mysql.pipe ]
then
mkfifo /var/log/mysql.pipe
fi
while [ -e /var/log/mysql.pipe ]
do mysql -u haloeuser --password=haloepassword haloe < /var/log/mysql.pipe >/dev/null
done
The script means that if the mysql.pipe file does not exist, create it.
Then, while the mysql.pipe exists, open a MySQL connection, and send the "buffered" data the database.

Run the syslog2mysql script to see if everything is okay. Errors will be displayed in case of problems.

#/usr/share/cacti/site/plugins/haloe/syslog2mysql.sh
Stop the script with "Ctrl+C".

Final step:

To run the syslog2mysql.sh script without the root user, we need to change a file ownership:

#chown user /etc/cacti/debian.php
It's important that the www-data user, in other words the apache web server user, has the read permission on this file. Normally, it's already the case:

#ls -l | grep debian.php
-rw-r----- 1 user www-data 557 2006-11-18 14:00 debian.php
Run the syslog2mysql.sh script under the user of your choice:

#su user
user@linux#/usr/share/cacti/site/plugins/haloe/syslog2mysql.sh
Finally, we need to configure two cron jobs.

crontab -e -u user
# when the computer boots, it starts automatically the syslog2mysql.sh script.
@reboot /usr/share/cacti/site/plugins/haloe/syslog2mysql.sh
# A command required to transfer the data stored
# into the syslog_incoming table to the syslog table. (every 1 minute)
# For an unknown reason this is not done automatically by the syslog plugin.
*/1 * * * * php5 -q /usr/share/cacti/site/plugins/haloe/syslog_process.php
The crontab command will update the /var/spool/cron/crontabs/user file.

Under the cacti web interface, don't forget to enable the syslog-ng plugin:

Login in to your cacti interface -> click on the console tab -> click on "User Management" in the "Utilities" section -> click on an user -> enable the "View Syslog" checkbox.
cacti plugin php syslog-ng user management view syslog configure syslog alerts

0 komentar:

Posting Komentar