MRTG graphs stuff, and SNMP sends information about different network devices like how health, throughput, and possibly lots of other stuff. This howto will give you a simple, low-level dashboard of what your devices are doing and how much traffic is going through them. There are lots of ways to do this, like cacti, munin, zabbix, etc., but I wanted something simple, and plan to manage it from the command line, which is a preference. If you need web-management, look at some pre-existing packages like those listed above.
MRTG graphs stuff, and it doesn’t really matter what. SNMP reports to it what to graph from across the network.
apt-get install mrtg snmpd snmp mkdir /var/www/mrtg vi /etc/snmp/snmpd.conf agentAddress udp:127.0.0.1:161 (change line to look like one below) agentAddress udp:161 /etc/init.d/snmpd restart netstat -au | grep snmp (you should see line below, which means listening on all interfaces) udp 0 0 *:snmp *:* cp /etc/mrtg.cfg /etc/mrtg.cfg.orig vi /etc/mrtg.cfg #Global Settings # RunAsDaemon: yes EnableIPv6: no WorkDir: /var/www/mrtg Options[_]: bits,growright # # Targets # Target[127.0.0.1]: /127.0.0.1:firstname.lastname@example.org MaxBytes[127.0.0.1]: 1250000 Title[127.0.0.1]: Localhost PageTop[127.0.0.1]: <h1>Localhost - 127.0.0.1</h1> Unscaled[127.0.0.1]: ymwd indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
Now, to add snmp monitoring from some remote device you only have to do a few things. Understanding what you’re doing and why it far more diffficult to grasp. Basically, snmpwalk command goes looking at a router, in this example your home router at 192.168.1.1, and trying to get snmp information out of it to make sure you can compile stats from info it’s spitting out. But first you have to make it spit that information out. To do that you have to set up snmp on your router, so you’ll have to login to it and enable snmp. On some routers you have to do much more, like tell it which source interface, stuff like that. We’ll keep it simplified here. Once it’s enabled, you have to give the snmp monitoring part a name that you can reference from your MRTG box, which called a community name. So call it something like “homeciscobox” or whatever, just don’t call it “public” (frequently the default), that could result in evil in certain cases if bad folks guess what it is and control or monitor your router. If you want more security, enable version 2 or 3 of snmp, there’s a BIG difference on how secure they are, and also how irritating they are to configure correctly. I recommend testing with version 1, then once you get it working, switch to 2 or 3 variants to secure it.
If the snmpwalk command below worked, you should see a butt-load of lines output, like 300 maybe, depending on your router. That means it connected and got information. Now you have to use cfgmaker to turn that info into a config file the MRTG can use. You can see the command below. Make sure to use the >> rather than a single >, so it will append your existing config file if you have one, rather than overwriting it.
If that worked, you can use a utility called indexmaker to build an index.html to display what MRTG found through its polling. The command is below. Now you should be able to go to http://serverip.or.host.name/index.html and see some data.
snmpwalk -v 1 -c homeciscobox 192.168.1.1 (snmp router IP, you should see tons of information output, like 300 lines) cfgmaker email@example.com >> /etc/mrtg.cfg indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
Monitor remote servers
To monitor a remote server, like for interface bandwidth, you have to load a SERVER on the REMOTE host, then use your mrtg CLIENT on the SERVER you just set up. It’s kind of confusing, but the remote box has to serve up information for you to read on your mrtg box via snmp. Here’s how you configure your REMOTE box first (make sure contrib and non-free repos are enabled for the snmp-mibs-downloader, or you won’t see the package because of licensing issues):
apt-get install snmpd lm-sensors snmp snmp-mibs-downloader vi /etc/snmp/snmp.conf MIB : (change this line to the one below) MIB +ALL vi /etc/default/snmpd export MIBS= (change to look like next line) export MIBS=/usr/share/mibs (change these next two lines to look like this) SNMPDOPTS='-LS6d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid' TRAPDOPTS='-LS6d -p /var/run/snmptrapd.pid' vi /etc/snmp/snmpd.conf #agentAddress udp:127.0.0.1:161 (comment this line out) agentAddress udp:161,udp6:[::1]:161 (uncomment this line) view systemonly included .126.96.36.199.2.1 (add this line below the other view/systemonly/included lines) rocommunity public default -V systemonly (change this line to look like the next one) rocommunity whatevernameyouwanttocallit default -V systemonly sysLocation location where your server physically is located sysContact Yourname <firstname.lastname@example.org> interface eth0 6 1000000000 (add this somewhere after the proc lines) /etc/init.d/snmpd restart
Now, if snmp server is behaving, you can use snmpwalk to find out what it’s reporting like:
snmpwalk -v 1 -c whateveryouwanttocallit localhost SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-TC::linux ... bunch of stuff in the middle ... SNMPv2-MIB::sysORID.8 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup End of MIB
Now go back to your monitoring server that’s keeping track of things on your remote server, and see if you can see snmp information coming across the wire:
snmpwalk -v 1 -c whateveryoucalleditontheserver i.p.of.remoteserver iso.188.8.131.52.184.108.40.206 = STRING: "Linux www.example.com 3.-amd64 #1 SMP Debian 351-1 x86_64" iso.220.127.116.11.18.104.22.168 = STRING: "yourname <email@example.com>" iso.22.214.171.124.126.96.36.199 = STRING: "www.hostnameofserver.com" iso.188.8.131.52.184.108.40.206 = STRING: "whateverlocationyouputinhere" ... bunch of stuff ... iso.220.127.116.11.18.104.22.168.0 = Gauge32: 114 iso.22.214.171.124.126.96.36.199.0 = INTEGER: 0
So now you probably want mrtg to make a graph out of some system information on your remote server, so