20 Most used Linux-based system monitoring tools

tuxsysad

The following are some of the  basic CLI, GUI, TUI commands to use in monitoring linux operated systems and helps in in-depth system analysis and debugging of server problems. These commands commonly help resolve issues regarding CPU, Memory, Network, and Storage.

1: top – Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.

#top 
top

top

2: vmstat – System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.

#vmstat -a
vmstat

vmstat

3: w – Find Out Who Is Logged on And What They Are Doing

w command displays information about the users currently on the machine, and their processes.

# w testuser 
w

w

4: uptime – Tell How Long The System Has Been Running

The uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.

# uptime
uptime

uptime

1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 – 3 and SMP systems 6-10 load value might be acceptable.

5: ps – Displays The Processes

ps

ps

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:

# ps -A

ps is just like top but provides more information.

Show Long Format Output

# ps -Al
To turn on extra full mode (it will show command line arguments passed to process):
# ps -AlF

To See Threads ( LWP and NLWP)

# ps -AlFH

To See Threads After Processes

# ps -AlLm

Print All Process On The Server

# ps ax
# ps axu

Print A Process Tree

# ps -ejH
# ps axjf
# pstree

Print Security Information

# ps -eo euser,ruser,suser,fuser,f,comm,label
# ps axZ
# ps -eM

See Every Process Running As User testuser

# ps -U testuser -u testuser u

Set Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
# ps -eopid,tt,user,fname,tmout,f,wchan

Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=
OR
# pgrep lighttpd
OR
# pgrep -u testuser php-cgi

Display The Name of PID 55977

# ps -p 55977 -o comm=

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10

6: free - Memory Usage 

The command free displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.

# free 
free

free

7: iostat – Average CPU Load, Disk Activity

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).

# iostat 
iostat

iostat

8: sar – Collect and Report System Activity

The sar command is used to collect, report, and save system activity information. To see network counter, enter:

sar

sar

# sar -n DEV | more
To display the network counters from the 24th:
# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:
# sar 4 5

9: mpstat – Multiprocessor Usage

The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL to display average CPU utilization per processor:

# mpstat -P ALL
mpstat

mpstat

10: pmap – Process Memory Usage

The command pmap report memory map of a process. Use this command to find out causes of memory bottlenecks.

# pmap -d PID 

To display process memory information for pid # 47394, enter:

# pmap -d 47394 
pmap

pmap

11 netstat – Network Statistics

The command netstat displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

netstat

netstat

12: ss – Network Statistics

ss command is used to dump socket statistics. It allows showing information similar to netstat.

ss

ss

13: iptraf – Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

  • Network traffic statistics by TCP connection
  • IP traffic statistics by network interface
  • Network traffic statistics by protocol
  • Network traffic statistics by TCP/UDP port and by packet size
  • Network traffic statistics by Layer2 address
iptraf1

iptraf1

iptraf2

iptraf2

14: tcpdump – Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:

 # tcpdump -i eth0 'tcp port 80'

To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:

# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' 

To display all FTP session to 202.54.1.5, enter:

# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20' 

To display all HTTP session to 192.168.1.5:

# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'

Use wireshark to view detailed information about files, enter:

# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80 
tcpdump

tcpdump

15: strace – System Calls

Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use to trace the process and see What it is doing.

Strace

Strace

16: /Proc file system – Various Kernel Statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel information. See Linux kernel /proc documentations for further details. Common /proc examples:

# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts
proc

proc

17: Nagios – Server And Network Monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better. FAN is “Fully Automated Nagios”. FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios. See how to install Nagios

nagios

nagios

18: Cacti – Web-based Monitoring Tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU, memory, logged in users, Apache, DNS servers and much more. See how to install and configure Cacti network graphing tool on linux box.

cacti

cacti

19: KDE System Guard – Real-time Systems Reporting and Graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple values or more complex information like tables. For each type of information, one or more displays are provided. Displays are organized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

kdesystemguard

kdesystemguard

20: Gnome System Monitor – Real-time Systems Reporting and Graphing

The System Monitor application enables you to display basic system information and monitor system processes, usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your system. Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for new users:

  • Displays various basic information about the computer’s hardware and software.
  • Linux Kernel version
  • GNOME version
  • Hardware
  • Installed memory
  • Processors and speeds
  • System Status
  • Currently available disk space
  • Processes
  • Memory and swap space
  • Network usage
  • File Systems
  • Lists all mounted filesystems along with basic information about each.
gnome-system-monitor

gnome-system-monitor

More Tools of interest

A few more tools:

  • nmap – scan your server for open ports.
  • lsof – list open files, network connections and much more.
  • ntop web based tool – ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
  • Conky – Another good monitoring tool for the X Window System. It is highly configurable and is able to monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures, processes, network interfaces, battery power, system messages, e-mail inboxes etc.
  • GKrellM – It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and remote mailboxes, and many other things.
  • vnstat – vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
  • htop – htop is an enhanced version of top, the interactive process viewer, which can display the list of processes in a tree form.
  • mtr – mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
  • wireshark - is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.
  • snort – Snort’s open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching, and content matching. The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans.
  • Centreon – Centreon is an Open Source software package that lets you supervise all the infrastructures and applications comprising your information system.

References:

http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html

http://www.wireshark.org/about.html

Snort (Intrusion Detection Utility) Installation in Centos 6

snort

Definition

snort2SNORT  is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS)[2] created by Martin Roesch in 1998.Snort is now developed by Sourcefire, of which Roesch is the founder and CTO.In 2009, Snort entered InfoWorld’s Open Source Hall of Fame as one of the “greatest [pieces of] open source software of all time”.

Snort’s open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching, and content matching. The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans.

Snort can be configured in three main modes: sniffer, packet logger, and network intrusion detection. In sniffer mode, the program will read network packets and display them on the console. In packet logger mode, the program will log packets to the disk. In intrusion detection mode, the program will monitor network traffic and analyze it against a rule set defined by the user. The program will then perform a specific action based on what has been identified.

Before proceeding with Snort installation you will need to install the required packages.  Follow the steps to do prior to snort’s installation.

Pre-Installation

Make sure to have the latest version of  MySQL, HTTP, Development Tools and Development Libraries.

     Install the necessary packages needed to run snort successfully.

 #yum install mysql-bench mysql-devel php-mysql gcc php-gd gd glib2-devel gcc-c++

      Yum install libcap, libpcap and pcre

#yum install libcap*
#yum install libpcap*
#yum install pcre*

      Install libdnet 1.12

#cd /
#mkdir snort_install
#cd snort_install
#wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz
#tar -zxvf libdnet-1.12.tgz
#cd libdnet-1.12
#./configure
#make && make install

     Install daq version 2.0.0

#cd /snort_install
#wget http://www.snort.org/downloads/2103
#tar -zxvf daq-2.0.0.tar.gz
#cd daq-2.0.0
#./configure
#make && make install

     Install snort version 2.9.4

#cd /snort_install
#wget http://www.snort.org/downloads/2112
#tar -zxvf snort-2.9.4.tar.gz
#cd snort-2.9.4
#./configure
#make && make install

Post Installation Instruction

      prepare for rules installation

# groupadd snort
# useradd -g snort snort -s /sbin/nologin
# mkdir /etc/snort
# mkdir /etc/snort/rules
# mkdir /etc/snort/so_rules
# mkdir /etc/snort/preproc_rules
# mkdir /var/log/snort
# chown snort:snort /var/log/snort
# mkdir /usr/local/lib/snort_dynamicrules
# cd /snort_install/snort-2.9.4/etc/
# cp * /etc/snort/

      Register on Snort official web site and download rules to  /snort_install directory

#cd /snort_install
#tar -zxvf snortrules-snapshot-2940.tar.gz
#cd rules/
#cp * /etc/snort/rules
#cp ../so_rules/precompiled/Centos-5-4/i386/2.9.4.0/* /etc/snort/so_rules
#cp ../preproc_rules/* /etc/snort/preproc_rules/

     Edit /etc/snort/snort.conf file

1.change “var RULE_PATH ../rules” to “var RULE_PATH /etc/snort/rules”,
change “var SO_RULE_PATH ../so_rules” to “var SO_RULE_PATH /etc/snort/so_rules”,
change “var PREPROC_RULE_PATH ../preproc_rules” to “var PREPROC_RULE_PATH /etc/snort/preproc_rules”
2. comment on the whole “Reputation preprocessor” section, because we haven’t whitelist file
3. find “Configure output plugins” section and add the line “output unified2: filename snort.log, limit 128″

    Install Barnyard 2

#cd /snort_install
#wget http://www.securixlive.com/download/barnyard2/barnyard2-1.9.tar.gz
#tar -zxvf barnyard2-1.9.tar.gz 
#cd barnyard2-1.9
#./configure 
#./configure --with-mysql-libraries=/usr/lib/mysql/
#make 
#make install
#cp etc/barnyard2.conf /etc/snort/
#mkdir /var/log/barnyard2
#chmod 666 /var/log/barnyard2
#touch /var/log/snort/barnyard2.waldo

       Setup MySQL Database

#echo "SET PASSWORD FOR root@localhost=PASSWORD('yourpassword');"| mysql -u root -p
#echo "create database snort;"| mysql -u root -p
#cd /snort_install/barnyard2-1.9
#mysql -u root -p -D snort < schemas/create_mysql
#echo "grant create, insert on root.* to snort@localhost;" | mysql -u root -p
#echo "SET PASSWORD FOR snort@localhost=PASSWORD('yourpassword');" | mysql -u root -p
#echo "grant create,insert,select,delete,update on snort.* to snort@localhost" | mysql -u root -p

     Edit the file /etc/snort/barnyard2.conf

change “config hostname: thor” to “config hostname: localhost”

change “config interface: eth0″ to “config interface: eth1″

add the line at the end of file “output database: log, mysql, user=snort password=yourpassword dbname=snort     host=localhost”
Note: the device eth1 may vary depending on your system set-up. The example given above is a 2 network device(eth0,eth1) setup where snort was applied to the second network device(eth1)
 

      Test

#/usr/local/bin/snort -u snort -g snort -c /etc/snort/snort.conf -i eth1

    If it prompts “Initialization Complete”, it proves to work.

      or  Execute snort from command line

#snort -c /etc/snort/snort.conf -l /var/log/snort/

If testing and manual run working perfectly fine proceed with the next step

      Make Snort and Barnyard2 boot up automatically

Edit the file /etc/rc.local, add the below lines

/sbin/ifconfig eth1 up /usr/local/bin/snort -D -u snort -g snort -c /etc/snort/snort.conf -i eth1

/usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/snort   /barnyard2.waldo -D

Restart to test changes.

#init 6

References:

http://www.snort.org/

http://en.wikipedia.org/wiki/Snort_%28software%29

http://www.securixlive.com/

http://kezhong.wordpress.com/2012/04/07/install-snort-2-9-2-2-on-centos5-8x86_64/http://www.securixlive.com/

Installing Centreon on Centos

What is Centreon?

Centreon is an Open Source software package that lets you supervise all the infrastructures and applications comprising your information system.
please check this for more information.

Dependencies
_ nagios
_ nagios-plugins
_ ndoutils
_ nrpe
_ make
_ sudo
_ apache (httpd server)
_ mysql (database server)
_ php
_ gd
_ gd-devel
_ perl
_ gcc
_ rrdtool
_ net-snmp

Step 1: Install Dependencies

root@linux: ~ # yum -y install make sudo gd gd-devel httpd* mysql* php* perl* gcc rrdtool* net-snmp*

if you can’t install rrdtool via yum, you can follow this:

1) add rpmforge repository

root@linux: ~ # yum -y install yum-priorities

2) edit file priorities.conf

root@linux: ~ # vim /etc/yum/pluginconf.d/priorities.conf

[main]
enable=1

3) download and install rpm forge

root@linux: ~ # wget http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
root@linux: ~ # rpm –import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
root@linux: ~ # rpm -K rpmforge-release-0.3.6-1.el5.rf.i386.rpm
root@linux: ~ # rpm -i rpmforge-release-0.3.6-1.el5.rf.i386.rpm

4) install rrdtool using yum

root@linux: ~ # yum -y install rrdtool rrdtool-devel perl-rrdtool

to install nagios, nagios-plugins, ndoutil, nrpe, you can check this.

Step 2: Compile Centreon

1)download package

root@linux: ~ # wget http://download.centreon.com/centreon/centreon-2.0.tar.gz

2) extract package

root@linux: ~ # tar -xzvf centreon-2.0.tar.gz

3) compile centreon

root@linux: ~ # cd centreon-2.0
root@linux: centreon-2.0 # ./install.sh -i

answer all question script. you can just press return as default.
or press key y for yes or n for no.

the location of RRDs.pm config will be :

/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/RRDs.pm

the location of  PEAR.php config will be:

/usr/share/pear/PEAR.php

When done with the compilation you can check in http://yourdomain/centreon, and continue with web interface installation.

4)web interface installation
follow instruction on-screen and click Next button to continue installation. make sure those is OK result.
if there’s any problem, it’s give you declaration for help (step 4). if u get error like step 4 you can use chown and chmod for solution.

root@linux: ~ # chown -R nagios.apache /usr/local/nagios
root@linux: ~ # chmod -R 775 /usr/local/nagios


5) Test. Open your browser and goto http://yourdomain/centreon

Links:
+ http://www.google.com
+ http://tech-db.com/node/26
+ http://nagioswiki.com/wiki/index.php/Installing_Centreon_on_Centos_5

How to install CACTI in LInux Box

Description: Cacti is a GPL-licensed, scalable, RRDtool-based monitoring program with flexible graphing options. This article describes the process of installing and configuring Cacti on CentOS 5.2.

Useful links to this installation were BXtra and TechDB.

Per the Cacti documentation, Cacti requires:

RRDTool 1.0.49 or 1.2.x or greater

MySQL 4.1.x or 5.x or greater

PHP 4.3.6 or greater, 5.x greater highly recommended for advanced features

A Web Server e.g. Apache or IIS

I’d also recommend installing vim, net-snmp, net-snmp-utils, php-snmp, initscripts, perl-rrdtool, and any dependencies.

To perform this install, I am logged into Gnome as a normal user, and opened a terminal that is switched to the root user using the su command. I had already installed apache, mysql, and PHP during the original install process of CentOS 5.2.

I added a new repository to facilitate this install. To do this, I created a file
(/etc/yum.repos.d/dag.repo) containing Dag Wiers repository, which contains rrdtool, among other things.

[dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el5/en/i386/dag gpgcheck=1 gpgkey=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt enabled=1

You can create this file by typing vim /etc/yum.repos.d/dag.repo and copying and pasting the above information into the file. Be warned that the above text containing the repository is version and architecture-specific.

I then typed yum update to update CentOS and the repository list before installing additional software.

I installed everything but cacti through yum. You can verify that you have the packages in question (or the version numbers of installed packages) by attempting to install them, as yum will remind you that you already have the latest version installed, as well as the version status of the packages, like shown here:

# yum install php httpd mysql mysql-server php-mysql vim-enhanced net-snmp net-snmp-utils php-snmp initscripts perl-rrdtool rrdtool initscripts
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
* base: pubmirrors.reflected.net
* updates: mirror.fdcservers.net
* addons: chi-10g-1-mirror.fastsoft.net
* extras: mirror.fdcservers.net
Setting up Install Process
Parsing package install arguments
Package php-5.1.6-23.2.el5_3.i386 already installed and latest version
Package httpd-2.2.3-22.el5.centos.1.i386 already installed and latest version
Package mysql-5.0.45-7.el5.i386 already installed and latest version
Package mysql-server-5.0.45-7.el5.i386 already installed and latest version
Package php-mysql-5.1.6-23.2.el5_3.i386 already installed and latest version
Package 2:vim-enhanced-7.0.109-4.el5_2.4z.i386 already installed and latest version
Package 1:net-snmp-5.3.2.2-5.el5_3.1.i386 already installed and latest version
Package 1:net-snmp-utils-5.3.2.2-5.el5_3.1.i386 already installed and latest version
Package php-snmp-5.1.6-23.2.el5_3.i386 already installed and latest version
Package initscripts-8.45.25-1.el5.centos.i386 already installed and latest version
Package perl-rrdtool-1.3.7-1.el5.rf.i386 already installed and latest version
Package rrdtool-1.3.7-1.el5.rf.i386 already installed and latest version
Package initscripts-8.45.25-1.el5.centos.i386 already installed and latest version
Nothing to do

Download the latest version of Cacti (0.8.7e, as of the writing of this article) from here. I downloaded it to my desktop and unzipped it by right clicking it and selecting “Extract here”. I also renamed the cacti-0.8.7e directory by right clicking and selecting “Rename”. You could do this in the command line, if you wanted to:

[your root shell] # tar xzvf cacti-0.8.7e.tar.gz
[your root shell] # mv cacti-0.8.7e cacti

Move the entire cacti directory to /var/www/html/ :

[your root shell] # mv cacti /var/www/html

I chose to create a ‘cactiuser’ user (and cacti group) to run cacti commands and to have ownership of the relavent cacti files. It was here that I noticed that my install did not have any of the /sbin directories in its $PATH , so I simply typed the absolute path:

[your root shell] # /usr/sbin/groupadd cacti

[your root shell] # /usr/sbin/useradd -g cacti cactiuser

[your root shell] # passwd cactiuser

Change the ownership of the /var/www/html/cacti/rra/ and /var/www/html/cacti/log/ directories to the cactiuser we just created:

[your root shell] # cd /var/www/html/cacti
[your root shell] # chown -R cactiuser rra/ log/

Create a mysql root password, if you haven’t already (password in this example is samplepass:

[your root shell] # /usr/bin/mysqladmin -u root password samplepass

Create a MySQL database for cacti:

[your root shell] # mysqladmin –user=root –password=samplepass create cacti

Change directories to the cacti directory, and use the cacti.sql file to create tables for your database:

[your root shell] # cd /var/www/html/cacti
[your root shell- cacti] # mysql –user=root –password=samplepass cacti GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY ‘samplepass';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

Edit /var/www/html/cacti/include/config.php with your favorite editor, and update the information to reflect our cacti configuration (you can leave the other text in the file alone):

/* make sure these values refect your actual database/host/user/password */
$database_type = “mysql”;
$database_default = “cacti”;
$database_hostname = “localhost”;
$database_username = “cactiuser”;
$database_password = “samplepass”;
$database_port = “3306”;

Create a cron job that polls for information for Cacti (I’m choosing to use /etc/crontab here):

[your root shell] # vim /etc/crontab

Add this line to your crontab:

*/5 * * * * cactiuser /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1

Edit your PHP config file at /etc/php.ini to allow more memory usage for Cacti. It is a relatively large text file- using vim, I search for “memory_limit” by typing /memory_limit in command mode.

[your root shell] # vim /etc/php.ini
I changed memory_limit = 8M to memory_limit = 128M

Before I check to see if Cacti works, I want to check and see if mysqld and httpd are running using the service command.

[your root shell] # /sbin/service mysqld status
[your root shell] # /sbin/service httpd status

If mysqld and httpd are running, great. If not, type:

[your root shell] # /sbin/service mysqld start
[your root shell] # /sbin/service httpd start

If you’re an “I need to see what the output looks like” type, here is an example of the previous command:

[your root shell] # /sbin/service mysqld status
mysqld is stopped
[your root shell] # /sbin/service mysqld start
Initializing MySQL database: Installing MySQL system tables…
OK
Filling help tables…
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password ‘new-password’
/usr/bin/mysqladmin -u root -h localhost.localdomain password ‘new-password’
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

The latest information about MySQL is available on the web at

http://www.mysql.com

Support MySQL by buying support/licenses at http://shop.mysql.com
[ OK ]
Starting MySQL: [ OK ]

You should now be able to access cacti at http://localhost/cacti from the local computer or from any computer within your LAN network at http://your.internal.IP.address/cacti .

There should be a Cacti Installation Guide window that shows up, giving licensing info and the like. Click “Next”.

Select “New Installation”, since this is a new installation.

The next window to pop up should tell you whether Cacti could find the paths to all of the elements that Cacti needs to run, such as RRDtool, PHP, snmp stuff, etc. If everything but Cacti was installed via yum, you should be good here. Click “Finish” to save the settings and bring up the login window.

Below is a screenshot of the login window. The default user name is admin. The default password is admin. It should prompt an automatic password change for the admin account when you log in the first time.

If you successfully log in, I’d recommend taking a break here. Depending on how fast you are, your cron job may not have had enough time to run the poller program and create data for your graphs. I’d suggest taking a deep breath, or brewing a cup of tea (or coffee) for yourself.

The localhost machine should have some graph templates that are already created, but you can click the “Create Additional Devices” link to add graphs for any other machines on your network. I added my FreeNAS box (tutorial for that to follow).

After having consumed your beverage of choice, press the “Graphs” button. Cacti should have a graph showing you a couple minutes of data for the machines you have added. The longer your machine is on, the more informational the graphs will be. Also, if you click on a particular graph, Cacti will Congratulations! You’re now monitoring!

View the Cacti documentation page for more information on how to take advantages of Cacti.

Below are some graphs that were made using Cacti.

Nagios Installation

Definition:

Nagios (pronounced /ˈnɑːdʒioʊs/) is a popular open source computer system and network monitoring software application. It watches hosts and services, alerting users when things go wrong and again when they get better.

Nagios, originally created under the name NetSaint, was written and is currently maintained by Ethan Galstad, along with a group of developers actively maintaining both official and unofficial plugins. N.A.G.I.O.S. is a recursive acronym: “Nagios Ain’t Gonna Insist On Sainthood”[3], “Sainthood” being a reference to the original name of the software, which was changed in response to a legal challenge by owners of a similar trademark.

Nagios was originally designed to run under Linux, but also runs well on other Unix variants. It is free software, licensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

STEP OF INSTALLATION OF NAGIOS(SERVER)
1) Create Account Information
Become the root user.
su -l
Create a new nagios user account and give it a password.

/usr/sbin/useradd -m nagios
passwd nagios

Create a new nagcmd group for allowing external commands to be submitted through the web interface.
Add both the nagios user and the apache user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache

2) Download Nagios and the Plugins
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarballs of both Nagios and the Nagios plugins (visit
http://www.nagios.org/download/ for links to the latest versions). These directions were tested with
Nagios 3.1.1 and Nagios Plugins 1.4.11.

wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.2.0.tar.gz
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz

3) Compile and Install Nagios
Extract the Nagios source code tarball.
cd ~/downloads
tar xzf nagios-3.2.0.tar.gz
cd nagios-3.2.0
Run the Nagios configure script, passing the name of the group you created earlier like so:
./configure –with-command-group=nagcmd
Compile the Nagios source code.
make all
Install binaries, init script, sample config files and set permissions on the external command directory.
make install
make install-init
make install-config
make install-commandmode

4) Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample
files should work fine for getting started with Nagios. You’ll need to make just one change before you
proceed…
Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email
address associated with the nagiosadmin contact definition to the address you’d like to use for receiving
alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg

5) Configure the Web Interface
Install the Nagios web config file in the Apache conf.d directory.
make install-webconf
Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you
assign to this account – you’ll need it later.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Restart Apache to make the new settings take effect.
service httpd restart

6) Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
cd ~/downloads
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
Compile and install the plugins.
./configure –with-nagios-user=nagios –with-nagios-group=nagios
make
make install

7) Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig –add nagios
chkconfig nagios on
Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are no errors, start Nagios.
service nagios start

8) Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This
can result in “Internal Server Error” messages when you attempt to access the Nagios CGIs.
See if SELinux is in Enforcing mode.
getenforce
Put SELinux into Permissive mode.
setenforce 0
To make this change permanent, you’ll have to modify the settings in /etc/selinux/config and reboot.
Instead of disabling SELinux or setting it to permissive mode, you can use the following command to
run the CGIs under SELinux enforcing/targeted mode:
chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

9.) Access the monitoring system through your url

http://localhost/nagios

10. Install NRPE
Monitoring Host Setup
On the monitoring host (the machine that runs Nagios), you’ll need to do just a few things:
– Install the check_nrpe plugin
– Create a Nagios command definition for using the check_nrpe plugin
– Create Nagios host and service definitions for monitoring the remote host
These instructions assume that you have already installed Nagios on this machine according to the quickstart
installation guide. The configuration examples that are given reference templates that are defined in the sample
localhost.cfg and commands.cfg files that get installed if you follow the quickstart.
i. Install the check_nrpe plugin
Become the root user. You may have to use sudo -s on Ubuntu and other distros.
su -l
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest version of NRPE was 2.8.
wget http://osdn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.8.tar.gz
Extract the NRPE source code tarball.
tar xzf nrpe-2.8.tar.gz
cd nrpe-2.8
Compile the NRPE addon.
./configure
make all
Install the NRPE plugin.
make install-plugin
Last Updated: May 1, 2007 Page 9 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
ii. Test communication with the NRPE daemon
Make sure the check_nrpe plugin can talk to the NRPE daemon on the remote host. Replace “192.168.0.1” in the
command below with the IP address of the remote host that has NRPE installed.
/usr/local/nagios/libexec/check_nrpe -H 192.168.0.1
You should get a string back that tells you what version of NRPE is installed on the remote host, like this:
NRPE v2.8
If the plugin returns a timeout error, check the following:
– Make sure there isn’t a firewall between the remote host and the monitoring server that is blocking
communication
– Make sure that the NRPE daemon is installed properly under xinetd
– Make sure the remote host doesn’t have local (iptables) firewall rules that prevent the monitoring server from
talking to the NRPE daemon
iii. Create a command definition
You’ll need to create a command definition in one of your Nagios object configuration files in order to use the
check_nrpe plugin. Open the sample commands.cfg file for editing…
vi /usr/local/nagios/etc/commands.cfg
and add the following definition to the file:
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
You are now ready to start adding services that should be monitored on the remote machine to the Nagios
configuration…
Last Updated: May 1, 2007 Page 10 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
iv. Create host and service definitions
You’ll need to create some object definitions in order to monitor the remote Linux/Unix machine. These definitions
can be placed in their own file or added to an already exiting object configuration file.
First, its best practice to create a new template for each different type of host you’ll be monitoring. Let’s create a
new template for linux boxes.
define host{
name linux-box ; Name of this template
use generic-host ; Inherit default values
check_period 24×7
check_interval 5
retry_interval 1
max_check_attempts 10
check_command check-host-alive
notification_period 24×7
notification_interval 30
notification_options d,r
contact_groups admins
register 0 ; DONT REGISTER THIS – ITS A TEMPLATE
}
Notice that the linux-box template definition is inheriting default values from the generic-host template, which is
defined in the sample localhost.cfg file that gets installed when you follow the Nagios quickstart installation guide.
Next, define a new host for the remote Linux/Unix box that references the newly created linux-box host template.
define host{
use linux-box ; Inherit default values from a template
host_name remotehost ; The name we’re giving to this server
alias Fedora Core 6 ; A longer name for the server
address 192.168.0.1 ; IP address of the server
}
Next, define some services for monitoring the remote Linux/Unix box. These example service definitions will use
the sample commands that have been defined in the nrpe.cfg file on the remote host.
The following service will monitor the CPU load on the remote host. The “check_load” argument that is passed to
the check_nrpe command definition tells the NRPE daemon to run the “check_load” command as defined in the
nrpe.cfg file.
define service{
use generic-service
host_name remotehost
service_description CPU Load
check_command check_nrpe!check_load
}
The following service will monitor the the number of currently logged in users on the remote host.
define service{
use generic-service
host_name remotehost
service_description Current Users
check_command check_nrpe!check_users
}
The following service will monitor the free drive space on /dev/hda1 on the remote host.
define service{
use generic-service
host_name remotehost
service_description /dev/hda1 Free Space
check_command check_nrpe!check_hda1
}
Last Updated: May 1, 2007 Page 11 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
The following service will monitor the total number of processes on the remote host.
define service{
use generic-service
host_name remotehost
service_description Total Processes
check_command check_nrpe!check_total_procs
}
The following service will monitor the number of zombie processes on the remote host.
define service{
use generic-service
host_name remotehost
service_description Zombie Processes
check_command check_nrpe!check_zombie_procs
}
Those are the basic service definitions for monitoring the remote host. If you would like to add additional services
to be monitored, read the “Customizing Your Configuration” section starting on page 13.
v. Restart Nagios
At this point you’ve installed the check_nrpe plugin and addon host and service definitions for monitoring the
remote Linux/Unix machine. Now its time to make those changes live…
Verify your Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are errors, fix them. If everything is fine, restart Nagios.
service nagios restart
That’s it! You should see the host and service definitions you created in the Nagios web interface. In a few
minutes Nagios should have the current status information for the remote Linux/Unix machine.
Since you might want to monitor more services on the remote machine, I would suggest you read the next section
as well. :-)
Also, when it comes time to upgrade the version of NRPE you’re running, its pretty easy to do. The initial
installation was the toughest, but upgrading is a snap.

Actual Steps made on the server(volt):
1. Edited the commands.cfg file under the directory /usr/local/nagios/etc/objects to add

e.g
#######Me’s additional commands#######
#check nrpe setup

define command{
command_name    check_nrpe_disk
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_load
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_swap
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_zombie_procs
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_total_procs
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

2. Create cfg files under the directory /usr/local/nagios/etc/objects

CLIENT INSTALLATION
c) Remote Host Setup
These instructions should be completed on the remote Linux/Unix host that the NRPE daemon will be installed on.
You’ll be installing the Nagios plugins and the NRPE daemon…
i. Create Account Information
Become the root user. You may have to use sudo -s on Ubuntu and other distros.
su -l
Create a new nagios user account and give it a password.
/usr/sbin/useradd nagios
passwd nagios
ii. Install the Nagios Plugins
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarball of the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest stable version of the Nagios plugins was 1.4.6.
wget http://osdn.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.6.tar.gz
Extract the Nagios plugins source code tarball.
tar xzf nagios-plugins-1.4.6.tar.gz
cd nagios-plugins-1.4.6
Compile and install the plugins.
./configure
make
make install
The permissions on the plugin directory and the plugins will need to be fixed at this point, so run the following
commands.
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec
iii. Install xinetd
Fedora Core 6 doesn’t ship with xinetd installed by default, so install it with the following command:
yum install xinetd
Last Updated: May 1, 2007 Page 5 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
iv. Install the NRPE daemon
Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest version of NRPE was 2.8.
cd ~/downloads
wget http://osdn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.8.tar.gz
Extract the NRPE source code tarball.
tar xzf nrpe-2.8.tar.gz
cd nrpe-2.8
Compile the NRPE addon.
./configure
make all
Install the NRPE plugin (for testing), daemon, and sample daemon config file.
make install-plugin
make install-daemon
make install-daemon-config
Install the NRPE daemon as a service under xinetd.
make install-xinetd
Edit the /etc/xinetd.d/nrpe file and add the IP address of the monitoring server to the only_from directive.
only_from = 127.0.0.1
Add the following entry for the NRPE daemon to the /etc/services file.
nrpe 5666/tcp # NRPE
Restart the xinetd service.
service xinetd restart

Related: http://en.wikipedia.org/wiki/Nagios