Cacti.v7
| Installing | New Server | Mrepo | smartd | RAID | Hardening | YUM | Crontabs | LogWatch | systemctl | firewalld | CentOS 7 | |
|
Apache | Bind | Cacti | DHCP | mariadb | Samba | Sarg | Sendmail | Smokeping | Rsync | Work Apps | |
| Problems | VPN | VPN Win | Extras | Bash | MailScanner | Horde | Google CE | Wake Up | KVM | |||
| Other | Computer Lab | ISO2USB | aiContact | Google CE | Android | USB Live | SRS XML |
Contents
Cacti
YUM
yum install cacti net-snmp-utils net-snmp php rrdtool php-snmp
This may run a whole bull pucky pile of stuff. Just let it do it's thing. This will have created a user called cacti that we will use later!
The following steps are valid as of 9 Feb 2015
Setup the cacti Database
mysqladmin --user=root create cacti -p
Import the default cacti database:
mysql -uroot cacti -p< /usr/share/doc/cacti-0.8.8b/cacti.sql
Create a MySQL username and password for Cacti.
mysql --user=root mysql -p mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword'; mysql> flush privileges;
Edit /usr/share/cacti/include/config.php and specify this MySQL user
emacs /usr/share/cacti/include/config.php
$database_default = "cacti"; $database_hostname = "localhost"; $database_username = "cactiuser"; $database_password = "somepassword";
Set the appropriate permissions on cacti's directories for graph/log generation.
chown -R cacti /usr/share/cacti/rra/ /usr/share/cacti/log/
Crontabs
DONOT add a line to your /etc/crontab file similar to:
*/5 * * * * cactiuser php /var/www/cacti/poller.php > /dev/null 2>&1
I actually use this and it was wrong
*/5 * * * * su cactiuser -c "php /var/www/cacti/poller.php" > /dev/null 2>&1
The yum install has already added a cron job in /etc/cron.d
Setup httpd
emacs /etc/httpd/conf.d/cacti.conf
change
# On httpd 2.4, change "Require host localhost" to "Require all granted".
# On httpd 2.2, change "Allow from localhost" to "Allow from all".
Alias /cacti /usr/share/cacti
<Directory /usr/share/cacti/>
<IfModule mod_authz_core.c>
# httpd 2.4
Require host localhost
</IfModule>
<IfModule !mod_authz_core.c>
# httpd 2.2
Order deny,allow
Deny from all
Allow from localhost
</IfModule>
to
<IfModule mod_authz_core.c>
# httpd 2.4
Require all granted
</IfModule>
Then
systemctl restart httpd
Setting up cactid
yum install cacti-cactid
Edit the config file for cactid
pico /etc/cactid.conf
DB_Host localhost DB_Database cacti DB_User cactiuser DB_Pass somepassword DB_Port 3306
Edit the configuration of Cacti so you have the path to the cactid file setup.
Edit the configuration of Cacti to using the cactid to get the data.
Crontabs
DONOT add a line to your /etc/crontab file similar to:
*/5 * * * * cactiuser php /var/www/cacti/poller.php > /dev/null 2>&1
I actually use this and it was wrong
*/5 * * * * su cactiuser -c "php /var/www/cacti/poller.php" > /dev/null 2>&1
The yum install has already added a cron job in /etc/cron.d. So we need to edit:
emacs /etc/cron.d/cacti
And remove the hash
#*/5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1
Save
Setting up snmp
yum install net-snmp-utils net-snmp
If snmp is now already set my then there are a number of things that do need to be set.
systemctl start snmpd systemctl enable snmpd
Allows for firewalld
With firewalld running
firewall-cmd --permanent --zone=public --add-port=5905/tcp firewall-cmd --reload
WHAT DOES ALL THIS DO?
Also
firewall-cmd --permanent --zone=public --add-port=161/tcp firewall-cmd --reload
Had issues when I added this.
cp /lib/firewalld/services/ssh.xml /lib/firewalld/services/snmp.xml
emacs /lib/firewalld/services/snmp.xml
Change
<short>SNMP</short>
And
<description>Simple Network Management Protocol (SNMP)</description>
Then
emacs /lib/firewalld/zones/public.xml
Add a new service
<service="snmp" />
Stll got issues
Check that it is running
ps aux | grep snmp
Will give:
root 16042 0.0 0.4 11708 4264 ? S 16:29 0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd -a
OR
lsof -i :199
Will give:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME snmpd 16042 root 9u IPv4 2541093 TCP *:smux (LISTEN)
Okay, now what is the tree of information about this network entity?
snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
Will give:
IP-MIB::ipAdEntIfIndex.10.0.0.3 = INTEGER: 4 IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 1 IP-MIB::ipAdEntIfIndex.192.168.19.3 = INTEGER: 3 IP-MIB::ipAdEntIfIndex.192.168.20.3 = INTEGER: 2
Or maybe NOTHING!
If NOTHING Do the following:
emacs /etc/hosts.allow
snmpd: 127.0.0.1
or
emacs /etc/snmp/snmpd.conf
And change the following: config
com2sec notConfigUser default public com2sec local localhost public com2sec mynetwork 192.168.0.0/24 public Change 192.168.0.0/24 with your networks IP range group notConfigGroup v1 notConfigUser group notConfigGroup v2c notConfigUser group MyRWGroup v1 local group MyRWGroup v2c local group MyRWGroup usm local group MyROGroup v1 mynetwork group MyROGroup v2c mynetwork group MyROGroup usm mynetwork view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 view all included .1 access notConfigGroup "" any noauth exact systemview none none access MyROGroup "" any noauth exact all none none access MyRWGroup "" any noauth exact all all none syslocation Unknown (edit /etc/snmp/snmpd.conf) syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf) syslocation Linux (Version Here), Purpose Here. syscontact Just A. Geek <you@email.whatever>
systemctl restart snmpd
Okay, now let's run this command again. What do we get?
snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 1 IP-MIB::ipAdEntIfIndex.xxx.xxx.xxx.xxx = INTEGER: 2
Can we run this command a against an external server?
snmpwalk -v 1 -c public ipaddress IP-MIB::ipAdEntIfIndex
To set snmpd to start on a restart:
chkconfig --add snmpd
- Did you find this page useful?
- Do you have an issue that you have not yet fixed?
We can do this for you.
I am available for technical support. Please follow this link. Tech Support Request.
+64-6-880-0000 : ++1-808-498-7146 : help@ai.net.nz
Getting us to help you
