https://wiki.alpinelinux.org/w/api.php?action=feedcontributions&user=Epi&feedformat=atomAlpine Linux - User contributions [en]2024-03-28T19:59:13ZUser contributionsMediaWiki 1.40.0https://wiki.alpinelinux.org/w/index.php?title=Setting_Up_Fprobe_And_Ntop&diff=8016Setting Up Fprobe And Ntop2012-05-07T18:45:47Z<p>Epi: add ttf</p>
<hr />
<div>Goal: Setup fprobe as a NetFlow probe on an Alpine Linux router, and then ntop as a collector/analyzer on another machine. <br /><br />
Assumptions: Eth0 on router will be monitored, 192.168.0.1 is router interface on LAN side, 192.168.0.100 is ntop host, and port 2055 will be used for fprobe.<br />
<br />
== Router setup ==<br />
Install packages:<br />
{{cmd|apk add fprobe}}<br />
Edit /etc/conf.d/fprobe (adjust lines shown below as needed - leave rest of config file as is):<br />
IFACE=eth0<br />
FLOW_VER=7<br />
LOCALIP=192.168.0.1<br />
REMOTEIP=192.168.0.100<br />
PORT=2055<br />
Start fprobe.<br />
{{cmd|/etc/init.d/fprobe start}}<br />
<br />
== Ntop host setup ==<br />
Add package:<br />
{{cmd|apk add ntop}}<br />
Edit /etc/conf.d/ntop (adjust path to ntop cache as needed):<br />
NTOP_OPTS="-P /var/cache/ntop --http-server 3000 --https-server 0 --interface eth0"<br />
Generate ntop password:<br />
{{cmd|ntop --generate-admin-password}}<br />
Start ntop:<br />
{{cmd|/etc/init.d/ntop start}}<br />
Open ntop web interface by browsing to http://192.168.0.100:3000.<br /><br />
Enable NetFlow plugin from the Plugins menu. <br /><br />
Create NetFlow device with proper options:<br />
Local Collector UDP Port: 2055<br />
Virtual NetFlow Interface Network Address: 192.168.0.100/255.255.255.0<br />
Flow Aggregation (set as desired, bu TCP/UDP Port is a good choice)<br />
Enable Session Handling: Yes<br />
Debug: Off<br />
Check after a minute or two that flows are being processed by going to the Summary -> Traffic menu option and making sure data is present for the collector port and rrd graphs are being generated.<br />
<br />
In case have trouble creating password, you can delete previous databases and recreate again:<br />
<br />
{{cmd|rm /var/ntop/ *.db}}<br />
<br />
If receive error regarding font not found you can add ttf fonts:<br />
<br />
{{cmd|apk add ttf-dejavu}}<br />
<br />
<br />
== Notes ==<br />
<br />
* To monitor 2 interfaces (gre1 given as example), copy /etc/init.d/fprobe to /etc/init.d/fprobe.gre1, edit BIN= line to point to /usr/sbin/fprobe.gre. Copy /etc/conf.d/fprobe to /etc/conf.d/fprobe.gre and change interface line to IP on gre interface and port line to 2056. Finally, softlink /usr/sbin/fprobe.gre to /usr/sbin/fprobe.<br />
* If there isn't data present, make sure firewall on both router and ntop host have port 2055 (and possibly 2056) open from the router to the ntop host.<br />
* If you have a high-volume router that you are monitoring, you may end up hitting a folder limit for your rrd interfaces directory(max of 32 000) depending on how you have flows being processed/parsed. It may be necessary to schedule a cron job to clear out the cache periodically and restart ntop after deleting the older folders.<br />
<br />
[[Category:Networking]]<br />
[[Category:Monitoring]]</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Zabbix_-_cgi_and_mysql&diff=5588Zabbix - cgi and mysql2011-07-20T14:44:18Z<p>Epi: added SNMP option for monitor switches</p>
<hr />
<div>[[Category:monitoring]]<br />
<br />
<br />
== Zabbix Monitoring Solution ==<br />
<br />
The purpose of this document is to assist in installing the Zabbix server software and Zabbix agent on the Alpine Linux operating system. Instructions on how to configure and use Zabbix - as well as many useful tutorials - can be found at http://www.zabbix.com.<br />
<br />
{{Note|Currently, Zabbix will only work as expected when running on an Alpine Linux system updated from the latest snapshots of the Edge repository. It will be properly supported with the next major version stable release (Alpine 2.2).}}<br />
<br />
== Install Lighttpd, and PHP ==<br />
<br />
{{:Setting Up Lighttpd With FastCGI}}<br />
<br />
== Configure PostgreSQL ==<br />
<br />
Setup and configure PostgreSQL:<br />
<br />
{{Cmd|apk add postgresql postgresql-client <br />
/etc/init.d/postgresql setup<br />
/etc/init.d/postgresql start<br />
rc-update add postgresql}}<br />
<br />
== Install Zabbix ==<br />
<br />
{{Cmd|apk add zabbix zabbix-pgsql zabbix-webif zabbix-setup}}<br />
<br />
Now we need to set up the zabbix database. Substitute '*********' in the example below for a real password:<br />
<br />
{{Cmd|<nowiki>psql –U postgres<br />
postgres=# create user zabbix with password '*********';<br />
postgres=# create database zabbix owner zabbix;<br />
postgres=# \q<br />
cd /usr/share/zabbix/create/schema/<br />
cat postgresql.sql | psql -U zabbix zabbix<br />
cd ..<br />
cd data/<br />
cat data.sql | psql -U zabbix zabbix<br />
cat images_pgsql.sql | psql -U zabbix zabbix</nowiki>}}<br />
<br />
Create a softlink for the Zabbix web-frontend files:<br />
<br />
{{Cmd|rm /var/www/localhost/htdocs -R<br />
ln -s /usr/share/webapps/zabbix /var/www/localhost/htdocs}}<br />
<br />
Edit PHP configuration to satisfy some zabbix requirements. Edit /etc/php/php.ini and configure the following values at least:<br />
<br />
<pre><br />
Max_execution_time = 600<br />
Expose_php = off<br />
Date.timezone = <insert your timezone here><br />
post_max_size = 32M<br />
upload_max_filesize = 16M<br />
max_input_time = 600<br />
memory_limit = 256M<br />
</pre><br />
<br />
Configure the following entries in /etc/zabbix/zabbix_server.conf, where DBPassword is the password chosen for the database above:<br />
<br />
<pre><br />
DBName=zabbix<br />
<br />
# Database user<br />
<br />
DBUser=zabbix<br />
<br />
# Database password<br />
# Comment this line if no password used<br />
<br />
DBPassword=*********<br />
</pre><br />
<br />
Start Zabbix server:<br />
<br />
{{Cmd|rc-update add zabbix-server<br />
/etc/init.d/zabbix-server start}}<br />
<br />
Fix permissions on conf directory.<br />
<br />
{{Cmd|chmod 777 /usr/share/webapps/zabbix/conf -R}}<br />
<br />
You should now be able to browse to the Zabbix frontend: http://yourservername/.<br />
<br />
or<br />
<br />
You should now be able to browse to the Zabbix setup frontend: http://yourserverip/instal.php.<br />
<br />
Follow the setup instructions to configure Zabbix, supplying the database information used above.<br />
<br />
After setup, login using: Login name: '''Admin''' Password:'''zabbix'''. (as described at http://www.zabbix.com/documentation/1.8/manual/installation)<br />
<br />
Finally, Zabbix requires special permissions to use the fping binary.<br />
<br />
{{Cmd|chmod u+s /usr/sbin/fping}}<br />
<br />
== Install Zabbix Agent on Monitored Servers ==<br />
<br />
Zabbix can monitor almost any operating system, including Alpine Linux hosts. Complete the following steps to install the Zabbix agent on Alpine Linux.<br />
<br />
{{Note|Support to allow zabbix-agentd to view running processes on Alpine Linux has been added since linux-grsec-2.6.35.9-r2. Please ensure you have that kernel installed prior to attempting to run zabbix-agentd.}}<br />
<br />
Ensure that the readproc group exists (support added since alpine-baselayout-2.0_rc1-r1), by adding the following line to /etc/group:<br />
<br />
{{Cmd|readproc:x:30:zabbix}}<br />
<br />
Install the agent package:<br />
<br />
{{Cmd|apk add zabbix-agent}}<br />
<br />
Edit the /etc/zabbix/zabbix_agentd.conf file and configure at least the following option:<br />
<pre><br />
Server=<ip or hostname of zabbix server><br />
Hostname=<ip or hostname of zabbix agent><br />
ListenPort=10050<br />
</pre><br />
<br />
Start the zabbix-agent:<br />
<br />
{{Cmd|rc-update add zabbix-agentd<br />
/etc/init.d/zabbix-agentd start}}<br />
<br />
In case you want to monitor using SNMP agent on remote machines you have to add these packages on zabbix server:<br />
<br />
{{Cmd|apk add net-snmp net-snmp-tools}}<br />
<br />
And add these packages on remote machines:<br />
<br />
{{Cmd|apk add net-snmp }}<br />
<br />
<br />
== Optional: Crash course in adding hosts, checks and notifications ==<br />
<br />
''Note:'' This is optional since it's not specific to Alpine Linux, but I wanted a couple notes for how to perform a simple check on a server that doesn't have the agent installed on it, and be notified on state changes.<br />
<br />
Administration -> Media Types -> Email<br />
* Setup server, helo, email from address<br />
<br />
Administration -> Users<br />
* Setup each user who'll get notified, make sure they have media type "Email" added with their address<br />
<br />
Configuration -> Hosts -> Create host<br />
* In Linux Servers hostgroup<br />
* Define dns name, ip, connect by IP<br />
<br />
Configuration -> Templates -> Create template<br />
* Give it a name (Template_Alpine_Linux_Infra_HTTP)<br />
* In Templates group<br />
<br />
Configuration -> Templates -> Template_Alpine_Linux_Infra_HTTP -> Items<br />
* Create Item<br />
* Host: Template_Alpine_Linux_Infra_HTTP<br />
* Description: HTTP Basic Check<br />
* Type: Simple_check<br />
* Key: http,80<br />
<br />
Configuration -> Templates -> Template_Alpine_Linux_Infra_HTTP -> Triggers<br />
* Create Trigger<br />
* Name: "HTTP Trigger"<br />
* Expression: {Template_Alpine_Linux_Infra_HTTP:http,80.last(0)}#1<br />
* Severity: High<br />
<br />
Configuration -> Actions -> <br />
* Create Action<br />
* name: Email notifications<br />
* Event source: triggers<br />
* Default Subject: add "{HOST.DNS}:" to the beginning<br />
* Default message: add "{HOST.DNS}:" to the beginning<br />
* Conditions: make host have to be from "Linux Servers" hostgroup, and Template_Alpine_Linux_Infra_HTTP:HTTP trigger" is not 1<br />
* Email affected users</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Zabbix_-_cgi_and_mysql&diff=5576Zabbix - cgi and mysql2011-07-19T17:13:07Z<p>Epi: added instal.php page for initialize zabbix setup wizzard</p>
<hr />
<div>[[Category:monitoring]]<br />
<br />
<br />
== Zabbix Monitoring Solution ==<br />
<br />
The purpose of this document is to assist in installing the Zabbix server software and Zabbix agent on the Alpine Linux operating system. Instructions on how to configure and use Zabbix - as well as many useful tutorials - can be found at http://www.zabbix.com.<br />
<br />
{{Note|Currently, Zabbix will only work as expected when running on an Alpine Linux system updated from the latest snapshots of the Edge repository. It will be properly supported with the next major version stable release (Alpine 2.2).}}<br />
<br />
== Install Lighttpd, and PHP ==<br />
<br />
{{:Setting Up Lighttpd With FastCGI}}<br />
<br />
== Configure PostgreSQL ==<br />
<br />
Setup and configure PostgreSQL:<br />
<br />
{{Cmd|apk add postgresql postgresql-client <br />
/etc/init.d/postgresql setup<br />
/etc/init.d/postgresql start<br />
rc-update add postgresql}}<br />
<br />
== Install Zabbix ==<br />
<br />
{{Cmd|apk add zabbix zabbix-pgsql zabbix-webif zabbix-setup}}<br />
<br />
Now we need to set up the zabbix database. Substitute '*********' in the example below for a real password:<br />
<br />
{{Cmd|<nowiki>psql –U postgres<br />
postgres=# create user zabbix with password '*********';<br />
postgres=# create database zabbix owner zabbix;<br />
postgres=# \q<br />
cd /usr/share/zabbix/create/schema/<br />
cat postgresql.sql | psql -U zabbix zabbix<br />
cd ..<br />
cd data/<br />
cat data.sql | psql -U zabbix zabbix<br />
cat images_pgsql.sql | psql -U zabbix zabbix</nowiki>}}<br />
<br />
Create a softlink for the Zabbix web-frontend files:<br />
<br />
{{Cmd|rm /var/www/localhost/htdocs -R<br />
ln -s /usr/share/webapps/zabbix /var/www/localhost/htdocs}}<br />
<br />
Edit PHP configuration to satisfy some zabbix requirements. Edit /etc/php/php.ini and configure the following values at least:<br />
<br />
<pre><br />
Max_execution_time = 600<br />
Expose_php = off<br />
Date.timezone = <insert your timezone here><br />
post_max_size = 32M<br />
upload_max_filesize = 16M<br />
max_input_time = 600<br />
memory_limit = 256M<br />
</pre><br />
<br />
Configure the following entries in /etc/zabbix/zabbix_server.conf, where DBPassword is the password chosen for the database above:<br />
<br />
<pre><br />
DBName=zabbix<br />
<br />
# Database user<br />
<br />
DBUser=zabbix<br />
<br />
# Database password<br />
# Comment this line if no password used<br />
<br />
DBPassword=*********<br />
</pre><br />
<br />
Start Zabbix server:<br />
<br />
{{Cmd|rc-update add zabbix-server<br />
/etc/init.d/zabbix-server start}}<br />
<br />
Fix permissions on conf directory.<br />
<br />
{{Cmd|chmod 777 /usr/share/webapps/zabbix/conf -R}}<br />
<br />
You should now be able to browse to the Zabbix frontend: http://yourservername/.<br />
or<br />
You should now be able to browse to the Zabbix frontend: http://yourserverip/instal.php.<br />
Follow the setup instructions to configure Zabbix, supplying the database information used above.<br />
<br />
After setup, login using: Login name: '''Admin''' Password:'''zabbix'''. (as described at http://www.zabbix.com/documentation/1.8/manual/installation)<br />
<br />
Finally, Zabbix requires special permissions to use the fping binary.<br />
<br />
{{Cmd|chmod u+s /usr/sbin/fping}}<br />
<br />
== Install Zabbix Agent on Monitored Servers ==<br />
<br />
Zabbix can monitor almost any operating system, including Alpine Linux hosts. Complete the following steps to install the Zabbix agent on Alpine Linux.<br />
<br />
{{Note|Support to allow zabbix-agentd to view running processes on Alpine Linux has been added since linux-grsec-2.6.35.9-r2. Please ensure you have that kernel installed prior to attempting to run zabbix-agentd.}}<br />
<br />
Ensure that the readproc group exists (support added since alpine-baselayout-2.0_rc1-r1), by adding the following line to /etc/group:<br />
<br />
{{Cmd|readproc:x:30:zabbix}}<br />
<br />
Install the agent package:<br />
<br />
{{Cmd|apk add zabbix-agent}}<br />
<br />
Edit the /etc/zabbix/zabbix_agentd.conf file and configure at least the following option:<br />
<pre><br />
Server=<ip or hostname of zabbix server><br />
Hostname=<ip or hostname of zabbix agent><br />
ListenPort=10050<br />
</pre><br />
<br />
Start the zabbix-agent:<br />
<br />
{{Cmd|rc-update add zabbix-agentd<br />
/etc/init.d/zabbix-agentd start}}<br />
<br />
== Optional: Crash course in adding hosts, checks and notifications ==<br />
<br />
''Note:'' This is optional since it's not specific to Alpine Linux, but I wanted a couple notes for how to perform a simple check on a server that doesn't have the agent installed on it, and be notified on state changes.<br />
<br />
Administration -> Media Types -> Email<br />
* Setup server, helo, email from address<br />
<br />
Administration -> Users<br />
* Setup each user who'll get notified, make sure they have media type "Email" added with their address<br />
<br />
Configuration -> Hosts -> Create host<br />
* In Linux Servers hostgroup<br />
* Define dns name, ip, connect by IP<br />
<br />
Configuration -> Templates -> Create template<br />
* Give it a name (Template_Alpine_Linux_Infra_HTTP)<br />
* In Templates group<br />
<br />
Configuration -> Templates -> Template_Alpine_Linux_Infra_HTTP -> Items<br />
* Create Item<br />
* Host: Template_Alpine_Linux_Infra_HTTP<br />
* Description: HTTP Basic Check<br />
* Type: Simple_check<br />
* Key: http,80<br />
<br />
Configuration -> Templates -> Template_Alpine_Linux_Infra_HTTP -> Triggers<br />
* Create Trigger<br />
* Name: "HTTP Trigger"<br />
* Expression: {Template_Alpine_Linux_Infra_HTTP:http,80.last(0)}#1<br />
* Severity: High<br />
<br />
Configuration -> Actions -> <br />
* Create Action<br />
* name: Email notifications<br />
* Event source: triggers<br />
* Default Subject: add "{HOST.DNS}:" to the beginning<br />
* Default message: add "{HOST.DNS}:" to the beginning<br />
* Conditions: make host have to be from "Linux Servers" hostgroup, and Template_Alpine_Linux_Infra_HTTP:HTTP trigger" is not 1<br />
* Email affected users</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=EyeOS&diff=5484EyeOS2011-07-02T12:15:00Z<p>Epi: added commands for latest Eyeos Version 2.5</p>
<hr />
<div>== What is eyeOS? ==<br />
<br />
eyeOS is an open source web desktop following the cloud computing concept that leverages collaboration and communication among users. It is mainly written in PHP, XML, and JavaScript. It acts as a platform for web applications written using the eyeOS Toolkit. It includes a Desktop environment with 67 applications and system utilities<br />
<br />
== Set up eyeOS on Alpine Linux ==<br />
<br />
This document will be a quick c/p guide to setup eyeOS on Alpine linux. What we will setup is the following:<br />
<br />
* Lighttpd with PHP <br />
* eyeOS<br />
<br />
== Install lighttpd, and PHP ==<br />
<br />
{{:Setting Up Lighttpd With FastCGI}}<br />
<br />
== Installing and configuring eyeOS ==<br />
<br />
'''Install eyeOS'''<br />
<br />
Make webapps folder<br />
<br />
mkdir /usr/share/webapps/ -p<br />
<br />
Download previous version:<br />
<br />
cd /usr/share/webapps/<br />
wget http://sourceforge.net/projects/eyeos/files/eyeos/1.9.0.1/eyeOS_1.9.0.1.zip/download<br />
<br />
Unpack and delete zip file<br />
<br />
unzip download<br />
rm download<br />
<br />
Also you can download latest version:<br />
<br />
cd /usr/share/webapps/<br />
wget http://sourceforge.net/projects/eyeos/files/eyeos2/eyeos-2.5.tar.gz/download<br />
<br />
Unpack and delete tar.gz file<br />
<br />
cd /usr/share/webapps/<br />
tar -xvzf download<br />
<br />
Change Folder Persmissions<br />
<br />
chmod -R 777 /usr/share/webapps/eyeOS/<br />
<br />
Make symlinks to eyeOS<br />
<br />
ln -s /usr/share/webapps/eyeOS/ /var/www/localhost/htdocs/eyeos<br />
<br />
Unpack main package<br />
<br />
cd /usr/share/webapps/eyeOS/<br />
mv /usr/share/webapps/eyeOS/package.eyepackage /usr/share/webapps/eyeOS/package.tar.gz<br />
tar zxvf /usr/share/webapps/eyeOS/package.tar.gz<br />
<br />
== Starting ==<br />
<br />
'''Starting http service and adding to boot'''<br />
<br />
/etc/init.d/lighttpd start && rc-update add lighttpd default<br />
<br />
== Config your eyeos ==<br />
<br />
Browse to: http://WEBSERVER_IP_ADDRESS/eyeos<br />
<br />
Please fill out the following form to install eyeOS:<br />
<br />
Root Password<br />
Retype Password<br />
System Name<br />
Allow users to create accounts<br />
<br />
When you finish, press "Install eyeOS!" button, and thats all. :)<br />
You have eyeOS cloud computing system working, to access go to http://WEBSERVER_IP_ADDRESS/eyeOS and enjoy!</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Cacti:_traffic_analysis_and_monitoring_network&diff=5341Cacti: traffic analysis and monitoring network2011-06-20T14:57:31Z<p>Epi: updated poll command and add permits to lighttpd user</p>
<hr />
<div>Install needed packages:<br />
{{Cmd|apk add lighttpd php cacti net-snmp-tools fcgi}}<br />
Add php support to lighttpd (uncomment this line in /etc/lighttpd/lighttpd.conf):<br />
include "mod_fastcgi.conf"<br />
Save and exit editor.<br />
Create a softlink for the cacti web files:<br />
{{Cmd|ln -s /usr/share/webapps/cacti /var/www/localhost/htdocs/cacti}}<br />
Assign permits to lighttpd user:<br />
cown -R lighttpd:lighttpd /var/www/localhost/htdocs/cacti/<br />
In case you are using other web server than lighttpd have to assign permits to that user.<br />
If it hasn't already been done, setup MySQL:<br />
{{Cmd|apk add mysql-client}}<br />
mysql_install_db --user=mysql<br />
{{Cmd|/etc/init.d/mysql start}}<br />
{{Cmd|mysql_secure_installation}}<br />
Create the cacti database and populate it<br />
{{Cmd| mysql -u root -p}}<br />
{{Cmd| mysql> create database cacti;}}<br />
Grant Cacti MySQL user access (give it a more secure password):<br />
{{Cmd| mysql> grant all on cacti.* to 'cactiuser'@'localhost' identified by 'MostSecurePassword'; flush privileges;}}<br />
Quit from Mysql command prompt:<br />
{{Cmd| mysql> \q }}<br />
Edit and put in the password you used in the above step for the mysql user. <br />
<br />
vi /var/www/localhost/htdocs/cacti/include/config.php <br />
<br />
Import the initial Cacti MySQL config:<br />
<br />
mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql<br />
<br />
If you are using most recent Mysql version from Alpine 2.2.2, have to fix cacti.sql syntax then import:<br />
<br />
cd /usr/share/webapps/cacti/<br />
mv cacti.sql cacti.tmp && sed s/TYPE=/ENGINE=/g cacti.tmp > cacti.sql<br />
mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql<br />
<br />
Set lighttpd to autostart and start the daemon.<br />
{{Cmd|rc-update add lighttpd && rc-service lighttpd start}}<br />
Browse to http://localhost/cacti/<br /><br />
In the web page clic:<br />
: -> Next<br />
Then select new install in case is not selected:<br />
: -> New install, Next<br />
Then finish<br />
: -> Finish<br />
Login using:<br />
Password= admin user= admin<br />
Next wil be prompted to change password:<br />
change password.<br /><br />
Add to crontab:<br /><br />
<br />
cd /etc/crontabs<br />
vi root<br />
copy to the end of the file:<br />
*/5 * * * * lighttpd php /var/www/localhost/htdocs/cacti/poller.php > /dev/null 2>&1<br />
In case you are using other web server have to modify the "lighttpd" user.<br />
*/5 * * * * "web server user" php /var/www/localhost/htdocs/cacti/poller.php > /dev/null 2>&1<br />
<br />
Add your devices and you're ready to start monitoring!<br />
<br />
[[Category:Monitoring]]</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Cacti:_traffic_analysis_and_monitoring_network&diff=5312Cacti: traffic analysis and monitoring network2011-06-17T17:18:43Z<p>Epi: some command layout</p>
<hr />
<div>Install needed packages:<br />
{{Cmd|apk add lighttpd php cacti net-snmp-tools fcgi}}<br />
Add php support to lighttpd (uncomment this line in /etc/lighttpd/lighttpd.conf):<br />
include "mod_fastcgi.conf"<br />
Save and exit editor.<br />
Create a softlink for the cacti web files:<br />
{{Cmd|ln -s /usr/share/webapps/cacti /var/www/localhost/htdocs/cacti}}<br />
If it hasn't already been done, setup MySQL:<br />
{{Cmd|apk add mysql-client}}<br />
mysql_install_db --user=mysql<br />
{{Cmd|/etc/init.d/mysql start}}<br />
{{Cmd|mysql_secure_installation}}<br />
Create the cacti database and populate it<br />
{{Cmd| mysql -u root -p}}<br />
{{Cmd| mysql> create database cacti;}}<br />
Grant Cacti MySQL user access (give it a more secure password):<br />
{{Cmd| mysql> grant all on cacti.* to 'cactiuser'@'localhost' identified by 'MostSecurePassword'; flush privileges;}}<br />
Quit from Mysql command prompt:<br />
{{Cmd| mysql> \q }}<br />
Edit and put in the password you used in the above step for the mysql user. <br />
<br />
vi /var/www/localhost/htdocs/cacti/include/config.php <br />
<br />
Import the initial Cacti MySQL config:<br />
<br />
mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql<br />
<br />
If you are using most recent Mysql version from Alpine 2.2.2, have to fix cacti.sql syntax then import:<br />
<br />
cd /usr/share/webapps/cacti/<br />
mv cacti.sql cacti.tmp && sed s/TYPE=/ENGINE=/g cacti.tmp > cacti.sql<br />
mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql<br />
<br />
Set lighttpd to autostart and start the daemon.<br />
{{Cmd|rc-update add lighttpd && rc-service lighttpd start}}<br />
Browse to http://localhost/cacti/<br /><br />
In the web page clic:<br />
: -> Next<br />
Then select new install in case is not selected:<br />
: -> New install, Next<br />
Then finish<br />
: -> Finish<br />
Login using:<br />
Password= admin user= admin<br />
Next wil be prompted to change password:<br />
change password.<br /><br />
Add to crontab:<br /><br />
<br />
cd /etc/crontabs<br />
vi root<br />
copy to the end of the file:<br />
*/5 * * * * php /var/www/localhost/cacti/poller.php > /dev/null 2>&1<br />
Add your devices and you're ready to start monitoring!<br />
<br />
[[Category:Monitoring]]</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Cacti:_traffic_analysis_and_monitoring_network&diff=5282Cacti: traffic analysis and monitoring network2011-06-16T22:40:20Z<p>Epi: some formating to commands</p>
<hr />
<div>Install needed packages:<br />
{{Cmd|apk add lighttpd php cacti net-snmp-tools fcgi}}<br />
Add php support to lighttpd (uncomment this line in /etc/lighttpd/lighttpd.conf):<br />
include "mod_fastcgi.conf"<br />
Save and exit editor.<br />
Create a softlink for the cacti web files:<br />
{{Cmd|ln -s /usr/share/webapps/cacti /var/www/localhost/htdocs/cacti}}<br />
If it hasn't already been done, setup MySQL:<br />
{{Cmd|apk add mysql-client}}<br />
mysql_install_db --user=mysql<br />
{{Cmd|/etc/init.d/mysql start}}<br />
{{Cmd|mysql_secure_installation}}<br />
Create the cacti database and populate it<br />
{{Cmd| mysql -u root -p}}<br />
{{Cmd| mysql> create database cacti;}}<br />
Grant Cacti MySQL user access (give it a more secure password):<br />
{{Cmd| mysql> grant all on cacti.* to 'cactiuser'@'localhost' identified by 'MostSecurePassword'; flush privileges;}}<br />
Quit from Mysql command prompt:<br />
{{Cmd| mysql> \q }}<br />
Edit /var/www/localhost/htdocs/cacti/include/config.php and put in the password you used in the above step for the mysql user. <br />
Import the initial Cacti MySQL config:<br />
<br />
mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql<br />
<br />
If you are using most recent Mysql version from Alpine 2.2.2, have to fix cacti.sql syntax then import:<br />
<br />
cd /usr/share/webapps/cacti/<br />
mv cacti.sql cacti.tmp && sed s/TYPE=/ENGINE=/g cacti.tmp > cacti.sql<br />
mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql<br />
<br />
Set lighttpd to autostart and start the daemon.<br />
{{Cmd|rc-update add lighttpd && rc-service lighttpd start}}<br />
Browse to http://localhost/cacti/<br /><br />
: -> Next<br />
: -> New install, Next<br />
: -> Finish<br />
Login using admin:admin, change password.<br /><br />
Add to crontab:<br /><br />
*/5 * * * * php /var/www/localhost/cacti/poller.php > /dev/null 2>&1<br />
Add your devices and you're ready to start monitoring!<br />
<br />
[[Category:Monitoring]]</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Cacti:_traffic_analysis_and_monitoring_network&diff=5275Cacti: traffic analysis and monitoring network2011-06-16T19:13:49Z<p>Epi: added how to modify cacti.sql for work with recent Mysql due to an outdated syntax</p>
<hr />
<div>Install needed packages:<br />
{{Cmd|apk add lighttpd php cacti net-snmp-tools fcgi}}<br />
Add php support to lighttpd (uncomment this line in /etc/lighttpd/lighttpd.conf):<br />
include "mod_fastcgi.conf"<br />
Save and exit editor.<br />
Create a softlink for the cacti web files:<br />
{{Cmd|ln -s /usr/share/webapps/cacti /var/www/localhost/htdocs/cacti}}<br />
If it hasn't already been done, setup MySQL:<br />
{{Cmd|apk add mysql-client}}<br />
mysql_install_db --user=mysql<br />
{{Cmd|/etc/init.d/mysql start}}<br />
{{Cmd|mysql_secure_installation}}<br />
Create the cacti database and populate it<br />
{{Cmd| mysql -u root -p}}<br />
{{Cmd| mysql> create database cacti;}}<br />
Grant Cacti MySQL user access (give it a more secure password):<br />
{{Cmd| mysql> grant all on cacti.* to 'cactiuser'@'localhost' identified by 'MostSecurePassword'; flush privileges;}}<br />
Quit from Mysql command prompt:<br />
{{Cmd| mysql> \q }}<br />
Edit /var/www/localhost/htdocs/cacti/include/config.php and put in the password you used in the above step for the mysql user. Import the initial Cacti MySQL config:<br />
{{Cmd|mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql }}<br />
If you are using most recent Mysql version from Alpine 2.2.2, have to fix cacti.sql:<br />
{{Cmd|mv /usr/share/webapps/cacti/cacti.sql cacti.tmp && sed s/TYPE=/ENGINE=/g cacti.tmp > cacti.sql }}<br />
Set lighttpd to autostart and start the daemon.<br />
{{Cmd|rc-update add lighttpd && rc-service lighttpd start}}<br />
Browse to http://localhost/cacti/<br /><br />
: -> Next<br />
: -> New install, Next<br />
: -> Finish<br />
Login using admin:admin, change password.<br /><br />
Add to crontab:<br /><br />
*/5 * * * * php /var/www/localhost/cacti/poller.php > /dev/null 2>&1<br />
Add your devices and you're ready to start monitoring!<br />
<br />
[[Category:Monitoring]]</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Cacti:_traffic_analysis_and_monitoring_network&diff=5274Cacti: traffic analysis and monitoring network2011-06-16T19:08:42Z<p>Epi: </p>
<hr />
<div>Install needed packages:<br />
{{Cmd|apk add lighttpd php cacti net-snmp-tools fcgi}}<br />
Add php support to lighttpd (uncomment this line in /etc/lighttpd/lighttpd.conf):<br />
include "mod_fastcgi.conf"<br />
Save and exit editor.<br />
Create a softlink for the cacti web files:<br />
{{Cmd|ln -s /usr/share/webapps/cacti /var/www/localhost/htdocs/cacti}}<br />
If it hasn't already been done, setup MySQL:<br />
{{Cmd|apk add mysql-client}}<br />
mysql_install_db --user=mysql<br />
{{Cmd|/etc/init.d/mysql start}}<br />
{{Cmd|mysql_secure_installation}}<br />
Create the cacti database and populate it<br />
{{Cmd| mysql -u root -p}}<br />
{{Cmd| mysql> create database cacti;}}<br />
Grant Cacti MySQL user access (give it a more secure password):<br />
{{Cmd| mysql> grant all on cacti.* to 'cactiuser'@'localhost' identified by 'MostSecurePassword'; flush privileges;}}<br />
Quit from Mysql command prompt:<br />
{{Cmd| mysql> \q }}<br />
Edit /var/www/localhost/htdocs/cacti/include/config.php and put in the password you used in the above step for the mysql user. Import the initial Cacti MySQL config:<br />
{{Cmd| mysql --user=cacti -p cacti < /usr/share/webapps/cacti/cacti.sql }}<br />
If you are using most recent Mysql version from Alpine 2.2.2, have to fix cacti.sql:<br />
{{Cmd| mv /usr/share/webapps/cacti/cacti.sql cacti.tmp && sed s/TYPE=/ENGINE=/g cacti.tmp > cacti.sql }}<br />
Set lighttpd to autostart and start the daemon.<br />
{{Cmd|rc-update add lighttpd && rc-service lighttpd start}}<br />
Browse to http://localhost/cacti/<br /><br />
: -> Next<br />
: -> New install, Next<br />
: -> Finish<br />
Login using admin:admin, change password.<br /><br />
Add to crontab:<br /><br />
*/5 * * * * php /var/www/localhost/cacti/poller.php > /dev/null 2>&1<br />
Add your devices and you're ready to start monitoring!<br />
<br />
[[Category:Monitoring]]</div>Epihttps://wiki.alpinelinux.org/w/index.php?title=Setting_up_A_Network_Monitoring_and_Inventory_System&diff=5090Setting up A Network Monitoring and Inventory System2011-04-19T09:51:29Z<p>Epi: /* Steps */ removed "s" in foldername for chown user</p>
<hr />
<div>[[Category:Networking]]<br />
<br />
{{Draft}}<br />
<br />
== Goal ==<br />
<br />
Basic concept is to combine the above apps/utilities to create an easy to set up and low upkeep monitoring system that also tracks inventory thanks to OpenAudit. Redundant entries in configs will be kept to a minimum (hopefully). New devices should be auto-added to monitoring systems, along with associated services (for example, a Windows server running MS Exchange might have basic services such as CPU load, HD free space, running services and Exchange queues monitored, whereas a router running on Alpine Linux would might need the routing table, throughput, and opennhrp monitored). Also, software licensing should be monitored so that Windows boxes do not exceed purchased licenses.<br />
<br />
Once finished, the scripts to tie OpenAudit and the monitoring components will be called AMAAPS (Automatic Monitoring And Auditing Populating System) (WIP available at http://github.com/jbilyk/AMAAPS)<br />
<br />
To accomplish the above, this guide will set up (list subject to change):<br />
* Lighttpd<br />
* Nagios<br />
*NagiosQL<br />
* [[Setting up Cacti|Cacti]]<br />
* [[Setting up Smokeping|Smokeping]]<br />
* OpenAudit<br />
* MySQL DB and associated scripts to tie these together<br />
<br />
This guide will assume:<br />
* You have a knowledge of your network setup (at least know which subnets exist)<br />
* Your network allows ICMP ping packets to every device that you want discovered and automatically added to the system<br />
* Your firewalls (whether on your networking devices or end-user devices) allow traffic back to the server that is being set up, and if it is a Windows host, allows RPC calls in especially if running the audits on Win7 Pro machines, double-check local firewall settings for traffic to/from OpenAudit computer (will allow audits to happen properly when triggered via the OpenAudit computer).<br />
* If you are auditing a Windows domain, you have access to an account that has local administrator privileges on every computer (on Win XP a user with Power User privileges may be enough).<br />
<br />
== Steps ==<br />
<br />
Install lighttpd, PHP and MySql<br />
apk add lighttpd mysql mysql-client php-mysql php-mysqli php php-xml php-json php-gettext php-gd curl php-curl php-mcrypt<br />
Edit lighttpd.conf'''<br />
nano +46 /etc/lighttpd/lighttpd.conf<br />
Uncomment lines:<br />
uncoment include "mod_fastcgi.conf", save and exit<br />
Starting http service and adding to boot'''<br />
/etc/init.d/lighttpd start && rc-update add lighttpd default<br />
Configure MySQL<br />
/usr/bin/mysql_install_db --user=mysql<br />
/etc/init.d/mysql start && rc-update add mysql default<br />
/usr/bin/mysqladmin -u root password 'password'<br />
Install Nagios, nagios-plugins and Nagiosql and other needed packages<br />
apk add nagios nagios-web nagios-plugins nagiosql php-mysqli php-mysql<br />
Create soft-link for nagiosql virtual host'<br />
ln -s /usr/share/webapps/nagiosql /var/www/localhost/htdocs/nagiosql<br />
Change permissions for nagiosql<br />
chown lighttpd:lighttpd /usr/share/webapps/nagiosql/config<br />
Browse to http://localhost/nagiosql and follow the setup instructions.<br />
Create folder /usr/share/webapps/openaudit and link to virtual host folder<br />
mkdir /usr/share/webapps/openaudit<br />
chown lighttpd:lighttpd /usr/share/webapps/openaudit<br />
ln -s /usr/share/webapps/openaudit /var/www/localhost/htdocs/openaudit<br />
Download openaudit from http://downloads.sourceforge.net/open-audit/openauditrelease-09.12.23-SVN1233.zip and extract to /usr/share/webapps/openaudit.<br /><br />
On a Windows server, create scheduled tasks to run ping-sweep-main.bat, lookup-main.bat and insert-hosts-main.bat on a regular basis. Since the insert-hosts-main.bat file runs RPC calls against other Windows servers, at the moment this section needs to run on a Windows server...<br /><br />
<br /><br />
To be continued...<br /><br />
<br />
AMAAPS now has code to add Windows hosts that were found using OpenAudit into NagioSQL host table. Also will now add Exchange servers, SQL servers, and Lotus Domino servers to the proper hostgroups.<br />
<br />
NOW: Finish NagioSQL config so that it has:<br />
* semi-sensible defaults (hostgroup setup, check commands, etc) and<br />
* a triggered reload of Nagios config when it's changed<br />
<br />
== Notes ==<br />
<br />
SNMPTT receives snmp traps properly and sends them on to Nagios but they aren't parsed in any way yet.<br /><br />
<br />
Got nmap results into OpenAudit. Needed a change in admin_nmap_input.php line 48 ("Interesting ports on" -> "Nmap scan report for"), for which a bug report was filed upstream.<br /><br />
<br />
Got pingable/resolvable hosts automatically added into OpenAudit:<br />
* When auto-adding using scripts below, Windows versions 2000 (Pro and Server), XP Pro, 2003 (inc R2)(Std/Ent)(x86/x64) were detected. Windows 7 Pro only detected when the local firewall was set to allow RPC traffic through<br />
* Some printers (HP LJ3300, LJ8100) were detected whereas other models weren't<br />
* No networking devices (switches/routers) were added<br />
<br />
# Schedule a query of Windows Servers from OpenAudit + installed software<br />
# Check that nagiosql has each server in it<br />
# If it doesn't, add host monitoring + base services<br />
# For each MS software (such as Exchange, SQL, DPM), add services<br />
# Query core switch via LLDP to find out where devices are and set up dependencies automatically<br />
# SNMPTT integration to Nagios (setup based on device info in OpenAudit) - follow http://xavier.dusart.free.fr/joomla/index.php/en/nagios/47-traps-snmp-dans-nagios<br />
<br />
== Random scripts ==<br />
<br />
Since part of implementation runs on Windows (due to running a VBScript from OpenAudit to collect Windows server/workstation info via RPC), a set of scripts that run on Windows are listed below.<br />
<br />
Ping-sweep*.bat: does an nmap ping sweep of each subnet in subnet.txt and writes all hosts that are up to a file<br />
lookup*.bat: does a A record DNS lookup for each host that's pingable and writes results to a file<br />
insert-hosts*: for each resolvable host, downloads the vbscript to insert the host information into openaudit (uses WMI to get hardware, OS and software info)<br />
<br />
ping-sweep-main.bat<br />
<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
for /F %%i in (subnets.txt) do ping-sweep-backend.bat %%i<br />
<br />
ping-sweep-backend.bat<br />
<br />
@echo off<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
del %1.ip.txt<br />
nmap -sP %1 | "C:\program files\utilities\bin\grep" "Nmap scan report for" | "C:\Program Files\Utilities\bin\awk" -F " " "{print $NF}" | "C:\Program Files\Utilities\bin\awk" -F "(" "{print $NF}" | "C:\Program Files\Utilities\bin\awk" -F ")" "{print $1}" >> %1.ip.txt<br />
<br />
lookup-main.bat<br />
<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
for /F %%i in (subnets.txt) do lookup-subnet.bat %%i<br />
<br />
lookup-subnet.bat<br />
<br />
@echo off<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
del %1.host.txt<br />
for /F %%i in (%1.ip.txt) do @lookup-backend.bat %%i >> %1.host.txt<br />
<br />
lookup-backend.bat<br />
<br />
@nslookup %1 | "C:\program files\utilities\bin\grep" "Name: " | "C:\program files\utilities\bin\awk" -F " " "{print $2}"<br />
<br />
insert-hosts-main.bat<br />
<br />
@echo off<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
for /F %%i in (subnets.txt) do insert-hosts-subnet.bat %%i<br />
<br />
insert-hosts-subnet.bat<br />
<br />
@echo off<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
for /F %%i in (%1.host.txt) do @insert-hosts-parse.bat %%i<br />
<br />
insert-hosts-parse.bat<br />
<br />
@echo off<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
echo %1 | "C:\Program Files\Utilities\bin\awk.exe" -F "." "{print $1}" > temp-out-insert.txt<br />
for /F %%A in (temp-out-insert.txt) do @insert-hosts-backend.bat %%A<br />
del temp-out-insert.txt<br />
<br />
insert-hosts-backend.bat<br />
<br />
cd C:\Program Files\WAMP\www\openaudit\scripts\scans<br />
"C:\Program Files\Utilities\bin\wget.exe" "http://camgmt01/openaudit/launch_local_audit.php?domain=example.org&application=cmd&ext=vbs&hostname=%1&" -O %1.vbs<br />
cscript %1.vbs<br />
del %1.vbs<br />
<br />
subnet.txt (snippet)<br />
<br />
10.14.8.0-255<br />
10.14.9.0-255<br />
<br />
To grab all Windows servers using MySQL:<br />
<br />
select system_uuid,system_name,net_ip_address,system_os_name from openaudit.system where system_os_name like '%Microsoft%Server%';<br />
<br />
exchangeservers hostgroup:<br /><br />
select distinct tbl_host.host_name,tbl_host.address from tbl_host,tbl_lnkHostgroupToHost,tbl_hostgroup where tbl_hostgroup.hostgroup_name = 'exchangeservers' and tbl_lnkHostgroupToHost.idMaster = tbl_hostgroup.id and tbl_lnkHostgroupToHost.idSlave = tbl_host.id;<br /><br />
sqlservers hostgroup:<br /><br />
select distinct tbl_host.host_name,tbl_host.address from tbl_host,tbl_lnkHostgroupToHost,tbl_hostgroup where tbl_hostgroup.hostgroup_name = 'sqlservers' and tbl_lnkHostgroupToHost.idMaster = tbl_hostgroup.id and tbl_lnkHostgroupToHost.idSlave = tbl_host.id;<br /><br />
lotusnotesservers hostgroup:<br /><br />
select distinct tbl_host.host_name,tbl_host.address from tbl_host,tbl_lnkHostgroupToHost,tbl_hostgroup where tbl_hostgroup.hostgroup_name = 'lotusnotesservers' and tbl_lnkHostgroupToHost.idMaster = tbl_hostgroup.id and tbl_lnkHostgroupToHost.idSlave = tbl_host.id;<br /><br />
windowsservers hostgroup:<br /><br />
select distinct tbl_host.host_name,tbl_host.address from tbl_host,tbl_lnkHostgroupToHost,tbl_hostgroup where tbl_hostgroup.hostgroup_name = 'windowsservers' and tbl_lnkHostgroupToHost.idMaster = tbl_hostgroup.id and tbl_lnkHostgroupToHost.idSlave = tbl_host.id;<br /><br />
<br /><br />
OpenAudit queries:<br /><br />
Exchange:<br /><br />
select distinct system.system_name,system.net_ip_address from system,software where software_name like '%icrosoft%xchange' and software.software_uuid = system.system_uuid;<br /><br />
SQL:<br /><br />
select distinct system.system_name,system.net_ip_address from system,software where software.software_name like '%icrosoft%SQL%erver%200%' and system.system_os_name like '%erver%' and software.software_uuid = system.system_uuid;<br /><br />
Lotus Domino:<br /><br />
select distinct system.system_name,system.net_ip_address from system,software where software_name like '%otus%omino%' and software.software_uuid = system.system_uuid;<br /><br />
Windows:<br /><br />
select distinct system.system_name,system.net_ip_address from system where system.system_os_name like '%microsoft%server%';<br /></div>Epi