Hi everybody! today I am going to show you how to install Icinga2 and Icinga-web on Ubuntu 15.05 Vivid, after that we are going learn how to manage its configuration, hosts, services and notifications.

Table of Contents

• Introduction
  • About Icinga2
  • Requirements

• Installing packages
  • Installing MySQL
  • Installing Icinga Web
  • Installing Nagios Plugins

• Setting up Icinga2
  • icinga2.conf
  • Constants
  • Hosts
  • Service checks
  • Notifications

Introduction

About Icinga2

So, what is Icinga2 ? Icinga2 is an opensource monitoring system that helps to us keep track of systems. Icinga came alive as a fork from Nagios, now it have its set of unique features, but also and if you are like me and loves Nagios you probably love Icinga too.
Installing and setting up packages

Icinga web tatical overview

Requirements

The following software are needed and are going to be installed on the Icinga server,some will be installed automatically, some of them are not critical but for a fully functional setup, I strongly recommend you to install all.

• MySQL - This will be our database backend
• Apache - This will be our HTTP server
• PHP - This is the programming language on which Icinga Web is made
• Postfix - You will need this if you want to have mail notifications
• Nagios Plugins - A set of check plugins made originally for Nagios, but also compatible with Icinga
• Perl - This is the language that many Nagios plugins are made.

Installing packages

Install MySQL server

In order for to run Icinga, you must to have access to a SQL database, you can choose between MySQL or PostgreSQL, as for the sake of simplicity, i am going to cover only minimum MySQL setup, also if you already have a database running you should skip this step.

#apt-get install mysql-server

You will be asked for the root password as follows:

Setup MySQL root password

You must ensure that at least minimum security exists before any sensitive information touches your database, run the following command and follow the on-screen steps, you should at least set the password for the root user, also allow root login over the network is discouraged for almost any service.

#mysql_secure_installation

Install Icinga2 packages

Adding Icinga's apt repository:

# add-apt-repository ppa:formorer/icinga

And install packages:

# apt-get install icinga-web-config-icinga2-ido-mysql

So you gonna see dialogs like the following, this will setup ido-mysql, before you continue make sure you have administrative access to MySQL or PostgreSQL. Pay attention to the fact that you are going to be asked to provide passwords to different services, the screens are quite similar, so be careful.

Enable ido-mysql on the installation

Configure ido-mysql with dbconfig-common

Set ido-mysql database password

Setup icinga web with dbconfig-common

Select MySQL database as backend

Provide administrative password to create database

Provide password to icinga-web application database

Provide the password for the web interface

If the above command fail in the post install,it's possible that the call to feature enable on Icinga failed, try changing the post-install script as following:

# sed -i.bak -e s'/icinga2-enable-feature/icinga2 feature enable/'g /var/lib/dpkg/info/icinga-web-config-icinga2-ido-mysql.postinst

Or edit the file with vi, change 'icinga-enable-feature' with 'icinga2 feature enable' as follows:

# vi /var/lib/dpkg/info/icinga-web-config-icinga2-ido-mysql.postinst

Fix postinstall script bug

And then run post-install script again:

# dpkg --configure -a

Configure PHP timezone

In order for Icinga2 to work properly, you must assure that PHP timezone correctly reflect yours, use the following command to achieve this:

#tzone="'";tzone="$tzone$(cat /etc/timezone)$tzone"; sed s'|date.timezone =|;\ndate.timezone = '$tzone'\n;|' /etc/php5/apache2/php.ini

Or you can edit php.ini and set the date.timezone by hand:

#vi /etc/php5/apache2/php.ini

Once php.ini is ready, restart Apache:

# service apache2 restart

Let's enable some other Icinga features as needed:

# icinga2 feature enable ido-mysql
# icinga2 feature enable compatlog
# icinga2 feature enable icingastatus
# icinga2 feature enable livestatus
# icinga2 feature enable notification
# icinga2 feature enable perfdata
# icinga2 feature enable statusdata

Note: Some of the above commands may fail in case they are already enabled, just ignore.

Installing Nagios plugins

Just use apt:

# apt-get install nagios-plugins

That is it for the installation, you should now be able to access http://127.0.0.1/icinga-web and login with the credentials we set during the installation.

Icinga web login page

Setting up Icinga2

For you to configure Icinga2 you must edit text files containing configuration objects, the default location for these files is /etc/icinga2, and there you will find icinga2.conf and sample files.

icinga2.conf

This is the main configuration file of Icinga2, in fact one may set everything from here, but if you have many services and hosts to or if you configuration management systems, it become easier to identify and change if you have these settings on separate files.

Consider these two parameters for now and you will be fine.

include
This tells Icinga to search for configuration in files that match filename, this can be one or more files if the filename given has unix-like wildcards.

Include constants.conf, there is important parameters in this file as you will see:

include "constants.conf"

include_recursive
This acts the same as include, but it will work for directories containing configuration files and their subdirectories, it also is used for clustering interface, but it's beyond the scope of this article.

Create an include_recursive to conf.d, we will put our confs there:

include_recursive "conf.d"

Constants

Constants are parameters that are immutable during the execution, they are set in constants.conf, by default and you should set at least the following constants to Icinga2 work correctly.

NodeName
NodeName sets the name of the host in which Icinga2 is running, and you will need this setting to test the localhost.

const NodeName = "icinga-server"

PluginDir
The constant sets where Icinga2 will look for check plugins, you must set this according to your setup, usually /usr/lib/nagios/plugins on systems like Ubuntu:

const PluginDir = "/usr/lib/nagios/plugins"

Hosts

For you to include hosts in your monitoring environment, you have to declare Host objects, it should have an unique name after the Host term and also an address that is the IP address that Icinga use to connect and make it's checks.

Let's suppose that we have to take care of a machine running sales software in our client's store.

Create and fill the file mynetwork.conf with the following content

# vi /etc/icinga2/conf.d/mynetwork.conf

/etc/icinga2/conf.d/mynetwork.conf:

object Host "pos-terminal" {
address = "127.0.0.1"
check_command = "hostalive"
}

The snippet above tells Icinga2 to create a "pos-terminal" Host object with the IP address "127.0.0.1" and check it with the hostalive command, that will basically ping the host.

After making changes to .conf files run the the following command to test if there is any error on it:

# icinga2 daemon -C

Once you assured that there is no error on .conf files, restart the icinga service for the changes take effect.

# service icinga2 restart

Take a look on the web interface to see the host there:

Our Point of Sale terminal was added

Services Checks

You have host to be checked you must have also define what should be checked, Icinga2 ships with checking commands for many services and you just need to apply these checks to your hosts, services or networks.

We will set service checks for the status of the MySQL database that take care of the sales data on our point of sale terminal.

Add these lines to mynetwork.conf:

object CheckCommand "sales-db" {
import "plugin-check-command"

command = [
PluginDir + "/check_mysql"
]

arguments = {
"-H" = "$mysql_address$"
"-d" = "$mysql_database$"
}
vars.mysql_address = "$address$"
vars.mysql_database = "salesdb"
vars.mysql_user = "nagios_check"
vars.mysql_pass = "password"

env.MYSQLUSER = "$mysql_user$"
env.MYSQLPASS = "$mysql_pass$"
}

apply Service "sales-db" {
import "generic-service"

check_command = "sales-db"

assign where host.vars.sales_terminal
}

The above snippet defines a CheckCommand object identified as sales-db, this object imports characteristics of the plugin-check-command of Icinga Template Library (ITL), and use check_mysql plugin of nagios-plugins package, found in the PluginDir directory defined in the constants.conf.

We set the arguments of the check_mysql plugin, -H for the host and -d for database using $mysql_address$ and $mysql_database$ variables.

We set also en environment variables MYSQLUSER and MYSQLPASS on the shell that the command check_mysql will run to $mysql_user$ and $mysql_pass$ respectively.

Finally, we apply a service called "sales-db" that inherited parameters from generic-service of ITL and uses the check_command sales-db that we have created and assign it to hosts having the custom variable sales_terminal set.

Creating salesdb
Let's create the salesdb in the MySQL for our sample service, in a real world scenario you already have your MySQL server running and you don't need to create a database, but remember to grant privileges to the icinga_check user.

Login into MySQL:

mysql -u root -p

And then execute the SQL commands:

create table salesdb;
create table sales(count int);

You need to grant access to icinga_check no the database

grant all privileges to 'icinga_check'@'localhost' on salesdb identified by 'password';

Restart Icinga2 service and check our service on Icinga-web interface

service icinga2 restart

Go to the web interface again and check if salesdb service is there:

Check for the salesdb service

Notifications

Now that we have set icinga to check the services running on our hosts, it's a good idea to set up notifications for this services, so that when a problem arises Icinga tells us what is going on, in our case we will receive an email.

Firstly, you must install the mail command to send our emails, we can do it installing mailutils package with apt:

# apt-get install mailutils

Now add these lines to mynetwork.conf:

object User "sysadmin" {
display_name = "System Administrator"
enable_notifications = true
states = [ Warning, Critical ]
types = [ Problem, Recovery ]
email = "root@localhost"
}

apply Notification "mail-sysadmin" to Service {
import "generic-notification"

command = "mail-notification"
users = [ "sysadmin" ]

assign where service.name == "salesdb"
}

In the above lines we first created a "sysadmin" user, enabled notifications to this user, then we told it to notify about warning and critical states when the problem arises and when it recover from the problem on the email root@localhost. So we create a notification to the sysadmin user about the salesdb service.

Conclusion

You just installed the icinga2 server with ido-mysql backend, Icinga web interface, nagios plugins, custom hosts and services. Now you are able to make your own conf files, take a look on the sample files inside /etc/icinga2, they have more options for you to check and are well commented. There is many other features available on Icinga that I did not covered for the sake of simplicity, but ammong other things, I recommend you to dig up on custom plugins creation, NRPE checks, clustering, voice alerts, SMS and phone call notifications.

The post A Startup Guide to Setup Icinga2 on Ubuntu 15.04 appeared first on LinOxide.

In this tutorial we will setup a complete Network Monitoring System to install and configure Zabbix Server and its agent on latest version of CentOS 7 to monitor our complete IT infrastructure whether its Linux servers running with different applications and critical services, Windows servers running with IIS, SQL and exchange servers or any SNMP devices. Other than servers monitoring we can check the status of websites for their response time and bandwidth transfer rate.

Basic parameters configuration

Zabbix requires minimum of 128 MB of RAM and 256 MB of free disk space to setup its installation process but the amount of required disk memory obviously depends on the number of hosts and the parameters that are being monitored.

Considering the below parameters we will go through the steps to build Zabbix Server.

Zabbix Servers Installation

Create a backup directory and download the Zabbix Application for CentOS operating system.

[root@linux-tutorials backup]# wget http://sourceforge.net/projects/zabbix/files/ZABBIX%20Latest%20Stable/2.4.5/zabbix-2.4.5.tar.gz

Extract the zabbix application package here

[root@linux-tutorials backup]# ls
zabbix-2.4.5.tar.gz
[root@linux-tutorials backup]# tar zxvf zabbix-2.4.5.tar.gz

Before starting the Zabbix setup we need to create Zabbix group and user.
Perform the following steps to create.

Create new group Zabbix

[root@linux-tutorials backup]# groupadd zabbix

create new user Zabbix and add it to the group Zabbix

[root@linux-tutorials backup]# groupadd zabbix

Once zabbix user is done we need to create a new database for zabbix server. To do so we need to perform following steps.

Login to MySQL MariaDB

[root@linux-tutorials backup]# mysql -u root –p

Create new database

MariaDB [(none)]> create database zabbix character set utf8;
Query OK, 1 row affected (0.00 sec)

Grant all privileges to zabbix user on zabbix database

MariaDB [(none)]> grant all privileges on zabbix .* to 'zabbix'@'localhost' identified by 'zabbix123' with grant option;
Query OK, 0 rows affected (0.00 sec)

Now Import initial schema and data.

[root@linux-tutorials zabbix-2.4.5]# mysql -u zabbix -p zabbix < /backup/zabbix-2.4.5/database/mysql/schema.sql
Enter password:
[root@linux-tutorials zabbix-2.4.5]# mysql -u zabbix -p zabbix < /backup/zabbix-2.4.5/database/mysql/images.sql
Enter password:
[root@linux-tutorials zabbix-2.4.5]# mysql -u zabbix -p zabbix < /backup/zabbix-2.4.5/database/mysql/data.sql
Enter password:
[root@linux-tutorials zabbix-2.4.5]#

Start Zabbix Server and its Agent Installation

Before running the installation script make sure that all the required php extensions and other supporting libraries including mysql-devel php-mysql and net-snmp are installed without that installation process will not be complete.

[root@linux-tutorials zabbix-2.4.5]# ./configure --enable-server --enable-agent --with-mysql --with-net-snmp

Now run make to install everything

[root@linux-tutorials zabbix-2.4.5]# make install

Front-End Installation using PHP

Now we need to create the apache document root directory to then move all frontend php files in it.

[root@linux-tutorials zabbix-2.4.5]# mkdir /var/www/html/zabbix
[root@linux-tutorials zabbix-2.4.5]# cp -r frontends/php/* /var/www/html/zabbix/
[root@linux-tutorials zabbix-2.4.5]#

Setup basic parameters in PHP configuration file php.ini

[root@linux-tutorials zabbix-2.4.5]# vim /etc/php.ini

Restart Apache service to take effect after making change in php.ini file.

[root@linux-tutorials zabbix-2.4.5]# systemctl restart httpd.service

In your browser, open Zabbix URL as per your server IP or name.

http://://172.20.3.174/zabbix

You should see the first screen of the frontend installation wizard.

Once php parameters are setup in the screen it should be all parameters ok. Click on to NEXT

Enter details for connection to the database. Zabbix database must be already created.
Then Enter Zabbix servers detail and click on Test Connection to confirm its connectivity with the database.

Review a summary of settings.

Download the configuration file and place it under following conf directory.

"/var/www/html/zabbix/conf/zabbix.conf.php"

After uploading conf file into mentioned destination folder click to "Retry" and the click to "Finish" after it appears OK status.

Zabbix frontend is now ready to access with default user name "Admin" and password "zabbix".

Zabbix Server Configuration

Now lets come to zabbix server configuration file to configure it to start monitoring hosts.
Open the configuration file.

#vim /usr/local/etc/zabbix_server.conf
SourceIP= 127.0.0.1
LogFile=/tmp/zabbix_server.log

DBName=zabbix
DBUser=zabbix
DBPassword=******

Zabbix Agent Configuration

As we already installed zabbix agent now we just need to configure its parameters to make it communicate with the server. So lets open the zabbix agent configuration file and configure the parameters.

#vim /usr/local/etc/zabbix_agentd.conf
SourceIP=172.20.3.174
EnableRemoteCommands=1
Server=127.0.0.1
ServerActive=127.0.0.1
Hostname=Zabbix server
Timeout=30

Start Zabbix Services:

After making changes to zabbix server and its agent configurations start zabbix server and zabbix agent services as.

[root@linux-tutorials zabbix-2.4.5]# zabbix_server
[root@linux-tutorials zabbix-2.4.5]# zabbix_agentd

Enable Your First Monitoring

Lets point to zabbix Configuration and then Hosts to enable the zabbix server to start its monitoring and then add many hosts and web scenerios to enjoy with an awesome interface, dashboard and graphs.

Conclusion:

Zabbix is an open source enterprise monitoring solution for networks and applications designed to monitor and track the status of various network devices, performance and availability of cross platform servers and other network hardware. It has allowed us to address a number of issues within our client’s infrastructure that allows us to monitor hundreds and thousands of devices with high performance, and high capacity platform.

The post Howto Install Zabbix Monitoring Server and Agent on CentOS 7 appeared first on LinOxide.

In today’s linux tutorial we will follow with the help of snapshots to install, setup and configure ClearOS 7.1 the latest beta verion on VMware 64 bit. ClearOS is a next generation Network, Cloud and Systems management Operating System that can act as a firewall or as proxy server. We can use it for contents filtering, users and groups management with its web based administration. It also provides the functionality to monitor bandwidth and network traffic with many other features. So, after this tutorial you will be able to install and easily configure your ClearOS 7.1 or any previous version on VMware and get advantage of its cool features using its community addition for your home or official use.

Base System

The minimal base requirements to setup and run ClearOS 7.1 are as follows but it mainly depends upon the infrastructure and requirements to increase the specifications accordingly.

Boot from Virtual Machine

Using the virtual machine environment we can directly boot from the iso image. Our first step would be to download the iso image from the ClearOS Official Download Link and place it in your local drive.

ClearOS Installation Wizard

After boot from iso image we will go through the following steps with the installations wizard of ClearOS Installation.

1) Starting Installation

Press Enter to Preceed with Installation of ClearOS

2) Pre-Installation Setup

We are required to configure basic software, system and network settings before begin installation. So, first choose the keyboard and system date settings. Then under the software selection we will the choose the minimal installation package and installation source.

3) Installation Summary

Now we click to begin the installation after choosing the installation destination and networking setup.

4) User Settings

During the installation process we have to set the root password required for the administration of the system and will have to create a new user with general or administrator level privileges.

Using ClearOS Text Console

ClearOS provides us with two consoles one is Text based command line and second is Network based console. Once the installation process completes we have to give it a reboot and click on Exit to Text console as shown.

User Login

Here we have to login with the credentials of user that we had created during the installation process.

Working with Text Console

From the text console we will be able to analyze network traffic using IPtraf commands and we can also perform system reboot or shutdown options from the text console. And to switch from text console to graphics mode console press "F2" as shown.

Using ClearOS Web Configurations Wizard

Let's open the default web browser using your login credentials and follow with web installation wizard to get your clearOS up and running.

Web Login

https://localhost:81
https://172.25.10.178:81

Web Installation Wizard

During the web installation wizard we will go through the steps to configure the Network configurations, User registrations and with the installation of Marketplace applications.

Network Settings

In the network settings, it should be configured according to the requirements as it provides us with different network mode options. After choosing the desired network mode click to "NEXT" option and choose the network interface and DNS configurations.

Choosing Edition

Now we have to select the edition that we want to install and click to "Next".

System Updates

ClearOS provides with its latest updates that we can install from its web interface to simply click on the Update option.

System Registration

System registration is a mandatory step in order to get advantages from the clearos community. After we registered our account with clearOS community by providing username and email address to download and install different applications from the marketplace and also able to receive latest announcements from the clearOS.

Host configurations

In this section it needs to be defined with two system host names one for its internal networks and the second one is to configure it for public access.

ClearOS Marketplace Apps

We had done with all basic to advance setup and now ready to install apps from clearOS marketplace. There are different categories to proceed with the marketplace apps settings so we will choose with its basic setup functionality.

ClearOS Administration Dashboard

ClearOS Dashboard provides us with high level of systems overview, it can be customized by adding widgets and configured with custom themes and settings.

Conclusion

At the conclusion of this detailed article on the setup and configurations of clearOS I would recommend to use ClearOS if you are running with your small business or want to use it for personal home setup. ClearOS is being used as an enterprise level to personal home based usage because of its enhanced features and vast community support.

The post How to Install ClearOS Community 7.1 on Virtual Machine appeared first on LinOxide.

In this article we are going to setup smokePing to keep track of our network with latency monitoring. It can measure, store and display latency, latency distribution and packet loss. It comes with highly configurable alerting system and live latency charts and interactive graph explorers. Smokeping is not limited to testing just the roundtrip time of the packets. It can also perform some task at the remote end ("probe"), like download a webpage. This will give a combined 'picture' of web server availability and network health.

SmokePing Installation

SmokePing is an open source packets monitoring tool which comes with an easy installation and configurations. On a fresh Ubuntu 15.04 with its minimal installation we only need to get the basic web server’s libraries as its prerequisites.

Installing SmokePing and Pre requisites

The recommended webserver for smokePing is Apache, but we will setup and prefer with Nginx over Apache for performance and scalability.

So, First install Nginx web server with fcgiwrap and sendmail packages as below.

root@ubuntu-15:~# apt-get install nginx
root@ubuntu-15:~# apt-get install sendmail
root@ubuntu-15:~# apt-get install fcgiwrap
root@ubuntu-15:~# apt-get install smokeping

Fcgiwrap Setup with Nginx

Nginx can't serve CGI scripts by itself, so it requires a CGI server bound to localhost in order to make those accessible. Thats why we are using Fcgiwrap here for this.

root@ubuntu-15:~# cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf

Now modify the host you want or we can use the default host to support cgi scripts as follow.

#fast cgi support
include /etc/nginx/fcgiwrap.conf;
location ~ \.cgi$
{
fastcgi_intercept_errors on;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}

By using below commands we create links from smokeping to www folder.

root@ubuntu-15:~# ln -s /usr/share/smokeping/www /var/www/smokeping
root@ubuntu-15:~# ln -s /usr/lib/cgi-bin/smokeping.cgi /usr/share/smokeping/www/smokeping.cgi

Once smokeping is running, it will generate rrd files that can be examined by the CGI scripts to produce html output.

SmokePing Configuration

After we had successful installation of basic packages, we move forward to configure its different files for monitoring hosts as follow.

Edit General Config file

root@ubuntu-15:~# vim /etc/smokeping/config.d/General

owner = Linoxide
contact = bloger.kashif@gmail.com
mailhost = localhost
# NOTE: do not put the Image Cache below cgi-bin
cgiurl = http://172.25.10.172/cgi-bin/smokeping.cgi
# specify this to get syslog logging
syslogfacility = local0
# concurrentprobes = no
@include /etc/smokeping/config.d/pathnames

Edit Pathnames file

Put the value as false for sendmail so that smoke ping can run if you are not using it.

root@ubuntu-15:~# vim /etc/smokeping/config.d/pathnames

sendmail = /bin/false
imgcache = /var/cache/smokeping/images
imgurl = ../smokeping/images
datadir = /var/lib/smokeping
piddir = /var/run/smokeping
smokemail = /etc/smokeping/smokemail
tmail = /etc/smokeping/tmail

Edit Alerts file

root@ubuntu-15:~# vim /etc/smokeping/config.d/Alerts

*** Alerts ***
to = alertee@gmail.com
from = smokealert@linoxide.com

+someloss
type = loss
# in percent
pattern = >0%,*12*,>0%,*12*,>0%
comment = loss 3 times in a row

Edit the Targets file

Here we Add the targets that will measure by appending them to the bottom of the targets file. We add an entry starting with a + to create a top level entry, and subsequent lines with ++ that will show up as sub entries. These will be show up in a menu on the left of the generated web page like so:

*** Targets ***

probe = FPing

menu = Top
title = Network Latency Grapher
remark = Welcome to the SmokePing website of xxx Company. \
Here you will learn all about the latency of our network.

+ Local

menu = Local
title = Local Network
#parents = owner:/Test/James location:/

++ LocalMachine

menu = Local Machine
title = This host
host = localhost
#alerts = someloss

+ My_Blogs

menu = Linoxide
title = Linoxide

++ Web_Server_1
menu = Linoxide Web
title = Linoxide Web
host = linoxide.com

Restart smokeping and Nginx Web server

root@ubuntu-15:~#service smokeping restart
root@ubuntu-15:~#service nginx restart

Access smokeping on web

http://your_configured_server_name/cgi-bin/smokeping.cgi
http://localhost/cgi-bin/smokeping.cgi

Understanding smokePing Latency

All the information together gives an indication of network health. For example, packet loss is something which should not happen out of the blue. It means that a device in the middle of the link is overloaded or a router configuration somewhere is wrong.

Heavy fluctuation of the RTT (round trip time) values also indicate that the network is overloaded. This shows on the graph as smoke; the more smoke, the more fluctuation.

Conclusion

We have successfully setup and activate smokePing on Ubuntu by using Nginx Web Server. SmokePing is the basic open source network latency monitoring tool that every network administrator prefer to setup after its network setup.

The post How to Setup smokePing for Latency Monitoring on Ubuntu 15.04 appeared first on LinOxide.

Zenoss Core is the most powerful open-source IT monitoring solution in industry. Using a single, web-based console and agentless technology, we can monitor and manage the performance and availability of all devices in our IT infrastructure including networks, servers, storage, applications, converged infrastructure and cloud environment. So, Zenoss Open Source Edition is for any network admin who needs a one-stop-shop-tool for monitoring all devices on a network.

We are going to setup Zenoss Core Version 4.2.5 on Centos 6 Final release that offers new features and improvements by supporting events and jobs processing with implementation of RabbitMQ messaging framework, advanced user configuration options in the interface and more resilient event suppression through nmap-based zenping.

Zenoss Setup Prerequisites

We will be using Centos 6.6 64-Bit Operating system with minimal installation on a VPS with 4 GB RAM and 2 Core CPU which is the minimum requirement for Zenoss to operate properly.

Let’s start with the system update once the basic installation completes with yum update command.

[root@cen-zenoss ~]# yum update

Uninstall MySQL-Libs from the system otherwise the Zenoss installation script will fail to proceed with the installation. Zenoss Core requires at least MySQL 5.5.25, and supports later versions through 5.5.35. If you have older versions of MySQL installed, that why we must first remove those installations.

[root@cen-zenoss ~]# yum -y remove mysql-libs

Zenoss Core Installation

We are ready to go with installation of Zenoss Core, the simplest way to install Zenoss Core on a newly-deployed RHEL/CentOS 64-bit 5/6/7 system is to use its auto-deploy script, which will downloads all required files. Now as root user we will go through the following steps for installation.

1) Download Zenoss Auto-Install Script to install Zenoss

As a root user run the following wget command to download the auto install package developed by community from github.

[root@cen-zenoss ~]# wget --no-check-certificate https://github.com/zenoss/core-autodeploy/tarball/4.2.5 -O auto.tar.gz

2) Extract the Auto Deploy Package

By using below tar command extract the package that we had downloaded and change directory.

[root@cen-zenoss ~]# tar xvf auto.tar.gz

The extracted auto deploy packages includes with zenpack_actions.txt, which defines all ZenPacks that will be installed by default. We can change installing certain ZenPacks by editing this file and removing the corresponding lines from this file and save it.

3) Starting Auto Deploy

Now you are ready to install Zenoss Core 4.2.5, the auto-deploy script will automatically download and install all required dependencies, so during the installation process, we will be asked to accept the license agreement for Java installation and to set a secure root password for MySQL.

[root@cen-zenoss zenoss-core-autodeploy-dcb2be2]# ./core-autodeploy.sh

Once the script finished, a working instance of Zenoss is ready. At this point we can see how to login to Zenoss from your browser.

Zenoss Web Setup

After the script completes successfully, let's open the web browser to access zenoss web administration console with our servers FQDN or localhost IP. For the first time we can set the Zenoss administrator password and create your initial user account using the Web interface.

Setup Initial User

In the first step we will set the admin password and can create new user that we will be able to perform most of the tasks.

Adding New Monitoring Device

In the Next, we can Add a New Devices to Zenoss with its auto discovery or manually configuration by giving its host name or IP address, choosing the device type from the available options of different devices and by providing the credentials. We can add multiple devices at one go, once the initial settings are done click to save and exit to Zenoss Dashboard.

Welcome to Zenoss Dashboard

Once the initial web settings are done we will be redirected to the Zenoss dashboard, where we can see the newly added monitored devices and much more.

Zenoss Infrastructure and its Setup

From the web console we will setup the monitoring devices, Click on "Infrastructure" at the top and we would be redirected to the devices tab where we can see the already configured devices and can add more by pointing the "+" icon and chhose the option from the drop down to add new devices.

Fill out the required information with new device Host name or IP address, choose the device class as /Server/SSH/Linux for the SSH Client monitoring, so after filling out the information click to Add new device, which afterwards would appear in the infrastructure.

Point to the newly added device to know about the overview of the device and to perform its further configurations we have to click on "Configuration Propertise".

Here we will edit the configuration properties and change the values by double click on the items to put correct details like SSH client user and its RSA key.

Zenoss Reporting

We have almost done with the installation and basic configurations setup of zenoss infrastructure, now lets see how zenoss reporting works out. From the top menu on the web console click on the Reports option, where we will be able to see different reporting parameters that we can select generate any specific reports.

So, using the out of-the box reports in Analytics to analyze device performance and availability over time and view detailed event reports and service impact reports are the key features of Zenoss reporting that is also be customized.

Conclusion

Zenoss is a good choice for open source network and systems management. Its easy to setup and manage with its awesome features that are necessary for monitoring any network infrastructure. Many IT companies prefer to use Zenoss for their infrastructure monitoring to fix problems before business and users are impacted and to ensure that IT Service Reliability Downtime reduction increase their IT responsiveness.

The post How to Configure Zenoss Core 4.2.5 on CentOS 6 appeared first on LinOxide.

Security is a big issue for all networks in today’s enterprise environments. Many methods have developed to secure the network infrastructures and communication over the internet. Among them Snort is a leading open source network intrusion detection and prevention system and a valuable security framework. Its a packet sniffer that monitors network traffic in real time and scrutinize each packet in depth to find any dangerous payload or suspicious anomalies. Using Snort intrusion detection mechanism, we can collect and use information from known types of attacks and find out if some trying to attack our network or particular host. So the information gathered in this way can be well used to harden our networks to prevent from hackers and intruders that can also be useful for legal purposes.

This article describes the configuration, compilation and installation of SNORT 2.9.7.x and DAQ-2.0.x using the CentOS 7.0 Operating systems and other components.

Prepare the OS

We are going to setup SNORT IDS under the following Operating Systems and its components

• Virtualization Environment: VMware Workstation
• HOST Operating System: Microsoft Windows 7
• GUEST Operating System: CentOS 7.0 (64-bit version)
• System Resources: CPU 2.0 GHz RAM 4 GB

In CentOS 7 Virtual Machine, we configured its network settings with Static IP, Gateway and DNS entry to make sure that its connected with the internet through its Ethernet interface that will be used as a port to monitor traffic.

Installing Prerequisites

Following packages are mandatory to setup SNORT, so make sure to install these before start compiling SNORT or DAQ. Almost all these libraries can be installed by using yum command.

[root@centos-007 ~]# rpm -qa | grep gcc
libgcc-4.8.2-16.2.el7_0.x86_64
gcc-4.8.2-16.2.el7_0.x86_64

[root@centos-007 ~]# rpm -qa | grep flex
flex-2.5.37-3.el7.x86_64

[root@centos-007 ~]# rpm -qa | grep bison
bison-2.7-4.el7.x86_64

[root@centos-007 ~]# rpm -qa | grep zlib
zlib-1.2.7-13.el7.x86_64
zlib-devel-1.2.7-13.el7.x86_64

[root@centos-007 ~]# rpm -qa | grep libpcap
libpcap-1.5.3-4.el7_1.2.x86_64
libpcap-devel-1.5.3-4.el7_1.2.x86_64

[root@centos-007 ~]# rpm -qa | grep tcpdump
tcpdump-4.5.1-2.el7.x86_64

[root@centos-007 ~]# rpm -qa | grep libdnet-devel
libdnet-devel-1.12-13.1.el7.x86_64

Installing Data Acquisition (DAQ 2.0.5)

We can obtain SNORT and DAQ latest installation packages from its official website and copy its RPM package download link available for CentOS.

[root@centos-007 ~]# yum install https://snort.org/downloads/snort/daq-2.0.5-1.centos7.x86_64.rpm

Installing SNORT 2.9.7

Similarly we will install Snort by using below command with yum repository.

[root@centos-007 ~]# yum install https://snort.org/downloads/snort/snort-2.9.7.3-1.centos7.x86_64.rpm

Installing SNORT Rules:

In order to install Snort rules we must be the registered user to download the set of rule or have paid subscription. Installing some update snort rules is a necessary to make sure that snort is able to detect the latest threats.

Signup with Snort

Let's sign in with the World most powerful detection software and to download its rules that are most important to be aware from the latest threats.

Downloading Snort Rules

After sign in to Snort, now we will be able to download its rules that we need to install and work for Snort.

Updating Snort Rule using Pulled Pork

Pulled Pork for Snort rule management is designed to make Snort rules fly! With the intent of handling all rules. Its code pulls the rules that we need to handle our Snort rules.

Downloading PulledPork

Pulled Pork apackage is available on the Git hub, by using the following command we will get its package on the snort server with git clone command.

[root@centos-007 ~]# git clone https://github.com/shirkdog/pulledpork.git

Setup Pulled Pork

[root@centos-007 pulledpork]# cp pulledpork.pl /usr/local/bin
[root@centos-007 pulledpork]# chmod +x /usr/local/bin/pulledpork.pl
[root@centos-007 pulledpork]# cp etc/*.conf /etc/snort

Now we will configure PulledPork and place the Oinkcode in its configuration file, we will place it in its configuration file after getting it from our registered user.

Creating files that PulledPork requires as.

[root@centos-007 ~]# mkdir /etc/snort/rules/iplists
[root@centos-007 ~]# touch /etc/snort/rules/iplists/default.blacklist

Testing PullPork

Let's start a test to confirm that pulledpork is functional.

[root@centos-007 ~]# /usr/local/bin/pulledpork.pl -V
PulledPork v0.7.0 - Swine Flu !

Once the PulledPork works with its successful test results, we now moves forward to configure it with Snort by updating few configurations parameters.

Configure Snort

We want to enable the dynamic rules, so for this purpose we make sure the second line in /etc/snort/snort.conf is not commented.

# path to dynamic preprocessor libraries
dynamicpreprocessor directory /usr/lib64/snort-2.9.7.3_dynamicpreprocessor/

# path to base preprocessor engine
dynamicengine /usr/lib64/snort-2.9.7.3_dynamicengine/libsf_engine.so

# path to dynamic rules libraries
dynamicdetection directory /usr/local/lib/snort_dynamicrules

Now execute the following 3 commands to add the include rules as follow.

echo "include \$RULE_PATH/snort.rules" >> /etc/snort/snort.conf
echo "include \$RULE_PATH/local.rules" >> /etc/snort/snort.conf
echo "include \$RULE_PATH/so_rules.rules" >> /etc/snort/snort.conf

Starting Pulled Pork

Now running the following command we will run pulledpork and update your rules as belwo.

[root@centos-007 ~]# pulledpork.pl -c /etc/snort/pulledpork/pulledpork.conf

...
Rule Stats...
New:-------686
Deleted:---4
Enabled Rules:----365
Dropped Rules:----0
Disabled Rules:---45
Total Rules:------410
No IP Blacklist Changes

Done
Please review /var/log/sid_changes.log for additional details
Fly Piggy Fly!

We always have to restart snort service after updating your rules. So make sure that you didn't get any errors during the restart. If you received errors, check the /var/log/syslog file and try to fix the issue.

[root@centos-007 ~]# service snort restart
Updating Snort Rules using Pulled Pork

Conclusion

Congratulations, if you have outputs similar to the above after restating PulledPork and restarting snort service then you have successfully Configured PulledPork with Snort.

The post How to Install / Configure SNORT IDS on CentOS 6.x / 7.x appeared first on LinOxide.

Zabbix is one the best Open Source network monitoring tool for monitoring an infrastructure. It has many features to monitor services and hosts from low level to high level. So among its all features, we are going to discuss and setup its one the most important and useful feature to provision Zabbix Proxy. To implement Zabbix Proxy for centralized and distributed monitoring is good for your remote host monitoring. When all agents and proxies reports to one Zabbix server and all data is being collected at central location.

How it Works

Zabbix Proxies are useful when a server is is not able to communicate directly to the monitored machines. This is common when Organizations have to be monitored, or when there are some restrictions in a large corporate network. Once we had done with Zabbix Proxy setup then connections to the Zabbix Server come from the Proxy Server which will do all the monitoring on the behalf of Zabbix server.

Setting up Proxy Server

We will be using a separate Linux server with CentOS 7 as the base operating system with MySQL database server installed on it that will be used as a local database for Proxy server. So in this article we assume that you already had setup your Zabbix Server, if not you can follow our Zabbix Server Installation Tutorial.

Zabbix Proxy Installation Setup

Different options are available to install zabbix proxy by using Zabbix RPMs, Creating your own Repo or from the source.

So in this tutorial we will follow the installation process by using its available RPMs.

Configure the ZabbixZone package repository and GPG key

Let’s import Zabbix GPG key and its latest available repository by using the below commands.

[root@centos-007 ~]# rpm --import http://repo.zabbix.com/RPM-GPG-KEY-ZABBIX
[root@centos-007 ~]# rpm -Uv http://repo.zabbix.com/zabbix/2.4/rhel/7/x86_64/zabbix-release-2.4-1.el7.noarch.rpm

Installing Zabbix Proxy

We have to create a separate user and group that will be used for zabbix running processes.
Let's create a group and a user with name "zabbix" as:

[root@centos-007 ~]# groupadd zabbix
[root@centos-007 ~]# useradd -g zabbix zabbix

Now run the zabbix proxy installation command with yum installer.

[root@centos-007 ~]# yum install zabbix-proxy-mysql.x86_64

After the installation process starts, press "Y" to confirm installation startup.

Install necessary packages

Now we install install the necessary server's packages that we wish to install on the proxy server including zabbix server package in case if you want to monitor this as well.

Now, execute the following yum command to start installing packages for zabbix.

[root@centos-007 ~]# yum install mysql-server zabbix-server-mysql zabbix-web-mysql zabbix-agent zabbix-java-gateway

The executed command will ends up with installation of all the packages that we mentioned in the command as shown.

Database Setup for Zabbix Proxy

As we had done with installation of all prerequisite packages necessary for zabbix proxy, now we will setup its database using mysql. Proceeding to the database settings first check that your mysql server is up and you can login with your root password.

[root@centos-007 ~]# service mysqld status
[root@centos-007 ~]# mysql -u root -p

Creating new database

Once your mysql server is up and you are loged into it, create a new database for zabbix proxy.

mysql> create database zbx_proxy character set utf8;
Query OK, 1 row affected (0.00 sec)

Assigning Privileges

In order to grant user level privileges on databases to zabbix user run the following command.

mysql> grant all privileges on zabbix.* to 'zabbix'@'localhost' identified by 'zbx123';
Query OK, 0 rows affected (0.01 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

Loading Zabbix Schema

Exit from the mysql database server and from the shell we nee to import zabbix schema into newly created database for zabbix proxy. Run the below commands to load zabbix schema from the zabbix database source for its latest version.

[root@centos-007 mysql]# pwd
/root/zabbix-2.4.5/database/mysql

The above command states that we are currently in mysql directory of zabbix source, here we run the command to import its schema into the newly created database for zabbix proxy.

[root@centos-007 mysql]# ls
data.sql images.sql schema.sql
[root@centos-007 mysql]# mysql -u zabbix -p zabbix < schema.sql
Enter password:

Zabbix Proxy Configuration

We are going to configure zabbix proxy configurations now, to do so let's open up the zabbix proxy conf file placed in "/etc/zabbix/" directory with your file editor.

[root@centos-007 ~]# vim /etc/zabbix/zabbix_proxy.conf

Now configure it with following options.

Put the IP of your Zabbix Server here, if its running on another machine.

#Server=127.0.0.1
Server=172.25.10.181

Mention the hostname here that you like to configure it here.

#Hostname=Zabbix proxy
Hostname=zbx_proxy

Give the database name, its user and password, that we had created above in zabbix database proxy settings.

#DBName=zabbix_proxy
DBName=zabbix

# DBUser=
DBUser=zabbix

# DBPassword=
DBPassword=zbx123

Now save the changes to the zabbix configurations file and close it with "wq!".

Start Zabbix Proxy Services

Run the "zabbix_proxy" command to start its service and then confirm its process with "ps" or "netstat " commands to confirm if its processes are running.

[root@centos-007 ~]# zabbix_proxy
[root@centos-007 ~]# netstat -anp | grep zabbix_proxy

Here is the snapshot of all the running processes under zabbix_proxy on port "10051".

You can also check the zabbix proxy logs by opening up its logs file zabbix_proxy.log created in "/var/log/zabbix/" directory.

[root@centos-007 ~]#cat /var/log/zabbix/zabbix_proxy.log

Here can see its logs about successfully services start up in below image.

Configure Zabbix Proxy on Master Server

Now we need to configure the zabbix proxy on the master server. Open its dashboard and expand the "Administration" options and click to "Proxies", then click on the top right corner to "Create Proxy".

Monitoring New Host with Zabbix Proxy

Zabbix Proxy has been setup and configured in Master Zabbix Server, now we can add different hosts that we need to be monitored via proxy server.

Adding Proxy Agent

Let's install the zabbix agent on the host that you want to monitor through Zabbix Proxy and configure its configurations file with following options.

[root@proxy_agent ~]# vim /usr/local/etc/zabbix_agentd.conf

Server=Proxy_Servers_IP
ServerActive=Proxy_Servers_IP
Hostname=Proxy_Agent_IP

Now start zabbix agent services on and then add it on the master zabbix server as shown below.

Conclusion

Cheers! In this detailed article we learnt to setup stand alone zabbix proxy server on a Linux server with CentOS 7 operating system installed on it, with its configurations on master proxy server. We can add multiple zabbix agents on it that we want to monitor through zabbix proxy. Feel to write us in comments section if you face any issue during its setup.

The post Howto Configure Zabbix Proxy for External Monitoring on CentOS 7 appeared first on LinOxide.

Hi, Today we are going to illustrate the setup of Logwatch on Ubuntu 15.04 Operating system where as it can be used for any Linux and UNIX like operating systems. Logwatch is a customizable system log analyzer and reporting log-monitoring system that go through your logs for a given period of time and make a report in the areas that you wish with the details you want. Its an easy tool to install, configure, review and to take actions that will improve security from data it provides. Logwatch scans the log files of major operating system components, like SSH, Web Server and forwards a summary that contains the valuable items in it that needs to be looked at.

Pre-installation Setup

We will be using Ubuntu 15.04 operating system to deploy Logwatch on it so as a perquisite for the installation of Logwatch, make sure that your emails setup is working as it will be used to send email to the administrators for daily reports on the gathered reports.Your system repositories should be enabled as we will be installing it from its available universal repositories.

Then open the terminal of your ubuntu operating system and login with root user to update your system packages before moving to Logwatch installation.

root@ubuntu-15:~# apt-get update

Installing Logwatch

Once your system is updated and your have fulfilled all its prerequisites then run the following command to start the installation of Logwatch in your server.

root@ubuntu-15:~# apt-get install logwatch

The logwatch installation process will starts with addition of some extra required packages as shown once you press “Y” to accept the required changes to the system.

During the installation process you will be prompted to configure the Postfix Configurations according to your mail server’s setup. Here we used “Local only” in the tutorial for ease, we can choose from the other available options as per your infrastructure requirements and then press “OK” to proceed.

Then you have to choose your mail server’s name that will also be used by other programs, so it should be single fully qualified domain name (FQDN).

Once you press “OK” after postfix configurations, then it will completes the Logwatch installation process with default configurations of Postfix.

You can check the status of Logwatch by issuing the following command in the terminal that should be in active state.

root@ubuntu-15:~# service postfix status

To confirm the installation of Logwatch with its default configurations, issue the simple “logwatch” command as shown.

root@ubuntu-15:~# logwatch

The output from the above executed command will results in following compiled report form in the terminal.

Logwatch Configurations

Now after successful installation of Logwatch, we need to make few configuration changes in its configuration file located under following shown path. So, let’s open it with the file editor to update its configurations as required.

root@ubuntu-15:~# vim /usr/share/logwatch/default.conf/logwatch.conf

Output/Format Options

By default Logwatch will print to stdout in text with no encoding.To make email Default set “Output = mail” and to save to file set “Output = file”. So you can comment out the its default configurations as per your required settings.

Output = stdout

To make Html the default formatting update the following line if you are using Internet email configurations.

Format = text

Now add the default person to mail reports should be sent to, it could be a local account or a complete email address that you are free to mention in this line

MailTo = root
#MailTo = user@test.com

Default person to mail reports sent from can be a local account or any other you wish to use.

# complete email address.
MailFrom = Logwatch

Save the changes made in the configuration file of Logwatch while leaving the other parameter as default.

Cronjob Configuration

Now edit the "00logwatch" file in daily crons directory to configure your desired email address to forward reports from logwatch.

root@ubuntu-15:~# vim /etc/cron.daily/00logwatch

Here you need to use "--mailto" user@test.com instead of --output mail and save the file.

Using Logwatch Report

Now we generate the test report by executing the "logwatch" command in the terminal to get its result shown in the Text format within the terminal.

root@ubuntu-15:~#logwatch

The generated report starts with showing its execution time and date, it will be comprising of different sections that starts with its begin status and closed with end status after showing the complete information about its logs of the mentioned sections.

Here is its starting point looks like, where it starts by showing all the installed packages in the system as shown below.

The following sections shows the logs informmation about the login sessions, rsyslogs and SSH connections about the current and last sessions enabled on the system.

The logwatch report will ends up by showing the secure sudo logs and the disk space usage of the root diretory as shown below.

You can also check for the generated emails about the logwatch reports by opening the following file.

root@ubuntu-15:~# vim /var/mail/root

Here you will be able to see all the generated emails to your configured users with their message delivery status.

More about Logwatch

Logwatch is a great tool to lern more about it, so if your more interested to learn more about its logwatch then you can also get much help from the below few commands.

root@ubuntu-15:~# man logwatch

The above command contains all the users manual about the logwatch, so read it carefully and to exit from the manuals section simply press "q".

To get help about the logwatch commands usage you can run the following help command for further information in details.

root@ubuntu-15:~# logwatch --help

Conclusion

At the end of this tutorial you learn about the complete setup of Logwatch on Ubuntu 15.04 that includes with its installation and configurations guide. Now you can start monitoring your logs in a customize able form, whether you monitor the logs of all the services rnning on your system or you customize it to send you the reports about the specific services on the scheduled days. So, let's use this tool and feel free to leave us a comment if you face any issue or need to know more about logwatch usage.

The post How to Install Logwatch on Ubuntu 15.04 appeared first on LinOxide.

Cacti is a free and open source web based front-end network graphing solution application designed for the industry-standard data logging tool RRDtool. It provides its users a fast poller, advanced graph templating, multiple data acquisition methods, and user management features with its beautiful web based interface. It is generally used to graph time-series data of metrics such as CPU load and network bandwidth utilization. It can handle multiple users, with their own graph sets to display bandwidth statistics of the users. Some of the awesome features of Cacti are as follows.

• It consists of unlimited graph items with auto-padding support.
• Graph data manipulation and flexible data sources.
• Data gathering on a non-standard timespan with custom scripts
• It consists built-in SNMP support.
• It contains graph, data source, host templates
• Tree, list, and preview views of graph data
• It provisions user-based management and security.

Here are some simple easy steps on how we can install and setup Cacti in our machine running Fedora 22 or CentOS 7 as operating system.

1. Installing LAMP Stack

First of all, we'll need to install LAMP stack in our linux machine. LAMP stack is the combination of Apache web server, MariaDB/MySQL database server and PHP modules which is essential for Cacti in order to provide the web interface for it. To install the complete set of LAMP stack, we'll need to run the following command under root/sudo access according our operating system installed in our machine.

On Fedora 22

# dnf install httpd mariadb mariadb-server php php-mysql php-gd php-pear php-common php-cli php-devel php php-mbstring nano

On CentOS 7

# yum install httpd mariadb mariadb-server php php-mysql php-gd php-pear php-common php-cli php-devel php php-mbstring nano

2. Installing EPEL Repo

To install Cacti, we'll need to install and enable EPEL repository as cacti is not available on the default repository of Fedora 22 or CentOS 7. To install EPEL repo, we need to run the following command.

On Fedora 22

# dnf install http://ftp.cuhk.edu.hk/pub/linux/fedora-epel/7/x86_64/e/epel-release-7-5.noarch.rpm

On CentOS 7

# yum install epel-release

2. Installing SNMP and Cacti

Now, we'll gonna install snmp and cacti in our linux machine. As snmp and cacti is available on the official repository of both centos and fedora repository, we'll gonna install it using its default package manager.

On Fedora 22

# dnf install php-snmp net-snmp net-snmp-utils cacti

On CentOS 7

# yum install php-snmp net-snmp net-snmp-utils cacti

3. Starting and Enabling Apache, MariaDB and SNMP

To start apache web server, snmp and mariadb in our centos and fedora machine, we'll need to run the following systemd command in our linux terminal or console.

# systemctl start httpd mariadb snmpd

Next, we'll also need to enable them to start along with the system boot so that it will automatically get into work in every reboot.

# systemctl enable httpd mariadb snmpd

Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/snmpd.service to /usr/lib/systemd/system/snmpd.service.

4. Configuring MariaDB

As we have just installed our mariadb database server in our linux machine, we'll now need to assign a new password for our mariadb root user. Then, we'll create a new database for our Cacti to store its data. To configure mariadb, we'll need to run the following command in a terminal or a console.

# mysql_secure_installation

This will ask us to enter the password for root but as we haven’t set any password before and its our first time we’ve installed mariadb, we’ll simply press enter and go further. Then, we’ll be asked to set root password, here we’ll hit Y and enter our password for root of MariaDB. Then, we’ll simply hit enter to set the default values for the further configurations.

….
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!
…
installation should now be secure.

Thanks for using MariaDB!

Next, we’ll login to the MariaDB command prompt as root.

# mysql -u root -p

Here, we’ll need to enter the password of the MariaDB root account that we had set above.

After we’re logged in into the mariadb command prompt, we’ll gonna create the database for Cacti.

> CREATE DATABASE cacti;
> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'password';
> FLUSH PRIVILEGES;
> EXIT;

Note: It is highly recommended to change the above variables cacti, cactiuser and password according to your requirement or desire for security issue.

5. Configuring Cacti

Now, we'll gonna configure our installation of cacti which includes database configuration. Before we configure cacti, we'll need to first import the dumped cacti database table to the database in MariaDB server that we just created above. To do so, we'll need to run the following command.

# mysql -u cactiuser -p cacti < /usr/share/doc/cacti-*/cacti.sql

Here, we'll be asked to enter the password for our database user cactiuser. We'll need to enter the password that we had set in the above step. Here, we have database user as cactiuser and password as password .

After we have successfully imported the database table to our mariadb database cacti, we'll now configure our cacti configuration file. To do so, we'll need to edit /usr/share/cacti/include/config.php file using our favorite text editor.

# nano /usr/share/cacti/include/config.php

Then, we'll need to make change to the file as show below using the variables we had set above during the configuration of database in our mariadb server.

$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cactiuser";
$database_password = "password";
$database_port = "3306";
$database_ssl = false;

After we've configured our cacti configuration file, we'll then save and exit it.

6. Adding Cacti to Cronjob

We'll now add a cronjob for cacti so that our cacti will work as scheduled in our cronjob configuration. To do so, we'll need to create a file named cacti under /etc/cron.d/ using our favorite text editor.

# nano /etc/cron.d/cacti

Then, we'll gonna uncomment the following lines by removing "#" from the line.

*/5 * * * * cacti php /usr/share/cacti/poller.php > /dev/null 2>&1

After that, we'll save and exit the file.

7. Fixing Ownership and Firewall

Next, we'll need to change the ownership of two directories rra and log which lies under /var/www/html/cacti/ to cacti so that it will have full read and write access over its files and directories.

# chown -R cacti /usr/share/cacti/rra/ /usr/share/cacti/log/

As fedora 22 and centos 7 both has preinstalled firewalld as the default firewall solution, we'll need to make firewalld allow http port so that cacti will be accessible via web browser. To do so, we'll need to run the following command.

# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --reload

8. Configuring Apache Config

We'll now need to allow access to Cacti from over the internet. To do so, we'll need to edit /etc/httpd/conf.d/cacti.conf using a text editor.

# nano /etc/httpd/conf.d/cacti.conf

Then, we'll need to append the file as shown below.

Alias /cacti /usr/share/cacti

<Directory /usr/share/cacti/>
<IfModule mod_authz_core.c>
# httpd 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# httpd 2.2
Order deny,allow
Deny from all
Allow from all
</IfModule>
</Directory>

After saving and exiting the file, we'll gonna restart our apache web server by running the following command.

# systemctl restart httpd

9. Web Installation

Finally, after we have successfully setup cacti and lamp stack, we'll now navigate to the web interface of cacti. We'll need to point our web browser to http://ip-address/cacti or http://domain.com/cacti according to our configuration. Then, we'll see our first screen as Installation Guide with the portion of GNU General Public License.

To continue, we'll need to click on Next button which makes us that we accept the license agreement of the Cacti software. Then another page will be loaded which will ask us to select the type of installation we are going to setup. As we're gonna setup a new installation of Cacti, we'll simply select as New Install and verify the determined information then click on Next to continue.

After that, we'll be shown if all the required binary dependencies are available on the system or not. As we have already installed them in the above steps, we'll see that the dependencies were found in the system as shown below. After that, we'll simply click on Finish to continue further.

Then, we'll need to enter the default username and password of Cacti in order to login to the dashboard. The default username and password of Cacti is admin and admin respectively.

After entering the default username and password, we'll click on Login. Then, we'll need to change our password after logging in. A page to change the login password will appear in which we'll need to enter a new password which will be used for logging into the Cacti's dashboard.

After entering our new login password, we'll click on Save in order to apply it. Then, we'll be welcomed to our Cacti Dashboard as shown below.

To create a new graph, we'll need to click on New Graphs which lies on the sidebar for our new devices. To see our graphs, we'll need to click on Graphs. We can change, import and export templates, manage users and system utilities from the very Cacti Dashboard.

Conclusion

Cacti is an awesome RRDTool based graphing solution having an easy to use web based interface. It is widely used from a small LAN installations to a complex networks with hundreds of devices. It is commonly used to monitor network traffic by polling a network switch or router interface through Simple Network Management Protocol. It is extensible because it can be extended to monitor any source using scripts. Cacti is very easy to setup and configure as we did in above tutorial. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve or update our contents.

The post How to Configure Cacti on Fedora 22 / CentOS 7.0 appeared first on LinOxide.

Systems management and monitoring services are very important that provides information to view important systems management information that allow us to to make decisions based on this information. To make sure the network is running at its best and to minimize the network downtime we need to improve application performance. So, in this article we will make you understand the step by step procedure to setup OpenNMS in your IT infrastructure. OpenNMS is a free open source enterprise level network monitoring and management platform that provides information to allow us to make decisions in regards to future network and capacity planning.

OpenNMS designed to manage tens of thousands of devices from a single server as well as manage unlimited devices using a cluster of servers. It includes a discovery engine to automatically configure and manage network devices without operator intervention. It is written in Java and is published under the GNU General Public License. OpenNMS is known for its scalability with its main functional areas in services monitoring, data collection using SNMP and event management and notifications.

Installing OpenNMS RPM Repository

We will start from the installation of OpenNMS RPM for our CentOs 7.1 operating system as its available for most of the RPM-based distributions through Yum at their official link http://yum.opennms.org/ .

Then open your command line interface of CentOS 7.1 and login with root credentials to run the below command with “wget” to get the required RPM.

[root@open-nms ~]# wget http://yum.opennms.org/repofiles/opennms-repo-stable-rhel7.noarch.rpm

Now we need to install this repository so that the OpenNMS package information could be available through yum for installation. Let’s run the command below with same root level credentials to do so.

[root@open-nms ~]# rpm -Uvh opennms-repo-stable-rhel7.noarch.rpm

Installing Prerequisite Packages for OpenNMS

Now before we start installation of OpenNMS, let’s make sure you’ve done the following prerequisites.

Install JDK 7

Its recommended that you install the latest stable Java 7 JDK from Oracle for the best performance to integrate JDK in our YUM repository as a fallback. Let’s go to the Oracle Java 7 SE JDK download page, accept the license if you agree, choose the platform and architecture. Once it has finished downloading, execute it from the command-line and then install the resulting JDK rpm.

Else run the below command to install using the Yum from the the available system repositories.

[root@open-nms ~]# yum install java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1

Once you have installed the Java you can confirm its installation using below command and check its installed version.

[root@open-nms ~]# java -version

Install PostgreSQL

Now we will install the PostgreSQL that is a must requirement to setup the database for OpenNMS. PostgreSQL is included in all of the major YUM-based distributions. To install, simply run the below command.

[root@open-nms ~]# yum install postgresql postgresql-server

Prepare the Database for OpenNMS

Once you have installed PostgreSQL, now you'll need to make sure that PostgreSQL is up and active. Let’s run the below command to first initialize the database and then start its services.

[root@open-nms ~]# /sbin/service postgresql initdb
[root@open-nms ~]# /sbin/service postgresql start

Now to confirm the status of your PostgreSQL database you can run the below command.

[root@open-nms ~]# service postgresql status

To ensure that PostgreSQL will start after a reboot, use the “systemctl”command to enable start on bootup using below command.

[root@open-nms ~]# systemctl enable postgresql
ln -s '/usr/lib/systemd/system/postgresql.service' '/etc/systemd/system/multi-user.target.wants/postgresql.service'

Configure PostgreSQL

Locate the Postgres “data” directory. Often this is located in /var/lib/pgsql/data directory and Open the postgresql.conf file in text editor and configure the following parameters as shown.

[root@open-nms ~]# vim /var/lib/pgsql/data/postgresql.conf

#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------

listen_addresses = 'localhost'
max_connections = 256

#------------------------------------------------------------------------------
# RESOURCE USAGE (except WAL)
#------------------------------------------------------------------------------

shared_buffers = 1024MB

User Access to the Database

PostgreSQL only allows you to connect if you are logged in to the local account name that matches the PostgreSQL user. Since OpenNMS runs as root, it cannot connect as a "postgres" or "opennms" user by default, so we have to change the configuration to allow user access to the database by opening the below configuration file.

[root@open-nms ~]# vim /var/lib/pgsql/data/pg_hba.conf

Update the configuration file as shown below and change the METHOD settings from "ident" to "trust"

Write and quit the file to make saved changes and then restart PostgreSQL services.

[root@open-nms ~]# service postgresql restart

Starting OpenNMS Installation

Now we are ready go with installation of OpenNMS as we have almost don with its prerequisites. Using the YUM packaging system will download and install all of the required components and their dependencies, if they are not already installed on your system.
So let's riun th belwo command to start OpenNMS installation that will pull everything you need to have a working OpenNMS, including the OpenNMS core, web UI, and a set of common plugins.

[root@open-nms ~]# yum -y install opennms

The above command will ends up with successful installation of OpenNMS and its derivative packages.

Configure JAVA for OpenNMS

In order to integrate the default version of Java with OpenNMS we will run the below command.

[root@open-nms ~]# /opt/opennms/bin/runjava -s

Run the OpenNMS installer

Now it's time to start the OpenNMS installer that will create and configure the OpenNMS database, while the same command will be used in case we want to update it to the latest version. To do so, we will run the following command.

[root@open-nms ~]# /opt/opennms/bin/install -dis

The above install command will take many options with following mechanism.

-d - to update the database
-i - to insert any default data that belongs in the database
-s - to create or update the stored procedures OpenNMS uses for certain kinds of data access

==============================================================================
OpenNMS Installer
==============================================================================

Configures PostgreSQL tables, users, and other miscellaneous settings.

DEBUG: Platform is IPv6 ready: true
- searching for libjicmp.so:
- trying to load /usr/lib64/libjicmp.so: OK
- searching for libjicmp6.so:
- trying to load /usr/lib64/libjicmp6.so: OK
- searching for libjrrd.so:
- trying to load /usr/lib64/libjrrd.so: OK
- using SQL directory... /opt/opennms/etc
- using create.sql... /opt/opennms/etc/create.sql
17:27:51.178 [Main] INFO org.opennms.core.schema.Migrator - PL/PgSQL call handler exists
17:27:51.180 [Main] INFO org.opennms.core.schema.Migrator - PL/PgSQL language exists
- checking if database "opennms" is unicode... ALREADY UNICODE
- Creating imports directory (/opt/opennms/etc/imports... OK
- Checking for old import files in /opt/opennms/etc... DONE
INFO 16/08/15 17:27:liquibase: Reading from databasechangelog
Installer completed successfully!

==============================================================================
OpenNMS Upgrader
==============================================================================

OpenNMS is currently stopped
Found upgrade task SnmpInterfaceRrdMigratorOnline
Found upgrade task KscReportsMigrator
Found upgrade task JettyConfigMigratorOffline
Found upgrade task DataCollectionConfigMigratorOffline
Processing RequisitionsMigratorOffline: Remove non-ip-snmp-primary and non-ip-interfaces from requisitions: NMS-5630, NMS-5571
- Running pre-execution phase
Backing up: /opt/opennms/etc/imports
- Running post-execution phase
Removing backup /opt/opennms/etc/datacollection.zip

Finished in 0 seconds

Upgrade completed successfully!

Firewall configurations to Allow OpenNMS

Here we have to allow OpenNMS management interface port 8980 through firewall or router to access the management web interface from the remote systems. So use the following commands to do so.

[root@open-nms etc]# firewall-cmd --permanent --add-port=8980/tcp
[root@open-nms etc]# firewall-cmd --reload

Start OpenNMS and Login to Web Interface

Let's start OpenNMS service and enable to it start at each bootup by using the below command.

[root@open-nms ~]#systemctl start opennms
[root@open-nms ~]#systemctl enable opennms

Once the services are up are ready to go with its web management interface. Open your web browser and access it with your server's IP address and 8980 port.

http://servers_ip:8980/

Give the username and password where as the default username and password is admin/admin.

After successful authentication with your provided username and password you will be directed towards the the Home page of OpenNMS where you can configure the new monitoring devices/nodes/services etc.

Conclusion

Congratulations! we have successfully setup OpenNMS on CentOS 7.1. So, at the end of this tutorial, you are now able to install and configure OpenNMS with its prerequisites that included PostgreSQL and JAVA setup. So let's enjoy with the great network monitoring system with open source roots using OpenNMS that provide a bevy of features at no cost than their high-end competitors, and can scale to monitor large numbers of network nodes.

The post How to Configure OpenNMS on CentOS 7.x appeared first on LinOxide.

Hi, today we are going to setup OMD (Open Monitoring Distribution) which is one the best solution for network and and systems monitoring that comes with bundle of different network monitoring tools that is Nagios, Icinga and Shinkin including some of there required addons. The addons makes the process simple for OMD setup to install it on any major Linux distribution that comes with one single installation package.

So, OMD implements a completely new concept of how to install, maintain and update a monitoring system built on Nagios by providing a lot of features that are necessary for the system administrators to keeps track of your servers' service status, hardware and uptime that keep them informed by sending alerts about the critical situation.

Basic Setup

In this tutorial we will be using Ubuntu 15.04 server with basic packages while the basic system resources we are using is 1 GB of RAM, 2 CPUs and 20 GB of disk space on our Ubuntu cloud Server.

Further we have configured the statci IP with FQDN and have root access to the server to perform all system level tasks.

So, we will start from the very basic step to update the server before starting the OMD installation process. To do so run the below command to update your ubuntu server.

#apt-get update

#apt-get upgrade

Download OMD Package

The latest distribution package of OMD for Ubuntu can be downloaded from the official web page of OMD Download, that consists of a list of all the released packages for Open ource Linux distribution.

Copy the source link, and download it using the below command.

#wget http://files.omdistro.org/releases/debian_ubuntu/omd-1.20.trusty.amd64.deb

Installing OMD on Ubuntu

After downloading the debian package of OMD distribution , we will run the following command for its installation on ubuntu server.

#dpkg -i omd-1.20.trusty.amd64.deb

The installation will ends due to some of its required dependencies as shown in the above image. To install all of these missing dependencies run the below command.

#apt-get -f install

The missing dependencies will need to get about 60.9 MB of archives.
After this operation, 1,736 kB disk space will be freed.
To proceed we have to Press "Y" to continue.

During the installation process you will prompted to configure your MySQL database password.
So, configure your secure password and press "OK" key to continue.

Once the installation process complete, we will run the "omd" command as shown below to confirm its successful setup.

Here in the above image we can see all its available options that will be used with omd for managing our OMD server.

Creating OMD Instance

Now we will are going to create our first OMD monitoring install that will be used for further configurations through its web interface.

Let's run the below command with any relevant name that you wish to use for web access using sudo or root user.

# omd create monitoring

Before accessing the above URL in your web browser you have to initiate your instance by using the below command.

# omd start monitoring

Starting rrdcached...OK
Starting npcd...OK
Starting nagios...OK
Starting dedicated Apache for site monitoring...OK
Initializing Crontab...OK

Login to OMD Instance

We have done our installation setup, created and started our first monitoring instance, now open your web browser and access the default user interface as shown below by providing the default credentials as shown in the above image.

http://your_servers_ip/monitoring/

Upon successful login credentials you will be directed to the Open Monitoring Distribution web console as shown.

Chek-MK Admin Tool

Monitoing Host Agent

Now you will see that how we can add and monitor the new host agent using OMD's Chek-MK web administration tool. Simply click on the Hosts icon, fill out the host name choose the correct IP address and other information that you have.

After putting information of the new host that you want to add for monitoring, click on the "save and test" icon to check the results, if the agent is reachable to ICMP and Check-MK agent port.

Here we can see the status of all the hosts that has been added for monitoring through OMD Check-MK Web administration tool.

Conclusion

Open Monitoring Distribution tool is one best NMS solution for system administrators for monitoring their whole IT infrastructure through OMD. As it provides and efficient and simple way to monitor multiple hosts through multiple open source monitoring tools.

The post How to Setup OMD on Ubuntu 14.04 / 15.04 appeared first on LinOxide.

Icinga is an open source network monitoring application that provides us with Icinga Web 1 and Icinga Web 2 interfaces to fully manage and monitor the hosts and services through its dashboard. Icinga Web 2 is the successor of Icinga web which is lightweight, fast and flexible to embed into other projects that supports multiple authentication methods like Active Directory, LDAP or database and multiple monitoring back ends. So, this a major advance in the creation of hosts and services actions, instead of defining them via Icinga's configuration files and every user is now enabled to create them with the web interface and even share them to others.

We can customize and configure the Icinga Web 2 using many modules for its views, filters and dashboards. Timestamps and status updates can be refreshed automatically every second, rolling along smoothly saving your eyes the strain of flickering displays.

In this article we will be using the CentOS 7 for the complete installation and configuration of Icinga Web 2. If you want to use Ubuntu as your base Operating system then you can also refer to our previous article of Icinga2 on Ubuntu 15.04.

Installing Prerequisites

Icinga Web 2 installation depends upon a number of following packages that must be installed on your system before the installation of Icinga Web 2 on CentOS 7 or Ubuntu 15.

Let's follow the below steps to complete the prerequisites by installing required packages and other settings.

1) System Update

Login to your system with root or sudo user privileges and run the following command to update your system.

For CentOS:

# yum update

For Ubuntu:

# apt-get update

2) Installing Icinga 2

To install Icinga 2 we will use the official package repositories that can be downloaded from this Icinga Web Page.

To setup EPRL repositories for Icinga Installation run the following commands.

For CentOS:
To import the archive key and to setup the surrent stable builds of Icinga, run below command.

# rpm --import http://packages.icinga.org/icinga.key

# wget http://packages.icinga.org/epel/ICINGA-release.repo -O /etc/yum.repos.d/ICINGA-release.repo

# yum makecache

Now run the Icinga 2 Installation command as shown below.

# yum install icinga2

The following number of packages including the dependencies will be installed as shown. To proceed run type the "Y" key to continue.

===========================================================================================
Package Arch Version Repository Size
===========================================================================================
Installing:
icinga2 x86_64 2.3.10-1.el7.centos icinga-stable-release 9.1 k
Installing for dependencies:
boost-program-options x86_64 1.53.0-23.el7 base 155 k
boost-regex x86_64 1.53.0-23.el7 base 294 k
boost-system x86_64 1.53.0-23.el7 base 39 k
boost-thread x86_64 1.53.0-23.el7 base 56 k
icinga2-bin x86_64 2.3.10-1.el7.centos icinga-stable-release 2.2 M
icinga2-common x86_64 2.3.10-1.el7.centos icinga-stable-release 73 k

Transaction Summary
===========================================================================================
Install 1 Package (+6 Dependent packages)

Total download size: 2.8 M
Installed size: 15 M
Is this ok [y/d/N]: y

For Ubuntu
Run the below commands to add the Icinga repository to your package management configuration using PPA.

# add-apt-repository ppa:formorer/icinga

# apt-get update

# apt-get install icinga2

The installation process will be installing the Icinga 2 including some of its required dependencies.

The following extra packages will be installed:
icinga2-bin icinga2-common icinga2-doc libboost-program-options1.55.0 libboost-regex1.55.0 libboost-system1.55.0
libboost-thread1.55.0 libyajl2 nagios-plugins-basic nagios-plugins-common
Suggested packages:
nagios3 icinga
The following NEW packages will be installed
icinga2 icinga2-bin icinga2-common icinga2-doc libboost-program-options1.55.0 libboost-regex1.55.0 libboost-system1.55.0
libboost-thread1.55.0 libyajl2 nagios-plugins-basic nagios-plugins-common
0 to upgrade, 11 to newly install, 0 to remove and 92 not to upgrade.
Need to get 3,201 kB of archives.
After this operation, 18.4 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y

3) Starting Icinga 2

Upon successful installation of Icinga 2 , now start its services and enable them to start at each reboot.

For CentOS 7 / Ubuntu 15
Run the following commands to Enable, Start and check the the status of Icinga 2 service on Centos 7 and Ubuntu 15.

# systemctl enable icinga2

# systemctl start icinga2

# systemctl status icinga2

4) MySQL Database Setup

We will be using the MySQL data base that will be used for Icinga web 2 interface. So, let's run the below commands to install MySQL MariaDB.

For CentOS 7

# yum install mariadb-server mariadb

After installation completes, start the mariadb services and configure its root password using the below command.

#systemctl enable mariadb
#systemctl start mariadb

#mysql_secure_installation

For Ubuntu 15

To install the MySQL database run the below command and configure the root password during the installation process.

#apt-get install mysql-server mysql-client

#service mysql start

Create New Database

Now login to the mysql/mariadb and create the new database with a new user with its specific privileges on the database using the below commands.

MariaDB [(none)]> CREATE DATABASE icinga2;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.* TO 'icinga2'@'localhost' IDENTIFIED BY 'icinga123';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]>exit

5) Installing MySQL IDO Module

For CentOS:

Run the below command to install IDO MySQL module for Icinga2.

#yum install icinga2-ido-mysql

Now import the Icinga 2 IDO schema using the following command.

# mysql -u root -p icinga2 < /usr/share/icinga2-ido-mysql/schema/mysql.sql

A new configuration file will be created after installation of Icinga IDO Module which is located in /etc/icinga2/features-available/ido-mysql.conf. So, open this file using any editor and update the database credentials in this file.

library "db_ido_mysql"
object IdoMysqlConnection "ido-mysql" {
//user = "icinga"
//password = "icinga"
//host = "localhost"
//database = "icinga"
}

Then enable module and check the list it should now listed under the enabled module by using the following command in centos 7.

[root@centos-7 ~]# icinga2 feature enable ido-mysql
warning/cli: Feature 'ido-mysql' already enabled.

[root@centos-7 ~]# icinga2 feature list
Disabled features: api command compatlog debuglog gelf graphite icingastatus livestatus opentsdb perfdata statusdata syslog
Enabled features: checker ido-mysql mainlog notification

For Ubuntu:

In ubuntu during the installation process of IDO MySQL Module, you will be asked Configure the icinga2-ido-mysql whether you want to enable it or not.

# apt-get install icinga2-ido-mysql

So, you will choose the "Yes" option and press OK to proceed then in the next steps you have to configure its configuration file by providing the MySQL root credentials that will configure the following new configuration files.

Creating config file /etc/dbconfig-common/config with new version
Setting up icinga2-ido-mysql (2.3.10-1~ppa1~vivid1) ...
dbconfig-common: writing config to /etc/dbconfig-common/icinga2-ido-mysql.conf

Creating config file /etc/dbconfig-common/icinga2-ido-mysql.conf with new version

Creating config file /etc/icinga2/features-available/ido-mysql.conf with new version
granting access to database icinga2idomysql for icinga2-ido-mysq@localhost: success.
verifying access for icinga2-ido-mysq@localhost: success.
creating database icinga2idomysql: success.
verifying database icinga2idomysql exists: success.
populating database via sql... done.
dbconfig-common: flushing administrative password

Like the same way run the below command to enale IDO MySQL Icinga Module.

root@ubuntu-15:~# icinga2 feature enable ido-mysql
Enabling feature ido-mysql. Make sure to restart Icinga 2 for these changes to take effect.
root@ubuntu-15:~# service icinga2 restart
root@ubuntu-15:~# icinga2 feature list
Disabled features: api command compatlog debuglog gelf graphite icingastatus livestatus opentsdb perfdata statusdata syslog
Enabled features: checker ido-mysql mainlog notification

You check and change the dtaabase configuration setting if required by using the below file.

# vim /etc/icinga2/features-available/ido-mysql.conf

6) Web server Setup

After completing the database installation and configuration setup, now we move towards Apache web server installation before starting the Icinga Web 2.

Let's run the below commands to to setup your web server installation.

For CentOS
In centOS, you can use the following commands to install apache server and start its services as shown.

# yum install httpd
# systemctl enable httpd
# systemctl start httpd

For Ubuntu
For ubuntu you will use the following commands for the apache web server installation.

# apt-get install apache2
# service apache2 start

Firewall Setting
Use the following commands to allow apache services in your firewall.

# firewall-cmd --add-service=http
# firewall-cmd --permanent --add-service=http
# firewall-cmd --reload

# iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
# service iptables save

7) External Command Pipe Setup:

To enable the External Command Pipe we will be using the below, so that the Web interfaces and other Icinga addons are able to send commands to Icinga 2 through the external command pipe.

# icinga2 feature enable command
Enabling feature command. Make sure to restart Icinga 2 for these changes to take effect.
# service icinga2 restart
# icinga2 feature list
Disabled features: api compatlog debuglog gelf graphite icingastatus livestatus opentsdb perfdata statusdata syslog
Enabled features: checker command ido-mysql mainlog notification

Icinga Web 2 Installation

Now start the installation of Icinga Web 2

For CentOS 7:

# rpm --import http://packages.icinga.org/icinga.key

# curl -o /etc/yum.repos.d/ICINGA-release.repo http://packages.icinga.org/epel/ICINGA-release.repo

# yum makecache

# yum install icingaweb2 icingacli

For Ubuntu

# wget -O - http://packages.icinga.org/icinga.key | apt-key add -

# add-apt-repository 'deb http://packages.icinga.org/ubuntu icinga-trusty main'

# apt-get update

# apt-get install icingaweb2

Icinga Web 2 Setup:

When the installion is complete, Open your web browser and give the URL using your hostname or the IP address with the addition to ‘/icingaweb2/setup’. You will find the below Icinga Web 2 setup wizard as shown.

As shown above this asks for a setup token, so make sure you run the server this installation of Icinga Web 2 runs on. Go back to your terminal and run the below commands.

# icingacli setup token create

The newly generated setup token is: 8cfe15c9b0d7ef2a

I you forget the newly created token, you can check by using the below command.

# icingacli setup token show
The current setup token is: 8cfe15c9b0d7ef2a

Copy the newly created token and place it on the web setup to move to next setup.

Then you will be directed to the pre installed modules setup so, simply press the next key.

Now this the below is the main section to configure all the requirements before moving to the next step.

We have to fulfill all these requirements, so first of all we will configure the time zone and then install the required php modules using the below commands.

# vim /etc/php5/apache2/php.ini
[Date]
date.timezone = Europe/London
:wq!

# apt-get install php5-json php5-gd php5-imagick php5-pgsql php5-intl

After installation restart the apache web services and press the refresh key to re check the requirements and you will found no missing module as shown below.

Next option is to choose the authentication type, where as we will be using here the database as a authentication method.

Now we need to configure the database resource where to store users and user groups. Before moving to next option press the Database validation key.

Upon providing the credentials you might get the below message, but there is nothing to worry if your are unable to validate your database just choose the skip validation option and click on the next button.

If you chooses to skip validation, then you will be asked to recreate your administrator account, choose the user name and give it a password.

Then choose the appropriate options to adjust all application and logging related configuration options to fit your needs as shown.

At this point you've configured Icinga Web 2 successfully. You can review the changes supposed to be made before setting it up. Make sure that everything is correct (Feel free to navigate back to make any corrections!) so that you can start using Icinga Web 2 right after it has successfully been set up.

Welcome to the configuration of the monitoring module for Icinga Web 2!

This is the core module for Icinga Web 2. It offers various status and reporting views with powerful filter capabilities that allow you to keep track of the most important events in your monitoring environment.

Then choose the monitoring backend configuration that how it retrieve the information.

Choose the database name, user and its password that you created after installing the Icinga IDO MySQL Module and then validate the database.

Choose the default options for Command transport and Monitoring Security and that it you've configured the monitoring module successfully. Now take review of the changes and click on the finish button to ‘Finish’ to make sure everything has been setup well.

Icinga Web 2 Dashboard

Conclusion

We have successfully installed and configured Icinga Web 2 and ready to Monitoring our hosts and services through its interactive web interface. Hopefully you understand all the steps, so feel free to to share your your experience if you face any kind of difficulty while preparing your own Icinga Web 2 setup on CentOS or Ubutu.

The post How to Setup Icinga Web 2 on Centos 7.x / Ubuntu 15.04 appeared first on LinOxide.

Hello Everybody! Welcome to our today’s article on one the most widely used, free of cost and Open Source Munin Network Resource Monitoring System. Its a perl software application can help you monitoring your each and every asset that keeps record of it and sends you the critical alerts of services for your servers, switches, applications, and any any other devices connected to your network whether its your computers, network, storage or the whole IT infrastructure. It shows all the information in graphs through a web interface that emphasis on plug and play capabilities.

Munin has a master/node architecture in which the master connects to all the nodes at regular intervals and asks them for data, then stores the data in RRD files to updates the graphs if needed. So, after completing its installation a high number of monitoring plugins will be playing with no more effort.

Prerequisites

Your systems hardware resources depends upon your own requirements while in this article we will be using the following system resource for Munin installation on CentOS 7.

Munin installation setup requires the basic web server packages to be installed on the server. So, after basic networking setup configure your hostname, IP address and firewall settings by keeping SELinux into permissive mode.

Then start installing packages by update your system first and enabling EPEL repository on it using below commands.

# yum install epel-release
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

# yum update

You will be asked to press "Y" key and hit Enter to proceed for installing all required updates. Once the updates are successfully installed on your system then proceed to the installation of Apache Web server.

Apache Web Setup

To setup your Apache web server, we need to start by installing its package using the below 'yum' command.

# yum install httpd

Upon completion of packages installation, start and enable its service and check that its active and enabled using the following commands respectively.

# systemctl enable httpd
# systemctl start httpd
# systemctl status httpd

Installing Munin

We can install Munin and Munin Node using the below 'yum' command through its available repository on CentOS 7 as shown.

# yum install munin munin-node

Hit "Y" plus Enter key to start installation of Munin and Munin Noe including a large number its required dependencies.

Once the installation is complete, start its service and enable it at auto start during reboot by using the following commands.

Munin Configurations

Now configure Munin by open its default configuration using any editor as used in below command.

# vim /etc/munin/munin.conf

# a simple host tree, change localhost with your FQDN.

[localhost]
address 127.0.0.1
use_node_name yes
:wq!

After saving the Munin configuration file, Open its apache virtual host configuration file to add access permissions to your network.

# vim /etc/httpd/conf.d/munin.conf

After saving the configuration file changes , restart apache web server service using command below.

# systemctl restart httpd

Now we are going to add a new user and password to the /etc/munin/munin-htpasswd file as the Munin statistics are protected with a username and password, so we need to setup the basic Apache Authentication.

# htpasswd -c /etc/munin/munin-htpasswd admin

This will add a new user with the name "admin" and asks for the new password as shown.

# vi /etc/munin/munin-node.conf

host_name munin.linoxide.com

Save and close the file and restart munin-node services and access the following link by mentioning your FQDN or IP from the client which is in your network that was allowed in configuration file.

http://your_servers_IP/munin

Welcome to Munin Web Console

Here is the Munin dashboard, now you can check the graphs of your required servers.

We can customize Munin dashboard by adding different available plugins and add multiple node to it. While using its web console we have options to create multiple groups and categories according to the required group of services.

You can check and see the status of your critical service by opening its graph from the Munin web console that will show you the current and past data from its maintained hostory as shown in below image.

Conclusion

Munin installation has been setup. We hope you have enjoyed reading this article. The installation of Munin is quite simple, now simply add the client node and start monitoring your whole IT infrastructure using this awesome tool without paying any charges. Now enjoy using Munin on your environment and feel free to share your thoughts or suggestions in comments section.

The post How to Setup Munin Monitoring System on CentOS 7 appeared first on LinOxide.

AIDE otherwise called as Advanced Intrusion Detection Environment. AIDE is one of the most popular tools for monitoring the server changes in a LINUX based system. It is used as a files/folders integrity checker. The installation of this Software is much simple. This is originally written by Rami Lehti and Pablo Virolainen in 1999. The system check is initialized by database. This database is created from a regular expresssion rules in the configuration files. Once the database is initialized, it can be further used to verify the server integrity. Several digest algorithms are incorporated to serve this purpose. It can be also used to check the file attributes for inconsistencies.

MAIN features:

• Support several digest algorithms like md5, sha1, rmd160, tiger, crc32, sha256, sha512, whirlpool and several others
• Support file attributes like file type, permissions, Inode, Uid, Gid, Link name, Size, Block count, Number of links, Mtime, Ctime and Atime
• Supports Posix ACL, SELinux, XAttrs and Extended file system attributes
• Support regular expression to include or exclude files/directories selectively.
• Support GZIP database compression.
• Standalone Static binary for easy client/server monitoring configurations.

In this article, I'm discussing about installing and configuring the current stable version 0.15.1 of AIDE on a CentOS 7 server. Let's walk through the procedures.

Step 1: Installation

We can use yum command to install the AIDE software.

[root@server1 ~]# yum install aide
Loaded plugins: fastestmirror

Dependencies Resolved

===============================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================
Installing:
aide x86_64 0.15.1-9.el7 base 129 k

Transaction Summary
===============================================================================================================================================
Install 1 Package

Total download size: 129 k
Installed size: 304 k

Step 2: Check and verify the AIDE version

We can run this command to confirm the AIDE version and locate the configuration file.

[root@server1 ~]# aide -v
Aide 0.15.1

Compiled with the following options:

WITH_MMAP
WITH_POSIX_ACL
WITH_SELINUX
WITH_PRELINK
WITH_XATTR
WITH_E2FSATTRS
WITH_LSTAT64
WITH_READDIR64
WITH_ZLIB
WITH_GCRYPT
WITH_AUDIT
CONFIG_FILE = "/etc/aide.conf"

Step 3: Create the database

Once the installation of the AIDE is done, we need to create the primary database which is initialized from the set of rules/expressions in the configuration files.

[root@[root@server1 ~]# aide --init

AIDE, version 0.15.1

### AIDE database at /var/lib/aide/aide.db.new.gz initialized.
server1 ~]# aide --init

AIDE, version 0.15.1

### AIDE database at /var/lib/aide/aide.db.new.gz initialized.

Once the database is created, you can move it to orginal one by re-naming it to make the AIDE work.

root@server1 ~]# mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
[root@server1 ~]# cd /var/lib/aide
[root@server1 aide]# ls
aide.db.gz
[root@server1 aide]#
[root@server1 aide]#
[root@server1 aide]# ls -lt
total 2136
-rw------- 1 root root 2186673 Apr 1 04:09 aide.db.gz

Step 4: Run the AIDE check

[root@server1 aide]# aide --check

AIDE, version 0.15.1

### All files match AIDE database. Looks okay!

Step 5 : Confirm its functionality and create an updated AIDE database

Create a binary file manually and check if AIDE detects that.

root@server1 aide]# touch /usr/sbin/testbinary
[root@server1 aide]#
[root@server1 aide]#
[root@server1 aide]# aide --check
AIDE 0.15.1 found differences between database and filesystem!!
Start timestamp: 2016-04-01 04:14:10

Summary:
Total number of files: 23028
Added files: 1
Removed files: 0
Changed files: 1
---------------------------------------------------
Added files:
---------------------------------------------------

added: /usr/sbin/testbinary

---------------------------------------------------
Changed files:
---------------------------------------------------

changed: /usr/sbin

---------------------------------------------------
Detailed information about changes:
---------------------------------------------------
Directory: /usr/sbin
Mtime : 2016-04-01 03:42:47 , 2016-04-01 04:14:03
Ctime : 2016-04-01 03:42:47 , 2016-04-01 04:14:03

We can verify the presence of the new file from the AIDE check reports. We can even identify any file attribute changes too from these checks.
Once we've reviewed these changes, it is always better to update the aide database so that it's not reported again on the next AIDE check.

[root@server1 aide]# aide --update
AIDE 0.15.1 found differences between database and filesystem!!
Start timestamp: 2016-04-01 04:15:21

Summary:
Total number of files: 23028
Added files: 1
Removed files: 0
Changed files: 1
---------------------------------------------------
Added files:
---------------------------------------------------

added: /usr/sbin/testbinary

---------------------------------------------------
Changed files:
---------------------------------------------------

changed: /usr/sbin

---------------------------------------------------
Detailed information about changes:
---------------------------------------------------

It is always advised to keep the old AIDE database untouched and re-name the updated database on daily basics to keep track.

[root@server1 tmp]# cd /var/lib/aide/
root@server1 aide]# ls
aide.db.gz aide.db.new.gz
[root@server1 aide]# mv aide.db.gz aide.db.gz-Apr012016
[root@server1 aide]# mv aide.db.new.gz aide.db.gz

These processes are rather tedious to check each time and re-name the database, we can use some scripts to update these settings.

Step 6 : Set cronjob to run AIDE check and report automatically

I create a cron to automatically initiate AIDE check to confirm my server integrity and report me on daily basis. Please see my script details below:

[root@server1 cron]# crontab -l
00 01 * * 0-6 /var/log/aide/aidechk.sh

[root@server1 cron]# systemctl restart crond.service
[root@server1 cron]#
[root@server1 cron]# systemctl status crond.service
crond.service - Command Scheduler
Loaded: loaded (/usr/lib/systemd/system/crond.service; enabled)
Active: active (running) since Fri 2016-04-01 04:28:22 UTC; 8s ago
Main PID: 12378 (crond)
CGroup: /system.slice/crond.service
└─12378 /usr/sbin/crond -n

Apr 01 04:28:22 server1.centos7-test.com systemd[1]: Started Command Scheduler.
Apr 01 04:28:22 server1.centos7-test.com crond[12378]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 98% if used.)
Apr 01 04:28:22 server1.centos7-test.com crond[12378]: (CRON) INFO (running with inotify support)
Apr 01 04:28:22 server1.centos7-test.com crond[12378]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
[root@server1 cron]#

root@server1 tmp]# cat /var/log/aide/aidechk.sh

#!/bin/sh
#aide check - SShameer
DATE=`date +%Y-%m-%d`
echo $DATE
REPORT="Aide-"$DATE.txt
echo $REPORT
echo "System check !! `date`" > /tmp/$REPORT
aide --check > /tmp/aidecheck.txt
cat /tmp/aidecheck.txt|/bin/grep -v failed >> /tmp/$REPORT
echo "**************************************" >> /tmp/$REPORT
tail -20 /tmp/aidecheck.txt >> /tmp/$REPORT
echo "****************DONE******************" >> /tmp/$REPORT
mail -s "$REPORT `date`" sshameer@gmail.com < /tmp/$REPORT

Install the mailx command or mail utilities to enhance the emailing, if it isn't present. As per our script, the report will be regenerated on /tmp with the time stamp and will be emailed to us on a daily basis. Please see one of my sample report format below:

root@server1 tmp]# cat Aide-2016-04-01.txt
System check !! Fri Apr 1 05:04:40 UTC 2016
AIDE 0.15.1 found differences between database and filesystem!!
Start timestamp: 2016-04-01 05:04:40

Summary:
Total number of files: 23043
Added files: 15
Removed files: 0
Changed files: 4
---------------------------------------------------
Added files:
---------------------------------------------------

added: /etc/mail.rc
added: /usr/bin/Mail
added: /usr/bin/mail
added: /usr/bin/mailx
added: /usr/bin/nail
added: /usr/share/doc/mailx-12.5
added: /usr/share/doc/mailx-12.5/AUTHORS
added: /usr/share/doc/mailx-12.5/COPYING
added: /usr/share/doc/mailx-12.5/README
added: /usr/share/man/man1/Mail.1.gz
added: /usr/share/man/man1/mail.1.gz
added: /usr/share/man/man1/mailx.1.gz
added: /usr/share/man/man1/nail.1.gz
added: /var/log/aide/aidechk.sh
added: /var/spool/cron/root

---------------------------------------------------
Changed files:
---------------------------------------------------

changed: /root
changed: /usr/bin
changed: /usr/share/doc
changed: /usr/share/man/man1

---------------------------------------------------
Detailed information about changes:
---------------------------------------------------
Directory: /root
Mtime : 2014-07-07 21:41:51 , 2016-04-01 05:02:57
Ctime : 2014-07-07 21:41:51 , 2016-04-01 05:02:57

Directory: /usr/bin
Mtime : 2014-10-21 14:33:45 , 2016-04-01 05:04:29
Ctime : 2014-10-21 14:33:45 , 2016-04-01 05:04:29

Directory: /usr/share/doc
Mtime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
Ctime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
Linkcount: 240 , 241

Directory: /usr/share/man/man1
Mtime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
Ctime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
**************************************
Detailed information about changes:
---------------------------------------------------
Directory: /root
Mtime : 2014-07-07 21:41:51 , 2016-04-01 05:02:57
Ctime : 2014-07-07 21:41:51 , 2016-04-01 05:02:57

Directory: /usr/bin
Mtime : 2014-10-21 14:33:45 , 2016-04-01 05:04:29
Ctime : 2014-10-21 14:33:45 , 2016-04-01 05:04:29

Directory: /usr/share/doc
Mtime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
Ctime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
Linkcount: 240 , 241

Directory: /usr/share/man/man1
Mtime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
Ctime : 2016-04-01 03:42:47 , 2016-04-01 05:04:29
****************DONE******************

We can also modify the AIDE configuration file /etc/aide.conf for advanced settings. But the default configuration is almost worthwhile and good to go.

This is how we can make use of AIDE to understand the server changes and identify the unauthorized access to our server which can be either through some malicious contents or by human intervention. I hope this article is useful for you! I would recommend your valuable suggestions and recommendations on this.

Thank you! Have a Good day :)

The post How to Install AIDE on CentOS 7 appeared first on LinOxide.

Splunk is one of the most powerful tool for exploring and searching data. It is one of the easiest, faster and secured way to search, analysis, collect and visualize massive data streams in realtime from applications, webservers, databases, server platforms, Cloud networks and many more. The Splunk developers are offering Splunk software packages compatible on different platforms, we can choose the best one which suits our purpose. This software makes it simple to collect, analyze and work upon the unbroached value of massive data generated by any IT enterprise, security systems or any business applications, giving you a total insights to obtain the best operational performance and business results.

There are no official pre-requisites for the installations, but I recommend a proper hostname, firewall and network configuration for the server prior to the installations. This software supports only 64 bit server architecture. In this article, I'm guiding you on how to install Splunk Enterprise version on a CentOS 7 server. Let's walk through the installation steps one by one.

1. Create a Splunk User

It is always recommended to run this application as its dedicated user rather than as root. I created a user to run this application and created a application folder for the installation.

[root@server1 tmp]# groupadd splunk
[root@server1 tmp]# useradd -d /opt/splunk -m -g splunk splunk
[root@server1 tmp]# su - splunk
[splunk@server1 ~]$ id
uid=1001(splunk) gid=1001(splunk) groups=1001(splunk)

Confirm the server architecture

[splunk@server1 ~]$ getconf LONG_BIT
64

2. Download and extract the Splunk Enterprise version

Create a Splunk account and download the Splunk software from their official website here.

Now extract the tar file and copy the files to the Splunk application folder namely /opt/splunk created.

root@server1 tmp]# tar -xvf splunk-6.4.0-f2c836328108-Linux-x86_64.tgz
[root@server1 tmp]# cp -rp splunk/* /opt/splunk/
[root@server1 tmp]# chown -R splunk: /opt/splunk/

3. Splunk Installation

Once the Splunk software is downloaded, you can login to your Splunk user and run the installation script. I choose the trial license, so it will take it by default.

root@server1 tmp]# su - splunk
Last login: Fri Apr 29 08:14:12 UTC 2016 on pts/0

[splunk@server1 ~]$ cd bin/
[splunk@server1 bin]$ ./splunk start --accept-license

This appears to be your first time running this version of Splunk.

Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 1024 bit long modulus
.++++++
..................++++++
e is 65537 (0x10001)
writing RSA key

Generating RSA private key, 1024 bit long modulus
................++++++
..++++++
e is 65537 (0x10001)
writing RSA key

Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.

Splunk> Australian for grep.

Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
Creating: /opt/splunk/var/lib/splunk
Creating: /opt/splunk/var/run/splunk
Creating: /opt/splunk/var/run/splunk/appserver/i18n
Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
Creating: /opt/splunk/var/run/splunk/upload
Creating: /opt/splunk/var/spool/splunk
Creating: /opt/splunk/var/spool/dirmoncache
Creating: /opt/splunk/var/lib/splunk/authDb
Creating: /opt/splunk/var/lib/splunk/hashDb
Checking critical directories... Done
Checking indexes...
Validated: _audit _internal _introspection _thefishbucket history main summary
Done
New certs have been generated in '/opt/splunk/etc/auth'.
Checking filesystem compatibility... Done
Checking conf files for problems...
Done
Checking default conf files for edits...
Validating installed files against hashes from '/opt/splunk/splunk-6.4.0-f2c836328108-linux-2.6-x86_64-manifest'
All installed files intact.
Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)...
Generating a 1024 bit RSA private key
.....................++++++
...........................++++++
writing new private key to 'privKeySecure.pem'
-----
Signature ok
subject=/CN=server1.centos7-test.com/O=SplunkUser
Getting CA Private Key
writing RSA key
Done
[ OK ]

Waiting for web server at http://127.0.0.1:8000 to be available.... Done
If you get stuck, we're here to help.
Look for answers here: http://docs.splunk.com

The Splunk web interface is at http://server1.centos7-test.com:8000

Now you can access your Splunk Web interface at http://IP:8000/ or http://hostname:8000. You need to make sure this port 8000 is open in your server firewall.

4. Configuring Splunk Web Interface

I've completed with my installation and I've my Splunk Service up & running in my server. Now I need to set-up my Splunk Web interface. I accessed my Splunk web interface and set my administrator password.

First time when you're accessing the Splunk interface, you can use the user/password provided in the page which is admin/changeme in this case. Once logged in, on the very next page it will ask to change and confirm your new password.

Now, you've set your admin password. Once you log in with the new password, you will have your Splunk Dashboard ready to use.

There are different categories listed over in the home page. You can choose the required one and start splunking.

6. Adding a task

I'm adding an example for a simple task which is been added to the Splunk system. Just see my snapshots to understand how I added it. My task is to add /var/log folder to the Splunk system for monitoring.

1. Open up the Splunk Web interface. Click on the Settings Tab >> Choose the Add Data option

2. The Add Data Tab opens up with three options : Upload, Monitor and Forward. Here our task is to monitor a folder, so we go ahead with Monitor.

In the Monitor option, there are four categories as below:

File & Directories : To monitor files/folders

HTTP Event Collector : Monitor data streams over HTTP

TCP/UDP : Monitor Service ports

Scripts : Monitor Scripts

3. According to our purpose, I choose the Files & Directories option.

4. Now, I'm choosing the exact folder path from the server to monitor. Once you confirm with the settings, you can click Next and Review.

5. Now you can start searching and monitoring the log file as required.

You can just see the logs been narrowed to one of my REDIS application on the server.

This is just a simple example for Splunking, you can add as many tasks to this and explore your server data. I hope this article is informative and useful for you. Thank you for reading this :) I recommend your valuable suggestions and comments on this. Now just try Splunk!!

Enjoy Splunking :)

The post How to Install Splunk on CentOS 7 appeared first on LinOxide.

Hello and welcome to our today's article on another open source Network monitoring tool that is Cacti. Cacti is a complete network graphing solution designed with RRDTool’s data storage and graphing functionality. It can graph network bandwidths with SNMP, shell or perl scripts. RRDtool is a program developed by the Swiss Tobi Oeticker who was already the creator of the famous MRTG. RRDtool is developed using the "C" programming language and it stores the collected data on ".rrd" files. The number of records in a ".rrd" file never increases, meaning that old records are frequently removed. This implies that one obtains precise figures for recently logged data, whereas figures based on very old data are mean value approximations. By default, you can have daily, weekly, monthy and yearly graphs.

Some of the primary features of Cacti are the following:

• unlimited graph items
• flexible data sources
• custom data-gathering scripts
• built-in SNMP support
• graph templates
• data source templates
• host templates
• user-based management and security
• tree, list, and preview views of graph data
• auto-padding support for graphs
• graph data manipulation

Using Cacti you can easily monitor the performance of your computers, networks, servers, router, switch, services (apache, mysql, dns, harddisk, mail server), SANs, applications, weather measurements, etc. Cacti's installation is very simple and you don't need to be expert to complete its setup. You can also add plugins to the Cacti for enabling the possibility to integrate other free tools like ntop or php weathermap.

1) Prerequisites:

The basic requirement for Cacti is that you must have LAMP stack setup on your server, before getting started with the installation of Cacti. Login to your Ubuntu server and run below command to update your Ubuntu server.

# apt-get update

# apt-get upgrade

Before installing the LAMP packages, please do note that Cacti do not support MySQL-Server-5.7 as yet. So, we will be using the 'MySQL-Server-5.6' by adding it repository and then update the system with below commands.

# add-apt-repository 'deb http://archive.ubuntu.com/ubuntu trusty universe'

# apt-get update

Now install the following packages for Cacti setup on your Ubuntu server with the help of given below command.

# apt-get install apache2 mysql-server-5.6 php libapache2-mod-php

Press 'Y' to continue installation on LAMP package including its additional required packages as shown.

During the installation process, you will be asked to configure the root password of MySQL server. Press 'OK' after setting up the password and then repeat the same upon next prompt.

2) Install SNMP, SNMPD and RRDtools:

We need to install few other packages that are necessary for fully functional Cacti setup and to monitor the 'localhost' where cacti is installed you need to install and configure the service 'snmpd'.

Run the below command to install these packages on your Ubuntu 16.04 server and press 'Y' key to continue.

# apt-get install snmp snmpd rrdtool

3) Install Cacti on Ubuntu 16.04:

Now we can start Cacti installation as we have completed all of its required dependencies. Issue the below command to start installing Cacti packages and press 'Y' to continue.

# apt-get install cacti cacti-spine

4) Configuring Cacti:

During the installation process you will be prompted to configure Cacti with few options to select from available options. First of all Choose the web server that you wish to use for configure with Cacti like we are using Apache and then press 'OK' key to continue.

Next is to setup the database that is going to be used for Cacti . Point to the 'No' option if you have already configured databases or click on the 'Yes' to setup database using dbconfig-common for Cacti as shown.

Provide the database password for Cacti application to be used with database server.

Select the MySQL server connection type from the available options, for the best performance we will be choosing the default UNIX socket as shown.

Then you will be asked to create a new mysql database user for Cacti to be used to connect with the database server.

That's it, cacti installation and configuration setup is complete. Now make sure that all required services are active and running.

# service snmpd restart
# service mysql restart
# service apache2 restart

5) Cacti Web Installation Setup:

Open the following url to start Cacti web configuration and click on Next to continue after reading cacti installation guide.

http://your-server_ip-address/cacti

Select the type of installation as 'New Installation' and click on the NEXT button.

Now check below and make sure all of these values are correct before continuing. If everything looks OK and there is no error in your installation, then hit Finish.

Then you need to enter 'admin' username and its password where as admin is default username and password for cacti as shown below.

Modify the default password after first login and set some different password.

Welcome To Cacti Home Page:

After resetting cacti user password, you will be automatically directed towards its home page. That just looks like below.

Now add new devices, or create new graphs. To view graphs of your localhost system, click on the graphs button and you will see multiple graphs of your local host server showing your system memory usage and load average etc.

Conclusion:

In this article you learn about the installation and configuration setup of Cacti on Ubuntu 16.04. Now you are able to use it in your own environment to get graph data for the CPU and network bandwidth utilization. You can also use it to monitor the network traffic by polling a router or switch via snmp. Hope you have enjoyed alot, so do not forget to share your thoughts, Thank you.

The post How to Install and Setup Cacti on Ubuntu 16.04 appeared first on LinOxide.

ICINGA2 is an open source monitoring system which checks the availability of your network resources, services, notifies users of outages and generates performance data for reporting. It is an advanced form of Nagios and it has a better web interface compared to it. It is developed with a much user-friendly web interface with more options and it is more responsive and customizable. Above all, the communication between the monitoring server and the client nodes has become more secure in this version.

In this article, I'll explain how to set up an Icinga2 server with Web 2 interface on Ubuntu 16.04 server. Let's walk through the step by step instructions on how to build our monitoring system.

Adding Repositories

Firs of all, we need to add our Icinga2 repositories to our server. We need to enable the add-repository feature and then add its repositories to our repository packages and update the packages.

root@ubuntu:~# apt install software-properties-common

root@ubuntu:~# add-apt-repository ppa:formorer/icinga

root@ubuntu:~#apt-get update

Installing Icinga2

Now we can install from the added repository.

root@ubuntu:~# apt-get install icinga2

Once the installation is complete. Make sure the service is up and running fine.

root@ubuntu:~# systemctl enable icinga2.service
Synchronizing state of icinga2.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable icinga2
root@ubuntu:~# systemctl start icinga2.service

● icinga2.service - Icinga host/service/network monitoring system
Loaded: loaded (/lib/systemd/system/icinga2.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2016-06-26 07:18:44 UTC; 4h 2min ago
Process: 29178 ExecStartPre=/usr/lib/icinga2/prepare-dirs /usr/lib/icinga2/icinga2 (code=exited, status=0/SUCCESS)
Main PID: 29262 (icinga2)
Tasks: 16 (limit: 512)
CGroup: /system.slice/icinga2.service
└─29262 /usr/lib/x86_64-linux-gnu/icinga2/sbin/icinga2 --no-stack-rlimit daemon -e

Enabling the Feature list

By default, Icinga2 enables the following features. But we can confirm the enabled settings by running this command as below:

root@ubuntu:~# icinga2 feature list
Disabled features: api command compatlog debuglog gelf graphite icingastatus livestatus opentsdb perfdata statusdata syslog
Enabled features: checker mainlog notification

The following features are enabled by default:

Checker : This feature enables the execution of checks.

Mainlog: This feature enables the logging.

Notification : This feature enables notification mechanism.

Install Icinga2 plugin

Icinga2 will collect the service information based on the monitoring plugins. Here we're installing nagios plugins for this function.

root@ubuntu:~# apt-get install nagios-plugins

Installing Data Output (IDO) Module

I'm using MySQL as the external database. Hence, we need to install the MySQL IDO module which is used for Icinga2 web interface. It is used for exporting all configuration and status information into its database. We need to install MySQL on our server, if it's not installed before.

root@ubuntu:~# apt-get install mysql-server-5.7

root@ubuntu:~# apt-get install icinga2-ido-mysql
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
mysql-server
The following NEW packages will be installed:
icinga2-ido-mysql
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/113 kB of archives.
After this operation, 686 kB of additional disk space will be used.
Preconfiguring packages ...
Determining localhost credentials from /etc/mysql/debian.cnf: succeeded.
Selecting previously unselected package icinga2-ido-mysql.
(Reading database ... 27776 files and directories currently installed.)
Preparing to unpack .../icinga2-ido-mysql_2.4.1-2ubuntu1_amd64.deb ...
Unpacking icinga2-ido-mysql (2.4.1-2ubuntu1) ...
Setting up icinga2-ido-mysql (2.4.1-2ubuntu1) ...
Determining localhost credentials from /etc/mysql/debian.cnf: succeeded.
dbconfig-common: writing config to /etc/dbconfig-common/icinga2-ido-mysql.conf
dbconfig-common: flushing administrative password

Once the IDO module is installed. We need to setup our MySQL DB to accept the values using this module. I created a database named "Icinga2" with the username "Icinga2" and password "Icinga123"

root@ubuntu:~# mysql -u root -p
mysql> Create database icinga2;
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.*TO 'icinga2'@'localhost' IDENTIFIED BY 'icinga123';
mysql> flush privileges;

root@ubuntu:~# icinga2 feature enable ido-mysql
warning/cli: Feature 'ido-mysql' already enabled.

After enabling this module and creating our database we need to restart our Icinga2 service. Please make sure the IDO MySQL configuration file is properly set with correct DB credentials.

root@ubuntu:~# cat /etc/icinga2/features-enabled/ido-mysql.conf
/**
* The db_ido_mysql library implements IDO functionality
* for MySQL.
*/

library "db_ido_mysql"

object IdoMysqlConnection "ido-mysql" {
user = "icinga2",
password = "icinga123",
host = "localhost",
database = "icinga2"
}

Installing Icinga Web2 Plugin

In Ubuntu 16.05, PHP 7.0 is the default version, there are a lot more compactablity issues for Icinga2 with PHP 7.0. Hence, prior to this installation, we need to install PHP 5.6 version. For installing PHP 5.6 on my server. I need to enable a "ondrej/php" repository. Please see the steps below:

root@ubuntu:/usr#add-apt-repository ppa:ondrej/php
root@ubuntu:/usr#apt-get install php5.6
root@ubuntu:/usr# php -v
PHP 5.6.22-4+deb.sury.org~xenial+1 (cli)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

I'm going to use MySQL database to save all instincts of my Icinga2 Web interface. For that, create a database and grant all privileges for the user on that DB as below:

root@ubuntu:/usr/share/icingaweb2# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 18
Server version: 5.7.11-0ubuntu6 (Ubuntu)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>
mysql> create database icingawebdb;

mysql> GRANT SUPER ON *.* TO 'icingaweb'@'localhost' IDENTIFIED BY 'icinga123';
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icingawebdb.*TO 'icingaweb'@'localhost' IDENTIFIED BY 'icinga123';

After creating the database, we can install the Web interface plugin and configure it one by one.  Apache2 and other web packages  along with PHP modules gets installed along with this plugin.

root@ubuntu:~# apt-get install icingaweb2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
apache2 apache2-bin apache2-data apache2-utils fontconfig-config fonts-dejavu fonts-dejavu-core fonts-dejavu-extra icingaweb2-module-doc
icingaweb2-module-monitoring libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libfontconfig1 libfreetype6 libgd3 libjbig0
libjpeg-turbo8 libjpeg8 liblua5.1-0 libtiff5 libvpx3 libxpm4 libzend-framework-php php php-common php-dompdf php-font-lib php-gd

Once this is installed, we can call this URL  in browser to "http://IP//icingaweb2/setup".

Configuring Icinga Web2 plugin

Our next step is to configure web interface. Please navigate through the screenshots to get more clarity on that.

Step 1 : Creating the token.

The initial setup page come up with a message to authenticate our Icingaweb user and create a token to proceed with the configuration.

To run this wizard a user needs to authenticate using a token which is usually provided to him by an administrator who'd followed the instructions below.

In any case, make sure that all of the following applies to your environment:

A system group called "icingaweb2" exists
The user "www-data" is a member of the system group "icingaweb2"

addgroup --system icingaweb2; usermod -a -G icingaweb2 www-data;

If you've got the IcingaCLI installed you can do the following:
icingacli setup config directory --group icingaweb2; icingacli setup token create;

In case the IcingaCLI is missing you can create the token manually:
su www-data -c "mkdir -m 2770 /etc/icingaweb2; chgrp icingaweb2 /etc/icingaweb2; head -c 12 /dev/urandom | base64 | tee /etc/icingaweb2/setup.token; chmod 0660 /etc/icingaweb2/setup.token;";

Please see the Icinga Web 2 documentation for an extensive description on how to access and use this wizard.

We can just follow these instructions and provide the token key generated to the "Setup Token" column. This is how I did it.

root@ubuntu:/usr/local/src# addgroup --system icingaweb2
addgroup: The group `icingaweb2' already exists as a system group. Exiting.
root@ubuntu:/usr/local/src# usermod -a -G icingaweb2 www-data

root@ubuntu:/usr/local/src# icingacli setup config directory --group icingaweb2;
Successfully created configuration directory /etc/icingaweb2
root@ubuntu:/usr/local/src# icingacli setup token create;
The newly generated setup token is: 1951e1eb11110e65

By providing the token, it will proceed to the next step.

Step 2 : Selecting the Modules.

After providing the token, it'll move to the next section for selecting the modules. We can choose the preferred modules to proceed to the next step.

Step 3 : Verifying the PHP settings.

To proceed further, we need to install the missing PHP modules and set proper timezone. You can install the required modules using the commands below:

#apt-get install php5.6-gd php5.6-json  php5.6-dba php5.6-intl php5.6-ldap php5.6-pdo-mysql php5.6-imagick php5.6-dom

Furthermore, you can set a proper time zone in the PHP configuration file.

After meeting the required settings, you can proceed with the next stage.

Step 5 : Authenticating Methods

We need to choose the preferred authentication means to proceed with the installation. As I discussed before, I preferred to choose database type for this.

Step 6 :  Fill out the database details which is used for authentication.

We need to enter the database details which we created for the web interface here. We can either create this prior to the setup or during this step from CLI. We need to make sure to provide this user, sufficient privileges over this database.

Step 7 : Creating Icinga Web administration users to manage the interface.

After authenticating our database resources successfully, we need to create the Administrative account for managing the Icinga2 Web interface. Please provide the preferred username and password to manage the interface.

Step 8 : Choosing the Application configuration options.

Next is to set the application configuration according to our needs. And proceed to the next stage.

Step 9 : Reviewing all chosen settings.

These stage will brief you with all the settings which you've done until now. We can confirm the settings and proceed further.

Step 10 : Configuring Monitoring Module.

Now we've completed with the authentication part and it follows with the configuration of the monitoring module.

As we discussed before, Icinga IDO module exports all status information and configuration parts to the Icinga main database. Hence, we need to select this module and configure it properly to update the database with the information.

Here we need to provide the main database information to proceed. Fill out the database details here. Make sure to set proper privileges for the database user for any modifications.

This choose the transport medium for monitoring instance.

We don't need to make any modification in this step. Just proceed with clicking 'Next".

Step 11 : Reviewing the Monitoring module configuration options

This stage will brief you with all the monitoring module configuration part which you've selected. You can just confirm the settings and proceed further to complete the setup.

Final Step : Login to the Web interface.

Now we can continue to login to the Icinga Web 2 interface with the login credentials created during the setup.

Our master node is added by default to this system. We can see the service notifications for our master Icinga server over here. Or you can just browse this URL http://IP/icingaweb2/ to access the web interface.

We can add any number of nodes to this system for monitoring. In my next article, I will provide you guidelines on how to add host nodes to our Icinga2 master server. I hope you enjoyed reading this article. I would recommend your valuable comments and suggestions on this.

The post How to Install Icinga2 on Ubuntu 16.04 appeared first on LinOxide.

In my previous article, I've explained how to install and configure an Icinga2 with Icinga Web2 interface. Now it's time to introduce some hosts to our monitoring system.  Unlike Nagios, we can add the hosts automatically to the Icinga2 systems. The configuration is quite simple and easy compared to other monitoring systems.

As stated before,  the communication between the monitoring server and the client nodes are more secure comparing other versions. All communications are secured by TLS connections with certificates which is setup by Icinga2 servers on initialization.

Let's start with the procedures on how to add a hosts to our monitoring system. You can take a look at the work flow.

Configuring Icinga2 Master Node

We've already setup our Icinga2 master node, now we need to make the following initialization to allow our host nodes and connect to them securely. We need to run this command " icinga2 node wizard" to run the setup wizard.

root@ubuntu:~# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.

The setup wizard will ask you whether this is a satellite or master setup. Since we run this on the master server we can type 'n'. By typing 'n', it installs the master setup and start generating the certificates for secured TLS communication.

Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: n
Starting the Master setup routine...
Please specifiy the common name (CN) [ubuntu.icinga-master.com]:
Checking for existing certificates for common name 'ubuntu.icinga-master.com'...
Certificates not yet generated. Running 'api setup' now.
information/cli: Generating new CA.
information/base: Writing private key to '/var/lib/icinga2/ca/ca.key'.
information/base: Writing X509 certificate to '/var/lib/icinga2/ca/ca.crt'.
information/cli: Generating new CSR in '/etc/icinga2/pki/ubuntu.icinga-master.com.csr'.
information/base: Writing private key to '/etc/icinga2/pki/ubuntu.icinga-master.com.key'.
information/base: Writing certificate signing request to '/etc/icinga2/pki/ubuntu.icinga-master.com.csr'.
information/cli: Signing CSR with CA and writing certificate to '/etc/icinga2/pki/ubuntu.icinga-master.com.crt'.
information/cli: Copying CA certificate to '/etc/icinga2/pki/ca.crt'.
Generating master configuration for Icinga 2.
information/cli: Adding new ApiUser 'root' in '/etc/icinga2/conf.d/api-users.conf'.
information/cli: Enabling the 'api' feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.

We don't need to change the ports, so leave it as it is.

Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []:
information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

After running this setup wizard, you need to restart the Icinga2 service.

root@ubuntu:~# systemctl restart icinga2

Installing and Configuring Icinga2-Client

We need to install Icinga2 on the host node as the initial step. For that, we need to add the Icinga2 repository to the host node and update the APT repository packages.

root@ubuntu:~# apt install software-properties-common
root@ubuntu:~# add-apt-repository ppa:formorer/icinga
This PPA provides Icinga 1, Icinga 2 and Icinga web Packages for Ubuntu. They are directly derived from the Debian Packages that I maintain within Debian.
More info: https://launchpad.net/~formorer/+archive/ubuntu/icinga
Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keyring `/tmp/tmpcrlq876s/secring.gpg' created
gpg: keyring `/tmp/tmpcrlq876s/pubring.gpg' created
gpg: requesting key 36862847 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmpcrlq876s/trustdb.gpg: trustdb created
gpg: key 36862847: public key "Launchpad PPA for Alexander Wirt" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
OK
root@ubuntu:~#apt-get update
root@ubuntu:~# apt-get install icinga2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
icinga2-bin icinga2-common icinga2-doc libboost-program-options1.58.0 libboost-regex1.58.0 libboost-system1.58.0 libboost-thread1.58.0
libicinga2 libyajl2 monitoring-plugins-basic monitoring-plugins-common
Suggested packages:
icinga2-studio vim-icinga2 icinga | icinga | nagios3
The following NEW packages will be installed:

Creating config file /etc/nagios-plugins/config/dhcp.cfg with new version

Creating config file /etc/nagios-plugins/config/disk.cfg with new version

Creating config file /etc/nagios-plugins/config/dummy.cfg with new version

Creating config file /etc/nagios-plugins/config/ftp.cfg with new version

Creating config file /etc/nagios-plugins/config/http.cfg with new version

Creating config file /etc/nagios-plugins/config/load.cfg with new version

Creating config file /etc/nagios-plugins/config/mail.cfg with new version

Creating config file /etc/nagios-plugins/config/news.cfg with new version

Creating config file /etc/nagios-plugins/config/ntp.cfg with new version

Creating config file /etc/nagios-plugins/config/ping.cfg with new version

Creating config file /etc/nagios-plugins/config/procs.cfg with new version

Creating config file /etc/nagios-plugins/config/real.cfg with new version

Creating config file /etc/nagios-plugins/config/ssh.cfg with new version

Creating config file /etc/nagios-plugins/config/tcp_udp.cfg with new version

Creating config file /etc/nagios-plugins/config/telnet.cfg with new version

Creating config file /etc/nagios-plugins/config/users.cfg with new version
Setcap for check_icmp and check_dhcp worked!
Processing triggers for libc-bin (2.23-0ubuntu3) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (229-4ubuntu4) ...

Now we need to run the set-up Wizard on our host node and install the Satellite setup.

root@ubuntu:~# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.

Since, this is our Satelite setup, we need to type 'Y' to proceed with our Satellite setup.

Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: yes

This will proceeds with the Satellite node setup and installs the required certificates for TLS communication.

Starting the Node setup routine...
Please specifiy the common name (CN) [host1.icinga2server.com]:
Please specify the master endpoint(s) this node should connect to:
Master Common Name (CN from your master setup): ubuntu.icinga-master.com
Do you want to establish a connection to the master from this node? [Y/n]: y
Please fill out the master connection information:
Master endpoint host (Your master's IP address or FQDN): 139.162.55.62
Master endpoint port [5665]:
Add more master endpoints? [y/N]:
Please specify the master connection for CSR auto-signing (defaults to master endpoint host):
Host [139.162.55.62]:
Port [5665]:
information/base: Writing private key to '/etc/icinga2/pki/host1.icinga2server.com.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/host1.icinga2server.com.crt'.
information/cli: Fetching public certificate from master (139.162.55.62, 5665):

Certificate information:

Subject: CN = ubuntu.icinga-master.com
Issuer: CN = Icinga CA
Valid From: Jun 26 06:49:50 2016 GMT
Valid Until: Jun 23 06:49:50 2031 GMT
Fingerprint: 13 8A 73 C5 36 E7 1D DA FE 9D E1 E6 1E 32 ED E2 3C 6B 48 E8

Is this information correct? [y/N]: yes

We need to provide the host information and Master server information to complete the Node setup. After providing the details, it will enter CSR auto signing. After this, Icinga 2  saves some configuration on the host node and  setup a secure connection with it.

After saving these certificates, it needs to be validated by the master to prove that you’re actually in command of both servers and approve of this secure communication. For that, I run this "icinga2 pki ticket --cn 'host1.icinga2server.com"  on my master server and provided the code generated  in the Node setup to proceed further.

Please specify the request ticket generated on your Icinga 2 master.
(Hint: # icinga2 pki ticket --cn 'host1.icinga2server.com'): 836289c1bcd427879b06703dfb35aa122bf89dc2
information/cli: Requesting certificate with ticket '836289c1bcd427879b06703dfb35aa122bf89dc2'.

warning/cli: Backup file '/etc/icinga2/pki/host1.icinga2server.com.crt.orig' already exists. Skipping backup.
information/cli: Writing signed certificate to file '/etc/icinga2/pki/host1.icinga2server.com.crt'.
information/cli: Writing CA certificate to file '/etc/icinga2/pki/ca.crt'.

After signing the certificates, it askes for the API/bind port. We can skip this sections as before and proceed with the reset of the configurations.

Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []:
Accept config from master? [y/N]: y
Accept commands from master? [y/N]: y
information/cli: Disabling the Notification feature.
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Enabling the Api listener feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.

information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Generating local zones.conf.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

Once the Node setup is complete, we need to restart the Icinga2 daemon on the Host side.

Updating the configurations from client to master

Now we can go back to our Master server and confirm with the host addition. We can run this command to list the host nodes and services added to the server.

root@ubuntu:~# icinga2 node list
Node 'host1.icinga2server.com' (last seen: Sun Jun 26 07:03:40 2016)
* Host 'host1.icinga2server.com'
* Service 'apt'
* Service 'disk'
* Service 'disk /'
* Service 'http'
* Service 'icinga'
* Service 'load'
* Service 'ping4'
* Service 'ping6'
* Service 'procs'
* Service 'ssh'
* Service 'swap'
* Service 'users'
root@ubuntu:~#

Now we need to update Icinga2 master configuration to update these modification and to add the host nodes to the monitoring checks.

root@ubuntu:~#icinga2 node update-config
root@ubuntu:~# systemctl restart icinga2

Finally we can restart the services to save these changes and view our host node in the Icinga Web2 interface. We can login to the Icinga Web interface at http://139.162.55.62/icingaweb2/ with our admin credentials and confirm the host status.

Managing Services in Icinga2

As you can see from my above screenshot, http service is showing critical in my client server. I've not installed Apache on my client server, hence I don't actually need the HTTP service to be monitored in our client server. Let's see how I'm going to remove that service from the monitoring services.

When a client server is added to the Master, it creates a folder for that client server inside the repository.d folder on the Master server in the Icinga2 configuration path with its hostname as below:

root@ubuntu:/etc/icinga2/repository.d/hosts# ls -l
total 8
drwxr-x--- 2 nagios nagios 4096 Jun 26 07:04 host1.icinga2server.com
-rw-r--r-- 1 root root 100 Jun 26 07:04 host1.icinga2server.com.conf
root@ubuntu:/etc/icinga2/repository.d/hosts#

We need to get inside the client folder "host1.icinga2server.com" and view the service files which are added to the hosts on initialization.

root@ubuntu:/etc/icinga2/repository.d/hosts/host1.icinga2server.com# ls -l
total 48
-rw-r--r-- 1 root root 152 Jun 26 07:04 apt.conf
-rw-r--r-- 1 root root 155 Jun 26 07:04 disk %2F.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 disk.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 http.conf
-rw-r--r-- 1 root root 155 Jun 26 07:04 icinga.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 load.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 ping4.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 ping6.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 procs.conf
-rw-r--r-- 1 root root 152 Jun 26 07:04 ssh.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 swap.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 users.conf

We can see all the service configuration files for that particular host residing inside this folder. Now we need to remove those service check file which we need to disable from the monitoring.

For example : In our case, we need to disable http service, hence, I'm moving http.conf from this folder. Either you can remove it or just move these files.

root@ubuntu:/etc/icinga2/repository.d/hosts/host1.icinga2server.com# mv http.conf http.conf-disabled

After making any changes we need to reload the Icinga2 service on the server.

root@ubuntu:/etc/icinga2# service icinga2 reload

We can confirm it from the web interface, whether that services are removed.

But this service monitoring can be re-enabled on updating the node configuration on the Master server. if that service is still listed for that client as below:

root@ubuntu:~# icinga2 node list
Node 'host1.icinga2server.com' (last seen: Wed Jun 29 12:31:20 2016)
* Host 'host1.icinga2server.com'
* Service 'Icinga Web 2'
* Service 'apt'
* Service 'disk'
* Service 'disk /'
* Service 'http'
* Service 'icinga'
* Service 'load'
* Service 'ping4'
* Service 'ping6'
* Service 'procs'
* Service 'ssh'
* Service 'swap'
* Service 'users'

Therefore, we need to remove this from the node list. Let's see how we can do that.

1. Login to the Client server and move to the folder called "/etc/icinga2/conf.d", there we can see the hosts.conf file.

root@host1:/etc/icinga2/conf.d# ls -l
total 48
-rw-r--r-- 1 root root 35 May 19 12:56 app.conf
-rw-r--r-- 1 root root 114 May 17 11:03 apt.conf
-rw-r--r-- 1 root root 1300 May 19 12:56 commands.conf
-rw-r--r-- 1 root root 542 May 19 12:56 downtimes.conf
-rw-r--r-- 1 root root 638 May 19 12:56 groups.conf
-rw-r--r-- 1 root root 1501 May 19 12:56 hosts.conf
-rw-r--r-- 1 root root 674 May 19 12:56 notifications.conf
-rw-r--r-- 1 root root 801 May 19 12:56 satellite.conf
-rw-r--r-- 1 root root 2131 Jun 29 06:37 services.conf
-rw-r--r-- 1 root root 1654 May 19 12:56 templates.conf
-rw-r--r-- 1 root root 906 May 19 12:56 timeperiods.conf
-rw-r--r-- 1 root root 308 May 19 12:56 users.conf

Now we need to edit the hosts.conf file and comment the http service check part from there.

Restart the Icinga2 service on Client server to update these changes.

2. Move back to your Master server, reload the Icinga2 service and update the node configuration.

root@ubuntu:/etc/icinga2# service icinga2 reload

root@ubuntu:/etc/icinga2# icinga2 node update-config

Now we can confirm the removal of http service from Master configuration.

root@ubuntu:~# icinga2 node list
Node 'host1.icinga2server.com' (last seen: Wed Jun 29 12:46:51 2016)
* Host 'host1.icinga2server.com'
* Service 'Icinga Web 2'
* Service 'apt'
* Service 'disk'
* Service 'disk /'
* Service 'icinga'
* Service 'load'
* Service 'ping4'
* Service 'ping6'
* Service 'procs'
* Service 'ssh'
* Service 'swap'
* Service 'users'

Likewise, we can add or remove any services in Icinga2. I believe this article is informative and helpful. I would recommend your valuable suggestions and comments on this. Happy Reading :)

The post How to Add Host and Manage Services in Icinga2 appeared first on LinOxide.

Grafana is an open source feature rich metrics dashboard. It is very useful for visualizing large-scale measurement data. It provides a powerful and elegant way to create, share, and explore data and dashboards from your disparate metric databases.

It supports a wide variety of graphing options for ultimate flexibility. Furthermore, it supports many different storage backends for your Data Source. Each Data Source has a specific Query Editor that is customized for the features and capabilities that the particular Data Source exposes. The following datasources are officially supported by Grafana: Graphite, InfluxDB, OpenTSDB, Prometheus, Elasticsearch and Cloudwatch

The query language and capabilities of each Data Source are obviously very different. You can combine data from multiple Data Sources onto a single Dashboard, but each Panel is tied to a specific Data Source that belongs to a particular Organization. It supports authenticated login and a basic role based access control implementation. It is deployed as a single software installation which is written in Go and Javascript.

In this article, I'll explain on how to install Grafana on a docker container in Ubuntu 16.04 and configure docker monitoring using this software.

Pre-requisites

• Docker installed server

Installing Grafana

We can build our Grafana in a docker container. There is an official docker image available for building Grafana. Please run this command to build a Grafana container.

root@ubuntu:~# docker run -i -p 3000:3000 grafana/grafana

Unable to find image 'grafana/grafana:latest' locally
latest: Pulling from grafana/grafana
5c90d4a2d1a8: Pull complete
b1a9a0b6158e: Pull complete
acb23b0d58de: Pull complete
Digest: sha256:34ca2f9c7986cb2d115eea373083f7150a2b9b753210546d14477e2276074ae1
Status: Downloaded newer image for grafana/grafana:latest
t=2016-07-27T15:20:19+0000 lvl=info msg="Starting Grafana" logger=main version=3.1.0 commit=v3.1.0 compiled=2016-07-12T06:42:28+0000
t=2016-07-27T15:20:19+0000 lvl=info msg="Config loaded from" logger=settings file=/usr/share/grafana/conf/defaults.ini
t=2016-07-27T15:20:19+0000 lvl=info msg="Config loaded from" logger=settings file=/etc/grafana/grafana.ini
t=2016-07-27T15:20:19+0000 lvl=info msg="Config overriden from command line" logger=settings arg="default.paths.data=/var/lib/grafana"
t=2016-07-27T15:20:19+0000 lvl=info msg="Config overriden from command line" logger=settings arg="default.paths.logs=/var/log/grafana"
t=2016-07-27T15:20:19+0000 lvl=info msg="Config overriden from command line" logger=settings arg="default.paths.plugins=/var/lib/grafana/plugins"
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Home" logger=settings path=/usr/share/grafana
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Data" logger=settings path=/var/lib/grafana
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Logs" logger=settings path=/var/log/grafana
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Plugins" logger=settings path=/var/lib/grafana/plugins
t=2016-07-27T15:20:19+0000 lvl=info msg="Initializing DB" logger=sqlstore dbtype=sqlite3

t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="create playlist table v2"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="create playlist item table v2"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="drop preferences table v2"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="drop preferences table v3"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="create preferences table v3"
t=2016-07-27T15:20:20+0000 lvl=info msg="Created default admin user: [admin]"
t=2016-07-27T15:20:20+0000 lvl=info msg="Starting plugin search" logger=plugins
t=2016-07-27T15:20:20+0000 lvl=info msg="Server Listening" logger=server address=0.0.0.0:3000 protocol=http subUrl=

We can confirm the working of the Grafana container by running this command "docker ps -a" or by accessing it by URL http://Docker IP:3000

All Grafana configuration settings are defined using environment variables, this is much useful when using container technology. The Grafana configuration file is located at /etc/grafana/grafana.ini.

Understanding the Configuration

The Grafana has number of configuration options that can be specified in its configuration file as .ini file or  can be specified using environment variables as mentioned before.

Config file locations

Normal config file locations.

• Default configuration from : $WORKING_DIR/conf/defaults.ini
• Custom configuration from  : $WORKING_DIR/conf/custom.ini

PS :  When you install Grafana using the deb or rpm packages or docker images, then your configuration file is located at /etc/grafana/grafana.ini

Understanding the config variables

Let's see some of the variables in the configuration file below:

instance_name : It's the name of the grafana server instance. It default value is fetched from ${HOSTNAME}, which will be replaced with environment variable HOSTNAME, if that is empty or does not exist Grafana will try to use system calls to get the machine name.

[paths]

data : It's the path where Grafana stores the sqlite3 database (when used), file based sessions (when used), and other data.

logs : It's where Grafana stores the logs.

Both these paths are usually specified via command line in the init.d scripts or the systemd service file.

[server]

http_addr : The IP address to bind the application. If it's left empty it will bind to all interfaces.

http_port : The port to which the application is bind to, defaults is 3000. You can redirect your 80 port to 3000 using the below command.

$iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000

root_url : This is the URL used to access Grafana from a web browser.

cert_file : Path to the certificate file (if protocol is set to https).

cert_key : Path to the certificate key file (if protocol is set to https).

[database]

Grafana uses a database to store its users and dashboards and other informations. By default it is configured to use sqlite3 which is an embedded database included in the main Grafana binary.

type
You can choose mysql, postgres or sqlite3 as per our requirement.

path
It's applicable only for sqlite3 database. The file path where the database will be stored.

host
It's applicable only to MySQL or Postgres. it includes IP or hostname and port. For example, for MySQL running on the same host as Grafana: host = 127.0.0.1:3306

name
The name of the Grafana database. Leave it set to grafana or some other name.

user
The database user (not applicable for sqlite3).

password
The database user's password (not applicable for sqlite3).

ssl_mode
For Postgres, use either disable, require or verify-full. For MySQL, use either true, false, or skip-verify.

ca_cert_path
(MySQL only) The path to the CA certificate to use. On many linux systems, certs can be found in /etc/ssl/certs.

client_key_path
(MySQL only) The path to the client key. Only if server requires client authentication.

client_cert_path
(MySQL only) The path to the client cert. Only if server requires client authentication.

server_cert_name
(MySQL only) The common name field of the certificate used by the mysql server. Not necessary if ssl_mode is set to skip-verify.

[security]
admin_user : It is the name of the default Grafana admin user. The default name set is admin.

admin_password : It is the password of the default Grafana admin. It is set on first-run. The default password is admin.

login_remember_days : The number of days the keep me logged in / remember me cookie lasts.

secret_key : It is used for signing keep me logged in / remember me cookies.

Essentials components for setting up Monitoring

We use the below components  to create our Docker Monitoring system.

cAdvisor : It is otherwise called Container Advisor. It provides its users an understanding of the resource usage and performance characteristics. It collects, aggregates, processes and exports information about the running containers. You can go through this documentation for more information about this.

InfluxDB : It is a time series, metrics, and analytic database. We use this datasource for setting up our monitoring. cAdvisor  displays only real time information and doesn’t store the metrics. Influx Db helps to store the monitoring information which cAdvisor provides in order to display a time range other than real time.

Grafana Dashboard : It allows us to combine all the pieces of information together visually. This powerful Dashboard allows us to run queries against the data store InfluxDB and chart them accordingly in beautiful layout.

Installation of Docker Monitoring

We need to install each of these components one by one in our docker system.

Installing InfluxDB

We can use this command to pull InfluxDB image and setuup a influxDB container.

root@ubuntu:~# docker run -d -p 8083:8083 -p 8086:8086 --expose 8090 --expose 8099 -e PRE_CREATE_DB=cadvisor --name influxsrv tutum/influxdb:0.8.8
Unable to find image 'tutum/influxdb:0.8.8' locally
0.8.8: Pulling from tutum/influxdb
a3ed95caeb02: Already exists
23efb549476f: Already exists
aa2f8df21433: Already exists
ef072d3c9b41: Already exists
c9f371853f28: Already exists
a248b0871c3c: Already exists
749db6d368d0: Already exists
7d7c7d923e63: Pull complete
e47cc7808961: Pull complete
1743b6eeb23f: Pull complete
Digest: sha256:8494b31289b4dbc1d5b444e344ab1dda3e18b07f80517c3f9aae7d18133c0c42
Status: Downloaded newer image for tutum/influxdb:0.8.8
d3b6f7789e0d1d01fa4e0aacdb636c221421107d1df96808ecbe8e241ceb1823

• -p 8083:8083 : user interface, log in with username-admin, pass-admin
• -p 8086:8086 : interaction with other application
• --name influxsrv : container have name influxsrv, use to cAdvisor link it.

You can test your InfluxDB installation by calling this URL >>http://45.79.148.234:8083 and login with user/password as "root".

We can create our required databases from this tab.

Installing cAdvisor

Our next step is to  install cAdvisor container and link it to the InfluxDB container. You can use this command to create it.

root@ubuntu:~# docker run --volume=/:/rootfs:ro --volume=/var/run:/var/run:rw --volume=/sys:/sys:ro --volume=/var/lib/docker/:/var/lib/docker:ro --publish=8080:8080 --detach=true --link influxsrv:influxsrv --name=cadvisor google/cadvisor:latest -storage_driver_db=cadvisor -storage_driver_host=influxsrv:8086
Unable to find image 'google/cadvisor:latest' locally
latest: Pulling from google/cadvisor
09d0220f4043: Pull complete
151807d34af9: Pull complete
14cd28dce332: Pull complete
Digest: sha256:8364c7ab7f56a087b757a304f9376c3527c8c60c848f82b66dd728980222bd2f
Status: Downloaded newer image for google/cadvisor:latest
3bfdf7fdc83872485acb06666a686719983a1172ac49895cd2a260deb1cdde29
root@ubuntu:~#

• --publish=8080:8080 : user interface
• --link=influxsrv:influxsrv: link to container influxsrv
• -storage_driver=influxdb: set the storage driver as InfluxDB
• Specify what InfluxDB instance to push data to:
• -storage_driver_host=influxsrv:8086: The ip:port of the database. Default is ‘localhost:8086’
• -storage_driver_db=cadvisor: database name. Uses db ‘cadvisor’ by default

You can test our cAdvisor installation by calling this URL >>http://45.79.148.234:8080. This will provide you the statistics of your Docker host and containers.

Installing the Grafana Dashboard

Finally, we need to install the Grafana Dashboard and link to the InfluxDB. You can run this command to setup that.

root@ubuntu:~# docker run -d -p 3000:3000 -e INFLUXDB_HOST=localhost -e INFLUXDB_PORT=8086 -e INFLUXDB_NAME=cadvisor -e INFLUXDB_USER=root -e INFLUXDB_PASS=root --link influxsrv:influxsrv --name grafana grafana/grafana
f3b7598529202b110e4e6b998dca6b6e60e8608d75dcfe0d2b09ae408f43684a

Now we can login to Grafana and configure the Data Sources. Navigate to http://45.79.148.234:3000 or just http://45.79.148.234:

Username - admin
Password - admin

Once we've installed Grafana, we can connect the InfluxDB. Login on the Dashboard and click on the Grafana icon(Fireball) in the upper left hand corner of the panel. Click on Data Sources to configure.

Now you can add our new Graph to our default Datasource InfluxDB.

We can edit and modify our query by adjusting our graph at Metric tab.

You can get more information on docker monitoring here. Thank you for reading this. I would suggest your valuable comments and suggestions on this. Hope you'd a wonderful day!

The post How to Monitor Docker Containers using Grafana on Ubuntu appeared first on LinOxide.

For Sysadmins, it is very important to be able to check the state of each service and equipment provided on the network. You must be able to be informed and to react anytime if a problem occurs. It exists some [...]

The post How to Install Centreon on Centos 7 for Monitoring appeared first on LinOxide.