Juniper SRX minor system alarms
Recently we replaced one of our Juniper SRX firewalls and I had to put the new one into the cluster.
Once I had finished configuring the new device, I ran few commands to make sure everything was ok.
I want to make sure the cluster was running smoothly, make sure the system was behaving properly.
Then I came across two minor system alarms:
root@firewall-a01> show system alarms
2 alarms currently active
Alarm time Class Description
2013-02-26 16:11:35 UTC Minor Rescue configuration is not set
2013-02-26 16:11:36 UTC Minor Autorecovery information needs to be saved
root@firewall-a01>show chassis craft-interface
All the juniper firewall is telling us is, we need to:
1) We need to set the rescue configuration
root@firewall-a01>request system configuration rescue save
2) We need to save an auto-recovery configuration
root@firewall-a01> request system autorecovery state save
This will take care of these minor alarms and everything will look nice and green.
I think these are nice features provided by Juniper. Creating a restore point where you know when things were working fine ans you can restore easily and quick is just a nice thinking.
Autorecovery
To save current state of the disk partitioning, configuration, and licenses for autorecovery.
root@firewall-a01> request system autorecovery state save
To clear all saved autorecovery information.
root@firewall-a01> request system autorecovery state clear
To perform checks and shows status of all autorecovered items.
root@firewall-a01> show system autorecovery state
Acording to the Juniper website:
Amber and steadily on indicates a major alarm, such as low memory (less than 10% remaining), session full, maximum number of VPN tunnels reached,
HA status change, or redundant group member not found.
Trobleshooting Amber lights on SRX
root@firewall-a01>show chassis craft-interface
You should see an output similar to the one below:
Front Panel System Indicator:
Routing Engine 0
-----------------------------
OK *
Front Panel Alarm Indicator:
----------------------------
RED .
ORANGE *
Front Panel HA Indicator:
-------------------------
GREEN .
Front Panel PS Indicator:
PS 0
-------------------------
RED .
GREEN *
I hope this will help you guys.
by Renato de Oliveira
Monday, 18 March 2013
Sunday, 17 March 2013
Installing and configuring Cacti (Centos 6)
Installing and configuring Cacti (Centos 6)
Packages Required
httpd
httpd-devel
mysql
mysql-server
php-mysql
php-pear
php-common
php-gd
php-devel
php
php-mbstring
php-cli
php-mysql
php-snmp
net-snmp-utils
net-snmp-libs
php-pear-Net-SMTP
rrdtool
Install all required packages at once
# yum install httpd httpd-devel mysql mysql-server php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-mysql php-snmp net-snmp-utils p net-snmp-libs php-pear-Net-SMTP rrdtool -y
Make sure Apache and Mysql-Server are set to start at boot time runlevel 3 and 5 if you use GUI
# chkconfig --level 35 httpd on
# chkconfig --level 35 mysqld on
Set root password for MySQL Server
/usr/bin/mysqladmin -u root password 'password123'
Configure and Startr SNMPD Server
# cd /etc/snmp
# mv snmpd.conf snmpd.conf.back
# vi snmpd.conf
Add the content below and save the file
com2sec local localhost public
com2sec mynetwork 192.168.1.0/24 public
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
view all included .1 80
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
syslocation Linux (Location Where your Server is installed i.e Data Centre)
syscontact Sys Admin Groups <sysadmin Email Address for example>
Make sure SNMP starts at boot time
# chkconfig --level 35 snmpd on
Start the SNMPD service
# service snmpd start
Lets Install CACTI
If you follow previous posts, you have installed the Epel repository and CACTI is easily found and installed with yum.
# yum install cacti.noarch -y
We need to configure MySQL Database for CACTI
# mysql -u root -p
Lets create the CACTI Database and user and grant permissions
Create the CACTI Database
mysql>create database cacti;
Grant user CACTI privileges to CACTI database
mysql>grant all on cacti.* to cacti@localhost identified by 'password123';
mysql> flush privileges;
Quit MySQL
mysql> \q
Find cacti.sql file
# find / -name cacti.sql
/usr/share/doc/cacti-0.8.8a/cacti.sql
Import cacti.sql tables to cacti database
# mysql -u cacti -p cacti < /usr/share/doc/cacti-0.8.8a/cacti.sql
Note: it will prompt for the cacti database password set previously.
Check if tables have been imported correctly
# mysql -u root -p (type your password)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| cacti |
| mysql |
| test |
+--------------------+
mysql> use cacti;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql>show tables;
+---------------------------+
| Tables_in_cacti |
+---------------------------+
| cdef |
| cdef_items |
| colors |
| data_input |
| data_input_data |
| data_input_fields |
Note: This is not the full output, but if you a similar output things are looking good.
Lets configure CACTI Database connection file
# cd /etc/cacti/
# vi db.php
Modify the following lines and save the file
/* make sure these values refect your actual database/host/user/password */
$database_type = "mysql"; (mysql database engine)
$database_default = "cacti"; (cacti database name)
$database_hostname = "localhost"; (cacti database server)
$database_username = "cacti"; (cacti database user - change it to match user you crated in previous steps)
$database_password = "password123"; (cacti database user's password - change it to match cacti database password you set)
$database_port = "3306"; (mysql TCP port)
$database_ssl = false;
Set CACTI poller as cron job
Setting up Apache Access
# cd /etc/httpd/conf.d/
# vi cacti.conf
Make sure it looks like this
Alias /cacti /usr/share/cacti
<Directory /usr/share/cacti/>
<IfModule mod_authz_core.c>
# httpd 2.4
Require host localhost
</IfModule>
<IfModule !mod_authz_core.c>
# httpd 2.2
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/cacti/install>
# mod_security overrides.
# Uncomment these if you use mod_security.
# allow POST of application/x-www-form-urlencoded during install
#SecRuleRemoveById 960010
# permit the specification of the rrdtool paths during install
#SecRuleRemoveById 900011
</Directory>
# These sections marked "Require all denied" (or "Deny from all")
# should not be modified.
# These are in place in order to harden Cacti.
<Directory /usr/share/cacti/log>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/cacti/rra>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
Open TCP port 80 through your local iptables firewall.
# vi /etc/sysconfig/iptables
Add the line below andsave the file
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Re-start iptables
# service iptables restart
Point your browser to the server IP address
http://192.168.1.23/cacti
You will see "Cacti Installation Guide" screen
Click on Next>>
Please select the type of installation, choose:
"New Install"
Click on Next>>
Note: Make sure all values are correct, if everything is looking green, then things look good.
Click on [Finish]
Login
Deafult username: admin
Default Password: admin
You will be prompted to change the default password, please do so.
Once the admin password has been changed, you will be logged on and see the CACTI console.
Localhost Configuration, see below:
I will describe in later posts how to populate CACTI with graphs.
I must admit it, it is not very intuitive interface.
Troubleshooting
Note: If you are using SNMP to graph remote hosts you must add the rules below to iptables
-I INPUT -m state --state NEW -m tcp -p tcp --dport 162 -j ACCEPT
-I INPUT -m state --state NEW -m udp -p udp --dport 162 -j ACCEPT
By Renato de Oliveira
Packages Required
httpd
httpd-devel
mysql
mysql-server
php-mysql
php-pear
php-common
php-gd
php-devel
php
php-mbstring
php-cli
php-mysql
php-snmp
net-snmp-utils
net-snmp-libs
php-pear-Net-SMTP
rrdtool
Install all required packages at once
# yum install httpd httpd-devel mysql mysql-server php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-mysql php-snmp net-snmp-utils p net-snmp-libs php-pear-Net-SMTP rrdtool -y
Make sure Apache and Mysql-Server are set to start at boot time runlevel 3 and 5 if you use GUI
# chkconfig --level 35 httpd on
# chkconfig --level 35 mysqld on
Set root password for MySQL Server
/usr/bin/mysqladmin -u root password 'password123'
Configure and Startr SNMPD Server
# cd /etc/snmp
# mv snmpd.conf snmpd.conf.back
# vi snmpd.conf
Add the content below and save the file
com2sec local localhost public
com2sec mynetwork 192.168.1.0/24 public
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
view all included .1 80
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
syslocation Linux (Location Where your Server is installed i.e Data Centre)
syscontact Sys Admin Groups <sysadmin Email Address for example>
Make sure SNMP starts at boot time
# chkconfig --level 35 snmpd on
Start the SNMPD service
# service snmpd start
Lets Install CACTI
If you follow previous posts, you have installed the Epel repository and CACTI is easily found and installed with yum.
# yum install cacti.noarch -y
We need to configure MySQL Database for CACTI
# mysql -u root -p
Lets create the CACTI Database and user and grant permissions
Create the CACTI Database
mysql>create database cacti;
Grant user CACTI privileges to CACTI database
mysql>grant all on cacti.* to cacti@localhost identified by 'password123';
mysql> flush privileges;
Quit MySQL
mysql> \q
Find cacti.sql file
# find / -name cacti.sql
/usr/share/doc/cacti-0.8.8a/cacti.sql
Import cacti.sql tables to cacti database
# mysql -u cacti -p cacti < /usr/share/doc/cacti-0.8.8a/cacti.sql
Note: it will prompt for the cacti database password set previously.
Check if tables have been imported correctly
# mysql -u root -p (type your password)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| cacti |
| mysql |
| test |
+--------------------+
mysql> use cacti;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql>show tables;
+---------------------------+
| Tables_in_cacti |
+---------------------------+
| cdef |
| cdef_items |
| colors |
| data_input |
| data_input_data |
| data_input_fields |
Note: This is not the full output, but if you a similar output things are looking good.
Lets configure CACTI Database connection file
# cd /etc/cacti/
# vi db.php
Modify the following lines and save the file
/* make sure these values refect your actual database/host/user/password */
$database_type = "mysql"; (mysql database engine)
$database_default = "cacti"; (cacti database name)
$database_hostname = "localhost"; (cacti database server)
$database_username = "cacti"; (cacti database user - change it to match user you crated in previous steps)
$database_password = "password123"; (cacti database user's password - change it to match cacti database password you set)
$database_port = "3306"; (mysql TCP port)
$database_ssl = false;
Set CACTI poller as cron job
*/5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1
Note: This step is important otherwise you will not see any graphs
Setting up Apache Access
# cd /etc/httpd/conf.d/
# vi cacti.conf
Make sure it looks like this
Alias /cacti /usr/share/cacti
<Directory /usr/share/cacti/>
<IfModule mod_authz_core.c>
# httpd 2.4
Require host localhost
</IfModule>
<IfModule !mod_authz_core.c>
# httpd 2.2
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/cacti/install>
# mod_security overrides.
# Uncomment these if you use mod_security.
# allow POST of application/x-www-form-urlencoded during install
#SecRuleRemoveById 960010
# permit the specification of the rrdtool paths during install
#SecRuleRemoveById 900011
</Directory>
# These sections marked "Require all denied" (or "Deny from all")
# should not be modified.
# These are in place in order to harden Cacti.
<Directory /usr/share/cacti/log>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/cacti/rra>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
Open TCP port 80 through your local iptables firewall.
# vi /etc/sysconfig/iptables
Add the line below andsave the file
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Re-start iptables
# service iptables restart
Point your browser to the server IP address
http://192.168.1.23/cacti
You will see "Cacti Installation Guide" screen
Click on Next>>
Please select the type of installation, choose:
"New Install"
Click on Next>>
Note: Make sure all values are correct, if everything is looking green, then things look good.
Click on [Finish]
Login
Deafult username: admin
Default Password: admin
You will be prompted to change the default password, please do so.
Once the admin password has been changed, you will be logged on and see the CACTI console.
Localhost Configuration, see below:
I must admit it, it is not very intuitive interface.
Troubleshooting
Note: If you are using SNMP to graph remote hosts you must add the rules below to iptables
-I INPUT -m state --state NEW -m tcp -p tcp --dport 162 -j ACCEPT
-I INPUT -m state --state NEW -m udp -p udp --dport 162 -j ACCEPT
By Renato de Oliveira
Integrating Nagvis to Nagios
Integrating Nagvis front-end to Nagios
If you want to make your Nagios look really professional, want to customise the it to make it look absolutely customer presentable. Nagvis is the tool for you.
Installing NagVis Front End for Nagios. This tool will allow you creating a cool visual for your Nagios portal. You can create a nice diagram with Visio and use it to make your Nagios portal look more professionally presentable to customers.
If you have followed my previous post on how to Install Nagios (Centos 6) easy way, all you have to do is to follow the steps below, and you will have both (Nagios and Nagvis) working and nicely integrated.
There are few packages we must install first:
Dependencies:
* rsync
* graphviz
* php-mbstring
* php
* php-gd
* php-pdo
* mk-livestatus-1.1.12.rhel6.x86_64.rpm
Installing required Packages
# yum install rsync graphviz php-mbstring php-gd php-pdo php -y
Downloading mk-live
# cd /usr/local/
# mkdir downloads
# cd downloads
# wget http://www.thruk.org/files/pkg/v1.52/rhel6/x86_64/mk-livestatus-1.1.12.rhel6.x86_64.rpm
# rpm -Uvh mk-livestatus-1.1.12.rhel6.x86_64.rpm
or
Simply issue the command below:
# rpm -Uvh http://www.thruk.org/files/pkg/v1.52/rhel6/x86_64/mk-livestatus-1.1.12.rhel6.x86_64.rpm
Once the mk-live package has been installed, we need to move to configuring the it, by integrating it to the Nagios.
Note: If you followed my previous post about installing Nagios, your Nagios config files should be on /etc/nagios
Configure mk-live package
# cd /etc/nagios
# mkdir -p var/rw
# chown -R nagios: var/
Edit Nagios.cfg file
# vi /etc/nagios/nagios.cfg
Add the lines bellow to the nagios.cfg and save it
broker_module=-1
broker_module=/usr/lib64/mk-livestatus/livestatus.o /etc/nagios/var/rw/live
Restart Nagios and Apache
# service nagios restart
# service httpd restart
Note: I would like to draw your attention to something very important.
A good systems Administrator always make sure he/she has a backup of any modified file.
Before you change configuration files, it is good practice to make a copy of the file you are about to change.
Downloading and Installing NagVis Package
# cd /usr/local/downloads
# wget http://sourceforge.net/projects/nagvis/files/NagVis%201.7/nagvis-1.7.2.tar.gz/download
# tar -zxvf nagvis-1.7.2.tar.gz
# cd nagvis-1.7.2
# ls
Note: you should see various files including a README and a INSTALL.
The installation process is described in the INSTALL file, I suggest taking a look at it..
Once the package has been decompressed and expanded, we need to install it.
Installing Nagvis
# chmod 755 install.sh
# ./install.sh
The install.sh script will check various things within your system, including; path to Nagios, path to mk-live and all the required packages if they are installed.
Questions asked by install.sh script
1. Do you want to proceed? [y]: Y
hit [ENTER]
2. Please enter the path to the nagios base directory [/usr/sbin/nagios]: /etc/nagios
hit [ENTER]
3. Please enter the path to NagVis base [/usr/sbin/nagvis]: /etc/nagvis
hit [ENTER]
4. Script will check for all required packages, see below:
| PHP 5.3 found |
| PHP Module: gd php found |
| PHP Module: mbstring php found |
| PHP Module: gettext compiled_in found |
| PHP Module: session compiled_in found |
| PHP Module: xml compiled_in found |
| PHP Module: pdo php found |
| Apache mod_php found |
Note: If any package is presented as missing, kill the script and install the missing package.
5. Do you want to use backend mklivestatus? [y]:Y
hit [ENTER]
6. Do you want to use backend ndo2db? [n]:n
hit [ENTER]
7. Do you want to use backend ido2db? [n]:n
hit [ENTER]
8. Do you want to use backend merlinmy? [n]:n
hit [ENTER]
9. Livestatus Socket (/etc/nagios/var/rw/live) found |
| PHP Module: sockets compiled_in found |
| Graphviz 2.26 found |
| Graphviz Module dot 2.26.0 found |
| Graphviz Module neato 2.26.0 found |
| Graphviz Module twopi 2.26.0 found |
| Graphviz Module circo 2.26.0 found |
| Graphviz Module fdp 2.26.0 found |
| SQLite 3.6 found |
Note: Make sure everything on the list above has been found.
Otherwise kill the script and install the missing packages.
10. Please enter the web path to NagVis [/nagvis]:
hit [ENTER]
11. Please enter the name of the web-server user [apache]:
hit [ENTER]
Please enter the name of the web-server group [apache]:
hit [ENTER]
create Apache config file [y]:
hit [ENTER]
12. Do you want the installer to update your config files when possible? [y] y
hit [ENTER]
13. Remove backup directory after successful installation? [n]: n
hit [ENTER]
Note: At this time Nagvis will display a summary of all choices made by you, if everything looks OK as I describe above,
just accept it.
14. Do you really want to continue? [y]: y
hit [ENTER]
Once the installation has been complete, restart Apache
# service httpd restart
Accessing Nagvis frontend
Open your bowser and point it to: http://192.168.1.23/nagvis
User Name: admin
Password: Admin
By this point you should see the default Nagvis frontend and there are various demo you can see.
It is pretty easy to install the localhost to be monitored.
I will create a how to with screenshots at later date.
Make sure NagVis has enabled the LIVE backend
# cd /etc/nagvis/etc
# vi nagvis.ini.php
Search for the line:
; backend="live_1"
Remove the ';' (semi-colonm) and save the file
backend="live_1"
Save the file and restart Apache and Nagios
# service httpd restart
# service nagios restart
Now you should be able to add easily the localhost and any servers you might already have configured.
I hope you enjoy these How To I am creating. I am trying to make them as detailed as possible and not escape or miss steps.
Troubleshooting
# tail /var/log/message
Note: any error message generated by Nagios will be logged to this file.
My next how to will be on how to make this useful and I will post my work online.
I intend to create a Visio diagram including all the racks at the Data Centre, with all servers positioned correctly and just save it as a Jpeg and use it as my NagVis MAP.
by Renato de Oliveira
If you want to make your Nagios look really professional, want to customise the it to make it look absolutely customer presentable. Nagvis is the tool for you.
Installing NagVis Front End for Nagios. This tool will allow you creating a cool visual for your Nagios portal. You can create a nice diagram with Visio and use it to make your Nagios portal look more professionally presentable to customers.
If you have followed my previous post on how to Install Nagios (Centos 6) easy way, all you have to do is to follow the steps below, and you will have both (Nagios and Nagvis) working and nicely integrated.
There are few packages we must install first:
Dependencies:
* rsync
* graphviz
* php-mbstring
* php
* php-gd
* php-pdo
* mk-livestatus-1.1.12.rhel6.x86_64.rpm
Installing required Packages
# yum install rsync graphviz php-mbstring php-gd php-pdo php -y
Downloading mk-live
# cd /usr/local/
# mkdir downloads
# cd downloads
# wget http://www.thruk.org/files/pkg/v1.52/rhel6/x86_64/mk-livestatus-1.1.12.rhel6.x86_64.rpm
# rpm -Uvh mk-livestatus-1.1.12.rhel6.x86_64.rpm
or
Simply issue the command below:
# rpm -Uvh http://www.thruk.org/files/pkg/v1.52/rhel6/x86_64/mk-livestatus-1.1.12.rhel6.x86_64.rpm
Once the mk-live package has been installed, we need to move to configuring the it, by integrating it to the Nagios.
Note: If you followed my previous post about installing Nagios, your Nagios config files should be on /etc/nagios
Configure mk-live package
# cd /etc/nagios
# mkdir -p var/rw
# chown -R nagios: var/
Edit Nagios.cfg file
# vi /etc/nagios/nagios.cfg
Add the lines bellow to the nagios.cfg and save it
broker_module=-1
broker_module=/usr/lib64/mk-livestatus/livestatus.o /etc/nagios/var/rw/live
Restart Nagios and Apache
# service nagios restart
# service httpd restart
Note: I would like to draw your attention to something very important.
A good systems Administrator always make sure he/she has a backup of any modified file.
Before you change configuration files, it is good practice to make a copy of the file you are about to change.
Downloading and Installing NagVis Package
# cd /usr/local/downloads
# wget http://sourceforge.net/projects/nagvis/files/NagVis%201.7/nagvis-1.7.2.tar.gz/download
# tar -zxvf nagvis-1.7.2.tar.gz
# cd nagvis-1.7.2
# ls
Note: you should see various files including a README and a INSTALL.
The installation process is described in the INSTALL file, I suggest taking a look at it..
Once the package has been decompressed and expanded, we need to install it.
Installing Nagvis
# chmod 755 install.sh
# ./install.sh
The install.sh script will check various things within your system, including; path to Nagios, path to mk-live and all the required packages if they are installed.
Questions asked by install.sh script
1. Do you want to proceed? [y]: Y
hit [ENTER]
2. Please enter the path to the nagios base directory [/usr/sbin/nagios]: /etc/nagios
hit [ENTER]
3. Please enter the path to NagVis base [/usr/sbin/nagvis]: /etc/nagvis
hit [ENTER]
4. Script will check for all required packages, see below:
| PHP 5.3 found |
| PHP Module: gd php found |
| PHP Module: mbstring php found |
| PHP Module: gettext compiled_in found |
| PHP Module: session compiled_in found |
| PHP Module: xml compiled_in found |
| PHP Module: pdo php found |
| Apache mod_php found |
Note: If any package is presented as missing, kill the script and install the missing package.
5. Do you want to use backend mklivestatus? [y]:Y
hit [ENTER]
6. Do you want to use backend ndo2db? [n]:n
hit [ENTER]
7. Do you want to use backend ido2db? [n]:n
hit [ENTER]
8. Do you want to use backend merlinmy? [n]:n
hit [ENTER]
9. Livestatus Socket (/etc/nagios/var/rw/live) found |
| PHP Module: sockets compiled_in found |
| Graphviz 2.26 found |
| Graphviz Module dot 2.26.0 found |
| Graphviz Module neato 2.26.0 found |
| Graphviz Module twopi 2.26.0 found |
| Graphviz Module circo 2.26.0 found |
| Graphviz Module fdp 2.26.0 found |
| SQLite 3.6 found |
Note: Make sure everything on the list above has been found.
Otherwise kill the script and install the missing packages.
10. Please enter the web path to NagVis [/nagvis]:
hit [ENTER]
11. Please enter the name of the web-server user [apache]:
hit [ENTER]
Please enter the name of the web-server group [apache]:
hit [ENTER]
create Apache config file [y]:
hit [ENTER]
12. Do you want the installer to update your config files when possible? [y] y
hit [ENTER]
13. Remove backup directory after successful installation? [n]: n
hit [ENTER]
Note: At this time Nagvis will display a summary of all choices made by you, if everything looks OK as I describe above,
just accept it.
14. Do you really want to continue? [y]: y
hit [ENTER]
Once the installation has been complete, restart Apache
# service httpd restart
Accessing Nagvis frontend
Open your bowser and point it to: http://192.168.1.23/nagvis
User Name: admin
Password: Admin
By this point you should see the default Nagvis frontend and there are various demo you can see.
It is pretty easy to install the localhost to be monitored.
I will create a how to with screenshots at later date.
Make sure NagVis has enabled the LIVE backend
# cd /etc/nagvis/etc
# vi nagvis.ini.php
Search for the line:
; backend="live_1"
Remove the ';' (semi-colonm) and save the file
backend="live_1"
Save the file and restart Apache and Nagios
# service httpd restart
# service nagios restart
Now you should be able to add easily the localhost and any servers you might already have configured.
I hope you enjoy these How To I am creating. I am trying to make them as detailed as possible and not escape or miss steps.
Troubleshooting
# tail /var/log/message
Note: any error message generated by Nagios will be logged to this file.
My next how to will be on how to make this useful and I will post my work online.
I intend to create a Visio diagram including all the racks at the Data Centre, with all servers positioned correctly and just save it as a Jpeg and use it as my NagVis MAP.
by Renato de Oliveira
Saturday, 16 March 2013
Nagios (Centos 6) Easy way
Nagios (Centos 6) Easy way
I decided to write this post because I am currently implementing a massive Nagios installation.
Which includes two Data Centres and two offices.
My next post will be on how to configure a server to be monitored by Nagios.
Centos 6 Easier way to install Nagios Server
Install Epel Repository GPG key
# rpm --import http://ftp.riken.jp/Linux/fedora/epel/RPM-GPG-KEY-EPEL-6
Install Epel Repository Package
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
Search and Install Nagios Packages
Required Packages:
nagios.x86_64
nagios-plugins.x86_64
nagios-plugins-all.x86_64
httpd.x86_64
Install the packages
# yum install httpd.x86_64 nagios.x86_64 nagios-plugins.x86_64 nagios-plugins-all.x86_64 -y
Note: on my brand new system I had 78 packages installed.
It might be different on your system, depends on how many packages you already have installed.
Configuring Apache
# chkconfig --level 35 httpd on
# service httpd start
Test Apache Install
Open your broser and navigate to your server IP address to test Apache works
If it doesn't we need to open up the firewall
# vi /etc/sysconfig/iptables
Add the line below:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Save the file and restart iptables
# service iptables restart
Test acessing your Nagios IP address once again
http://192.168.1.23
Note: If you see the Apache Test Page your Apache is working fine
Replace 192.168.1.23 with your server's IP address
Setup Nagios Apache Virtual Host
# cd /etc/httpd/conf.d/
# vi nagios.conf
The file should look as per below:
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
<Directory "/usr/lib64/nagios/cgi-bin/">
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</Directory>
Alias /nagios "/usr/share/nagios/html"
<Directory "/usr/share/nagios/html">
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</Directory>
Restart Apache
# service httpd restart
Set an User Name and Password to protect Nagios access
# htpasswd -c /etc/nagios/passwd nagiosadmin
New password: TYPE in a Password
Re-type new password: Type the same password again
Test the Nagios web Interface access
http://192.168.1.23/nagios/
Type in: nagiosadmin and your password
Note: If you see the Nagios Web Interface, things are looking good and Nagios is installed correctly.
We need to start Nagios service
# chkconfig --level 35 nagios on
Start Nagios
# service nagios start
Navigate to the Nagios web Interface at: http://192.168.1.23/nagios/
Enter username and password and click on: * Services
Note: by Now you should see the localhost being monitored and some default services.
Httpd service will display a warning: HTTP WARNING: HTTP/1.1 403 Forbidden
Note: Just create an empty index.html page.
# touch /var/www/html/index.html
That should take care of the warning.
Nagios 3.4.4 looks a a lot better than previous versions.
That is it folks, that was easy.
by Renato de Oliveira
I decided to write this post because I am currently implementing a massive Nagios installation.
Which includes two Data Centres and two offices.
My next post will be on how to configure a server to be monitored by Nagios.
Centos 6 Easier way to install Nagios Server
Install Epel Repository GPG key
# rpm --import http://ftp.riken.jp/Linux/fedora/epel/RPM-GPG-KEY-EPEL-6
Install Epel Repository Package
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
Search and Install Nagios Packages
Required Packages:
nagios.x86_64
nagios-plugins.x86_64
nagios-plugins-all.x86_64
httpd.x86_64
Install the packages
# yum install httpd.x86_64 nagios.x86_64 nagios-plugins.x86_64 nagios-plugins-all.x86_64 -y
Note: on my brand new system I had 78 packages installed.
It might be different on your system, depends on how many packages you already have installed.
Configuring Apache
# chkconfig --level 35 httpd on
# service httpd start
Test Apache Install
Open your broser and navigate to your server IP address to test Apache works
If it doesn't we need to open up the firewall
# vi /etc/sysconfig/iptables
Add the line below:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Save the file and restart iptables
# service iptables restart
Test acessing your Nagios IP address once again
http://192.168.1.23
Note: If you see the Apache Test Page your Apache is working fine
Replace 192.168.1.23 with your server's IP address
Setup Nagios Apache Virtual Host
# cd /etc/httpd/conf.d/
# vi nagios.conf
The file should look as per below:
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
<Directory "/usr/lib64/nagios/cgi-bin/">
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</Directory>
Alias /nagios "/usr/share/nagios/html"
<Directory "/usr/share/nagios/html">
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</Directory>
Restart Apache
# service httpd restart
Set an User Name and Password to protect Nagios access
# htpasswd -c /etc/nagios/passwd nagiosadmin
New password: TYPE in a Password
Re-type new password: Type the same password again
Test the Nagios web Interface access
http://192.168.1.23/nagios/
Type in: nagiosadmin and your password
Note: If you see the Nagios Web Interface, things are looking good and Nagios is installed correctly.
We need to start Nagios service
# chkconfig --level 35 nagios on
Start Nagios
# service nagios start
Navigate to the Nagios web Interface at: http://192.168.1.23/nagios/
Enter username and password and click on: * Services
Note: by Now you should see the localhost being monitored and some default services.
Httpd service will display a warning: HTTP WARNING: HTTP/1.1 403 Forbidden
Note: Just create an empty index.html page.
# touch /var/www/html/index.html
That should take care of the warning.
Nagios 3.4.4 looks a a lot better than previous versions.
That is it folks, that was easy.
by Renato de Oliveira
Sunday, 10 March 2013
A historia de Renato e a Inglessa Pippa
A historia de Renato e a Inglessa Pippa
Era Dezembro
Natal nao tinha o sentido que hoje tem
Era so mais um verao
Ate e te ver-te entao
Estavas de olhos fechados a dancar
e nem me viste a te olhar
Mas a tua visao
Minha vida ja mudara
Posso dizer que ja era paixao
Nao lembro quanto tempo se passou
Nem ao certo o que aconteceu, desde entao
So sei que doente eu fiquei
Tres semanas de cama, sem pisar o chao
Nao parecia melhorar
Ai veio o Sao Joao
Festas juninas pra alegrar
Comi o pao que o diabo amassou
Pra na festa chegar
Para minha surpresa
A minha Inglesa estava la
Parece ate coisa do destino
Coisa que tramada pra acontecer
Tudo fazia sentido
Me senti com um menino
Mal podia mexer
Voce passou e me sorriu
E eu queria falar
Mas a voz nem me saio
e Pelo momento certo, tive que esperar
Te liguei duas semanas mais tarde
voce atendeu com satisfacao
Te chamei pra sair
e voce aceitou de prontidao
Fomos a um barzinho
Perto de minha casa
Conversei muita besteira
Pensando que te agradava
Te levei de taxi em casa
e no taxi te beijei
sentia que te amava
e pra sair, mais uma vez te convidei
Fiquei triste ao escutar
Esse fim de semana nao vai dar
Vou a casa de praia de uma amiga
e por la, o fim de semana vou ficar
Fiquei triste e desapontado
acabou minha ilusao!
Mas pra minha surpresa
Escutei da tua boca:
Quando voltar, te ligo entao!
Esperei ancioso
Pra voce me ligar
Parecia que ia correr doido
esperando o telefone tocar
O telefone tocou
Era voce, que emocao
Me chamou pra sair
Bateu forte o coracao
Saimos uma, duas, tres vezes
Ai chegou seu aniversario
Voce estava linda
Num vestido muito charmosa
Que mulher sensual
Que mulher gostosa
Fomos a um restaurante
Seu aniversario celebrar
Ja me sentia teu amante
So pensava em te amar
O restaurante na beira de um rio
Comemos 'fondi' a luz de velas
a noite so pedia romance
viamos o rio pela janela
foi o comeco de um grande amor
Ate hoje eu sinto
Nunca quero que se va
Quero sempre estar contigo
Te amo muito
e sempre vou te amar
Cada etapa da nossa vida
Em versos vou contar...
por Renato de Oliveira
Era Dezembro
Natal nao tinha o sentido que hoje tem
Era so mais um verao
Ate e te ver-te entao
Estavas de olhos fechados a dancar
e nem me viste a te olhar
Mas a tua visao
Minha vida ja mudara
Posso dizer que ja era paixao
Nao lembro quanto tempo se passou
Nem ao certo o que aconteceu, desde entao
So sei que doente eu fiquei
Tres semanas de cama, sem pisar o chao
Nao parecia melhorar
Ai veio o Sao Joao
Festas juninas pra alegrar
Comi o pao que o diabo amassou
Pra na festa chegar
Para minha surpresa
A minha Inglesa estava la
Parece ate coisa do destino
Coisa que tramada pra acontecer
Tudo fazia sentido
Me senti com um menino
Mal podia mexer
Voce passou e me sorriu
E eu queria falar
Mas a voz nem me saio
e Pelo momento certo, tive que esperar
Te liguei duas semanas mais tarde
voce atendeu com satisfacao
Te chamei pra sair
e voce aceitou de prontidao
Fomos a um barzinho
Perto de minha casa
Conversei muita besteira
Pensando que te agradava
Te levei de taxi em casa
e no taxi te beijei
sentia que te amava
e pra sair, mais uma vez te convidei
Fiquei triste ao escutar
Esse fim de semana nao vai dar
Vou a casa de praia de uma amiga
e por la, o fim de semana vou ficar
Fiquei triste e desapontado
acabou minha ilusao!
Mas pra minha surpresa
Escutei da tua boca:
Quando voltar, te ligo entao!
Esperei ancioso
Pra voce me ligar
Parecia que ia correr doido
esperando o telefone tocar
O telefone tocou
Era voce, que emocao
Me chamou pra sair
Bateu forte o coracao
Saimos uma, duas, tres vezes
Ai chegou seu aniversario
Voce estava linda
Num vestido muito charmosa
Que mulher sensual
Que mulher gostosa
Fomos a um restaurante
Seu aniversario celebrar
Ja me sentia teu amante
So pensava em te amar
O restaurante na beira de um rio
Comemos 'fondi' a luz de velas
a noite so pedia romance
viamos o rio pela janela
foi o comeco de um grande amor
Ate hoje eu sinto
Nunca quero que se va
Quero sempre estar contigo
Te amo muito
e sempre vou te amar
Cada etapa da nossa vida
Em versos vou contar...
por Renato de Oliveira
Subscribe to:
Posts (Atom)