nfdump-nfsen
參考:
- Centos5/Linux安裝Nfdump和Nfsen圖形界面分析netflow資料
centos_6.5上實作安裝
# 安裝 rrdtool 及所需元件:
yum install -y perl-rrdtool rrdtool rrdtool-devel rrdutils flex byacc
# 安裝 rrdtool 及所需元件:
yum install -y perl-Socket6 perl-MailTools perl-Mail-Sender
# 安裝 GCC :
yum install -y gcc
# 安裝 Nfdump 工具:
cd /usr/local/src/
wget http://downloads.sourceforge.net/project/nfdump/stable/nfdump-1.6.6/nfdump-..tar.gz
tar zxvf nfdump-..tar.gz
cd nfdump-./
./configure --enable-nfprofile --with-rrdpath=/usr/bin # --enable-nfprofile 為重新生成,--with-rrdpath= 為啟用rddtool支援
make
make install
cd ../
# 下載下傳配置 Nfsen :
mkdir -p /usr/local/nfsen
wget http://downloads.sourceforge.net/project/nfsen/stable/nfsen-1.3.6p1/nfsen-.p1.tar.gz
tar zxvf nfsen-.p1.tar.gz
cd nfsen-.p1/
cp etc/nfsen-dist.conf etc/nfsen.conf
# 修改Nfsen配置檔案:
cat etc/nfsen.conf
#http://www.haiyun.me
$BASEDIR = "/usr/local/nfsen";
$HTMLDIR = "/var/www/html/nfsen/";
$USER = "apache";
$WWWUSER = "apache";
$WWWGROUP = "apache";
%sources = (
'upstream1' => { 'port' => '9995', 'col' => '#0000ff', 'type' => 'netflow' },
);
以上部分參考:
- Linux下is not in the sudoers file解決方法
- 在CentOS上搭建PHP伺服器環境
# 安裝apache:
yum install httpd httpd-devel
# 啟動apache:
/etc/init.d/httpd start
# 安裝mysql:
yum install mysql mysql-server
# 啟動mysql:
/etc/init.d/mysqld start
# 安裝php
yum install php php-devel
# 重新開機apache使php生效
/etc/init.d/httpd restart
# 安裝php的擴充
yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc
# 安裝完擴充之後需要再次重新開機apache
/etc/init.d/httpd restart
# 安裝Nfsen:
./install.pl etc/nfsen.conf
# 啟動Nfsen:
/usr/local/nfsen/bin/nfsen start
- 開啟後可以通過 http://serverip/nfsen/nfsen.php WEB頁面通路,不過通路會報錯:
- ERROR: nfsend connect() error: Permission denied!
- ERROR: nfsend - connection failed!!
- ERROR: Can not initialize globals!
# 這是因為權限不足,需要給 /data/nfsen/var/run/nfsen.comm 增加 rw 的權限:
chmod a+rw /usr/local/nfsen/var/run/nfsen.comm # Remark:每次NFSEN服務重新開機都需要重新權重限!
# 關閉防火牆
setenforce
-
frontend and backend mismatched.
修改 /var/www/html/nfsen/nfsen.php
交換機配置
需要在支援NETFOLW功能的交換機上進行相關配置
ip flow ingress infer-fields
ip flow ingress layer2-switched
ip flow-export version
ip flow-export destination X.X.X.X. (要和NFSEN.CONF裡面的埠号一緻)
ip route-cache flow infer-fields
以上部分參考:
- NFSEN NetFlow工具安裝與使用
Cacti
參考:
- 中文版:Centos/Linux下安裝配置Cacti中文版 「 鏡像 Lost ,改用下面的方案 2 」
- spine版:Cacti使用安裝詳解
# 建立cacti使用者
useradd -m cacti
passwd cacti
# 安裝相關軟體:
yum -y install net-snmp net-snmp-libs net-snmp-utils net-snmp-devel
# 安裝gcc和libtool
yum install libtool -y
# 下載下傳cacti-spine
wget http://www.cacti.net/downloads/cacti-0.8.8b.tar.gz
wget http://www.cacti.net/downloads/spine/cacti-spine-0.8.8b.tar.gz
# configure: error: Cannot find MySQL header files
yum install mysql-devel
# 解壓:
tar -xf cacti-spine-..8b.tar.gz
# 編譯安裝:
cd cacti-spine-..8b
aclocal
libtoolize --force
autoheader
autoconf
automake
./configure
make
make install
# 配置
cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf
chown cacti.cacti /etc/spine.conf
vim /etc/spine.conf
DB_Host localhost
DB_Database cacti
DB_User cactiuser
DB_Pass cactiuser
DB_Port
mysql -uroot -p
CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'cactiuser';
create database cacti;
grant all on cacti.* to cactiuser@localhost
tar -xvf cacti-..8b.tar.gz
cd cacti-..8b
mysql -u cactiuser -pcactiuser cacti < cacti.sql
mv cacti-..8b /var/www/html/cacti
vim /var/www/html/cacti/include/config.php
$database_type = \"mysql\";
$database_default = \"cacti\";
$database_hostname = \"localhost\";
$database_username = \"cactiuser\";
$database_password = \"cactiuser\";
$database_port = \"3306\";
$database_ssl = false;
# 添加計劃任務(使cacti每5分鐘獲得一次資料)
crontab -e
*/1 * * * * /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1 # 讓系統每1分鐘收集
- 預設登入使用者名密碼是admin
- 最後,等cacti安裝完之後在cacti的web配置界面選擇setting
- settings->paths->Spine Poller File Path [/usr/local/spine/bin/spine]
- settings->poller->Poller Type [spine]
- console->settings->poller->Maximum Threads per Process [5]
- save完成
以上部分參考:
- configure: error: Cannot find MySQL header files:cacti 安裝配置方法 總結(1)
- MySQL建立使用者與授權方法
未做:(其他)
# Cacti監控mysql報表流量圖:
wget https://mysql-cacti-templates.googlecode.com/files/better-cacti-templates-1.1.8.tar.gz
tar –xvf better-cacti-templates-.tar.gz
cd better-cacti-templates-
# 将better-cacti-templates-1.1.8\scripts下的 ss_get_mysql_stats.php 這個腳本 這個腳本需要放在cacti的服務端。
# 比如cacti部署在/var/www/html目錄下,那麼就cp到/var/www/html/cacti/scripts/下
cp /root/better-cacti-templates-/scripts/ss_get_mysql_stats.php /var/www/html/cacti/scripts/
# 修改ss_get_mysql_stats.php 檔案 第30行
$mysql_user = 'cacti_user';
$mysql_pass = 'cacti_user05161610';
$cache_dir = "/xok.la/cacti/cache/";
chown -R apache.apache /var/www/html/cacti/scripts
chmod -R /var/www/html/cacti/scripts
# 使用 http 通路 cacti主機 導入
/opt/mysql-cacti-templates-/cacti_host_template_x_db_server_ht_0i.xml
# 然後建立mysql使用者:
grant process,super on *.* to 'cacti_user'@'%' identified by 'cacti_user05161610';
Nagios
參考:
- Linux/Centos安裝nagios監控伺服器
useradd nagios
groupadd nagcmd
usermod -G nagcmd nagios
usermod -G nagcmd apache
cd /usr/local/src/
# 安裝主程式
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-.tar.gz
tar zxvf nagios-.tar.gz
cd nagios
./configure --with-command-group=nagcmd --prefix=/usr/local/nagios --with-nagios-user=nagios --with-nagios-group=nagios
make all
make install
# 安裝主程式
make install-init # 安裝init管理腳本
make install-config # 安裝示例配置檔案
make install-commandmode # 配置目錄權限
make install-webconf # 安裝Apache配置檔案
make install-classicui # 安裝經典黑色主題
cd ../
# 安裝插件
wget https://nagios-plugins.org/download/nagios-plugins-.tar.gz
tar zxvf nagios-plugins-.tar.gz
cd nagios-plugins
./configure --with-nagios-user=nagios --with-nagios-group=nagios --prefix=/usr/local/nagios
make
make install
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
# 生成nagiosadmin驗證密碼,用于web界面驗證
/etc/init.d/httpd restart
/etc/init.d/nagios start
chkconfig nagios on
setsebool -P httpd_disable_trans # 關閉selinux對httpd的防護,不然會出現權限問題 「這句我失敗了==」