xrcd2 網路小頑童: Cacti Plugin Flowview 1.1 安裝 SOP

Cacti Plugin Flowview 1.1 安裝 SOP

使用環境 CentOS 6.X X64 + Cacti 0.8.8c

前置作業安裝 flow-tools 套件;

參考 URL

http://pkgs.org/centos-6/epel-x86_64/flow-tools-0.68.5.1-1.el6.x86_64.rpm.html

Download

Download flow-tools-0.68.5.1-1.el6.x86_64.rpm for CentOS 6 from the EPEL repository.

Install Howto
Download the latest epel-release rpm from
http://dl.fedoraproject.org/pub/epel/6/x86_64/

Install epel-release rpm:
# rpm -Uvh epel-release*rpm

Install flow-tools rpm package:
# yum install flow-tools

Download flowview ( flowview-v1.1-1.tgz )

http://docs.cacti.net/plugin:flowview

解壓縮檔及放置到 cacti plunins

#tar -zvcf flowview-v1.1-1.tgz

#mv flowview /var/www/html/cacti/plugins

[root@aaa plugins]# pwd
/var/www/html/cacti/plugins

[root@aaa plugins]# ll
total 32
drwxr-xr-x 3 cactiuser apache 4096 Sep 25 2011 clog
drwxr-xr-x 7 cactiuser apache 4096 Oct 26 17:12 flowview
-rw-r--r-- 1 cactiuser apache 44 Nov 24 2014 index.php
drwxr-xr-x 4 cactiuser apache 4096 Oct 6 2011 monitor
drwxrwxr-x 6 cactiuser apache 4096 Aug 29 2011 nectar
drwxr-xr-x 3 cactiuser apache 4096 Oct 26 16:26 settings
drwxr-xr-x 5 cactiuser apache 4096 Jan 12 2015 thold
drwxr-xr-x 9 cactiuser apache 4096 Jan 12 2015 weathermap
[root@aaa plugins]#

建立 flow 的 raw data 存放目錄

#mdkir -p /var/netflow/flows/completed
#chmod 777 -R /var/netflow/flows/completed

進入 cacti web UI 設定啟用 Flowview
Console -> configuration -> plugin management-> Flowview install & enable

設定 Flow Viewer 基本資訊
Console -> configuration -> settings --> Misc --> Flow Viewer

重點在這裡是要確定設定無誤,並按下右下角的 SAVE 按鍵..

設定 plugins Flows Listeners 資訊

plugin-> flows -> listeners-> add .....

重點在這裡是要確定設定無誤,並按下右下角的 SAVE 按鍵..

最好是確認一下 cacti DB 內有上述設定.

#mysql

mysql> use cacti;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> SELECT value FROM `settings` WHERE name = 'path_flows_dir';
+------------------------------+
| value |
+------------------------------+
| /var/netflow/flows/completed |
+------------------------------+
1 row in set (0.00 sec)

mysql> SELECT * FROM plugin_flowview_devices;
+----+------+--------+-----------+------+---------+---------+----------+--------+-------------+
| id | name | folder | allowfrom | port | nesting | version | rotation | expire | compression |
+----+------+--------+-----------+------+---------+---------+----------+--------+-------------+
| 1 | Vyos | C7609 | 0 | 2205 | 3 | 5 | 1439 | 2 | 0 |
+----+------+--------+-----------+------+---------+---------+----------+--------+-------------+
1 row in set (0.00 sec)

mysql>

取代系統預設的 flow-capture

#備份原始檔案

#mv /etc/init.d/flow-capture /etc/init.d/flow-capture.bk

#取代 flow-capture

[root@aaa flowview]# pwd
/var/www/html/cacti/plugins/flowview
[root@aaa flowview]# cp flow-capture /etc/init.d/flow-capture

[root@aaa init.d]# pwd
/etc/init.d
[root@aaa init.d]# vi flow-capture
#!/usr/bin/php
<?php
/*
# description: Start Flow-Capture
# chkconfig: 2345 95 00
*/

#以下這行設定務必正確,要不然 Flow-Capture 將無法正常被執行

$cacti_base = '/var/www/html/cacti';

執行 flow-capture
#cd /etc/init.d/

[root@aaa init.d]# ./flow-capture start
NOTE: Starting Flow Tools
NOTE: Launching flow-capture as '/usr/bin/flow-capture -w /var/netflow/flows/completed/C7609 0/0/2205 -S5 -V5 -z 0 -n 1439 -e 2880 -N 3'
[root@aaa init.d]#

[root@aaa flowview]# netstat -antup | grep flow
udp 0 0 0.0.0.0:2205 0.0.0.0:* 2494/flow-capture
[root@aaa flowview]#

如果出現以下錯誤訊息請務必再次檢查 cacti web ui 上的所有設定是否正確.
使用上述 DB 語法即可

[root@aaa init.d]# ./flow-capture start
NOTE: Starting Flow Tools
WARNING: No flows configured

flow-capture raw data 驗證方式

[root@aaa 2015-10-27]# pwd
/var/netflow/flows/completed/C7609/2015/2015-10/2015-10-27
[root@aaa 2015-10-27]#

[root@aaa 2015-10-27]# ll
total 88
-rw-r--r-- 1 root root 92 Oct 27 09:44 ft-v05.2015-10-27.094338+0800
-rw-r--r-- 1 root root 92 Oct 27 09:45 ft-v05.2015-10-27.094401+0800
-rw-r--r-- 1 root root 92 Oct 27 09:46 ft-v05.2015-10-27.094501+0800
-rw-r--r-- 1 root root 92 Oct 27 09:47 ft-v05.2015-10-27.094601+0800
-rw-r--r-- 1 root root 92 Oct 27 09:48 ft-v05.2015-10-27.094701+0800
-rw-r--r-- 1 root root 92 Oct 27 09:49 ft-v05.2015-10-27.094801+0800
-rw-r--r-- 1 root root 92 Oct 27 09:50 ft-v05.2015-10-27.094901+0800
-rw-r--r-- 1 root root 92 Oct 27 09:51 ft-v05.2015-10-27.095001+0800
-rw-r--r-- 1 root root 92 Oct 27 09:52 ft-v05.2015-10-27.095101+0800
-rw-r--r-- 1 root root 92 Oct 27 09:53 ft-v05.2015-10-27.095201+0800
-rw-r--r-- 1 root root 92 Oct 27 09:54 ft-v05.2015-10-27.095301+0800
-rw-r--r-- 1 root root 92 Oct 27 09:55 ft-v05.2015-10-27.095401+0800
-rw-r--r-- 1 root root 92 Oct 27 09:56 ft-v05.2015-10-27.095501+0800
-rw-r--r-- 1 root root 92 Oct 27 09:57 ft-v05.2015-10-27.095601+0800
-rw-r--r-- 1 root root 92 Oct 27 09:58 ft-v05.2015-10-27.095747+0800
-rw-r--r-- 1 root root 92 Oct 27 09:59 ft-v05.2015-10-27.095801+0800
-rw-r--r-- 1 root root 92 Oct 27 10:00 ft-v05.2015-10-27.095901+0800
-rw-r--r-- 1 root root 92 Oct 27 10:01 ft-v05.2015-10-27.100001+0800
-rw-r--r-- 1 root root 92 Oct 27 10:02 ft-v05.2015-10-27.100101+0800
-rw-r--r-- 1 root root 1244 Oct 27 10:03 ft-v05.2015-10-27.100201+0800
-rw-r--r-- 1 root root 92 Oct 27 09:57 tmp-v05.2015-10-27.095701+0800
-rw-r--r-- 1 root root 92 Oct 27 10:03 tmp-v05.2015-10-27.100301+0800
[root@aaa 2015-10-27]#

[root@aaa 2015-10-27]# cat ft-v05.2015-10-27.100201+0800 | flow-stat -f10
# --- ---- ---- Report Information --- --- ---
#
# Fields: Total
# Symbols: Disabled
# Sorting: None
# Name: Source/Destination IP
#
# Args: flow-stat -f10
#
#
# src IPaddr dst IPaddr flows octets packets
#
192.168.1.17 192.168.1.255 1 78 1
192.168.111.7 192.168.111.255 1 78 1
0.0.0.0 255.255.255.255 1 576 1
192.168.222.138 192.168.222.255 1 78 1
192.168.111.46 192.168.111.255 1 156 2
192.168.111.32 192.168.111.255 1 78 1
192.168.1.208 192.168.1.255 1 206 1
192.168.111.138 192.168.111.255 1 78 1
192.168.111.173 192.168.111.255 1 78 1
192.168.111.32 255.255.255.255 1 328 1
169.254.104.223 169.254.255.255 1 78 1
192.168.111.200 192.168.111.255 1 78 1
192.168.1.142 192.168.1.255 1 78 1
192.168.1.152 192.168.1.255 1 156 2
192.168.1.59 192.168.1.255 1 234 3
192.168.111.136 192.168.111.255 1 78 1
192.168.1.149 192.168.1.255 1 312 4
192.168.1.180 192.168.1.255 1 78 1
[root@aaa 2015-10-27]#

以下方式是用來解決 DB 重啟後 plugin_flowview_devices 記錄不存在的問題.

#mysql

mysql> use cacti;
mysql> ALTER TABLE plugin_flowview_devices ENGINE=MyISAM;

====================

# vyos netflow configuration setting ( vyatta )

set system flow-accounting netflow version 5
set system flow-accounting netflow server 192.168.111.xxx port 2205
set system flow-accounting interface eth0
set system flow-accounting netflow timeout expiry-interval 60
set system flow-accounting netflow sampling-rate 500
set system flow-accounting netflow engine-id 0
set system flow-accounting netflow timeout max-active-life 604800
set system flow-accounting netflow timeout flow-generic 3600
set system flow-accounting netflow timeout tcp-fin 300
set system flow-accounting netflow timeout tcp-generic 3600
set system flow-accounting netflow timeout tcp-rst 120
set system flow-accounting netflow timeout icmp 300
set system flow-accounting netflow timeout udp 300

DEMO

xrcd2 網路小頑童

2015年10月26日星期一

Cacti Plugin Flowview 1.1 安裝 SOP

沒有留言:

張貼留言

2015年10月26日 星期一

Cacti Plugin Flowview 1.1 安裝 SOP

沒有留言:

張貼留言

2015年10月26日星期一