Nagios – SNMP Trap integration October 14, 2009

We need to check the followings first:

1. A host that has nagios installed and configured. Get Nagios.
2. Forward SNMP traps from the device you want to monitor to the nagios host and make sure that the traps reach the nagios host. By default it should be UDP traffic on port 162. On a windows machine it should be under Services. Look for snmp service and configure it.
3. The MIBs of the device you want to monitor. Ask the manufacturer or look for that online. Sometimes you might be able to find them publicly available.
4. Install snmptrapd which is part of the open source package net-snmp. snmptrapd is a daemon that listens for SNMP messages and can trigger different events based on each message.

Configure snmptrapd

create a new file called snmptrapd.conf and add the following lines:

authCommunity log,execute,net public
traphandle default /opt/snmptrap/sbin/snmptt –ini=/opt/snmptrap/etc/snmptt.ini

build issue for pidgin on debian June 29, 2009

Here is, what I needed to install additionally:

XSceenSaver development headers: libxss-dev
Startup notification development headers: libstartup-notification0-dev
GtkSpell development headers: libaspell-dev libgtkspell-dev
libxml2 >= 2.6.0 development headers: libxml2-dev
GStreamer development headers: libgstreamer0.10-dev
Meanwhile development headers: libmeanwhile-dev
avahi development headers: –disable-avahi
D-Bus development headers : libdbus-1-dev libdbus-glib-1-dev
NetworkManager development headers: network-manager-dev
Perl development headers: libperl-dev
GnuTLS or NSS SSL development headers: libnss3-dev
Tcl development headers: tcl8.4-dev
Tk development headers: tk8.4.dev

after installing these packages run the config scripts as follow -

./configure –prefix=/usr/local/pidgin –enable-nss –disable-avahi –disable-tk

Don’t forget to export this path on your PATH variable!!

Perhaps this saves some googleing.

If you still fails to run pidgin ..

just remove the .purple dir from your home and run ldconfig and then run pidgin again.

Rotating log using logadm June 11, 2009

logadm is a general log rotation tool that is suitable for running from cron.

Without arguments, logadm reads the /etc/logadm.conf file, and for every entry found in that file checks the corresponding log file to see if it should be rotated. Typically this check is done each morning by an entry in the root’s crontab.

Examples,

1 Rotating a File and Keeping Previous Versios -The following example rotates the /var/adm/exacct/proc file, keeping ten previous versions in /var/adm/exacct/proc.0 through /var/adm/exacct/proc.9.

% logadm -c /var/adm/exacct/proc

2 Rotating syslog – The following example rotates syslog and keeps eight log files. Old log files are put in the directory /var/oldlogs instead of /var/log:

% logadm -C8 -t’/var/oldlogs/syslog.$n’ /var/log/syslo

3 Rotating /var/adm/sulog and Expiring Based on Age – The following entry in the /etc/logadm.conf file rotates the /var/adm/sulog file and expires any copies older than 30 days.

/var/adm/sulog -A 30d

4 Rotating Files and Expiring Based on Disk Usage -The following entry in the /etc/logadm.conf file rotates the /var/adm/sulog file and expires old log files when more than 100 megabytes are used by the sum of all the rotated log files.

/var/adm/sulog -S 100m

5 Creating an Entry that Stores the Logfile Name – This example creates an entry storing the log file name and the fact that we want to keep 20 copies in /etc/logadm.conf, but the -p never means the entry is ignored by the normal logadm run from root’s crontab every morning.

% logadm -w locallog /usr/local/logfile -C20 -p never

Use the following entry on the command line to override the -p never option:

% logadm -p now locallog

6 Rotating the apache Error and Access Logs – The following example rotates the apache error and access logs monthly to filenames based on current year and month. It keeps the 24 most recent copies and tells apache to restart after renaming the logs.

This command is run once, and since the -w option is specified, an entry is made in /etc/logadm.conf so the apache logs are rotated from now on.

% logadm -w apache -p 1m -C 24\
-t ‘/var/apache/old-logs/$basename.%Y-%m’\
-a ‘/usr/apache/bin/apachectl graceful’\
‘/var/apache/logs/*{access,error}_log’

This example also illustrates that the entry name supplied with the -w option doesn’t have to match the log file name. In this example, the entry name is apache and once the line has been run, the entry in /etc/logadm.conf can be forced to run by executing the following command:

% logadm -p now apache

Because the expression matching the apache log file names was enclosed in quotes, the expression is stored in /etc/logadm.conf, rather than the list of files that it expands to. This means that each time logadm runs from cron it expands that expression and checks all the log files in the resulting list to see if they need rotating.

The following command is an example without the quotes around the log name expression. The shell expands the last argument into a list of log files that exist at the time the command is entered, and writes an entry to /etc/logadm.conf that rotates the files.

logadm -w apache /var/apache/logs/*_log

The following example shows how to add an entry to rotate and compress the IP filter logfiles once per week:

$ logadm -w /var/log/ipflog -C 8 -P ‘Fri Jul 14 23:05:38 2006′ \
-a ‘/usr/sbin/svcadm refresh system-log’ -g root -m 644 \
-o root -p 7d -z 0

This example has several interesting options. The first parameter contains the logfile to rotate, the “-C” option indicates how many copies to keep, the “-a” option lists a command to run after the file is rotated, the “-g,” “-o” and “-m” options indicate the user, group and permissions to apply to the logfiles, the “-p” option indicates how often to rotate the file, and the “-z” option can be used to compress logfiles after they are rotated.

Comparison between different monitoring tools June 7, 2009

comparison

First of all, there are few key factors that none of the products could beat nagios. Here are they

1.    Nagios is extremely lightweight. It can process hundreds of checks per minute with minimal impact on monitored

hosts. (Host means anything that you monitor).

Whereas most of the products are developed using Java and very heavy on operation. They uses Agents for better

metric data collection which are also in most cases written in Java. They support SNMP based checks as well but

that’s the same info that Nagios can pull.

2.   Web interface of Nagios is pretty simple and HTML based which makes faster access to it and gives a whole

overview/snapshot of current status just in a single HTML page. Navigation to right information is lot simpler

whereas for other products its pretty complex and you’ve to do a lot of “clicks” to get to the right information.

3.    Nagios is highly customizable compared to other products. To get most out of the rest of the products you need to

go for commercial or enterprise versions which is pretty costly and they provide less customization. ( probably

to get their support, I’m not sure though).

4.    None has a “Firefox plugin” like Nagios, which I think an indispensable part of (and I think others who use

Nagios for their infrstructure monitoring)  monitoring. We all can remotely monitors and far from our

infrastructure and we need this little friend very much.

The biggest lackings for nagios is that it doesn’t have any Trap Handler. Other products have but it seems this

featuere is everyone’s key selling feature. Some have it in commercial version and some, like OpenNMS, has this

with very complex configuration process. But we have a basic trap processing integrated with nagios.And I think

with more time investment and development effort we can make it better for processing all the traps.

In general, I haven’t found any product that we evaluated highly better than Nagios that could lead us to

abandon Nagios and go for that product. And none will work out of the box to monitor  each and everything that

we have. Doesn’t matter what product we choose we’ll have to extend it by writng/developing add-ons/plugins.

I liked SMC most among all the products. Just because it gives lot more insight on SUN boxes. By using SMC we can

get alerts for any kind of hardware failure on SUN boxes, can do a deep monitoring for those. SMC’s agents ( that

run on SUN hosts) are essentally SNMP agents with  extra functionality compared to the SNMP agents that we use

now. Also, if we just buy EventGateway and ScriptRunner module from Halcyon (which wi’ll cost roughly $20k) we

can monitor our other equipments too by SMC. But that’d involve lots of Custom Scipts development for things

that  don’t send Traps.

Sun xVM Virtual Box September 16, 2008

This is a quick guide to install Sun xVM Virtual Box on Debian Linux.
First download the required binary of Sun xVM Virtual Box from the following link

http://virtualbox.org/wiki/Linux_Downloads

Become root user and run

dpkg -i virtualbox-2.0_2.0.2-36488_Debian….

If you face dependency problem then simply run

apt-get -f install

and then again run

dpkg -i virtualbox-2.0_2.0.2-36488_Debian….

You are Done!!

Now run the following command as regular user from your konsole

VirtualBox &

Now like VMware you can either create a new VM image or use the existing VM image.

Before running your virtual machine please fix the following thing first. The critical part of Sun xVM is that by default uses NAT to reach other machines in your LAN or elsewhere.But we want Bridge.

For that we need some extra packages and need to modify our current network settings.

First,

apt-get install uml-utilities bridge-utils

Second,

adduser <yourusername> uml-net

Third,

Just add the couple of lines on /etc/network/interfaces

####### Following setup for Sun xVM Virtual Box #########

auto tap0
iface tap0 inet manual
up ifconfig $IFACE 0.0.0.0 up
down ifconfig $IFACE down
tunctl_user <your username> [don forget to change this]

auto br0
iface br0 inet static
address 192.168.x.x [your current assigned ip]
netmask 255.255.x.x
gateway 192.168.x.x
bridge_ports all tap0

Now Just restart your network service

/etc/init.d/networking restart

Make sure, at the GUI VirtualBox panel, select “Network”, Select “Host Interface” at “Attached to” and fill in the blank to “tap0″ at “Interface Name”.

thats it!!!

Now run your Virtual machine …

Hot Key for running your Sun xVM Virtual Box-

To run the Virtual Box — VirtualBox &
To start a machine just select the machine and click start (in your case there are only one
machine and just click start).
For Fullscreen — right ctrl+F
To exit Fullscreen — right ctrl+F
To release the cursor — right ctrl.