MRTG Monitoring Juniper Firewall traffic configuration in Linux

Source: Internet
Author: User
Tags rrd rrdtool snmp mrtg

First, Juniper Open SNMP

The steps to turn on SNMP are the same as yesterday's reference to configuration methods, which is skipped here.
Second, install the configuration MRTG

1, installation

MRTG's official page is http://oss.oetiker.ch/mrtg/, the latest version is 2.17.4. You can choose to compile the installation using the source package, or you can select the system source installation.

The code is as follows Copy Code

#yum-y install MRTG mrtg-libs

It should be noted that MRTG also has a Windows version, because of the personal habit of using Linux here still take Centos/redhat as an example.

2, cfgmaker build configuration file

The code is as follows Copy Code

#cfgmaker--global "WORKDIR:/VAR/WWW/MRTG"--output/etc/mrtg/mrtg.cfg public@192.168.1.2

Cfgmaker can be followed by more parameters, the return parameter content is written to the generated mrtg.cfg file, can also be generated and then modified. The editor Mrtg.cfg pay particular attention to the following lines of configuration:

The code is as follows Copy Code

#时间从左至右显示, the minimum unit bits,growright is not opened, and the default is the time display order from right to left
Options[_]: Growright, Bits
#页面刷新频率, 300s
refresh:300
#也是刷新频率, 5 minutes.
Interval:5
#mrtg默认数据是以文本的格式存在的, add the following content to support the RRDtool database format generation
#LogFormat: RRDtool
#rrdtool程序所在的目录
#PathAdd:/usr/bin/
Enableipv6:no
Workdir:/var/www/mrtg

In addition to the above, some of the other parameters may also be used, which is also listed here:

Workdir//Set up working directory, storing MRTG collected data and generated statistics files
Language//Set the Web page display language = Chinese gb2312
Growright//indicating flow chart changes to the right at any time
Target//indicates the monitored equipment;
The means of =port:community@router the equipment;
Commnunity//Represents SNMP communication password
Directory indicates that the relevant files of the monitoring device are stored in a =/var/www/mrtg/eth0/location;
Default save in Workdir working directory
MaxBytes//Indicates the maximum value of the data being collected. If the collected data is greater than the value, MRTG will ignore and maintain the last data value collected
KMG//Indicator multiplier unit (default per thousand Hop one unit)
Ylegend//Indicates the y-axis unit mark (not in Chinese)
Shortlegend//indicating the unit mark of the data
A textual description of the statistical line of four different colours legend1,2,3,4 respectively
LEGEND1:///////////per 5 min.
Legend2:////////per 5 min.
LEGEND3:///////////per 5 min.
LEGEND4://///////per 5 min.
Legendi,o///Description of data outflow and outflow, respectively
Withpeak//indicating how to display the flow chart
A total of four different colors of the statistical line, green means that the average inflow, blue mean outflow, the maximum inflow of dark dark, purple represents the largest outflow
N represents not set W represents weekly chart, represents monthly chart, Y represents annual chart
Do not set Withpeak, only green inflow and blue outflow
PageTop//Indicates HTML code added to the head of the Web page for customizing the Web page
The <TABLE></TABLE> part that starts with a space is pagetop content, both directly as HTML code

Note: When you use the RRDtool format to save data, the view page needs CGI call data, the available CGI plug-ins have MRTG-RRD, routers2.cgi, 14all.cgi, you can refer to the following pages

Http://oss.oetiker.ch/mrtg/doc/mrtg-rrd.en.html

http://www.fi.muni.cz/~kas/mrtg-rrd/

3. Create the initial Web page

The code is as follows Copy Code

#mrtg/etc/mrtg/mrtg.cfg
#mrtg/etc/mrtg/mrtg.cfg
#mrtg/etc/mrtg/mrtg.cfg

Note that this is normally run three times, the first two times appear warnning is normal.

4, Generate index Home

The code is as follows Copy Code

#indexmaker/etc/mrtg/mrtg.cfg--output/var/www/mrtg/index.html

Now go to the/VAR/WWW/MRTG directory view that you just specified, and you can see that the following files were generated:

The code is as follows Copy Code

#[root@localhost mrtg]# ls/var/www/mrtg/
192.168.1.2_504-day.png 192.168.1.2_509-year.png 192.168.1.2_522-week.png 192.168.1.2_529.old
192.168.1.2_504.html 192.168.1.2_510-day.png 192.168.1.2_522-year.png 192.168.1.2_529-week.png
192.168.1.2_504.log 192.168.1.2_510.html 192.168.1.2_523-day.png 192.168.1.2_529-year.png
192.168.1.2_504-month.png 192.168.1.2_510.log 192.168.1.2_523.html 192.168.1.2_530-day.png
192.168.1.2_504.old 192.168.1.2_510-month.png 192.168.1.2_523.log 192.168.1.2_530.html
192.168.1.2_504-week.png 192.168.1.2_510.old 192.168.1.2_523-month.png 192.168.1.2_530.log
192.168.1.2_504-year.png 192.168.1.2_510-week.png 192.168.1.2_523.old 192.168.1.2_530-month.png
192.168.1.2_505-day.png 192.168.1.2_510-year.png 192.168.1.2_523-week.png 192.168.1.2_530.old
192.168.1.2_505.html 192.168.1.2_511-day.png 192.168.1.2_523-year.png 192.168.1.2_530-week.png
192.168.1.2_505.log 192.168.1.2_511.html 192.168.1.2_524-day.png 192.168.1.2_530-year.png
192.168.1.2_505-month.png 192.168.1.2_511.log 192.168.1.2_524.html 192.168.1.2_531-day.png
192.168.1.2_505.old 192.168.1.2_511-month.png 192.168.1.2_524.log 192.168.1.2_531.html
192.168.1.2_505-week.png 192.168.1.2_511.old 192.168.1.2_524-month.png 192.168.1.2_531.log
192.168.1.2_505-year.png 192.168.1.2_511-week.png 192.168.1.2_524.old 192.168.1.2_531-month.png
192.168.1.2_506-day.png 192.168.1.2_511-year.png 192.168.1.2_524-week.png 192.168.1.2_531.old
192.168.1.2_506.html 192.168.1.2_515-day.png 192.168.1.2_524-year.png 192.168.1.2_531-week.png
192.168.1.2_506.log 192.168.1.2_515.html 192.168.1.2_526-day.png 192.168.1.2_531-year.png
192.168.1.2_506-month.png 192.168.1.2_515.log 192.168.1.2_526.html 192.168.1.2_533-day.png
192.168.1.2_506.old 192.168.1.2_515-month.png 192.168.1.2_526.log 192.168.1.2_533.html
192.168.1.2_506-week.png 192.168.1.2_515.old 192.168.1.2_526-month.png 192.168.1.2_533.log
192.168.1.2_506-year.png 192.168.1.2_515-week.png 192.168.1.2_526.old 192.168.1.2_533-month.png
192.168.1.2_508-day.png 192.168.1.2_515-year.png 192.168.1.2_526-week.png 192.168.1.2_533.old
192.168.1.2_508.html 192.168.1.2_520-day.png 192.168.1.2_526-year.png 192.168.1.2_533-week.png
192.168.1.2_508.log 192.168.1.2_520.html 192.168.1.2_527-day.png 192.168.1.2_533-year.png
192.168.1.2_508-month.png 192.168.1.2_520.log 192.168.1.2_527.html Favicon.ico
192.168.1.2_508.old 192.168.1.2_520-month.png 192.168.1.2_527.log index.html
192.168.1.2_508-week.png 192.168.1.2_520.old 192.168.1.2_527-month.png Mrtg-l.gif
192.168.1.2_508-year.png 192.168.1.2_520-week.png 192.168.1.2_527.old Mrtg-l.png
192.168.1.2_509-day.png 192.168.1.2_520-year.png 192.168.1.2_527-week.png Mrtg-m.gif
192.168.1.2_509.html 192.168.1.2_522-day.png 192.168.1.2_527-year.png Mrtg-m.png
192.168.1.2_509.log 192.168.1.2_522.html 192.168.1.2_529-day.png Mrtg-r.gif
192.168.1.2_509-month.png 192.168.1.2_522.log 192.168.1.2_529.html Mrtg-r.png
192.168.1.2_509.old 192.168.1.2_522-month.png 192.168.1.2_529.log Mrtg-ti.gif
192.168.1.2_509-week.png 192.168.1.2_522.old 192.168.1.2_529-month.png Mrtg-ti.png

5, configure crontab Timing Data acquisition

The code is as follows Copy Code

#vi/ETC/CRON.D/MRTG
*/5 * * * * root lang=c lc_all=c/usr/bin/mrtg/etc/mrtg/mrtg.cfg--lock-file/var/lock/mrtg/mrtg_l--confcache-file/var/ Lib/mrtg/mrtg.ok

6, configure Apache alias display

The code is as follows Copy Code

Alias/mrtg/var/www/mrtg
<Location/mrtg>
#Order Deny,allow
#Deny from all
#Allow from 192.168.1.11
</Location>

The above is just a configuration example, and device access control is available if necessary.

7, optimize

Because it is a network device, mainly used to view the next network traffic, and from the 4th can be seen, its collection of all the port can be collected traffic, in fact, many times is not used or not we want to see, here will need to edit the Mrtg.cfg file only need to monitor the port ID, You also need to modify the contents of the Indexmaker generated home page file. The final effect of the following figure:

If you also need to monitor the CPU, memory and other information, you need to write scripts to obtain data written by Snmpwalk and save, and in the Mrtg.cfg file to do the corresponding configuration, and finally in the graphical interface to display.

Third, MRTG and host performance monitoring

Because this part is not the focus of this article, just incidentally, MRTG can also through SNMP to host the disk, CPU, memory and other information monitoring. The SNMP service needs to be turned on on the host. Linux is installed below (Windows can also be added to add a removal program):

The code is as follows Copy Code

# yum Install Net-snmp

After the installation is complete, you need to edit the SNMP configuration file because many of the information is not allowed to be obtained by default:

The code is as follows Copy Code

# vim/etc/snmp/snmp.conf
View SystemView included. 1.3.6.1.2.1.1
#下面这一行为新增, for gathering traffic information
View SystemView included. 1.3.6.1.2.1.2
View SystemView included. 1.3.6.1.2.1.25.1.1

Remember to reboot the SNMP service after the modification is complete. At the same time as the monitoring part of disk and mem, there are related configuration samples in the snmpd.conf, as well as the relevant examples of script execution, the parameter sample can be modified.

After the completion of the above steps configuration, and then refer to the above MRTG monitoring equipment process, repeated execution can be.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.