Sunday, August 26, 2012

Observium vs. Cacti

I have deployed observium in an Ubuntu (12.04) today. I have stumbled upon observium while searching for Network Monitoring software, and the demo seemed pretty impressive. The installation was not very hard, and observium has been running quite smoothly. Below, I give my opinion -

  1. Both observium and cacti have similar graph. But observium gives cool previews when the cursor is placed over the graph.
  2. observium has tool for real time graph ( with update interval as low as 1 sec O_O ) whereas cacti graphs are updated every 5 minutes.
  3. observium is an auto-discovery program, whereas in cacti, every graph has to be manually added. By auto-discovery, I mean that whenever a device is added, all possible graphs are automatically generated.
  4. Both observium and cacti provide a lot of customization for user access.
Still, I think I will be continuing using cacti. The main reason behind this decision is-
  1. observium can not work without proper DNS. Actually, auto-discovery protocol states that every device should be accessible by name. On the other hand, cacti can work smoothly with both hosnames and IP addresses. I know there are workarounds for the DNS problems, and anyone who can work with /etc/hosts can tweak it, but I see this as a drawback.
 So, I will be sticking to cacti. I have been using cacti for a while, and I am very happy with it. ^_^

Wednesday, August 22, 2012

Custom Mail Log Rotation Script

Thanks to google, I was able to find a command to create files as filename_DATE.

Usually, all logs are automatically rotated if logrotate is installed. However, I’m creating a custom script to rotate mail logs. Thought I'd share. ^_^

Paste your text here.# vim /root/rotate

##### this script will be used by crond to rotate mail log #####

/etc/init.d/postfix stop
/etc/init.d/dovecot stop

cat /var/log/maillog > "/var/log/maillog_`date '+%d-%m-%Y'`"
echo > /var/log/maillog

gzip "/var/log/maillog_`date '+%d-%m-%Y'`"

/etc/init.d/postfix start
/etc/init.d/dovecot start

##### end of script #####

# chmod 744 /root/rotate


# crontab -e

#### run the script every 10 days ####

00 00 */10 * * /root/rotate


/etc/init.d/crond restart

Saturday, August 18, 2012

Ipplan on CentOS 6

Ipplan is a cool piece of open source software that can be used to manage IP. It can be used by both Service Providers to maintain their IP block leased from RIRs, as well as by private organizations to keep track of the IP addresses in their LAN. It is a web based application, and setting up is not a tough job.

I will be using a CentOS6 box and unzip method. Mysql, php and httpd is needed to run Ipplan.

Setting up the dependencies

[root@localhost ~]# yum install httpd  php-mysql  mysql-server  php-common
 unzip php php-cli wget

Now that the necessary softwares are installed, time to start 'em.
[root@localhost ~]# service  httpd start; service mysqld start; chkconfig httpd on; chkconfig mysq

Downloading Package

Ipplan can be downloaded using the following link
[root@localhost ~]# wget

Setting Up Ipplan

[root@localhost ~]# unzip
[root@localhost ~]# cp    -r    ipplan    /var/www/html/

And we prepare the database and tables required for Ipplan-
[root@localhost ~]# mysqladmin -u root password NEWPASSWORD
[root@localhost ~]# mysqladmin -u root -p create ipplan 

[root@localhost ~]# mysql -u root -p ipplan 

    mysql> grant all on ipplan.* to ipplan@localhost;
    mysql> set password for ipplan@localhost=password("ipplanpw");
    mysql> FLUSH privileges;
    mysql> \q 

Now, it's time to prepare the configuration files of Ipplan.
[root@localhost ~]# vi /var/www/html/ipplan/config.php 

    // the database user and password is NOT the same user and password
    // used to access IPplan as a regular user.
    define("DBF_TYPE", 'maxsql');
    define("DBF_HOST", 'localhost');
    define("DBF_USER", 'ipplan');
    define("DBF_NAME", 'ipplan');
    define("DBF_PASSWORD", 'ipplanpw');

    // define global admin user and passwd. This is NOT the same user
    // and password that the databases use.
    define("ADMINUSER", 'admin');
    define("ADMINPASSWD", 'ipplanpw');
    define("ADMINREALM", 'IPplan admin authentication');

We have to set the necessary ownership and permissions.
[root@localhost ~]# chmod  -R  750  /var/www/html/ipplan
[root@localhost ~]# chown  -R  apache2  /var/www/html/ipplan/

We have to set our timezones as well.
[root@localhost ~]# vi /etc/php.ini

    ### Modify the line to match your configuration ###
    date.timezone = Asia/Dhaka 

Tuning the firewall is necessary too. For demonstration, I am flushing the firewall
[root@localhost ~]# iptables  -F;  service iptables save

Finalizing the installation

Now, we have to open our favorite browser and input this url:
#### my IP address is ####

Configuring Ipplan

The following steps illustrate the configuration of Ipplan

Step1: Running the Install Script

Step 2
Step 3
Step 4: Creating a New Group
Step 5

Step 6: Creating a New User

Step 7
Step 8: Creating a new AS
Step 9
Step 10: Creating a Supernet
Step 11

Step 12: Creating a Subnet

Step 13: Modifying the Subnet
And that's it. It may have been lengthy, but it wasn't that hard, was it?

Hope this helps.

Monday, August 13, 2012

Nagios: Monitoring a custom

I'm using Debian 6 and Nagios3.

Sometimes, it becomes essential to monitor a non-standard port in Nagios. An example may be monitoring TCP port 5555.

Before we start, there is something that needs to be known- 
  • Nagios has included a bunch of custom command. The commands are defined in the directory /etc/nagios-plugins/config/
  • The executable for these defined commands are located in /usr/lib/nagios/plugins/
Since we want to monitor a custom TCP port, we will use Nagios's existing TCP checking tool. We will just add port 5555 as an argument to the command.

  • Checking

root@dragonfly:~# /usr/lib/nagios/plugins/check_tcp -H -p 5555
TCP OK - 0.001 second response time on port 55|time=0.000502s;;;0.000000;10.000000

So, we can certainly conclude that port 5555 is accessible.

  • Defining the command
vim /etc/nagios-plugins/config/tcp_udp.cfg


define command{
     command_name check_tcp_5555
     command_line $USER1$/check_tcp -h $HOSTADDRESS$ -p 5555 -4

  • Defining a host to use the command
root@dragonfly:~#vim /etc/nagios3/conf.d/localhost_nagios2.cfg

define host{
        use                     linux-hosts
        host_name               bee
        alias                   bee

define host{
        use                     linux-hosts
        host_name               dragonfly
        alias                   dragonfly

define hostgroup{
        hostgroup_name  linux-hosts
        alias           Linux Hosts
        members         dragonfly, bee;

define service{
        use                             generic-service         ; Name of service template to use
        hostgroup_name                  linux-hosts
        service_description             Check Host
        check_command                   check-host-alive
        check_command                   check_tcp_5555        ; our customized command

  • Restarting the service
Finally, time to restart the nagios service.

root@dragonfly:~# /etc/init.d/nagios3 restart

Nagios should now be monitoring TCP port 5555. We can check it out by going to the Nagios page in the browser ^_^.

If it doesn't, check out the Nagios log at /var/log/nagios3/nagios.log.

Hope this helps.

Sunday, August 12, 2012

GUI Grub Customizer for Ubuntu

For those who want a GUI to easily maintain grub entries, for example, to change the default OS to be booted, here is a handy tool -

sudo add-apt-repository ppa:danielrichter2007/grub-customizer
sudo apt-get update
sudo apt-get install grub-customizer

Here's a thumbnail.

Grub Customizer
Hope this helps.