BIND 9 Statistics for Cacti

Templates, scripts for templates, scripts and requests for templates.

Moderators: Developers, Moderators

Post Reply
trmentry
Posts: 1
Joined: Mon Jul 14, 2008 10:43 am

Post by trmentry »

I'm hoping that I did something stupid but I can't figure it out.

I recently installed a new bind9 server and wanted to poll it via snmp. I've inherited this project. :(

I found this template/script and I can see the data via snmpwalk.

Code: Select all

mothership:~ # snmpwalk -v 1 -c <no peeking> ns2  .1.3.6.1.4.1.2021.55

iso.3.6.1.4.1.2021.55.1.1 = INTEGER: 1
iso.3.6.1.4.1.2021.55.2.1 = STRING: "GLOBAL"
iso.3.6.1.4.1.2021.55.3.1 = INTEGER: 1745548
iso.3.6.1.4.1.2021.55.4.1 = INTEGER: 4836301
iso.3.6.1.4.1.2021.55.5.1 = INTEGER: 157001
iso.3.6.1.4.1.2021.55.6.1 = INTEGER: 491851
iso.3.6.1.4.1.2021.55.7.1 = INTEGER: 8017
iso.3.6.1.4.1.2021.55.8.1 = INTEGER: 1231689
I added the xml files to the right place and imported the other.

I created my graph and it says that it is graphing. However I get the little red x on the graphs.

I've posted a screenshot of my config. It says that it was sucessful. If I do a verbose query it appears to get the data.

I'm not exaclty sure where to go on this and hope someone can help me out.

I'm running 0.87b of Cacti.
Thanks

edit: clarity and shrink the jpg
Attachments
phpTtXju3AM.jpg
phpTtXju3AM.jpg (101.98 KiB) Viewed 17429 times
eschoeller
Cacti User
Posts: 234
Joined: Mon Dec 13, 2004 3:03 pm

Post by eschoeller »

oldsk8trbabe et al,

Yep, I'm in the same situation - the new version of bind has a different rndc output which does not work with this template/script combination. Honestly, I'm surprised more people haven't been pinging this thread on the issue - everyone should have really upgraded by now!!

I found another post addressing the problem:

http://forums.cacti.net/viewtopic.php?t=27889

but this is using an SSH call to get the stats, which I could use, but I'd prefer not to - it just seems somewhat sloppy.

If no one else has made an effort to fix this to work with Bind 9.5 I may give it a shot ... However, I'm honestly thinking about re-writing it. I'm not a huge fan of the snmp index method that's being used, and while it may be easy to change these scripts, the data that topic 27889 is obtaining is much more complete:

Example:

Code: Select all

A:22041201 AAAA:7980418 ANY:365083 AXFR:372 CNAME:2067 IXFR:932 MX:1710500 NS:1557210 PTR:15318967 SOA:186675 SRV:116598 TXT:1766503 success:51294403 nonauthoritative:20634841 errors:20830475 nxdomain:6219919 recursion:33487474 dropped:36931
So, I may take the best of both this approach and the approach in post 27889 and come up with something different.

My initial thought is to simply populate one OID with that entire output string and use a Data Input Method to parse the different fields into separate Data sources. Granted this approach will not work well for the folks that rely on the indexing for multiple domains - at this point I am only concerned with GLOBAL, but in the future it would be easy to create new OIDs for new domains, and then utilize the pass_persist mentioned earlier to speed up performance. At any rate this may work a bit better because the poller only ends up doing one SNMPGET per domain, and it's up to Cacti to process the data accordingly - even though this really isn't how SNMP usually works.

Anyway, enough of my rambling... Any thoughts on this?
gagadget
Cacti User
Posts: 71
Joined: Tue Feb 21, 2006 9:40 am

Post by gagadget »

ISC seems to have backported the BIND 9.5 stats format to BIND 9.4 from 9.4.2-P1

By the way, don't use 9.5.0 or 9.5.0-P1 because It has a bug that make named consume a huge amount of memory if you have ACLs and lots of zones. Just wait for 9.5.1.

I am the author of the "SSH script" for parsing output of BIND stat, don't hesitate to inform me about improve it, enhance it, clean it.

By the way, I could not use SNMP because all my DNS servers are using Solaris 8 with no way to install net-snmp on it, and some are in DMZ. Plus SNMP is taboo among the secutiry guys here.

What do you mean by sloppy ?
eschoeller
Cacti User
Posts: 234
Joined: Mon Dec 13, 2004 3:03 pm

Post by eschoeller »

Perhaps poor use of the word, and my apologies I didn't mean for it to be offensive in any way - but our security people frown upon tons of passphraseless ssh keys !

Granted I firewall the crap out of our net-snmp agents to make the security people happy too.

Thanks for the tip on 9.5.1
gagadget
Cacti User
Posts: 71
Joined: Tue Feb 21, 2006 9:40 am

Post by gagadget »

eschoeller wrote:Perhaps poor use of the word, and my apologies I didn't mean for it to be offensive in any way - but our security people frown upon tons of passphraseless ssh keys !

Granted I firewall the crap out of our net-snmp agents to make the security people happy too.

Thanks for the tip on 9.5.1
No problem I was also kinding !

When I tried to implement my script with SNMP I really did not understand the way cacti is using indexes, data queries, ...
umarzuki
Posts: 8
Joined: Tue Jul 22, 2008 10:46 pm
Contact:

Post by umarzuki »

pray tell, how did you guys managed to get it even installed. I couldn't find where the named.stats is. Do i need to create it 1st? There's not even a bind/ directory under /var/cache
umarzuki
Posts: 8
Joined: Tue Jul 22, 2008 10:46 pm
Contact:

Post by umarzuki »

umarzuki wrote:pray tell, how did you guys managed to get it even installed. I couldn't find where the named.stats is. Do i need to create it 1st? There's not even a bind/ directory under /var/cache
well..it's actually named to named_stats.txt. I've followed the instructions on INSTALL for snmp but coudn't verify whether SNMP working or not

Code: Select all

[root@localhost ~]# snmpwalk -v 1 -c public 192.168.1.12 .1.3.6.1.4.1.2021.55
End of MIB
bbice
Cacti User
Posts: 71
Joined: Mon May 13, 2002 6:53 pm

Post by bbice »

eschoeller wrote:oldsk8trbabe et al,

Yep, I'm in the same situation - the new version of bind has a different rndc output which does not work with this template/script combination.
I've got a couple of scripts and templates that are working ok with the new bind rndc output format. I haven't bothered to post it here because I know there are so many other templates out there for bind stuff in general, and because my solution was a little... different...

Basically, I inherited a gaggle of machines with munin-node installed on 'em. (the munin server didn't scale at all so they didn't install it widely) So... Not wanting to re-invent the wheel I just wrote a simple script for cacti to call that gathers data from munin-node plugins. Now I can add stuff to cacti using scripts people write for cacti or the various plugins written for munin.

So... If you anyone is still stuck on this and is willing to put munin-node on their system (a simple perl tool), I'd be glad to post my munin-node plugin, the script cacti uses to do munin queries, and all the various templates I've got for them (bind9.5, dnscache, rbldnsd, sendmail)...
umarzuki
Posts: 8
Joined: Tue Jul 22, 2008 10:46 pm
Contact:

Post by umarzuki »

that's very generous of you. I'd love too. How about making somekind of a guide on that too.
bbice
Cacti User
Posts: 71
Joined: Mon May 13, 2002 6:53 pm

Post by bbice »

umarzuki wrote:that's very generous of you. I'd love too. How about making somekind of a guide on that too.
K, I'll put something together in the next day or two and will post it here.

Brent
bbice
Cacti User
Posts: 71
Joined: Mon May 13, 2002 6:53 pm

Post by bbice »

bbice wrote:K, I'll put something together in the next day or two and will post it here.

Brent
Ok, here we go. It appears there's no way to export a data input method (BUMMER!) but I made a README file that describes how to install/setup the included munin-node plugins and how to setup the data input methods. Once those are created, you can just import the two graph templates and the appropriate data templates should come along with 'em.

I'll also attach some sample graph images. If you find this stuff useful, take a moment and look at the new linux kit my employer makes (www.sgi.com). They were kind enough to let me share it here even though I built it on their time. :-)
Attachments
cacti-munin-bind95.zip
the munin plugins, a script to query munin-node plugins in general (using new data input methods), and some template files
(201.91 KiB) Downloaded 1313 times
bind 9.5 queries graph
bind 9.5 queries graph
bind95-queries.png (97.09 KiB) Viewed 16305 times
bind 9.5 stats graph
bind 9.5 stats graph
bind95-stats.png (102.48 KiB) Viewed 16305 times
Last edited by bbice on Mon Sep 15, 2008 9:44 am, edited 2 times in total.
bbice
Cacti User
Posts: 71
Joined: Mon May 13, 2002 6:53 pm

Post by bbice »

One follow-up post... on the bind 9.5 stats graph, the NaN for recursive queries is because this is on an authoritative-only server. This is normally a line element if your bind server is config'd to allow recursive queries.

The perl script can be used to make lots of data input methods for whatever munin-node plugins you want (see the README file). I'd post the dnscache and rbldnsd templates and munin-node plugins here but I think they rely on hacks made to the dnscache and rbldnsd daemons to log extra detail (I'll double-check this and post stuff here if it doesn't require a hack to the daemon).

Brent
Navigator
Posts: 4
Joined: Tue Nov 25, 2008 4:45 am

Post by Navigator »

Can I get some help please?

Telnetting to the machine, I am unable to replicate the README.
fetch bind95stats
.

# Unknown command. Try list, nodes, config, fetch, version or quit
list
open_inodes entropy processes df interrupts netstat swap load sendmail_mailqueue bind95queries df_inode cpu forks open_files memory bind95stats vmstat

fetch bind95queries
.
It's returning "." on the readme it seems like it should return:

Code: Select all

ipv4rec.value 3652375
tcprec.value 95685
authrej.value 390354
recursrej.value 838
xfrrej.value 28646
updrej.value 123604
resptx.value 3652375
success.value 606129
authanswered.value 3094394
referral.value 17
nxrrset.value 399200
failure.value 13036
nxdomain.value 2089065
otherfail.value 418650
rgaglian
Posts: 1
Joined: Wed Dec 17, 2008 9:01 am

No output from script

Post by rgaglian »

Hi,

I am attaching my stats file, I do not get any output from the script.
I am running a bind 9.5p1 and Freebsd 6.3

I tried either the local scriot (bind9-stats.pl) and the snmp script. In both case the output is blank.

Is there something wrong with this stats file?

Thanks
r.

[root@fwi /home/rgaglian]# more /var/run/named.stats
+++ Statistics Dump +++ (1229532782)
++ Incoming Requests ++
31 QUERY
++ Incoming Queries ++
17 A
3 PTR
2 MX
7 AAAA
2 SRV
++ Outgoing Queries ++
++ Name Server Statistics ++
29 IPv4 requests received
2 IPv6 requests received
29 responses sent
20 queries resulted in successful answer
3 queries resulted in authoritative answer
23 queries resulted in non authoritative answer
1 queries resulted in nxrrset
3 queries resulted in SERVFAIL
5 queries resulted in NXDOMAIN
27 queries caused recursion
2 duplicate queries received
++ Zone Maintenance Statistics ++
5 IPv4 notifies sent
5 IPv6 notifies sent
++ Resolver Statistics ++
[Common]
1 mismatch responses received
++ Cache DB RRsets ++
[View: default]
326 A
79 NS
30 CNAME
35 AAAA
58 !AAAA
1 NXDOMAIN
[View: _bind]
++ Per Zone Query Statistics ++
JeffRoberson
Posts: 7
Joined: Fri Jan 16, 2009 3:52 pm

Updated bind9-stats-snmpd.pl for Bind 9.5

Post by JeffRoberson »

I spent some time reworking the bind9-stats-snmpd.pl script to work with Bind 9.5 and SNMPD 5.4.1. There were several problems that I had to fix. First, the layout of the file changed for the Bind9 stats and the script didn't work with the newer version of SNMPD. I hope that this will help some other folks out.

This script is based on the work of Cory Powers. You can find the rest of the files at http://uversaconsulting.net/download/bi ... 1.0.tar.gz

Code: Select all

#!/usr/bin/perl

#
# Script to parse bind9 stats file for net-snmp snmpd agent
#
# Created By: Cory Powers <cory@uversaconsulting.net>
# Modified By: Jeff Roberson <jroberson@bethelks.edu> 16-Jan-2009
# To work with BIND 9.5.0-P2 and SNMPD 5.4.1
#
#
# Include in snmpd.conf
# pass_persist  .1.3.6.1.4.1.2021.55   /usr/bin/perl /usr/local/bin/bind9-stats-snmpd.pl
#
#
# This program requires the SNMP::Extension::PassPersist module from CPAN
# 
# cpan SNMP::Extension::PassPersist
#
# This will create the following MIB trees
#
# .1.3.6.1.4.1.2021.55.1 = Indexes
# .1.3.6.1.4.1.2021.55.2 = Names
# .1.3.6.1.4.1.2021.55.3 = Succesful query count
# .1.3.6.1.4.1.2021.55.4 = Failed query count
# .1.3.6.1.4.1.2021.55.5 = NXDOMAIN query count
# .1.3.6.1.4.1.2021.55.6 = NXRRSET query count
# .1.3.6.1.4.1.2021.55.7 = Referred query count
# .1.3.6.1.4.1.2021.55.8 = Recursive query count
#
# To get the global name server stats you would consult the following oids
#
# .1.3.6.1.4.1.2021.55.1.1 = INTEGER: 1
# .1.3.6.1.4.1.2021.55.2.1 = STRING: GLOBAL
# .1.3.6.1.4.1.2021.55.3.1 = INTEGER: 0
# .1.3.6.1.4.1.2021.55.4.1 = INTEGER: 0
# .1.3.6.1.4.1.2021.55.5.1 = INTEGER: 0
# .1.3.6.1.4.1.2021.55.6.1 = INTEGER: 0
# .1.3.6.1.4.1.2021.55.7.1 = INTEGER: 0
# .1.3.6.1.4.1.2021.55.8.1 = INTEGER: 0
# 
# If per zone statistics are enabled you will receive a tree like
# the one above for each zone. The string will be the zone name and
# view name with an underscore (_) between them.
#
# mydomain.com_internal - zone = mydomain.com, view = internal
#
# 
use SNMP::Extension::PassPersist;

$DEBUG = 0;

$STAT_FILE = "/var/cache/bind/named.stats";
$OID = ".1.3.6.1.4.1.2021.55";
$LOG = "/var/log/bind9-stats.log";

%count_ids = (
	"index" => 1,
	"name" => 2,
	"queries resulted in successful answer" => 3,
	"queries resulted in SERVFAIL" => 4,
	"queries resulted in NXDOMAIN" => 5,
	"queries resulted in nxrrset" => 6,
	"queries resulted in non authoritative answer" => 7,
	"queries caused recursion" => 8
);

# pass_persist handler setup
my $extsnmp = SNMP::Extension::PassPersist->new(
        backend_collect => \&process_stats,
        idle_count      => 60,      # no more than 60 idle cycles
        refresh         => 245,     # refresh every 245 sec
);


sub process_stats{
	# If the file doesn't exist, just return.
	if (!open(STATS,$STAT_FILE)) {
		return;
	}
	
	my $counter=0;
	my $zone = "";
	# A place holder seems to be needed at the top of the tree
	$extsnmp->add_oid_entry("$OID.1.0", "integer", "0");
	while (<STATS>) {
		if (/(.+)\ Name\ Server\ Statistics./) {
			$zone="GLOBAL";
		}
		next if /^[\-\+]/; 
		next if /^\s*$/;
		next if /\[View./;
		next if /\[Common./;
		if (/\[(.+)\]/) {
			$zone=formatzone($1);
		}elsif (/^(\s+) (\d+) (.*)$/) {
			if(!exists($indexes{$zone}) && $zone ne ""){
				$indexes{$zone} = ++$counter;
				# Initial population of the OID tree
				print("add_oid_entry($OID.1.$counter, 'integer', $counter)\n") if ($DEBUG);
                                $extsnmp->add_oid_entry("$OID.1.$counter", "integer", $counter);
				print("add_oid_entry($OID.2.$counter, 'integer', $zone)\n") if ($DEBUG);
                                $extsnmp->add_oid_entry("$OID.2.$counter", "string", $zone);
				# Acutal values from the stats file will overwrite the zeros
				for (my $i=3; $i < 9; $i++) {
					print("add_oid_entry($OID.$i.$counter, 'integer', $zone)\n") if ($DEBUG);
					$extsnmp->add_oid_entry("$OID.$i.$counter", "integer", 0);
				}
			}
			$INDEX=$indexes{$zone};
			$COUNT_ID=$count_ids{$3};
			$VALUE=$2;
		}else{
			next;
		}
		print(">>add_oid_entry($OID.$COUNT_ID.$INDEX, 'integer', $VALUE)\n") if ($DEBUG && $COUNT_ID > 0);
		$extsnmp->add_oid_entry("$OID.$COUNT_ID.$INDEX", "integer", $VALUE) if ($COUNT_ID > 0);
	}	
	close(STATS);
}

sub formatzone{
	$input = shift @_;

	for ($input) {
		s/^\s+//;
		s/\s+$//;
		s/\s/_/;
	}
	return $input
}

# run the program
$extsnmp->run;

exit(0);

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest