Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH
Moderators: Developers, Moderators
In case there's anyone still interested... I've figured out the logic of the script.
As an example, suppose we want to check the number of tcp connections to the port 143 in host 192.168.1.1:
We should query
/usr/bin/snmpwalk -On -c public -v1 192.168.1.1 .1.3.6.1.2.1.6.13.1.3.192.168.1.1.143
In the script there's an error:
Where it says
It should be:
Please note that $IPADDRESS and $SYSTEMNAME are exchanged.
Once corrected the script, one way to check it is:
./tcp_conns.sh hostname.test.com 143 192.168.1.1 public
good luck!
Cris.
As an example, suppose we want to check the number of tcp connections to the port 143 in host 192.168.1.1:
We should query
/usr/bin/snmpwalk -On -c public -v1 192.168.1.1 .1.3.6.1.2.1.6.13.1.3.192.168.1.1.143
In the script there's an error:
Where it says
Code: Select all
CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`
Code: Select all
CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $SYSTEMNAME .1.3.6.1.2.1.6.13.1.3.$IPADDRESS.$PORT | $WCBINARY -l`
Once corrected the script, one way to check it is:
./tcp_conns.sh hostname.test.com 143 192.168.1.1 public
good luck!
Cris.
If the above doesn't work for you, you can try the following thread which doesn't requires any scripts.
In this case, modify /etc/snmp/snmp.conf, and add:
proc smb
After that, follow this thread to get the 'ucd/net - Get Monitored Processes' data queries going you will be set.
http://forums.cacti.net/about9805.html
In this case, modify /etc/snmp/snmp.conf, and add:
proc smb
After that, follow this thread to get the 'ucd/net - Get Monitored Processes' data queries going you will be set.
http://forums.cacti.net/about9805.html
I have some trouble adding this template.
Running on localhost
RDD tool says:
/usr/bin/rrdtool graph - \
--imgformat=PNG \
--start=-86400 \
--end=-60 \
--title="MAGNETO - Active FTP Connections" \
--rigid \
--base=1000 \
--height=120 \
--width=600 \
--alt-autoscale-max \
--lower-limit=0 \
--vertical-label="" \
--slope-mode \
--font TITLE:12: \
--font AXIS:8: \
--font LEGEND:10: \
--font UNIT:8: \
DEF:a="/var/lib/cacti/rra/magneto_ftp_conns_123.rrd":ftp_conns:LAST \
AREA:a#FF0000FF:"No. FTP Connections" \
GPRINTLAST:"Current\:%8.2lf %s" \
GPRINTAVERAGE:"Average\:%8.2lf %s" \
GPRINTMAX:"Maximum\:%8.2lf %s\n"
RRDTool Says:
ERROR: the RRD does not contain an RRA matching the chosen CF
Any suggestion?
Running on localhost
RDD tool says:
/usr/bin/rrdtool graph - \
--imgformat=PNG \
--start=-86400 \
--end=-60 \
--title="MAGNETO - Active FTP Connections" \
--rigid \
--base=1000 \
--height=120 \
--width=600 \
--alt-autoscale-max \
--lower-limit=0 \
--vertical-label="" \
--slope-mode \
--font TITLE:12: \
--font AXIS:8: \
--font LEGEND:10: \
--font UNIT:8: \
DEF:a="/var/lib/cacti/rra/magneto_ftp_conns_123.rrd":ftp_conns:LAST \
AREA:a#FF0000FF:"No. FTP Connections" \
GPRINTLAST:"Current\:%8.2lf %s" \
GPRINTAVERAGE:"Average\:%8.2lf %s" \
GPRINTMAX:"Maximum\:%8.2lf %s\n"
RRDTool Says:
ERROR: the RRD does not contain an RRA matching the chosen CF
Any suggestion?
Ubuntu Server 10.04
Cacti 0.8.7.e
Cacti 0.8.7.e
-
- Posts: 20
- Joined: Wed Feb 20, 2008 1:57 pm
Re: Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH
I was never able to get the snmp walk to work either. It seems like the port is not what comes after the IP on my CentOS systems, it's some 5 digit number followed by the ip again and then the port.
Re:
How can I use it in windows? I donn't know how to modify the tcp_conns.sh file. Would you please guide me? Thank you very much.acacioas wrote:I made some modifications on the script and on the graph_template..
Now, you need only to choose what interface to check the connections and the port.
The graph title may be modified (this is important if you have more than one IP per host to check, like me..)
The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
Re: Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH
Hum, does anybody provide a windows version?
Re:
[/quote][/quote]UKS-Gavin wrote:Change the script to be like this instead;
Code: Select all
#!/bin/bash # Code updated by Gavin Conway # Gavin@Essociate.co.uk #------- User customisation area --------------# SNMPWALKBINARY=/usr/bin/snmpwalk ECHOBINARY=/bin/echo WCBINARY=/usr/bin/wc #-------- Do not edit below this line ----------# SYSTEMNAME=$1 PORT=$2 IPADDRESS=$3 COMMUNITY=PUTYOURCOMMUNITYNAMEHEREIFYOUWANTTHISTOWORK!!!!!!! if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]] then echo "Usage: tcp_conns.sh hostname port ipaddress community" fi CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l` let "CONNECTIONS = $CONNECTIONS -1" $ECHOBINARY $CONNECTIONS
What do i have to enter at "IP address of interface of the tcp connection"? Should this be the host ip or my ip in this network?
Aehm - Does this script still monitor a hosts ssh/tcp connections or does ist monitor MY connections what would make no sense..
Who is online
Users browsing this forum: No registered users and 7 guests