Unable to view graphs - graph debug also not working

[BSOD2600]

1) I suggest you read the guide in my signature.

2) Turn the polling level in cacti to debug (Settings | Polling level) for one cycle and paste the output of the actual log file (./cacti/log/cacti.log). If it contains WEBLOG entries, then don't bother posting since they just clutter up the log. Turn off WEBEVENTS logging and try again.

[PiercedKnob]

Hi there,

I can confirm that i have already read your guide and followed it to the letter, thats how i have managed to get this far

I can also confirm that the graphs rra folder is being updated with the graph information as it should just that the graphs do not display.

I think below is the debug trace that you were after. I look forward to your reply.

01/03/2006 10:46:01 AM - POLLER: Poller[0] DEBUG: About to Spawn a Remote Process [CMD: F:/php511/php.exe, ARGS: -q F:/Webroot/cacti/poller_export.php]
01/03/2006 10:46:01 AM - POLLER: Poller[0] DEBUG: About to Spawn a Remote Process [CMD: F:/php511/php.exe, ARGS: -q F:/Webroot/cacti/poller_commands.php]
01/03/2006 10:46:01 AM - SYSTEM STATS: Time:1.0201 Method:cmd.php Processes:1 Threads:N/A Hosts:5 HostsPerProcess:5 DataSources:3 RRDsProcessed:3
01/03/2006 10:46:01 AM - POLLER: Poller[0] CACTI2RRD: F:/rrdtool/rrdtool.exe update F:\Webroot\cacti\rra\sharples_cp_router_address_loss_14.rrd --template min:avg:max:dev:loss 1136285160:0.6400:0.6625:0.6800:0.0148:0.0000
01/03/2006 10:46:01 AM - POLLER: Poller[0] CACTI2RRD: F:/rrdtool/rrdtool.exe update F:\Webroot\cacti\rra\markland_hill_router_address_loss_13.rrd --template min:avg:max:dev:loss 1136285160:0.6600:0.6700:0.6900:0.0122:0.0000
01/03/2006 10:46:01 AM - POLLER: Poller[0] CACTI2RRD: F:/rrdtool/rrdtool.exe update F:\Webroot\cacti\rra\sunning_hill_internet_link_loss_12.rrd --template min:avg:max:dev:loss 1136285160:23.0800:23.4800:23.8900:0.3717:0.0000
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'loss:0.0000' [map loss->loss]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'dev:0.0148' [map dev->dev]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'max:0.6800' [map max->max]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'avg:0.6625' [map avg->avg]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'min:0.6400' [map min->min]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'loss:0.0000' [map loss->loss]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'dev:0.0122' [map dev->dev]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'max:0.6900' [map max->max]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'avg:0.6700' [map avg->avg]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'min:0.6600' [map min->min]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'loss:0.0000' [map loss->loss]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'dev:0.3717' [map dev->dev]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'max:23.8900' [map max->max]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'avg:23.4800' [map avg->avg]
01/03/2006 10:46:01 AM - POLLER: Poller[0] Parsed MULTI output field 'min:23.0800' [map min->min]
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Time: 0.3212 s, Theads: N/A, Hosts: 4
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: PHP Script Server Shutdown request received, exiting
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[6] DS[14] SERVER: F:/Webroot/cacti/scripts/ss_fping.php ss_fping 10.11.29.254 4 ICMP, output: min:0.6400 avg:0.6625 max:0.6800 dev:0.0148 loss:0.0000
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] SERVER: F:/Webroot/cacti/scripts/ss_fping.php ss_fping 10.11.29.254 4 ICMP output min:0.6400 avg:0.6625 max:0.6800 dev:0.0148 loss:0.0000
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: INCLUDE: 'F:/Webroot/cacti/scripts/ss_fping.php' SCRIPT: 'ss_fping' CMD: '10.11.29.254 4 ICMP'
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[6] SNMP: SNMP not performed due to setting or ping result.
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[6] PING: Host is Alive
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[5] DS[13] SERVER: F:/Webroot/cacti/scripts/ss_fping.php ss_fping 10.10.51.254 4 ICMP, output: min:0.6600 avg:0.6700 max:0.6900 dev:0.0122 loss:0.0000
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] SERVER: F:/Webroot/cacti/scripts/ss_fping.php ss_fping 10.10.51.254 4 ICMP output min:0.6600 avg:0.6700 max:0.6900 dev:0.0122 loss:0.0000
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: INCLUDE: 'F:/Webroot/cacti/scripts/ss_fping.php' SCRIPT: 'ss_fping' CMD: '10.10.51.254 4 ICMP'
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[5] SNMP: SNMP not performed due to setting or ping result.
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[5] PING: Host is Alive
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[4] DS[12] SERVER: F:/Webroot/cacti/scripts/ss_fping.php ss_fping 10.10.9.254 4 ICMP, output: min:23.0800 avg:23.4800 max:23.8900 dev:0.3717 loss:0.0000
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] SERVER: F:/Webroot/cacti/scripts/ss_fping.php ss_fping 10.10.9.254 4 ICMP output min:23.0800 avg:23.4800 max:23.8900 dev:0.3717 loss:0.0000
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: INCLUDE: 'F:/Webroot/cacti/scripts/ss_fping.php' SCRIPT: 'ss_fping' CMD: '10.10.9.254 4 ICMP'
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[4] SNMP: SNMP not performed due to setting or ping result.
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] Host[4] PING: Host is Alive
01/03/2006 10:46:00 AM - CMDPHP: Poller[0] PHP Script Server Started Properly
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] PHP Script Server has Started - Parent is cmd
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: FILENM: f:\Webroot\cacti\script_server.php
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: DIRNAM: f:/webroot/cacti
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: GETCWD: f:/webroot/cacti
01/03/2006 10:46:00 AM - PHPSVR: Poller[0] DEBUG: SERVER: cmd
01/03/2006 10:46:00 AM - POLLER: Poller[0] DEBUG: About to Spawn a Remote Process [CMD: F:/php511/php.exe, ARGS: -q f:/webroot/cacti/cmd.php 0 6]

Kind Regards

Wayne

[BSOD2600]

Well since your rrd files are being updated every 5 minutes with data, then your graphs not displaying is likely a permission problem or configuration error.

1) Have you specified the RRDTool Default Font Path to a valid font?
2) Give COMPUTERNAME\IUSR_XXXX and COMPUTERNAME\IIS_WPG users read & execute permissions to rrdtool.exe

[PiercedKnob]

Fairly sure i have done that but i will double check when in work and get back to ya.

Thanks again for the prompt response

Wayne

[PiercedKnob]

Hmm, are you running in Windows? If so, please set an environment variable RRD_DEFAULT_FONT sot something like %WIDIR%/Fonts/cour.ttf for the system. Then, try again. Please note, your open command prompt will not inherit the changes, you will have to open a new command prompt.

TheWitness

This has now worked in the dos window. I did need to substitue the %windir% because it didn't like using the environment variable.

Cheers

Wayne

[PiercedKnob]

Well since your rrd files are being updated every 5 minutes with data, then your graphs not displaying is likely a permission problem or configuration error.

1) Have you specified the RRDTool Default Font Path to a valid font?
2) Give COMPUTERNAME\IUSR_XXXX and COMPUTERNAME\IIS_WPG users read & execute permissions to rrdtool.exe

Yes, both these are configured correctly but the graphs still show a red cross. I am going to rebuild the server and try going through your installation instructions again.

Cheers

Wayne

[PiercedKnob]

Well, tried to rebuild the server from scratch (well a base image) and after installing PHP5.1.1, MySQL 4.1 and installing the rrdtool, cacti & Cactid i get the same results.

I have double checked everything as per the instructions and the graphs will just not display.

I am using the Advance Ping Version 1.3 to ping several devices on our network and if i look in devices it comes up with the status as up and average/current pings and availability. If i run the rrdtool from the command line using the parameters in cacti to utilise the files created, it will generate the png files, it just wont do it from within cacti.

Anyone any further suggestions ?

(i even documented my new installation step by step if anyone would like to check the procedure i took).

Cheers in advance

Wayne

[akmeda]

Do you have .rrd files being updated in cacti/rra directory?

If not, make sure you have the rrdtool from the stickyed post in this forum, that fixed my same issue.

http://forums.cacti.net/viewtopic.php?t=7923


If you do have .rrd files, then I would guess you have a permissions issue, your web server doesn't have rights to read the rra directory to build the graphs. If it's iis, modify rights for the iusr_xxxx user.

--k

[PiercedKnob]

Thanks for the reply.

I can confirm that this is not the issue; the rrd files are updated ok every 5 mins and i have tried every version of the rrdtool from the download area on this site with each one failing.

The Permissions are set to the rra/log folders within the website to allow both the IIS_WPG & IUSR_SERVERNAME users modify rights. The rest of the website is set for these two users to have just read&execute rights.

Permissions are also set for these users on the c:\windows\system32\cmd.exe, to the C:\Windows\Fonts\Cour.ttf, to the F:\cactid folder and to the F:\rrdtool folder and to be on the safe side i also set this to the F:\PHP511 folder (All Read&Execute).

As per the instructions i have ensured that the user i have used to setup the schedule also has modify rights to rra/log folders and read&execute to F:\php511 & F:\webroot\cacti folder (well i have made them local adminstrators for the time being to ensure they have full rights).

Anyone else any further Ideas ?

Kind Regards

Wayne

[BSOD2600]

Last resort. Fire up Sysinternals FileMon. Put 'denided' in the highlight section. Then with filemon running, try to look at a graph. stop filemon and look at what it collected. See what/who is beind denied rights to graph.

[PiercedKnob]

Hi,

Again thanks for the quick response, I am not in work now for a week and half as i am on a week Ethical Hacking Course next week. I will try this on my return and post back the findings.

Kind Regards

Wayne

[PiercedKnob]

Last resort. Fire up Sysinternals FileMon. Put 'denided' in the highlight section. Then with filemon running, try to look at a graph. stop filemon and look at what it collected. See what/who is beind denied rights to graph.

I have ran this and there are some strange results;

Here is one that i am getting a lot

1420 10:47:10 php-win.exe:372 IRP_MJ_QUERY_INFORMATION F:\Webroot\cacti\lib\rrd.php INVALID PARAMETER FilePipeLocalInformation
1421 10:47:10 php-win.exe:372 IRP_MJ_QUERY_VOLUME_INFORMATION F:\Webroot\cacti\lib\rrd.php BUFFER OVERFLOW FileFsVolumeInformation
1422 10:47:10 php-win.exe:372 IRP_MJ_QUERY_INFORMATION F:\Webroot\cacti\lib\rrd.php BUFFER OVERFLOW FileAllInformation

The next one i think is related to the graphing issues but not too sure why ?

6 10:47:07 svchost.exe:1036 FASTIO_QUERY_OPEN C:\WINDOWS\system32\cmd.exe SUCCESS Attributes: A
1227 10:47:07 svchost.exe:1036 IRP_MJ_CREATE C:\WINDOWS\system32\cmd.exe SUCCESS Options: Open Access: All
1228 10:47:07 svchost.exe:1036 FASTIO_QUERY_STANDARD_INFO C:\WINDOWS\system32\cmd.exe SUCCESS Length: 388096
1229 10:47:07 svchost.exe:1036 IRP_MJ_CLEANUP C:\WINDOWS\system32\cmd.exe SUCCESS
1230 10:47:07 svchost.exe:1036 IRP_MJ_CLOSE C:\WINDOWS\system32\cmd.exe SUCCESS
1231 10:47:07 svchost.exe:1036 IRP_MJ_CLEANUP C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS
1232 10:47:07 svchost.exe:1036 IRP_MJ_CLOSE C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS
1233 10:47:07 w3wp.exe:3608 IRP_MJ_CREATE C:\WINDOWS\system32\cmd.exe.Manifest NOT FOUND Options: Open Access: All
1234 10:47:07 w3wp.exe:3608 FASTIO_QUERY_OPEN F:\Webroot\cacti SUCCESS Attributes: D
1235 10:47:07 w3wp.exe:3608 IRP_MJ_CLEANUP C:\WINDOWS\system32\cmd.exe SUCCESS
1236 10:47:07 w3wp.exe:3608 IRP_MJ_CLOSE C:\WINDOWS\system32\cmd.exe SUCCESS
1237 10:47:07 cmd.exe:428 IRP_MJ_CREATE F:\Webroot\cacti SUCCESS Options: Open Directory Access: Traverse
1238 10:47:07 cmd.exe:428 FASTIO_QUERY_OPEN C:\WINDOWS\system32\cmd.exe.Local NOT FOUND Attributes: Error
1239 10:47:07 csrss.exe:548 FASTIO_QUERY_OPEN F:\Webroot\cacti\cmd.exe NOT FOUND Attributes: Error
1240 10:47:07 csrss.exe:548 FASTIO_QUERY_OPEN C:\??\C:\WINDOWS\system32\cmd.exe NAME INVALID Attributes: Error
1241 10:47:07 csrss.exe:548 FASTIO_QUERY_OPEN C:\WINDOWS\system32\cmd.exe SUCCESS Attributes: A
1242 10:47:07 csrss.exe:548 IRP_MJ_CREATE C:\WINDOWS\system32\cmd.exe ACCESS DENIED NT AUTHORITY\NETWORK SERVICE
1243 10:47:07 csrss.exe:548 IRP_MJ_CREATE C:\WINDOWS\system32\cmd.exe SUCCESS Options: Open Access: All
1244 10:47:07 csrss.exe:548 IRP_MJ_READ C:\WINDOWS\system32\cmd.exe SUCCESS Offset: 0 Length: 12
1245 10:47:07 System:4 IRP_MJ_CLOSE C:\WINDOWS\system32\cmd.exe SUCCESS
1246 10:47:07 csrss.exe:548 FASTIO_QUERY_STANDARD_INFO C:\WINDOWS\system32\cmd.exe SUCCESS Length: 388096
1247 10:47:07 csrss.exe:548 FASTIO_QUERY_STANDARD_INFO C:\WINDOWS\system32\cmd.exe SUCCESS Length: 388096
1248 10:47:07 csrss.exe:548 IRP_MJ_CLEANUP C:\WINDOWS\system32\cmd.exe SUCCESS
1249 10:47:07 cmd.exe:428 FASTIO_QUERY_OPEN C:\WINDOWS\system32\ShimEng.dll SUCCESS Attributes: A
1250 10:47:07 cmd.exe:428 IRP_MJ_CREATE C:\WINDOWS\system32\ShimEng.dll SUCCESS Options: Open Access: All

Also, it is trying to access the root of the website drive which i have not allowed any access to; Not sure why its doing this

1102 10:47:07 w3wp.exe:3608 IRP_MJ_READ F:\Webroot\cacti\lib\cdef.php SUCCESS Offset: 0 Length: 8192
1103 10:47:07 System:4 IRP_MJ_CLOSE F:\Webroot\cacti\lib\cdef.php SUCCESS
1104 10:47:07 w3wp.exe:3608 FASTIO_READ F:\Webroot\cacti\lib\cdef.php END OF FILE Offset: 3389 Length: 8192
1105 10:47:07 w3wp.exe:3608 FASTIO_READ F:\Webroot\cacti\lib\cdef.php END OF FILE Offset: 3389 Length: 8192
1106 10:47:07 w3wp.exe:3608 IRP_MJ_CLEANUP F:\Webroot\cacti\lib\cdef.php SUCCESS
1107 10:47:07 w3wp.exe:3608 FASTIO_QUERY_OPEN F:\Webroot\cacti\lib\graph_variables.php SUCCESS Attributes: A
1108 10:47:07 w3wp.exe:3608 IRP_MJ_CREATE F:\ ACCESS DENIED LEANMSSYSLOG\IUSR_LEANMSSYSLOG
1109 10:47:07 w3wp.exe:3608 FASTIO_QUERY_OPEN F:\Webroot\cacti\lib\graph_variables.php SUCCESS Attributes: A
1110 10:47:07 w3wp.exe:3608 IRP_MJ_CREATE F:\ ACCESS DENIED LEANMSSYSLOG\IUSR_LEANMSSYSLOG
1111 10:47:07 w3wp.exe:3608 IRP_MJ_CREATE F:\Webroot\cacti\lib\graph_variables.php SUCCESS Options: Open Access: All

(hope i have nto put too much detail )

[BSOD2600]

In the stuff you pasted, you have the answers right in front of you.

1) Ignore those buffer overflow and invalid parameter stuff.
2) C:\WINDOWS\system32\cmd.exe ACCESS DENIED NT AUTHORITY\NETWORK SERVICE. Did you grant the NETWORK SERVICE account read/execute rights to cmd.exe?
3) F:\ ACCESS DENIED LEANMSSYSLOG\IUSR_LEANMSSYSLOG. Looks like you've got something configured on your website to write to the root of the F: drive? Anyways, IUSR_LEANMSSYSLOG is denied from doing that.

[PiercedKnob]

Hi there,

Thanks once again for your prompt reply.

1. Will ignore them
2. I have not given the network this access, just the two IIS users as per your instructions.
3. Not sure what can be causing that one, the only thing i have running on this server is Cacti so haven't a clue whats trying to write to the root of the drive ?

Tomorrow i will try setting access to this users and see what happens.

Cheers

Wayne

[PiercedKnob]

Tried that and the graphs are still not showing up. Running File Monitor again i see a few more issues;

NOT FOUND
F:\PHP511\php-win.exe.Manifest
F:\PHP511\php-win.exe.Local
F:\PHP511\ODBC32.dll
F:\PHP511\WS2_32.dll
F:\PHP511\WS2HELP.dll
C:\WINDOWS\WindowsShell.Config
F:\PHP511\php-cl1.ini
F:\webroot\cacti\php-cli.ini
C:\WINDOWS\php-cli.ini
F:\USR\snmp.conf
F:\USR\snmp.local.conf

NOT A DIRECTORY
F:\PHP511\extras\mibs\AGENTX-MIB.txt\


FAILURE
C:\WINDOWS\Tasks\SchedLgU.Txt

Loads of issues with Windows Common Controls (whatever that is?) which i think are not related.

Not too sure why its still not working, i have followed the document ?

Any other suggestions ?

Cheers and advance

Wayne