Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH

Templates, scripts for templates, scripts and requests for templates.

Moderators: Developers, Moderators

Post Reply
jgtm
Posts: 12
Joined: Tue Aug 23, 2005 9:16 am

Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH

Post by jgtm »

I could not find this anywhere so I did it myself.

Please feel free to provide feedback here.

Installation Instructions

1) Put tcp_conns.sh in your cacti scripts directory - /usr/local/cacti/scripts on mine.
2) Edit tcp_conns.sh: Change "public" to whatever your snmp community name is.
2) Import the graph xml files using the Cacti console.
3) Create the graphs and when you do this you shall have to enter

IP address of interface of the tcp connection
IP address of target device to query
Local port number of the tcp connection

For FTP it will obviously be local port number 21.

The data templates for each graph all use the data input method "SNMP - Get TCP Connections By IP And Port Number Of Remote Machine" which is passed the above 3 parameters. This data input method is the tcp_conns.sh script which executes the net-snmp command "snmpwalk" and returns the number of matching connections given your parameters.

tcp_conns.sh :

Code: Select all

#!/bin/sh

conns=`snmpwalk -On -c public -v 1 $3 .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l`

echo $conns
Simple huh?

Example graphs from my system:
Attachments
active_samba_conns.JPG
active_samba_conns.JPG (27.18 KiB) Viewed 61304 times
active_ssh_conns.JPG
active_ssh_conns.JPG (28.01 KiB) Viewed 61304 times
active_telnet_conns.JPG
active_telnet_conns.JPG (29.53 KiB) Viewed 61304 times
Top
jgtm
Posts: 12
Joined: Tue Aug 23, 2005 9:16 am

Post by jgtm »

XML templates/script are attached.
Attachments
active_tcp_conns.zip
(8.64 KiB) Downloaded 4978 times
Top
tigra
Posts: 4
Joined: Thu Nov 24, 2005 11:13 am

Post by tigra »

hm, got some problem with this, result in cacti always 0

when I run script manually, as it should be by poller (call string from view poller cache), all ok. when I manualy return number - all ok (echo 100 in tcp_conns.sh). what wrong?
Tried manually as root, as cactiuser, all ok, from poller - always 0

net-snmp-5.2.1.2 - ports collection
cacti 0.8.6g - ports collection
FreeBSD 4.11-S

PS: SOLVED! hint: PATH (/usr/local/bin/snmpwalk)
Top
User avatar
rhamburg
Posts: 14
Joined: Mon Dec 05, 2005 8:18 am

Post by rhamburg »

I have the same issues as tigra. And for sure the paths are correct.

Any tips and pointers ?
#!/bin/sh

conns=`snmpwalk -On -c public -v 1 $3 .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l`

echo $conns
Can some one explain what i should enter for the variables:

$1 => host ?
$2 => port ?
$3 => ??
Top
muraping
Posts: 12
Joined: Wed Dec 14, 2005 3:45 am

Post by muraping »

rhamburg wrote:I have the same issues as tigra. And for sure the paths are correct.

Any tips and pointers ?
#!/bin/sh

conns=`snmpwalk -On -c public -v 1 $3 .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l`

echo $conns
Can some one explain what i should enter for the variables:

$1 => host ?
$2 => port ?
$3 => ??
#snmpwalk -On -c public -v XXX.XXX.XXX.XXX .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l
display a number.i tounght $3 maybe is host_ip,i didn't know $1,$2 mening.
i try find it by google,but no presentation:(,plaease tell me
Top
JJX
Cacti User
Posts: 402
Joined: Thu Oct 06, 2005 5:03 am

Post by JJX »

i think:

$3 host ip

port has nothimg to do with snmp ;)

i am not sure for the rest
cacti rulez!
Top
acacioas
Posts: 2
Joined: Tue Dec 20, 2005 11:22 am

Post by acacioas »

I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
Attachments
active_http_connections.zip
(2.5 KiB) Downloaded 3162 times
Top
muraping
Posts: 12
Joined: Wed Dec 14, 2005 3:45 am

Post by muraping »

acacioas wrote:I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
remove old tcp_conns.sh,i used your way do it.in the data template ,i can see "SNMP - Active HTTP Connections",i added query community force.add date sources,
this is my data source debug
/usr/local/rrdtool/bin/rrdtool create \
/www/htdocs/cacti/rra/219_235_226_34www_http_conns_60.rrd \
--step 300 \
DS:http_conns:GAUGE:600:0:1000 \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:6:700 \
RRA:AVERAGE:0.5:24:775 \
RRA:AVERAGE:0.5:288:797 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:6:700 \
RRA:MIN:0.5:24:775 \
RRA:MIN:0.5:288:797 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:6:700 \
RRA:MAX:0.5:24:775 \
RRA:MAX:0.5:288:797 \
RRA:LAST:0.5:1:600 \
RRA:LAST:0.5:6:700 \
RRA:LAST:0.5:24:775 \
RRA:LAST:0.5:288:797 \
but in graph data also is 0,why?
i can't find any tools to test this proess,so i do not know where are matter?
Attachments
cacti.gif
cacti.gif (10.78 KiB) Viewed 60096 times
Top
acacioas
Posts: 2
Joined: Tue Dec 20, 2005 11:22 am

Post by acacioas »

muraping wrote:
acacioas wrote:I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
remove old tcp_conns.sh,i used your way do it.in the data template ,i can see "SNMP - Active HTTP Connections",i added query community force.add date sources,
this is my data source debug
/usr/local/rrdtool/bin/rrdtool create \
/www/htdocs/cacti/rra/219_235_226_34www_http_conns_60.rrd \
--step 300 \
DS:http_conns:GAUGE:600:0:1000 \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:6:700 \
RRA:AVERAGE:0.5:24:775 \
RRA:AVERAGE:0.5:288:797 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:6:700 \
RRA:MIN:0.5:24:775 \
RRA:MIN:0.5:288:797 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:6:700 \
RRA:MAX:0.5:24:775 \
RRA:MAX:0.5:288:797 \
RRA:LAST:0.5:1:600 \
RRA:LAST:0.5:6:700 \
RRA:LAST:0.5:24:775 \
RRA:LAST:0.5:288:797 \
but in graph data also is 0,why?
i can't find any tools to test this proess,so i do not know where are matter?
You can test the script in a shell..
./tcp_conns.sh <ip> <port> <host> <community>

Have you removed the old graphic and added this new one, or just changed the graph_template?

This worked fine for me in three different hosts (remove the old and add a new one) ..
Top
fakechris
Posts: 4
Joined: Thu Dec 22, 2005 10:19 pm

Post by fakechris »

I got the SAME PROBLEM! I run sh tcp_conns.sh and got corrent result.
muraping wrote:
acacioas wrote:I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
remove old tcp_conns.sh,i used your way do it.in the data template ,i can see "SNMP - Active HTTP Connections",i added query community force.add date sources,
this is my data source debug
/usr/local/rrdtool/bin/rrdtool create \
/www/htdocs/cacti/rra/219_235_226_34www_http_conns_60.rrd \
--step 300 \
DS:http_conns:GAUGE:600:0:1000 \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:6:700 \
RRA:AVERAGE:0.5:24:775 \
RRA:AVERAGE:0.5:288:797 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:6:700 \
RRA:MIN:0.5:24:775 \
RRA:MIN:0.5:288:797 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:6:700 \
RRA:MAX:0.5:24:775 \
RRA:MAX:0.5:288:797 \
RRA:LAST:0.5:1:600 \
RRA:LAST:0.5:6:700 \
RRA:LAST:0.5:24:775 \
RRA:LAST:0.5:288:797 \
but in graph data also is 0,why?
i can't find any tools to test this proess,so i do not know where are matter?
Top
UKS-Gavin
Posts: 42
Joined: Fri Oct 06, 2006 7:36 am

Post by UKS-Gavin »

For anyone that's using the script above I've updated it;

Code: Select all

#!/bin/bash
# Code updated by Gavin Conway
# Gavin@Essociate.co.uk

#------- User customisation area --------------#
SNMPWALKBINARY=/usr/bin/snmpwalk
ECHOBINARY=/bin/echo
WCBINARY=/usr/bin/wc
#-------- Do not edit below this line ----------#


SYSTEMNAME=$1
PORT=$2
IPADDRESS=$3
COMMUNITY=$4


if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]]
then
        echo "Usage: tcp_conns.sh hostname port ipaddress community"
fi

CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`

let "CONNECTIONS = $CONNECTIONS -1"
$ECHOBINARY $CONNECTIONS
Top
super-hornet
Cacti User
Posts: 175
Joined: Sun May 27, 2007 5:42 pm

Post by super-hornet »

Hi UKS-Gavin

Thanks for this new bash script.... but I think the above graph template need to modify also. The reason is that, previously, the community name is hardcoded in the tcp_connection.sh script. Now, your new script get the community script from cacti...and it is not supply by cacti.

SH
UKS-Gavin wrote:For anyone that's using the script above I've updated it;

Code: Select all

#!/bin/bash
# Code updated by Gavin Conway
# Gavin@Essociate.co.uk

#------- User customisation area --------------#
SNMPWALKBINARY=/usr/bin/snmpwalk
ECHOBINARY=/bin/echo
WCBINARY=/usr/bin/wc
#-------- Do not edit below this line ----------#


SYSTEMNAME=$1
PORT=$2
IPADDRESS=$3
COMMUNITY=$4


if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]]
then
        echo "Usage: tcp_conns.sh hostname port ipaddress community"
fi

CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`

let "CONNECTIONS = $CONNECTIONS -1"
$ECHOBINARY $CONNECTIONS
Top
User avatar
sizulku
Cacti User
Posts: 110
Joined: Mon Nov 04, 2002 9:15 am
Location: ACEH
Contact:
Contact sizulku

Post by sizulku »

got "0" result from all above script. any update?
Top
UKS-Gavin
Posts: 42
Joined: Fri Oct 06, 2006 7:36 am

Post by UKS-Gavin »

Change the script to be like this instead;

Code: Select all

#!/bin/bash
# Code updated by Gavin Conway
# Gavin@Essociate.co.uk

#------- User customisation area --------------#
SNMPWALKBINARY=/usr/bin/snmpwalk
ECHOBINARY=/bin/echo
WCBINARY=/usr/bin/wc
#-------- Do not edit below this line ----------#


SYSTEMNAME=$1
PORT=$2
IPADDRESS=$3
COMMUNITY=PUTYOURCOMMUNITYNAMEHEREIFYOUWANTTHISTOWORK!!!!!!!


if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]]
then
        echo "Usage: tcp_conns.sh hostname port ipaddress community"
fi

CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`

let "CONNECTIONS = $CONNECTIONS -1"
$ECHOBINARY $CONNECTIONS
[/quote][/quote]
www.uksolutions.co.uk
www.ukshells.co.uk
Top
heygazeebo
Posts: 1
Joined: Sun Apr 13, 2008 11:25 pm

stats

Post by heygazeebo »

Hello, I have tried all the scripts, but no matter what I do they only return 0 or -1 respectively, even if i have many HTTP connections to the server.
Did anyone ever find a solution for this?

Thanks,

Brian
Top
Post Reply

Return to “Scripts and Templates”

Who is online

Users browsing this forum: No registered users and 0 guests