syslog plugin for cacti
Short Description
cacti,centos,syslog plugin for cacti...
Description
Syslog plug-in for Cacti First to all we need to download syslog plug-in from cacti.net and copy the file to the server with WINSCP
When you are ready, extract the file.
tar -xzvf /home/admin/Desktop/syslog-v1.22-2.tgz # Now, we will to create a DB only for Syslog mysql -u root -p CREATE DATABASE syslog; GRANT ALL ON syslog.* \ TO sysloguser@localhost \ IDENTIFIED BY '[SPECIFYCACTIPASS]'; flush privileges; exit mysql -u root -p syslog < /home/admin/Desktop/syslog/syslog.sql # Edit config.php, in this file we must type the correct information regarding DB called syslog, and modify the line $use_cacti_db to false vi /home/admin/Desktop/syslog/config.php $use_cacti_db = false; if (!$use_cacti_db) { $syslogdb_type $syslogdb_default $syslogdb_hostname $syslogdb_username $syslogdb_password $syslogdb_port
= = = = = =
'mysql'; 'syslog'; 'localhost'; 'sysloguser'; '[THEPASSWORD]'; 3306;
yum install rsyslog rsyslog-mysql Edit /etc/rsyslog.conf vi /etc/rsyslog.conf # add the following line at the top of the file $ModLoad ommysql $template cacti_syslog,"INSERT INTO syslog_incoming(facility, priority, date, time, host, message) values (%syslogfacility%, %syslogpriority%, '%timereported:::date-mysql%', '%timereported:::date-mysql%', '%HOSTNAME%', '%msg%')", SQL *.* >127.0.0.1,syslog,sysloguser,Jh0n123456;cacti_syslog NOTE: When the code start with $ symbol means that this is one line, then we need add tree lines, OK. $ModLoad imudp $UDPServerRun 514 # Save the file and restart the service
service rsyslog restart
We can see that syslog server is listen in port 514 of UDP # Permit UDP 514 at the firewall -A INPUT -p udp -m state --state NEW -m udp --dport 514 -j ACCEPT service iptables restart
Now, we can see that IPTABLES permit syslog connections # copy syslog folder to cacti’s plugins folder cp -r syslog/ /var/www/html/cacti/plugins/ # permit access for read of this folders chown -R admin:admin /var/www/html/cacti/plugins/syslog chmod 775 /var/www/html/cacti/plugins/syslog
chown -R admin:admin /var/www/html/cacti/plugins/* chmod 775 /var/www/html/cacti/plugins/syslog # in order to syslog plug-in work we need to install settings plug-in, download it from cacti.net
# the same process extract and copy to the cacti’s plug-in folder
tar -xzvf /home/admin/Desktop/settings-v0.71-1.tgz cp -r settings /var/www/html/cacti/plugins chown -R admin:admin /var/www/html/cacti/plugins/settings chmod 775 /var/www/html/cacti/plugins/settings # cisco ios configuration for # first check clock's configuration
syslog
show clock service timestamps log datetime msec localtime service timestamps debug datetime msec localtime logging logging logging logging
on host 192.168.180.3 source-interface vlan 11 trap warnings
When this is done, we can access to cacti website
Select Plugin Management under Configuration and enable the two plugins, when this is done, the window looks like this. When we try to enabe syslog plugin a window appear like this.
Click upgrade.
Now, when the plugins has been installed and enabled, we can see a new tab called syslog click it. And
# Ok, now we must check if traffic is sending to the syslog server iptables -L -v
View more...
Comments