Thursday, January 12, 2017

Monitoring the Network

Network Monitoring with collectd

Scattered around campus is a few thousand network ports. Most of the ports I don't care what they are doing so no alerting needed but, occasionally when there is an issue and it is nice to have an idea of what the network looked like historically. Enter the SNMP plugin for collectd. I chose collectd because of the vast number of plugins available for it, the fact that its config is file based and that it can be scaled horizontally. Having a file based configuration allows me to check my changes into version control allowing easier auditing and disaster recovery.

Installing collectd and related tools is as simple as enabling the EPEL repository and doing a:
yum install collectd-rrdtool collectd-snmp httpd php git

That  installs everything you need to start graphing your network ports. We will use Collectd Graph Panel to view the pretty graphs that collectd makes.

Simple collectd Configuration

FQDNLookup true

LoadPlugin rrdtool
<plugin rrdtool>
       DataDir "/var/lib/collectd/rrd"
       CacheTimeout 120
       CacheFlush   900
</plugin>

LoadPlugin snmp
<plugin snmp>
   <data std_traffic>
       Type "if_octets"
       Table true
       Instance "IF-MIB::ifDescr"
       Values "IF-MIB::ifInOctets" "IF-MIB::ifOutOctets"
   </data>
   <host "my.host.name">
       Address "192.168.1.40"
       Version 2
       Community "public"
       Collect "std_traffic"
   </host>
</plugin>

Collectd Graph Panel Installation

To install the Collectd Graph Panel just clone the git repository into your web root and it works pretty much out of the box.
git clone https://github.com/pommi/CGP.git

Conclusion

That's it! Really that is all that is needed to start graphing your network ports. This provides a basic system that can easily be expanded and tweaked based on your needs.