Linux Linux realtime network monitoring

Hello,

I've recently become an amateur linux server admin, mostly for the fun of building and running a linux server At the moment it runs a couple of game servers, voip, a website and backups, and I will hopefully expand it in the future.

Anyway...

I'm looking for an easy-to-use network monitoring tool. I'm curious to see what processes are using how much bandwidth, basically. I would like one that displays realtime data (if possible?) and also logs the data. I am a bit familiar with the linux cli and bash.

Any suggestions?

Thanks.

 

have a look at nagios core and icinga. they do real time monitoring. there is quite a few others, OMD (open monitoring distribution) is another one.

I have recently set up quite a big distributed icinga system - so I have bash scripts for the installs if you want them.

 

Hello,

I installed icinga on my server and had a look around the web interface. Could you point me in the direction of the bandwidth monitoring?

Thanks a lot.

 

I use a different front end to icinga, i use check_mk - it has a different linux and windows agent and is (i find) easier to configure and write checks for. it still uses icinga as backend.

 

To monitoring your bandwidth does your router support SNMP?

If it does you could use a tool like MRTG to graph TX/RX.

To actually record the bandwidth being used I have a cron job that runs a bash script I wrote every 5 minutes which gets the ifInOctets and ifOutOctets and uses a stored procedure to store the data in a table.

I'll happy share it if it's of any use.

 

Going to be a little picky here 'monitoring' and 'bandwidth graphing' is slightly different, and not a lot of free products do both, well.

Monitoring will alert you when something isn't responding as you expect, bandwidth graphing is just a graph.

For bandwidth graphing:

Cacti is just about the best RRD frontend there is these days - it will bandwidth graph just about anything with a heartbeat. MRTG is a much simpler version of it but may also suffice your needs.

There's also ntop which is a netflow collector/traffic analyzer. This will tell you what %age you spent on BitTorrents, what %age on browing the web. This is all traffic - not CPU utilisation.

For monitoring:

Nagios is probably your best friend. Utter pain to set up for a newbie, but very powerful.

 

I wouldn't say that nagios is a pain to set up, it's like most things you can use it in a basic sense and that is very easy to setup but you can do a lot with it if you have the time/experience.

If you've never used linux before the hardest part is probably going to be installing/configuring the OS (unless you're using ubuntu server ).

Once you have the OS installed I believe nagios is a lot of repository's so the initial install should be fairly straight forward. Then when you come to configure it there is a lot of documentation and help out there.

 

I found icinga alot easier that nagios to set up, icinga + check_mk is an awesome combination.

 

I've not heard of icinga until your post. I had a quick look at it, is is wrapper around nagios core? The web interface looks similar.

 

It is indeed, I have the install scripted so it doesn't take me long at all to get a box set up and out in my system.

I use check_mk website more than the icinga one, there is also a fancy web interface called icinga web, which is alot prettier than the standard one which is very similar to nagios.

 

I said that its a pain to set up for a newbie - not a pain in general!!

 

Aww sorry I missed that. Yeah it can seem a bit daunting at first but as I say there is a lot of documentation out there and I'm sure people on here will be more than willing to help!

 

It took me a day to get my head round my first nagios set up, and then about a weekish to get in running how I wanted it to run.

 

The most important thing to remember is to first define your metrics - THEN you go find a suitable tool to capture them in the way you want.

 

I have used nagios, check_mk and a custom check using snmp. Rrd tool is nice with the graphs too. I still have the switch monitoring one...

 

script

here is the script, hop eit is useful provided as is

#!/bin/bash

#########################################
# @author roundyz
# @date 2011-05-15 (13:10)
# @filename switchWrapper
#########################################

CHECKSNMPCOMMAND="/usr/lib/nagios/plugins/check_snmp"

# snmp oid prefixes
OPSTATUS="ifOperStatus"
ADMINSTATUS="ifAdminStatus"
INCOUNT="ifInOctets"
OUTCOUNT="ifOutOctets"
INDISCARDS="ifInDiscards"
OUTDISCARDS="ifOutDiscards"
INERRORS="ifInErrors"
OUTERRORS="ifOutErrors"
DESC="ifDescr"


# Non user vars
REVISION="0.4"
PROGNAME="Switch Wrapper"
EXPECTEDSTATUS="up"
HOST=""
COMMUNITY=""
PROTOCOL=""
PERFLINE=""
EXITLINE="CANT DETERMINE PORT STATUS"
EXITCODE=3
PORTCODE=10101
EXITLINE="Port Not used"
EXITCODE=0



print_usage() {
echo "Usage: $PROGNAME -H 127.0.0.1 -C public -P 2c PORTCODE (OID after ifAdminStatus.) [-E up (expected status up(default)|down)]"
echo "Usage: $PROGNAME --help"
echo "Usage: $PROGNAME -h"
echo "Usage: $PROGNAME --version"
echo "Usage: $PROGNAME -V"
}





print_help() {
printf "%s %s\n Switch Wrapper to permit business logic into snmp checks for switches, requires check_snmp\n" $PROGNAME $REVISION
print_usage
}





# $1 = the snmp string desc/adminstatus/etc
function runSnmpQuery(){
local OID=$1
local a=$($CHECKSNMPCOMMAND -C "$COMMUNITY" -o "$OID"."$PORTCODE" -P "$PROTOCOL" "$HOST")
echo $a
}





# $1 the unit to return
# $2 the string to strip
# $3 the field to cut from
# $4 the field to cut to
# $5 the unit type
function prepPrefData(){
c=$(echo $2 | cut -f $3-$4 -d " ")
printf "%s=%i%s;;;" $1 $c $5
}




run(){
PORTDESC=$(runSnmpQuery "$DESC")
TYPE=$(echo $PORTDESC| cut -f 4-4 -d " ")
ADMINCMD=$(runSnmpQuery "$ADMINSTATUS")
ADMINCMDRESPT1=$(echo $ADMINCMD|head -n1 | cut -f 1-3 -d " ")
if [ "$ADMINCMDRESPT1" == "External command error:" ]; then
ADMINCMDRES="SNMP problem"
EXITLINE="SNMP problem"
EXITCODE=3
else
ADMINCMDRES=$(echo $ADMINCMD|awk '{ print $4 }'| cut -d "(" -f 1-1)
fi
ADMINCMDRESPT2=$(echo $ADMINCMD|head -n1 | cut -f 2-2 -d "="|cut -f 1-1 -d "|" | sed 's/^\ //'|sed 's/\ $//')
if [ "$ADMINCMDRESPT2" == "No Such Instance currently exists at this OID" ]; then
EXITLINE="Port Not on device"
EXITCODE=0
fi
if [ "$ADMINCMDRES" == "1" ]; then
OPCMD=$(runSnmpQuery "$OPSTATUS")
# OPCMD=$(echo $CHECKSNMPCOMMAND " -C "$COMMUNITY" -o $OPSTATUS.$PORTCODE -P" $PROTOCOL" " $HOST)
OPCMDRES=$(echo $OPCMD| awk '{ print $4 }'| cut -d "(" -f 1-1)
if [ "$OPCMDRES" == "$ADMINCMDRES" ]; then
#pref data if all ok
rpi=$(prepPrefData "packetsIn" "$(runSnmpQuery "$INCOUNT")" 4 4 "c")
rpo=$(prepPrefData "packetsOut" "$(runSnmpQuery "$OUTCOUNT")" 4 4 "c")
rpid=$(prepPrefData "packetsInDiscards" "$(runSnmpQuery "$INDISCARDS")" 4 4 "c")
rpod=$(prepPrefData "packetsOutDiscards" "$(runSnmpQuery "$OUTDISCARDS")" 4 4 "c")
rpie=$(prepPrefData "packetsInErrors" "$(runSnmpQuery "$INERRORS")" 4 4 "c")
rpoe=$(prepPrefData "packetsOutErrors" "$(runSnmpQuery "$OUTERRORS")" 4 4 "c")
PERFLINE=$(printf "%s %s %s %s %s %s" "$rpi" "$rpo" "$rpid" "$rpod" "$rpie" "$rpoe")
EXITLINE="Port used and OK"
EXITCODE=0
fi
if [ "$OPCMDRES" == "down" ]; then
EXITLINE="Port used and Not OK Expected:"$EXPECTEDSTATUS" "
EXITCODE=2
#TODO FIX THIS IT SHOULD BE UP
if [ "$EXPECTEDSTATUS" == "$OPCMDRES" ]; then
EXITLINE="Port not expected to be utilised "
EXITCODE=0
fi
fi
fi
printf "%s(%s:%s)[AdminStatus:OperationalStatus] {%s}|%s\n" "$EXITLINE" "$ADMINCMDRES" "$OPCMDRES" "$TYPE" "$PERFLINE"
exit $EXITCODE
}




while test -n "$1"; do
case "$1" in
--help)
print_help
exit $EXITCODE
;;
-h)
print_help
exit $EXITCODE
;;
--version)
echo $PROGNAME $REVISION
exit $EXITCODE
;;
-V)
echo $PROGNAME $REVISION
exit $EXITCODE
;;
*)
HOST=$2
COMMUNITY=$4
PROTOCOL=$6
PORTCODE=$7
if [[ "$9"=="UP" ]]; then
EXPECTEDSTATUS=1
else
EXPECTEDSTATUS=0
fi
run
;;
esac
shift
done
#EOF