Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH

Templates, scripts for templates, scripts and requests for templates.

Moderators: Moderators, Developers

Author
Message
jgtm
Posts: 12
Joined: Tue Aug 23, 2005 9:16 am

Active FTP/SSH/Telnet/Samba Connections - Uses SNMP+BASH

#1 Post by jgtm » Tue Aug 30, 2005 4:21 am

I could not find this anywhere so I did it myself.

Please feel free to provide feedback here.

Installation Instructions

1) Put tcp_conns.sh in your cacti scripts directory - /usr/local/cacti/scripts on mine.
2) Edit tcp_conns.sh: Change "public" to whatever your snmp community name is.
2) Import the graph xml files using the Cacti console.
3) Create the graphs and when you do this you shall have to enter

IP address of interface of the tcp connection
IP address of target device to query
Local port number of the tcp connection

For FTP it will obviously be local port number 21.

The data templates for each graph all use the data input method "SNMP - Get TCP Connections By IP And Port Number Of Remote Machine" which is passed the above 3 parameters. This data input method is the tcp_conns.sh script which executes the net-snmp command "snmpwalk" and returns the number of matching connections given your parameters.

tcp_conns.sh :

Code: Select all

#!/bin/sh

conns=`snmpwalk -On -c public -v 1 $3 .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l`

echo $conns
Simple huh?

Example graphs from my system:
Attachments
active_samba_conns.JPG
active_samba_conns.JPG (27.18 KiB) Viewed 57180 times
active_ssh_conns.JPG
active_ssh_conns.JPG (28.01 KiB) Viewed 57180 times
active_telnet_conns.JPG
active_telnet_conns.JPG (29.53 KiB) Viewed 57180 times

jgtm
Posts: 12
Joined: Tue Aug 23, 2005 9:16 am

#2 Post by jgtm » Tue Aug 30, 2005 4:23 am

XML templates/script are attached.
Attachments
active_tcp_conns.zip
(8.64 KiB) Downloaded 4761 times

tigra
Posts: 4
Joined: Thu Nov 24, 2005 11:13 am

#3 Post by tigra » Thu Nov 24, 2005 11:18 am

hm, got some problem with this, result in cacti always 0

when I run script manually, as it should be by poller (call string from view poller cache), all ok. when I manualy return number - all ok (echo 100 in tcp_conns.sh). what wrong?
Tried manually as root, as cactiuser, all ok, from poller - always 0

net-snmp-5.2.1.2 - ports collection
cacti 0.8.6g - ports collection
FreeBSD 4.11-S

PS: SOLVED! hint: PATH (/usr/local/bin/snmpwalk)

User avatar
rhamburg
Posts: 14
Joined: Mon Dec 05, 2005 8:18 am

#4 Post by rhamburg » Thu Dec 15, 2005 5:39 am

I have the same issues as tigra. And for sure the paths are correct.

Any tips and pointers ?
#!/bin/sh

conns=`snmpwalk -On -c public -v 1 $3 .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l`

echo $conns
Can some one explain what i should enter for the variables:

$1 => host ?
$2 => port ?
$3 => ??

muraping
Posts: 12
Joined: Wed Dec 14, 2005 3:45 am

#5 Post by muraping » Tue Dec 20, 2005 4:44 am

rhamburg wrote:I have the same issues as tigra. And for sure the paths are correct.

Any tips and pointers ?
#!/bin/sh

conns=`snmpwalk -On -c public -v 1 $3 .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l`

echo $conns
Can some one explain what i should enter for the variables:

$1 => host ?
$2 => port ?
$3 => ??
#snmpwalk -On -c public -v XXX.XXX.XXX.XXX .1.3.6.1.2.1.6.13.1.3.$1.$2 | wc -l
display a number.i tounght $3 maybe is host_ip,i didn't know $1,$2 mening.
i try find it by google,but no presentation:(,plaease tell me

JJX
Cacti User
Posts: 402
Joined: Thu Oct 06, 2005 5:03 am

#6 Post by JJX » Tue Dec 20, 2005 5:11 am

i think:

$3 host ip

port has nothimg to do with snmp ;)

i am not sure for the rest
cacti rulez!

acacioas
Posts: 2
Joined: Tue Dec 20, 2005 11:22 am

#7 Post by acacioas » Tue Dec 20, 2005 11:31 am

I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
Attachments
active_http_connections.zip
(2.5 KiB) Downloaded 2930 times

muraping
Posts: 12
Joined: Wed Dec 14, 2005 3:45 am

#8 Post by muraping » Tue Dec 20, 2005 8:30 pm

acacioas wrote:I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
remove old tcp_conns.sh,i used your way do it.in the data template ,i can see "SNMP - Active HTTP Connections",i added query community force.add date sources,
this is my data source debug
/usr/local/rrdtool/bin/rrdtool create \
/www/htdocs/cacti/rra/219_235_226_34www_http_conns_60.rrd \
--step 300 \
DS:http_conns:GAUGE:600:0:1000 \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:6:700 \
RRA:AVERAGE:0.5:24:775 \
RRA:AVERAGE:0.5:288:797 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:6:700 \
RRA:MIN:0.5:24:775 \
RRA:MIN:0.5:288:797 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:6:700 \
RRA:MAX:0.5:24:775 \
RRA:MAX:0.5:288:797 \
RRA:LAST:0.5:1:600 \
RRA:LAST:0.5:6:700 \
RRA:LAST:0.5:24:775 \
RRA:LAST:0.5:288:797 \
but in graph data also is 0,why?
i can't find any tools to test this proess,so i do not know where are matter?
Attachments
cacti.gif
cacti.gif (10.78 KiB) Viewed 55972 times

acacioas
Posts: 2
Joined: Tue Dec 20, 2005 11:22 am

#9 Post by acacioas » Wed Dec 21, 2005 1:21 pm

muraping wrote:
acacioas wrote:I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
remove old tcp_conns.sh,i used your way do it.in the data template ,i can see "SNMP - Active HTTP Connections",i added query community force.add date sources,
this is my data source debug
/usr/local/rrdtool/bin/rrdtool create \
/www/htdocs/cacti/rra/219_235_226_34www_http_conns_60.rrd \
--step 300 \
DS:http_conns:GAUGE:600:0:1000 \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:6:700 \
RRA:AVERAGE:0.5:24:775 \
RRA:AVERAGE:0.5:288:797 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:6:700 \
RRA:MIN:0.5:24:775 \
RRA:MIN:0.5:288:797 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:6:700 \
RRA:MAX:0.5:24:775 \
RRA:MAX:0.5:288:797 \
RRA:LAST:0.5:1:600 \
RRA:LAST:0.5:6:700 \
RRA:LAST:0.5:24:775 \
RRA:LAST:0.5:288:797 \
but in graph data also is 0,why?
i can't find any tools to test this proess,so i do not know where are matter?
You can test the script in a shell..
./tcp_conns.sh <ip> <port> <host> <community>

Have you removed the old graphic and added this new one, or just changed the graph_template?

This worked fine for me in three different hosts (remove the old and add a new one) ..

fakechris
Posts: 4
Joined: Thu Dec 22, 2005 10:19 pm

#10 Post by fakechris » Fri Dec 23, 2005 1:33 am

I got the SAME PROBLEM! I run sh tcp_conns.sh and got corrent result.
muraping wrote:
acacioas wrote:I made some modifications on the script and on the graph_template..

Now, you need only to choose what interface to check the connections and the port.

The graph title may be modified (this is important if you have more than one IP per host to check, like me..)

The community and the IP of the server (where the snmpwalk will query) are derived from the host configuration..
remove old tcp_conns.sh,i used your way do it.in the data template ,i can see "SNMP - Active HTTP Connections",i added query community force.add date sources,
this is my data source debug
/usr/local/rrdtool/bin/rrdtool create \
/www/htdocs/cacti/rra/219_235_226_34www_http_conns_60.rrd \
--step 300 \
DS:http_conns:GAUGE:600:0:1000 \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:6:700 \
RRA:AVERAGE:0.5:24:775 \
RRA:AVERAGE:0.5:288:797 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:6:700 \
RRA:MIN:0.5:24:775 \
RRA:MIN:0.5:288:797 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:6:700 \
RRA:MAX:0.5:24:775 \
RRA:MAX:0.5:288:797 \
RRA:LAST:0.5:1:600 \
RRA:LAST:0.5:6:700 \
RRA:LAST:0.5:24:775 \
RRA:LAST:0.5:288:797 \
but in graph data also is 0,why?
i can't find any tools to test this proess,so i do not know where are matter?

UKS-Gavin
Posts: 42
Joined: Fri Oct 06, 2006 7:36 am

#11 Post by UKS-Gavin » Thu Jun 07, 2007 9:34 am

For anyone that's using the script above I've updated it;

Code: Select all

#!/bin/bash
# Code updated by Gavin Conway
# [email protected]

#------- User customisation area --------------#
SNMPWALKBINARY=/usr/bin/snmpwalk
ECHOBINARY=/bin/echo
WCBINARY=/usr/bin/wc
#-------- Do not edit below this line ----------#


SYSTEMNAME=$1
PORT=$2
IPADDRESS=$3
COMMUNITY=$4


if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]]
then
        echo "Usage: tcp_conns.sh hostname port ipaddress community"
fi

CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`

let "CONNECTIONS = $CONNECTIONS -1"
$ECHOBINARY $CONNECTIONS

super-hornet
Cacti User
Posts: 175
Joined: Sun May 27, 2007 5:42 pm

#12 Post by super-hornet » Wed Nov 07, 2007 4:46 am

Hi UKS-Gavin

Thanks for this new bash script.... but I think the above graph template need to modify also. The reason is that, previously, the community name is hardcoded in the tcp_connection.sh script. Now, your new script get the community script from cacti...and it is not supply by cacti.

SH
UKS-Gavin wrote:For anyone that's using the script above I've updated it;

Code: Select all

#!/bin/bash
# Code updated by Gavin Conway
# [email protected]

#------- User customisation area --------------#
SNMPWALKBINARY=/usr/bin/snmpwalk
ECHOBINARY=/bin/echo
WCBINARY=/usr/bin/wc
#-------- Do not edit below this line ----------#


SYSTEMNAME=$1
PORT=$2
IPADDRESS=$3
COMMUNITY=$4


if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]]
then
        echo "Usage: tcp_conns.sh hostname port ipaddress community"
fi

CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`

let "CONNECTIONS = $CONNECTIONS -1"
$ECHOBINARY $CONNECTIONS

User avatar
sizulku
Cacti User
Posts: 110
Joined: Mon Nov 04, 2002 9:15 am
Location: ACEH
Contact:

#13 Post by sizulku » Tue Nov 20, 2007 1:52 pm

got "0" result from all above script. any update?

UKS-Gavin
Posts: 42
Joined: Fri Oct 06, 2006 7:36 am

#14 Post by UKS-Gavin » Tue Jan 15, 2008 8:11 am

Change the script to be like this instead;

Code: Select all

#!/bin/bash
# Code updated by Gavin Conway
# [email protected]

#------- User customisation area --------------#
SNMPWALKBINARY=/usr/bin/snmpwalk
ECHOBINARY=/bin/echo
WCBINARY=/usr/bin/wc
#-------- Do not edit below this line ----------#


SYSTEMNAME=$1
PORT=$2
IPADDRESS=$3
COMMUNITY=PUTYOURCOMMUNITYNAMEHEREIFYOUWANTTHISTOWORK!!!!!!!


if [[ -z $SYSTEMNAME || -z $PORT || -z $IPADDRESS || -z $COMMUNITY ]]
then
        echo "Usage: tcp_conns.sh hostname port ipaddress community"
fi

CONNECTIONS=`$SNMPWALKBINARY -On -c $COMMUNITY -v1 $IPADDRESS .1.3.6.1.2.1.6.13.1.3.$SYSTEMNAME.$PORT | $WCBINARY -l`

let "CONNECTIONS = $CONNECTIONS -1"
$ECHOBINARY $CONNECTIONS
[/quote][/quote]
www.uksolutions.co.uk
www.ukshells.co.uk

heygazeebo
Posts: 1
Joined: Sun Apr 13, 2008 11:25 pm

stats

#15 Post by heygazeebo » Sun Apr 13, 2008 11:29 pm

Hello, I have tried all the scripts, but no matter what I do they only return 0 or -1 respectively, even if i have many HTTP connections to the server.
Did anyone ever find a solution for this?

Thanks,

Brian

Post Reply