BSD DevCenter
oreilly.comSafari Books Online.Conferences.


Big Scary Daemons

Long-Term Monitoring with SNMP


We've seen how SNMP can be used to gather just about any information from a host. You can interpret this data through a wide array of programs. The most popular are cricket and mrtg. Both are included in the FreeBSD ports collection, and install cleanly on any BSD. Here, we'll discuss mrtg.

The mrtg program uses SNMP data to automatically generate reports on a web page with cleanly labeled graphs. You can give supervisors, managers, and coworkers convenient access to performance data without giving them server access. It keeps records over a whole year, so you can get a good idea of real-life trends. It's also quite useful for justifying hardware and software expenditures; you can point out exactly much CPU time a machine is using, and how it's changed as you've added software.

You can run mrtg as a daemon, but it is traditionally a cron job run every five minutes.

Every mrtg call requires a config file. You can use the included cfgmaker tool to generate a default configuration for measuring network throughput on interfaces. The cfgmaker tool is easy to use:

cfgmaker communityname@machine > mrtg.cfg

For example, if I wanted to run mrtg on my local machine, I could run:

cfgmaker private@localhost > localhost.cfg

The cfgmaker tool will make SNMP queries of the device and generate a configuration file. It includes a lot of information, including some unnecessary HTML. If you look through the created file, you'll see that cfgmaker has thrown up a configuration for every single interface on the machine. The loopback interface, and any down interfaces, are commented out. The remaining, uncommented parts will look like this:

Target[localhost.3]: 3:private@localhost
MaxBytes[localhost.3]: 1250000
Title[localhost.3]: (No hostname defined for IP address): ep0
PageTop[localhost.3]: <H1>Traffic Analysis for ep0

<TR><TD>System:</TD><TD> in Right here, right now.</TD></TR>
   <TR><TD>Maintainer:</TD><TD>Me <></TD></TR>
   <TR><TD>Interface:</TD><TD>ep0 (3)</TD></TR>
   <TR><TD>IP:</TD><TD>No hostname defined for IP address (</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>1250.0 kBytes/s (ethernetCsmacd)</TD></TR>

Before you can use this configuration, you need to add a WorkDir directive to the config file. WorkDir tells mrtg where to store its logs, graphics, and HTML. I generally put the WorkDir somewhere under my web server root, such as:

WorkDir: /usr/local/share/apache/htdocs/mrtg

You'll probably want to password-protect this directory if the web server is on the public Internet or otherwise exposed to the world at large.

Related Articles:

Walk the SNMP Walk

Talk the SNMP Talk

Customizing mrtg

The "target" keyword tells mrtg which machine to query, and which interface on that machine this configuration is for. The string inside the brackets ([]) is an arbitrary label. All files generated by mrtg will be be named with this label as a prefix. The actual target appears after the colon. If you change the community name or IP address of your system, you can edit it directly here.

MaxBytes is the maximum throughput allowed through the interface. In this case, we have a 10baseT card. The mrtg program has enough brains to figure out the values for most common network types. You should never have to change this value if you're measuring throughput.

Title and PageTop are arbitrary text. You can put almost any HTML in these spaces, and it will be displayed.

Once I finish editing the mrtg config to my taste, it generally looks like this:

WorkDir: /usr/local/share/apache/htdocs/mrtg
Target[localhost.3]: 3:private@localhost
MaxBytes[localhost.3]: 1250000
Title[localhost.3]: Ethernet Interface
PageTop[localhost.3]: <H1>Traffic Analysis for Ethernet Interface</H1>
<P>Call the Helpdesk if you have any questions

I know perfectly well where the system is, after all, and who to talk to about it. If these pages are intended for management, I might add a couple lines of HTML after PageTop describing what the machine does, or how to interpret the data.

You can list any number of machines and/or interfaces in one configuration file. Just be sure each target has a unique label.

Pages: 1, 2

Next Pagearrow

Sponsored by: