Installing Icinga 2.4.1, Graylog 1.2.2, and Cacti 0.8.8

Date: Dec 7, 2015

Overview

Before investing to commercial monitoring software, I decided to use open source product and final choice is Icinga for monitoring, Graylog for log collection, and Cacti for graph. The MySQL is the choice because of the Cacti. The Cacti doesn’t support the Postgresql.

Version
- Ubuntu: 14.04
- Icinga: 2.4.1
- Icinga Web: 2.1.0
- Graylog Server: 1.2.2
- Graylog web: 1.2.2
- Java: 7.x
- MongoDB: 2.6.11
- ElasticSearch: 1.7
- Cacti: 0.8.8

Useful command

Checking contents in the package

Using dpkg

alex@monitoring:~$ sudo dpkg -l icinga2
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-============-============-=================================
ii icinga2 2.4.1-1~ppa1 amd64 host and network monitoring syste

using apt-file

sudo apt-get install apt-file

sudo apt-file update
alex@monitoring:~$ apt-file list icinga-idoutils
icinga-idoutils: /etc/icinga/idomod.cfg
icinga-idoutils: /etc/icinga/objects/ido2db_check_proc.cfg
icinga-idoutils: /etc/init.d/ido2db
icinga-idoutils: /usr/lib/icinga/idomod.so
icinga-idoutils: /usr/sbin/ido2db
icinga-idoutils: /usr/sbin/log2ido
icinga-idoutils: /usr/share/dbconfig-common/data/icinga-idoutils/install-dbadmin/pgsql
icinga-idoutils: /usr/share/dbconfig-common/data/icinga-idoutils/install/mysql
icinga-idoutils: /usr/share/dbconfig-common/data/icinga-idoutils/install/pgsql
……..

Installing Icinga & Web

Installing Icinga Server 2.4.1

sudo apt-get install mysql-server mysql-client
During installation, the root password will be entered.

sudo add-apt-repository ppa:formorer/icinga

sudo apt-get update

sudo apt-get install icinga2

sudo apt-get install icinga2-ido-mysql
Install with dbconfig-common: No
Enable ido-mysql feature: Yes

Creating a user for Icinga Database

sudo mysql -u root -p

mysql> CREATE DATABASE icinga;

mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga.* TO ‘icinga’@’localhost’ IDENTIFIED BY ‘PassowordForIcingaUser’;
For this case, I used icinga1234 for the password.

Enabling icinga2 feature

sudo icinga2 feature enable livestatus

sudo icinga2 feature enable gelf

sudo icinga2 feature enable ido-mysql

sudo icinga2 feature enable command

sudo icinga2 feature enable perfdata

sudo service icinga2 restart

To see the available list, run “sudo icinga2 feature list”

alex@monitoring:~$ sudo icinga2 feature list
Disabled features: api compatlog debuglog graphite icingastatus opentsdb statusdata syslog
Enabled features: checker command gelf livestatus mainlog notification perfdata

Installing Icinga-idoutils

sudo apt-get install icinga-idoutils

During installation, following questions will be needed to answer

setup SMTP setting for the email notification from Icinga

Use external command: Yes

Configure database for icinga-idioutils with dbconfig-common?: No

Importing IDODB data

sudo mysql –u root –p

mysql> connect icinga;

mysql> source /usr/share/dbconfig-common/data/icinga-idoutils/install/mysql;

Installing Icingaweb2

sudo wget -O - http://packages.icinga.org/icinga.key | sudo apt-key add -

sudo add-apt-repository ‘deb http://packages.icinga.org/ubuntu icinga-trusty main’

sudo apt-get update

sudo apt-get install icingaweb2

sudo icingacli setup token create
alex@monitoring:~$ sudo icingacli setup token create
The newly generated setup token is: fc405061b2687856

sudo apt-get install php5-json php5-gd php5-imagick php5-mysql php5-intl

Updating timezone from /etc/php5/apache2/php.ini

sudo service apache2 restart

Update ido-mysql.conf

sudo vi /etc/icinga2/features-available/ido-mysql.conf
user: icinga, password: icinga1234, host:”localhost”, database:”icinga”

Installation from web setup

go to “http://localhost/icingaweb2”

Enter token

From Modules, choose options

Make sure that all color is green except modules related to Postgresql

Authentication: Choose Database

Database Resource
DBName: icingaweb, User: icinga, password: icinga1234

Database Setup
Username: root, Password: root password for DB

Authentication Backend
Backend Name: icingaweb2

Administration
username: alex, password: alex

Application Configuration
Leave as default

Check information and Click next

Monitoring Backend
backend name: icinga, type: IDO

If you have error message from /var/log/icinga2/icinga2.log; “[2015-12-07 17:15:50 -0700] critical/IdoMysqlConnection: Schema version ‘1.13.0’ does not match the required version ‘1.14.0’ (or newer)! Please check the upgrade documentation.”
mysql -u root -p
Updating schema to latest version
mysql> connect icinga;
mysql> source /usr/share/icinga2-ido-mysql/schema/upgrade/2.4.0.sql
restart icinga2 service

Command Transport
Transport Name: icinga2, type: local command file, cmd: /var/run/icinga2/cmd/icinga2.cmd

Completed the icingaweb2 setup

Installing Graylog

Installing Java

sudo add-apt-repository ppa:webupd8team/java

sudo apt-get update

sudo apt-get install oracle-java7-installer

Installing MongoDB

Installing the MongoDB from distribution version

sudo apt-get install mongodb

Install latest version

sudo apt-key adv –keyserver hkp://keyserver.ubuntu.com:80 –recv 7F0CEB10

echo ‘deb http://downloads-distro.mongodb.org/repo/debian-sysvinit dist 10gen’ | sudo tee /etc/apt/sources.list.d/mongodb.list

sudo apt-get update

sudo apt-get install mongodb-org

Installing ElasticSearch 1.7

sudo wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.7.2.deb

sudo dpkg -i elasticsearch-1.7.2.deb

Updating configuration file

sudo vi /etc/elasticsearch/elasticsearch.yml
cluster.name: graylog2
At the end of the configuration file, add a line to disable dynamic script
script.disable_dynamic: true

sudo service elasticsearch restart

Checking elasticsearch installation

curl -X GET http://localhost:9200
alex@monitoring:~$ curl -X GET http://localhost:9200
{
“status” : 200,
“name” : “Dionysus”,
“cluster_name” : “graylog2”,
“version” : {
“number” : “1.7.2”,
“build_hash” : “e43676b1385b8125d647f593f7202acbd816e8ec”,
“build_timestamp” : “2015-09-14T09:49:53Z”,
“build_snapshot” : false,
“lucene_version” : “4.10.4”
},
“tagline” : “You Know, for Search”
}
alex@monitoring:~$

Optional: Use the following command to check the Elasticsearch cluster health, you must get a cluster status as “green” for graylog to work.

curl -X GET ‘http://localhost:9200/_cluster/health?pretty=true’
{
“cluster_name” : “graylog2”,
“status” : “green”,
“timed_out” : false,
“number_of_nodes” : 1,
“number_of_data_nodes” : 1,
“active_primary_shards” : 0,
“active_shards” : 0,
“relocating_shards” : 0,
“initializing_shards” : 0,
“unassigned_shards” : 0,
“delayed_unassigned_shards” : 0,
“number_of_pending_tasks” : 0,
“number_of_in_flight_fetch” : 0
}

Installing graylog-server

sudo apt-get install pwgen
Adding graylog repository for the version 1.2.x.

sudo wget https://packages.graylog2.org/repo/packages/graylog-1.2-repository-ubuntu14.04_latest.deb

sudo dpkg -i graylog-1.2-repository-ubuntu14.04_latest.deb

sudo apt-get update

sudo apt-get install apt-transport-https

sudo apt-get install graylog-server graylog-web

SECRET=$(pwgen -s 96 1)

sudo -E sed -i -e ‘s/password_secret =.*/password_secret = ‘$SECRET’/’ /etc/graylog/server/server.conf
Checking the value

grep password_secret /etc/graylog/server/server.conf

Adding password for the admin

PASSWORD=$(echo -n gray1234 | shasum -a 256 | awk '{print $1}')

sudo -E sed -i -e ‘s/root_password_sha2 =.*/root_password_sha2 = ‘$PASSWORD’/’ /etc/graylog/server/server.conf
Checking the value

grep root_password_sha2 /etc/graylog/server/server.conf

sudo -E sed -i -e ‘s/^#rest_transport_uri =.*/rest_transport_uri = http:\/\/192.168.1.1:12900\//’ /etc/graylog/server/server.conf

grep rest_transport_uri /etc/graylog/server/server.conf

sudo vi /etc/graylog/server/server.conf

sudo -E sed -i -e ‘s/^#elasticsearch_discovery_zen_ping_unicast_hosts =.*/elasticsearch_discovery_zen_ping_unicast_hosts = ‘127.0.0.1:9300’/’ /etc/graylog/server/server.conf

grep elasticsearch_discovery_zen_ping_unicast_hosts

Updating /etc/graylog/web/web/conf

SECRET=$(pwgen -s 96 1)

sudo -E sed -i -e ‘s/application.secret =”“/application.secret =”’$SECRET’”/’ /etc/graylog/web/web.conf

grep secret /etc/graylog/web/web.conf

sudo -E sed -i -e ‘s/graylog2-server.uris=”“/graylog2-server.uris=”http:\/\/127.0.0.1:12900\/”/’ /etc/graylog/web/web.conf

grep graylog2-server /etc/graylog/web/web.conf

Restarting Server

sudo service graylog-server restart

sudo service graylog-web restart

To login the graylog web site, must login with the server ip address.
http://server_ip:9000/

Installing Cacti

sudo apt-get install cacti-spine
Check the database credential from /etc/cacti/cacti-spine.conf
Creating database
mysql -u root -p
mysql> create database cacti;
mysql> connect cacti;
mysql> source /usr/share/doc/cacti/cacti.sql
mysql> GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY ‘cacti1234’;

Update cacti database connection setting

sudo vi /etc/cacti/spine.conf
DB_Host localhost
DB_Database cacti
DB_User cacti
DB_Pass cacti1234
DB_Port

Update cacti database connection from /usr/share/cacti/site/include/config.php

sudo vi /usr/share/cacti/site/include/config.php
$database_type = “mysql”;
$database_default = “cacti”;
$database_hostname = “localhost”;
$database_username = “cacti”;
$database_password = “cacti1234”;
$database_port = “”;
$database_ssl = false;

Default login/passwrd: admin/admin

Conclusion

I believe that all of this process can be automated from the shell script. All of this process can be automated by one command, it will be great. Enjoy the open source monitoring tool.

Written with StackEdit.

Search This Blog

Alex Joh's Blog

Build React Native App (4) - Redux, Jest, and NativeBase