RRDTool Monitoring

From SifWiki

Jump to: navigation, search

dombasrelp zelzelbodo Basic traffic monitoring with RRDTool and iptables:

Create your .rrd database using something like the following, you'll obviously want to change the paths to something suitable to your system: 

rrdtool create /root/scripts/rrdtool/rrds/traffic.rrd -s 300 \
DS:in:COUNTER:600:0:999999999999 \
DS:out:COUNTER:600:0:999999999999 \
RRA:AVERAGE:0.5:1:1440 \
RRA:MAX:0.5:12:17520 \
RRA:AVERAGE:0.5:17520

Add the necessary rules to your iptables firewall for accounting purposes (your mileage may vary as to where you wish to create these rules and how you want them named): 

#!/bin/bash
# eth0 is my external interface, eth1 is my internal
IPT=/sbin/iptables
$IPT -N acctin
$IPT -F acctin
$IPT -A acctin -j RETURN
$IPT -I FORWARD 1 -i eth0 -j acctin
$IPT -N acctout
$IPT -F acctout
$IPT -A acctout -j RETURN
$IPT -I FORWARD 1 -i eth1 -j acctout

Create a bash script with the following content, chmod +x it and put it somewhere sensible, I usually keep them all in `/root/scripts/rrdtool/` 

#!/bin/bash
In=`iptables -L acctin -v -n -x|tail -n 1|awk '{print $2}'`
Out=`iptables -L acctout -v -n -x|tail -n 1|awk '{print $2}'`
rrdtool update /root/scripts/rrdtool/rrds/traffic.rrd N:$In:$Out

Add a cronjob to run every five minutes and update the .rrd 

*/5 * * * *     root    /root/scripts/rrdtool/traffic

And finally, you'll want to make some pretty graphs based on the data you've collected: 

#!/bin/bash
Width=600
Height=200
Date=`date`
rrdtool graph /root/scripts/rrdtool/traffic.png -a PNG --title="siftah.co.uk - $Date" \
--vertical-label "KBytes/Second" -w $Width -h $Height \
-L 4 -b 1024 -u 256000 -l -30720 -r \
'DEF:in_bytes=/root/scripts/rrdtool/rrds/traffic.rrd:in:AVERAGE' \
'DEF:out_bytes=/root/scripts/rrdtool/rrds/traffic.rrd:out:AVERAGE' \
'CDEF:out_neg=out_bytes,-1,*' \
'CDEF:total_bytes=in_bytes,out_bytes,+' \
'VDEF:total_in=in_bytes,TOTAL' \
'VDEF:total_out=out_bytes,TOTAL' \
'VDEF:total=total_bytes,TOTAL' \
'AREA:in_bytes#00dd00:In' \
'AREA:out_neg#0000ff:Out\l' \
"GPRINT:in_bytes:LAST:Last In\: %6.2lf %sB" \
"GPRINT:out_bytes:LAST:Last Out\: %6.2lf %sB\l" \
"GPRINT:in_bytes:MAX:Max In\: %6.2lf %sB" \
"GPRINT:out_bytes:MAX:Max Out\: %6.2lf %sB\r" \
'GPRINT:total_in:Data In\: %6.2lf %s ' \
'GPRINT:total_out:Data Out\: %6.2lf %s ' \
'GPRINT:total:Total\: %6.2lf %s ' \

That should be reasonably self-explanatory and easy enough to follow, HTH.



Retrieved from "http://wiki.siftah.com/RRDTool_Monitoring"
Personal tools