|
|
# LibreNMS
|
|
|
|
|
|
[[!toc levels=2]]
|
|
|
|
|
|
---
|
|
|
|
|
|
## But
|
|
|
|
|
|
Installer et configurer LibreNMS (Network Monitoring System)
|
|
|
|
|
|
---
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
TODO
|
|
|
|
|
|
---
|
|
|
|
|
|
## Configuration de LibreNMS
|
|
|
|
|
|
### Connexion à LDAP
|
|
|
|
|
|
Doc: [LDAP authentication](https://docs.librenms.org/#Extensions/Authentication/#ldap-authentication)
|
|
|
|
|
|
* Installer php-ldap (ou php7.0-ldap)
|
|
|
|
|
|
* Copier la configuration dans le fichier /opt/librenms/config.php
|
|
|
|
|
|
$config['auth_ldap_version'] = 3; # v2 or v3
|
|
|
$config['auth_ldap_server'] = "ldap.example.com";
|
|
|
$config['auth_ldap_port'] = 389;
|
|
|
$config['auth_ldap_prefix'] = "uid=";
|
|
|
$config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=com";
|
|
|
$config['auth_ldap_group'] = "cn=groupname,ou=groups,dc=example,dc=com";
|
|
|
$config['auth_ldap_groupbase'] = "ou=groups,dc=example,dc=com";
|
|
|
$config['auth_ldap_groups']['admin']['level'] = 10;
|
|
|
$config['auth_ldap_groups']['pfy']['level'] = 7;
|
|
|
$config['auth_ldap_groups']['support']['level'] = 1;
|
|
|
$config['auth_ldap_groupmemberattr'] = "memberUid";
|
|
|
$config['auth_ldap_uid_attribute'] = 'uidnumber';
|
|
|
|
|
|
|
|
|
### Configuration des paramètres SNMP par défaut
|
|
|
|
|
|
|
|
|
$config['auth_mechanism'] = "ldap"; # default mysql, other options: ldap, http-auth
|
|
|
|
|
|
# SNMP v1
|
|
|
$config['snmp']['community'][0] = "public";
|
|
|
$config['snmp']['community'][0] = "yourcommunity";
|
|
|
|
|
|
|
|
|
# SNMP v3
|
|
|
$config['snmp']['v3'][0]['authlevel'] = "AuthPriv"; # noAuthNoPriv | authNoPriv | authPriv
|
|
|
$config['snmp']['v3'][0]['authname'] = "itopie"; # User Name (required even for noAuthNoPriv)
|
|
|
$config['snmp']['v3'][0]['authpass'] = "<password>"; # Auth Passphrase
|
|
|
$config['snmp']['v3'][0]['authalgo'] = "SHA"; # MD5 | SHA
|
|
|
$config['snmp']['v3'][0]['cryptopass'] = "<password>"; # Privacy (Encryption) Passphrase
|
|
|
$config['snmp']['v3'][0]['cryptoalgo'] = "AES";
|
|
|
|
|
|
### Configurer la détection automatique [ref](https://docs.librenms.org/#Extensions/Auto-Discovery/)
|
|
|
|
|
|
$config['nets'][] = '192.168.22.0/24';
|
|
|
|
|
|
### Server Syslog
|
|
|
|
|
|
* Installer syslog-ng
|
|
|
|
|
|
* Ajouter à la configuration /etc/syslog-ng/syslog-ng.conf
|
|
|
|
|
|
source s_net {
|
|
|
tcp(port(514) flags(syslog-protocol) max-connections(50) so_keepalive(yes));
|
|
|
udp(port(514) flags(syslog-protocol) max-connections(50) so_keepalive(yes));
|
|
|
};
|
|
|
|
|
|
destination d_librenms {
|
|
|
program("/opt/librenms/syslog.php" template ("$HOST||$FACILITY||$PRIORITY||$LEVEL||$TAG||$R_YEAR-$R_MONTH-$R_DAY $R_HOUR:$R_MIN:$R_SEC||$MSG||$PROGRAM\n") template-escape(yes));
|
|
|
};
|
|
|
|
|
|
log {
|
|
|
source(s_net);
|
|
|
source(s_sys);
|
|
|
destination(d_librenms);
|
|
|
};
|
|
|
|
|
|
* Redémarrer le service
|
|
|
|
|
|
service syslog-ng restart
|
|
|
|
|
|
* Ajouter dans la config la configuration librenms (/opt/librenms/config.php)
|
|
|
|
|
|
$config['enable_syslog'] = 1;
|
|
|
|
|
|
---
|
|
|
|
|
|
## Configuration des clients
|
|
|
|
|
|
### SNMPd
|
|
|
|
|
|
* installer snmpd
|
|
|
|
|
|
# apt install snmpd libsnmp-dev
|
|
|
- or -
|
|
|
# apt-get install snmpd libsnmp-dev
|
|
|
|
|
|
* editer le fichier de configuration /etc/snmp/snmpd.conf et définir les agentAdress comme tel :
|
|
|
|
|
|
# Listen for connections from the local system only
|
|
|
#agentAddress udp:127.0.0.1:161
|
|
|
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
|
|
|
agentAddress udp:161,udp6:[::]:161
|
|
|
|
|
|
* plus bas, éditer les champs *sysLocation* et *sysContact*
|
|
|
|
|
|
|
|
|
* arrêter SNMP
|
|
|
|
|
|
# systemctl stop snmpd
|
|
|
- or -
|
|
|
# service snmpd stop
|
|
|
|
|
|
* Ajouter un utilisateur pour snmp v3:
|
|
|
|
|
|
# net-snmp-create-v3-user -a SHA -x AES
|
|
|
Enter a SNMPv3 user name to create:
|
|
|
itopie
|
|
|
Enter authentication pass-phrase:
|
|
|
<auth password>
|
|
|
Enter encryption pass-phrase:
|
|
|
<encrypt password>
|
|
|
|
|
|
* démarrer SNMP
|
|
|
|
|
|
# systemctl start snmpd
|
|
|
- or -
|
|
|
# service snmpd start
|
|
|
|
|
|
* Ajouter le client dans libreNMS
|
|
|
|
|
|
* Via snmp-scan sur le serveur
|
|
|
|
|
|
/opt/librenms/snmp-scan.php -lv 192.168.XX.YY/32
|
|
|
- or, for multiple hosts -
|
|
|
/opt/librenms/snmp-scan.php 192.168.XX.0/24
|
|
|
|
|
|
|
|
|
* Manuellement, via l'interface web ("Add device")
|
|
|
|
|
|
* Contrôler les accès SNMP sur l'interface web
|
|
|
|
|
|
* Retirer l'erreur : **error on subcontainer 'ia_addr' insert (-1)**
|
|
|
|
|
|
# sed -i "s|-Lsd|-LS6d|" /etc/default/snmpd
|
|
|
|
|
|
### Client syslog
|
|
|
|
|
|
#### rsyslog
|
|
|
|
|
|
* create /etc/rsyslog.d/loghost.conf and add:
|
|
|
|
|
|
*.* @@your-syslog-server-ip-or-dns:514
|
|
|
|
|
|
### Configuration spéciale Proxmox
|
|
|
|
|
|
* For Proxmox 4.4+ install the libpve-apiclient-perl package
|
|
|
|
|
|
apt install libpve-apiclient-perl
|
|
|
|
|
|
* Download the script onto the desired host (the host must be added to LibreNMS devices)
|
|
|
|
|
|
wget https://raw.githubusercontent.com/librenms/librenms-agent/master/agent-local/proxmox -O /usr/local/bin/proxmox
|
|
|
|
|
|
* Make the script executable:
|
|
|
|
|
|
chmod +x /usr/local/bin/proxmox
|
|
|
|
|
|
* Edit your snmpd.conf file (usually /etc/snmp/snmpd.conf) and add:
|
|
|
|
|
|
extend proxmox /usr/bin/sudo /usr/local/bin/proxmox
|
|
|
|
|
|
* after, edit your sudo users (usually visudo) and add at the bottom:
|
|
|
|
|
|
snmp ALL=(ALL) NOPASSWD: /usr/local/bin/proxmox
|
|
|
|
|
|
* Restart snmpd on your host
|
|
|
|
|
|
systemctl restart snmpd
|
|
|
|
|
|
|
|
|
[En haut](/installation/librenms) |