でmuninを使う
前にmuninをFreeBSDで使ったことがあったが,先日別のマシンでもmuninを入れようとしたら忘れまくって苦労したのでメモ
cd /usr/ports/sysutils/munin-node make config-recursive make install clean cd /usr/ports/sysutils/munin-master make config-recursive make install clean
今回途中,/usr/ports/www/p5-HTML-Parserで止まる場合があったのでそれの対処方法を載せときます.
まず,原因として3.64がDL出来ないことが原因のようだった.しかし,3.65はあるのでそれで我慢してもらうことにした.
cd /usr/ports/www/p5-HTML-Parser vi Makefile 3.64 →3.65 rm distinfo cd /usr/ports/distfiles fetch http://www.sfr-fresh.com/fresh/unix/www/HTML-Parser-3.65.tar.gz cd /usr/ports/www/p5-HTML-Parser make install clean
ここでうまくインストールできたら,また,
cd /usr/ports/sysutils/munin-nodeとかに戻って再びmake install cleanを始めれば良い
ちなみにdistinfoをけしてもmake makesumでもう一回作成できる.
例
cd /usr/ports/www/p5-HTML-Parser rm distinfo make makesum
インストールが終わったら設定を行う.
vi usr/local/etc/munin/munin.conf [hoge.localhost] address 127.0.0.1 use_node_name yes vi usr/local/etc/munin/munin-node.conf # Which address to bind to; #host * host 127.0.0.1
vi /usr/local/etc/apache22/Includes/munin.conf Alias /munin/ "/usr/local/www/munin/" <Directory "/usr/local/www/munin/"> Options none Order Deny,Allow Deny from all Allow from all </Directory>
プラグインの設定.必要なぶんだけ繰り返す.
ln -s /usr/local/share/munin/plugins/df /usr/local/etc/munin/plugins/df
起動に追加した場合には以下のコマンドで再起動すること.
/usr/local/etc/rc.d/munin-node restart
muninの起動
vi /etc/rc.conf munin_enable="YES" /usr/local/etc/rc.d/munin-node restart
あとはhttp://serveraddress/munin/でみることができる.出来ない場合は /var/log/muninでエラーログの表示を見る.具体的には別ウインドウでターミナルを開き,screenを使いC-a Sを押して画面を上下に2つに分けて上でtail -f /var/log/munin/munin-node.log 下でtail -f /var/log/munin-graph.logを監視すると良い.
muninのプラグインのsshd_logが個人的にはおすすめだがそのままでは動かないので多少いじったのを載せる.
http://qurl.com/w9dnp
or
http://muninexchange.projects.linpro.no/?search=&cid=27&os[4]=on&os[7]=on&os[3]=on&os[2]=on&os[5]=on&os[8]=on&os[1]=on&os[6]=on&pid=420http://muninexchange.projects.linpro.no/?search=&cid=27&os[4]=on&os[7]=on&os[3]=on&os[2]=on&os[5]=on&os[8]=on&os[1]=on&os[6]=on&pid=420
vi /usr/local/share/munin/plugins/sshlog #!/bin/sh # # Plugin to monitor auth.log for sshd server events. # # Require read permitions for $LOG # (set in /etc/munin/plugin-conf.d/munin-node on debian) # On busy servers you can change value type to COUNTER and set min to 0 to avoid minus peaks at logrotate # # $Log$ # Revision 1.2 2010/03/19 15:03:00 pmoranga # Revision 1.1 2009/04/26 23:28:00 ckujau # Revision 1.0 2009/04/22 22:00:00 zlati # Initial revision # # Parameters: # # config (required) # autoconf (optional - used by munin-config) # # Magick markers (optional): #%# family=auto #%# capabilities=autoconf LOG=${logfile} CATEGORY=${category:-system} if [ "$1" = "autoconf" ]; then if [ -r "$LOG" ]; then echo yes exit 0 else echo no exit 1 fi fi if [ "$1" = "config" ]; then echo 'graph_title SSHD login stats from auth.log' echo 'graph_args --base 1000 -l 0' echo 'graph_vlabel logins' echo 'graph_category' $CATEGORY echo 'LogPass.label Successful password logins' echo 'LogPassPAM.label Successful login via PAM' echo 'LogKey.label Successful PublicKey logins' echo 'NoID.label No identification from user' echo 'rootAttempt.label Root login attempts' echo 'InvUsr.label Invalid user login attepmts' echo 'NoRDNS.label No reverse DNS for peer' echo 'Breakin.label Potential Breakin Attempts' exit 0 fi awk 'BEGIN{ c["LogPass"]=0; c["LogKey"]=0; c["NoID"]=0; c["rootAttempt"]=0; c["InvUsr"]=0; c["LogPassPAM"]=0; c["Breakin"]=0; c["NoRDNS"]=0; } /sshd\[.*Accepted password for/{c["LogPass"]++} /sshd\[.*Accepted publickey for/{c["LogKey"]++} /sshd\[.*Did not receive identification string/{c["NoID"]++} /sshd\[.*Failed password for root/{c["rootAttempt"]++} /sshd\[.*Invalid user/{c["InvUsr"]++} /sshd\[.*POSSIBLE BREAK-IN ATTEMPT!/{c["Breakin"]++} /sshd\[.*keyboard-interactive\/pam/{c["LogPassPAM"]++} /sshd\[.*reverse mapping checking getaddrinfo/{c["NoRDNS"]++} END{for(i in c){print i".value " c[i]} }' < $LOG ln -s /usr/local/share/munin/plugins/sshlog /usr/local/etc/munin/plugins/sshlog
このpluginを使用するためにplugins.confに以下を追加
vi /usr/local/etc/munin/plugin-conf.d/plugins.conf [sshlog] user root env.logfile /var/log/auth.log env.category users /usr/local/etc/rc.d/munin-node restart