System Engineering/Zabbix

Zabbix로 스위치 트래픽 모니터링하기

Hopulence 2021. 10. 2. 13:35
  • 준비

Source 파일 다운로드 

https://www.zabbix.com/download_sources

 

Download Zabbix sources

 

www.zabbix.com

 

  • 유저생성
groupadd --system zabbix
useradd --system -g zabbix -d /usr/lib/zabbix -s /sbin/nologin -c "Zabbix Monitoring System" zabbix

 

  • DB 설치
yum install -y mariadb mariadb-server

systemctl enable mariadb
systemctl start mariadb

mysql_secure_installation
mysql -u root -p

mysql> create database zabbix character set utf8 collate utf8_bin;
mysql> create user 'zabbix'@'localhost' identified by '비밀번호';
mysql> grant all privileges on zabbix.* to 'zabbix'@'localhost';
mysql> quit;
cd zabbix-5.4.4/database/mysql

mysql -uzabbix -p zabbix < schema.sql
mysql -uzabbix -p zabbix < images.sql
mysql -uzabbix -p zabbix < data.sql

 

  • 소스 컴파일
yum instal -y gcc libevent-devel libcurl-devel mysql-devel net-snmp net-snmp-devel net-snmp-utils
yum install -y libxml2 libxml2-devel ipmitool OpenIPMI OpenIPMI-devel
./configure --enable-server  --enable-agent --with-mysql --with-net-snmp --with-libcurl --with-libxml2 --with-openipmi

make install

 

  • Zabbix 설정
vi /usr/local/etc/zabbix_server.conf

DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword='USER_PASS'
AllowRoot=1
StartSNMPTrapper=1
ListenIP=0.0.0.0

 

  • PHP 설치 및 설정
yum install epel-release yum-utils  
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum-config-manager --enable remi-php72

yum install -y mod_php72w php72w-cli php72w-bcmath php72w-gd php72w-mbstring php72w-mysqlnd php72w-pear php72w-xml php72w-xmlrpc php72w-process
vi /etc/php.ini

max_execution_time = 300
memory_limit = 256M
post_max_size = 32M
max_input_time = 300
date.timezone = Asia/Seoul
mkdir -p /var/www/html/zabbix
cp -a /root/zabbix-5.4.4/ui/* /var/www/html/zabbix/
chown -R zabbix:zabbix /var/www/html/zabbix

systemctl enable httpd
systemctl start httpd

 

  • Zabbix 실행
zabbix_server
zabbix_agentd
[root@zabbix-nms ~]# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:10050           0.0.0.0:*               LISTEN      1930/zabbix_agentd  
tcp        0      0 0.0.0.0:10051           0.0.0.0:*               LISTEN      1840/zabbix_server  
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      1420/mysqld

 

  • Web Setup

접속 URL : http://‘서버IP’/zabbix/setup.php

 

 

  • 스위치 SNMP 설정
[ Cisco ]

snmp-server view v1default ifInOctets included
snmp-server view v1default ifOutOctets included
snmp-server community public RO
snmp-server community private RW
snmp-server community Community RW
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server host 192.168.xxx.xxx version 2c public  snmp
snmp ifmib ifindex persist
 [ HP ]
 
 snmp-agent
 snmp-agent local-engineid 383030303633413236353133393433464332323345314430
 snmp-agent community read public
 snmp-agent sys-info contact Hewlett Packard Enterprise...
 snmp-agent sys-info version v2c v3
 snmp-agent group v3 zabbix write-view ViewDefault notify-view ViewDefault
 snmp-agent target-host trap address udp-domain 192.168.xxx.xxx params securityname public v2c
 snmp-agent mib-view included ViewDefault ifInOctets
 snmp-agent mib-view included ViewDefault ifOutOctets
 snmp-agent usm-user v3 zabbix zabbix

 

  • SNMP Parsing 확인
### Traffic Input

[root@zabbix-nms ~]# snmpwalk -v 2c 192.168.xxx.xxx -c public 1.3.6.1.2.1.2.2.1.10
IF-MIB::ifInOctets.1 = Counter32: 243367394
IF-MIB::ifInOctets.5001 = Counter32: 0
IF-MIB::ifInOctets.10101 = Counter32: 2869348702
IF-MIB::ifInOctets.10102 = Counter32: 1880111613
IF-MIB::ifInOctets.10103 = Counter32: 3683712549
IF-MIB::ifInOctets.10104 = Counter32: 4020765803
IF-MIB::ifInOctets.10105 = Counter32: 3039488980
IF-MIB::ifInOctets.10106 = Counter32: 3838778564
IF-MIB::ifInOctets.10107 = Counter32: 613760664
IF-MIB::ifInOctets.10108 = Counter32: 2709897340
IF-MIB::ifInOctets.10109 = Counter32: 1061393689
IF-MIB::ifInOctets.10110 = Counter32: 0
IF-MIB::ifInOctets.10111 = Counter32: 0
IF-MIB::ifInOctets.10112 = Counter32: 1693852615
IF-MIB::ifInOctets.10113 = Counter32: 42182838
IF-MIB::ifInOctets.10114 = Counter32: 3901761840
IF-MIB::ifInOctets.10115 = Counter32: 44912060
IF-MIB::ifInOctets.10116 = Counter32: 0
IF-MIB::ifInOctets.10117 = Counter32: 35885476
IF-MIB::ifInOctets.10118 = Counter32: 7302882
IF-MIB::ifInOctets.10119 = Counter32: 680
IF-MIB::ifInOctets.10120 = Counter32: 0
IF-MIB::ifInOctets.10121 = Counter32: 2431267884
IF-MIB::ifInOctets.10122 = Counter32: 0
IF-MIB::ifInOctets.10123 = Counter32: 264289794
IF-MIB::ifInOctets.10124 = Counter32: 0
IF-MIB::ifInOctets.10125 = Counter32: 0
IF-MIB::ifInOctets.10126 = Counter32: 0
IF-MIB::ifInOctets.10127 = Counter32: 0
IF-MIB::ifInOctets.10128 = Counter32: 0
IF-MIB::ifInOctets.10501 = Counter32: 0
### Traffic Output

[root@zabbix-nms ~]# snmpwalk -v 2c 192.168.xxx.xxx -c public 1.3.6.1.2.1.2.2.1.16
IF-MIB::ifOutOctets.1 = Counter32: 158730911
IF-MIB::ifOutOctets.5001 = Counter32: 0
IF-MIB::ifOutOctets.10101 = Counter32: 3176471534
IF-MIB::ifOutOctets.10102 = Counter32: 2535280094
IF-MIB::ifOutOctets.10103 = Counter32: 460181704
IF-MIB::ifOutOctets.10104 = Counter32: 1472208197
IF-MIB::ifOutOctets.10105 = Counter32: 715392809
IF-MIB::ifOutOctets.10106 = Counter32: 1835792725
IF-MIB::ifOutOctets.10107 = Counter32: 693096385
IF-MIB::ifOutOctets.10108 = Counter32: 652216884
IF-MIB::ifOutOctets.10109 = Counter32: 188325558
IF-MIB::ifOutOctets.10110 = Counter32: 0
IF-MIB::ifOutOctets.10111 = Counter32: 0
IF-MIB::ifOutOctets.10112 = Counter32: 4006622460
IF-MIB::ifOutOctets.10113 = Counter32: 2361356879
IF-MIB::ifOutOctets.10114 = Counter32: 1262388320
IF-MIB::ifOutOctets.10115 = Counter32: 2349639474
IF-MIB::ifOutOctets.10116 = Counter32: 0
IF-MIB::ifOutOctets.10117 = Counter32: 2354921253
IF-MIB::ifOutOctets.10118 = Counter32: 3050921113
IF-MIB::ifOutOctets.10119 = Counter32: 1558546140
IF-MIB::ifOutOctets.10120 = Counter32: 0
IF-MIB::ifOutOctets.10121 = Counter32: 3504356249
IF-MIB::ifOutOctets.10122 = Counter32: 0
IF-MIB::ifOutOctets.10123 = Counter32: 534083583
IF-MIB::ifOutOctets.10124 = Counter32: 0
IF-MIB::ifOutOctets.10125 = Counter32: 0
IF-MIB::ifOutOctets.10126 = Counter32: 0
IF-MIB::ifOutOctets.10127 = Counter32: 0
IF-MIB::ifOutOctets.10128 = Counter32: 0
IF-MIB::ifOutOctets.10501 = Counter32: 0

* 10101부터 10128까지가 Real Interface인듯하다.

 

  • Zabbix 설정
  1. 등록할 장비에 맞는 Template을 zabbix에서 import

zbx_export_templates-Cisco-SNMP-24Port.yaml
0.02MB
zbx_export_templates-HP-SNMP-24Port.yaml
0.02MB
zbx_export_templates-HP-SNMP-48Port.yaml
0.03MB
Configuration - Template - Import

2. Host 생성

Configuration - Host - Create host
* Hostname은 연동할 장비와 일치해야 한다.
Yaml로 Import했던 Template을 link해준다.
SNMP Community String을 MACRO로 설정

 

3. 데이터 수집 확인

Monitoring - Host - Lata Data
첨부된 Template은 Delta 값으로 산출된다.

 

4. Dashboard 생성

Dashboard에서 Widget 생성 후 Save
스위치 1대의 포트별 트래픽을 5분마다 합산하여 출력해준다.

+ 트래픽 추이 비

Time shift 옵션을 넣어준 그래프로 전일 트래픽과 비교가 가능하다