apt update
apt upgrade
timedatectl set-timezone Asia/Hong_Kong
apt install -y apache2 rrdtool mariadb-server snmp snmpd php8.1 php-mysql php8.1-snmp php8.1-xml php8.1-mbstring php8.1-cli php8.1-gd php8.1-gmp php8.1-zip php8.1-ldap php8.1-intl
/usr/bin/mysql_secure_installation
mysql_tzinfo_to_sql /usr/share/zoneinfo/ | mysql -u root -p mysql
a2enmod ssl
a2ensite default-ssl
vi /etc/apache2/sites-available/default-ssl.conf
SSLCertificateFile /etc/ssl/certs/full_chain.pem
SSLCertificateKeyFile /etc/ssl/private/private.key
SSLCACertificateFile /etc/ssl/certs/rootCA.cer
add-apt-repository ppa:phpmyadmin/ppa
apt install phpmyadmin
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
vi /etc/my.cnf
[mysqld]
max_heap_table_size = 33554432
tmp_table_size = 33554432
innodb_buffer_pool_size = 508559360
innodb_doublewrite = OFF
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads = 16
innodb_io_capacity = 5000
innodb_io_capacity_max = 10000
vi /etc/mysql/mariadb.conf.d/50-server.cnf
#collation-server = utf8mb4_general_ci
collation-server = utf8mb4_unicode_ci
git clone -b 1.2.x https://github.com/Cacti/cacti.git
mv cacti /var/www/html
mysql -u root -p
CREATE DATABASE cacti DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ;
GRANT ALL PRIVILEGES ON cacti.* TO 'cactiuser'@'localhost' IDENTIFIED BY 'cactiuser';
GRANT SELECT ON mysql.time_zone_name TO cactiuser@localhost;
ALTER DATABASE cacti CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
FLUSH PRIVILEGES;
mysql -u root cacti < /var/www/html/cacti/cacti.sql
cd /var/www/html/cacti/include
cp config.php.dist config.php
vi /var/www/html/cacti/include/config.php
$database_type = 'mysql';
$database_default = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cactiuser';
$database_password = 'cactiuser';
$database_port = '3306';
$database_retries = 5;
$database_ssl = false;
$database_ssl_key = '';
vi /var/www/html/cacti/service/cactid.service
#User=apache
#Group=apache
mkdir /etc/sysconfig/
touch /etc/sysconfig/cactid
cp -p /var/www/html/cacti/service/cactid.service /etc/systemd/system
systemctl enable cactid
systemctl start cactid
systemctl status cactid
chown -R www-data:www-data /var/www/html/cacti/
vi /etc/php/8.1/apache2/php.ini
date.timezone = Asia/Hong_Kong
memory_limit = 400M
max_execution_time = 60
vi /etc/php/8.1/cli/php.ini
date.timezone = Asia/Hong_Kong
systemctl restart apache2
systemctl restart mysql
cd /var/www/html/cacti/plugins
git clone https://github.com/Cacti/plugin_weathermap.git
mv plugin_weathermap weathermap
git clone https://github.com/Cacti/plugin_monitor.git
mv plugin_monitor monitor
git clone https://github.com/Cacti/plugin_thold.git
mv plugin_thold thold
#git clone https://github.com/Cacti/plugin_wmi.git
#mv plugin_wmi wmi
git clone https://github.com/Cacti/documentation.git
git clone https://github.com/Cacti/plugin_syslog.git
mv plugin_syslog syslog
git clone https://github.com/Cacti/plugin_mactrack.git
mv plugin_mactrack mactrack
#git clone https://github.com/Cacti/plugin_hmib.git
#mv plugin_hmib hmib
git clone https://github.com/Cacti/plugin_flowview.git
mv plugin_flowview flowview
chown -R www-data:www-data /var/www/html/cacti
apt install rsyslog-mysql
vi /etc/rsyslog.d/cacti.conf
$ModLoad imudp
$UDPServerRun 514
$ModLoad ommysql
$template cacti_syslog,"INSERT INTO syslog_incoming(facility_id, priority_id, program, logtime, host, message) \
values (%syslogfacility%, %syslogpriority%, '%programname%', '%timegenerated:::date-mysql%', '%HOSTNAME%', TRIM('%msg%'))", SQL
*.* >localhost,my_database,my_user,my_password;cacti_syslog
cp /var/www/html/cacti/plugins/syslog/config.php.dist /var/www/html/cacti/plugins/syslog/config.php
vi /var/www/html/cacti/plugins/syslog/config.php
#$use_cacti_db = true;
$use_cacti_db = false;
https://xxx.xxx.xxx.xxx/cacti
admin
admin
全部Default, 而且所有requirement應該已經符合了, 直至以下Default Profile改用1分鍾, 亦改為手動不Scan
上面應該全部完成直接進入到正式Console, 我會先重新設定Sites, 把Default的都Delete, 然後重新增加Site
我有兩個Site, 把SKW & TKO都加進去
我的實例是Sophos Firewall
Name, Contact Person 和最低下的 SNMPv1 and v2c community and traps的Name都是同一個名字
Source就是Cacti的IP, 由於我有2台Cacti, 所以有2個資料
回到Cacti, 這裏的Hostname是Firewall的MGT IP, SNMP Community String是剛才在Firewall裏的名字
增加成功就能看到類似下面的資訊
SKW-Firewall (xxx.xxx.xxx.xxx)
SNMP Information
System: Linux localhost 4.14.277 #2 SMP Fri Jan 5 08:52:46 UTC 2024 x86_64
Uptime: 62945900 (7days, 6hours, 50minutes)
Hostname: xxxxxx
Location: SKW
Contact: xxxxxx
然後按右上角的 Create Graphs for this Device, 把你需要Monitor的都勾選, Select a Graph Type to Create選擇In/Out Bits (64-bit, 95th)
MRTG圖表已經可以成生, 選擇上面的Graphs, Device選擇剛才的SKW-Firewall, Presets選擇Last Half Hour方便查看最近的流量
另一個常用的功能是Graphs裏面的Tree View, 像是自己分Folder
另外一個Cisco的實例
ip access-list standard ACL-SNMP
permit xxx.xxx.xxx.xxx 0.0.0.0
snmp-server community public RO ACL-SNMP
Weathermap是很建議安裝的, 它可以看到最近的流量那個位置出現樽頸, 那裏將會用滿了
在Actions先把Weathermap Install及Enable
到Wathermaps裏按+
然後在Actions下面按Clone
現在多出了一個Simple Map, 然後按進去
Map Properties更改一下名稱, 圖片, Default Link Bandwidth.
Link Width隨便可改可不改
Map Style - Link Labels我改成Percentage
按Add Node, 然後隨便點一下就會放到地圖上, 然後Right Click新設的Node, 選Properties, 改Label & Icon Filename圖片, 如果要移動就按Move, 再在地點上點一下
使用Add Link去增加Network Flow, 如果用TKO Switch的MRTG, 就先點TKO Switch一下, 再點TKO Firewall一下, 就會生成兩個箭咀
右鍵其中一個箭咀選擇TKO Switch連到Firewall的Port, Add, Save
