Configuring SNMP OID for Memory utilization Monitoring

,

Configuring SNMP OID for Memory Utilization Monitoring

  1. In this article we look at how to configure the SNMP OID for memory utilization monitoring of specific device. If you do not know the OID for a device, contact the device manufacturer and request the OID for the function required.

Procedure

Step 1. Right-click on the device that required RAM utilization monitoring and select View Device Info.

Step 2. The View Device Info window opens. Click on SNMP OID.

Step 3. The SNMP OID window opens. Examine the entries for “platform specific oid memory utilization.” In this case two OID entries have been made. Depending on the manufacturer, one or two entries will be entered.

Step 4. If there are no entries, then SNMP OID need to be entered to enable the memory utilization monitoring.

Step 5. To enter platform specific OID for memory utilization, click on the text.

Step 6. The SNMP OID (memory utilization) window appears.

The manufacturer will tell you how the device reports memory utilization. If the device reports Memory Utilization Percent directly, the OID is entered in that box and provisioning is done. If the device reports separate values for total, free or used, then the OID information for each count need to be entered. Nectus will perform the calculation to arrive at Memory Utilization.

For example, when the device reports Memory Utilization Percent directly, the OID is entered in the first box and provisioning is complete.

In this case, the device reports Memory Used and Memory Free, so the OID for Memory Used is entered in the Memory Used space and the OID for Memory Free is entered in the Memory Free space. Nectus will compute utilization as Memory Used / (Memory Used + Memory Free) * 100.

In this case, the device reports Memory Free and Memory Total, so the OID for Memory Free is entered in the Memory Free space, and the OID for Memory Total is entered in the Memory Total space. Nectus will compute utilization as Memory Free / Memory Total * 100.

Step 7. Click on the OK button. Nectus will provision the OID information, unless an error is discovered.

In this case Nectus is reporting that Used and Free Memory OIDs are required.

We re-enter the OID information as Memory Used and Memory Free, and click OK.

Step 8. The OID assignments are accepted and displayed on the View Device window.

Testing

  1. Testing: Testing the assignments can be done by examining the utilization display or retrieving the OID contents.

Step 1. Click View Device General to see the results of configuration.

RAM percent utilization is working.

Step 2. Testing: Click on the dial to see a graph of the measurement over time.

Step 3. Testing: To retrieve current value of OID select SNMP OID tab and click on “TEST” for OID of interest.

Step 4. Change SNMP Walk to GET.

Step 5. Click Start.

Step 6. Current value of the OID will be displayed.

How to install additional polling agent

,

Step 1: Login to Nectus Portal in the home page. Select Settings -> Global Monitoring Settings.

Step 2: Next, select Distributed Agents to get the list of configured agents. Click on Create button to create a new poller agent.

]

Step 3: Now, provide a valid and unique name to the agent. Here, the Distributed Agent Name is “Regional USA Polling“. Select the enabled checkbox and click on Ok to create the poller object in the main server.

Note: Once the agent installation is complete, the RED changes to GREEN.

Additionally, the status of configured agent can also be checked on home page near the search icon.

Now, let’s start the installation on the Additional Polling Agent Server.

Step 4: After the download is complete, double click on the exe file. Installer window opens up. Click on Next to proceed with the installation.

Step 5: Go through the License Agreement carefully and then click on the Agree button.

Step 6: Select Additional Polling Agent in the Installation Type window and click on the Next button.

Step 7: Select the relevant options. Click on the Next button.

Step 8: Select the destination folder. Make sure, a minimum of 2GB of disk space is available in the selected drive. Click on the Next button.

Step 9: Next, provide the same name in the Additional Agent Name as in step 3. Fill the main polling agent IP address in the textbox and click on the Next button.

Step 10: Warning: Ensure that we open 10167 and 10168 ports between the new and main agent. If not, below error message will pop up.

Step 11: Then, key in a password to integrate the agent with the main server database.

Step 12: Log in to the main server and go to C:\Program Files\Nectus\Web\Apache24\htdocs\protected\config\ path and open database.ini file.

Step 13: Copy the password of vconsole username and paste it on the additional agent installer password textbox and click on the Install button.

Step 14: Once the installation completes, click on Next to proceed further.

Step 15: Finally, click on the Finish button and close the window.

As mentioned earlier, the additional poller status automatically converts to GREEN after successful installation.

Congrats! We have successfully installed the additional polling agent and integrated it with the main server.

 

Nectus not impacted by Log4J (CVE-2021-44228) Vulnerability

Nectus doesn’t use Apache LOG4J in any of its modules and is not impacted by recent Log4J (CVE-2021-44228) vulnerability.

 

 

How to Manually Generate a Process Dump using Process Explorer

Problem

There may be times where a process dump file (or files) are required to troubleshoot a specific problem. The steps in this document walk through the process of generating a dump file using Process Explorer for IBM Support analysis. While the example used covers the tm1sd.exe process, the same steps can be followed for any process on the operating system. NOTE: You may follow a very similar approach using only Windows Task Manager, however Windows Task Manager will not allow you to choose a dump file location. This step is important if your application consumes a lot of memory and you do not have enough disk space on your Windows drive (C:).

Resolving The Problem

  1. Download Process Explorer
  2. Locate your Process Explorer executable, procexp64.exe.
  3. Right-click the process and select run as an Administrator.
  4. When Process Explorer has opened, look for the process/executable name in the Process column.
    • If more than one process with the same process/executable name exists, hover over the executable and review the Services parameter and confirm that the details match what you are expecting.
  5. Once the correct process has been found, right-click the process and select Create Dump > Create Full Dump
  6. When prompted, specify the directory where you wish to write the dump file to.
    • Ensure that the disk you are writing to has enough space to write the file.
    • The file will be close to the size of the memory used by the process.
  7. After you click the Save button, it can take a few minutes for the file to finish writing to disk.
    • During this time the process will freeze until the dump has been written.
  8. The resulting dump file should be compressed and provided to IBM Support for review.

How to enable VMware Monitoring in Nectus

Enable Monitoring of VMware Using Nectus

Step 1. Navigate to Settings → General Settings → VMware VCenter Integration .

Step 2. VMware – vCenters window opens.

Step 3. Left-click Create New Group.

Step 4. The Add VCenter Group window opens.

Step 5. Name the Group (MyvCenter). Check Enable Monitoring. Click OK.

Step 6. Group Name appears in VMware – vCenters window.

Step 7. In VMware – vCenters window, click on vCenter Servers.

Step 8. Click Add.

Step 9. In the Add vCenter Server window, Enter Server name, IP address, Username and Password. Check that correct group is selected. Click Test.

Step 10. Test Connection tests OK (see message Test Connection OK). Click OK in lower right corner of window.

Step 11. Server shows in list of servers in VMware – vCenters window. Click Close.

Step 12. In Nectus main menu, on the left, click on VMware vCenter. A drop-down menu appears.

Step 13. Expand the list of ESX Hosts or Datastores to verify import. It may take up to 15 min for all objects to be discovered and loaded to Nectus.

How to Enable Meraki API Integration in Nectus

How to Enable Meraki Integration in Nectus

  1. Obtain the Meraki API key.

Follow the procedure in the Meraki document to generate the API key. The document may be found at https://documentation.meraki.com. Keep this key secure.

The key is an alphanumeric string of 40 characters.

Sample API key: fffc2def3g34345mn7888u8wz9565b0cde

  1. Enable Meraki integration in Nectus.

Step 1. In the Main Menu, go to Settings → General Settings → Meraki Integration.

Step 2. The Meraki Integration window opens.

Step 3. Check Enable Meraki API Integration box. Copy and paste API key into window. Click Test.

Step 4. When test is successful, click OK.

Step 5. On left side of main window, click Meraki, right click on All Meraki Devices, select Reload Data From Meraki. The Reload Data from Meraki window opens, letting you know that the reload is in progress. Close this window.

Step 7. After a few minutes, the list of Meraki devices will appear.

How to discover/add a single device in Nectus (1.64.xx)

How to discover/add a single device in Nectus

Step 1

In the main window, click on “Tools”, and in the drop-down box, select “Manual Network Discovery”

Step 2

The Discovery Start Window opens

Step 3

In the Discovery Start Window, change “Full Discovery” to “Partial Discovery”.

Step 4

Enter IP address and click “Start”

Step 5

The Start Discovery window asks, “Start Discovery, are you sure?” Click “OK”.

Step 6

Close the Discovery Start window by clicking on “Close” in the lower right-hand side.

Step 7

To check that discovery ran to completion, go to the Main Window and click on “Logs” and then select “Discovery Log”.

Step 8

The Discovery Log opens. Here we see that our discovery (ID 4) ran to completion in 0 minutes and 23 seconds.

 

NetFlow Configuration Examples for Cisco Routers

,

Catalyst 4500 Series Switch IOS NetFlow Configuration
——————————————————————-

switch(config)# ip flow ingress
switch(config)# ip flow ingress infer-fields
switch(config)# ip flow-export destination <Nectus IP address> 2055
switch(config)# ip flow-export source Loopback0
switch(config)# ip flow-export version 9
switch(config)# ip flow-cache timeout active 1
switch(config)# ip flow-cache timeout inactive 15

Cisco 3800 Series Router NetFlow Configuration
—————————-
Step 1. Define Flow Record format
router(config)# flow record NECTUS_NETFLOW_RECORD
router(config-flow-record)# description NetFlow record format to send to Nectus Netflow Collector
router(config-flow-record)# match ipv4 ttl
router(config-flow-record)# match ipv4 tos
router(config-flow-record)# match ipv4 protocol
router(config-flow-record)# match ipv4 source address
router(config-flow-record)# match ipv4 destination address
router(config-flow-record)# match transport source-port
router(config-flow-record)# match transport destination-port
router(config-flow-record)# match interface input
router(config-flow-record)# match flow direction
router(config-flow-record)# collect interface input
router(config-flow-record)# collect interface output
router(config-flow-record)# collect counter bytes
router(config-flow-record)# collect counter packets
router(config-flow-record)# collect timestamp absolute first
router(config-flow-record)# collect timestamp absolute last
router(config-flow-record)# collect routing source as
router(config-flow-record)# collect routing destination as

 

Step 2. Create Flow Exporter (Specify where NetFlow to be sent)
router(config)# flow exporter NECTUS_NETFLOW_EXPORTER
router(config-flow-exporter)# description Export NetFlow to Nectus
router(config-flow-exporter)# destination <Nectus IP address>
router(config-flow-exporter)# source Loopback0
router(config-flow-exporter)# transport udp 2055
router(config-flow-exporter)# export-protocol netflow-v9

 

Step 3. Create Flow Monitor (Bind Flow Record to the Flow Exporter)
router(config)# flow monitor NECTUS_NETFLOW_IPv4_MONITOR
router(config-flow-monitor)# record NECTUS_NETFLOW_RECORD
router(config-flow-monitor)# exporter NECTUS_NETFLOW_EXPORTER
router(config-flow-monitor)# cache timeout active 60

 

Step 4. Assign Flow Monitor to Selected Interfaces
Repeat this step for every interface you are interested collecting NetFlow for.
router(config)# interface TenGigE 1/1  (repeat for every interface that you need)
router(config-if)# ip flow monitor NECTUS_NETFLOW_IPv4_MONITOR input
router(config-if)# ip flow monitor NECTUS_NETFLOW_IPv4_MONITOR output

 

Step 5. Operation Validation
show flow record NECTUS_NETFLOW_RECORD
show flow monitor NECTUS_NETFLOW_IPv4_MONITOR statistics
show flow monitor NECTUS_NETFLOW_IPv4_MONITOR cache

Configuring VMware monitoring

Nectus release 1.60 includes with a new VMware monitoring module.

Nectus can monitor following VMware infrastructure elements:

  • vCenter servers
  • ESX Hosts
  • Datastores
  • Virtual Machines

Nectus can monitor and alert on following  metrics for all elements:

  • ICMP Availability and Latency
  • CPU utilization
  • RAM utilization
  • Storage free space availabilty
  • Disk Read/Write rates
  • Disk I/O Transactions rate
  • Disk Average and Max Latency
  • Network Rx/Tx throughput rates
  • VM Status (Power,  Heartbeat, Connection)

 

To set up VMware monitoring go to Inventory/VMware/vCenters (as shown in the picture).

The following page will open. On this page you can create new vCenters groups, edit their settings, delete groups. Create at least one group to be able to add vCenter servers.

After pressing “Edit” button you will see the form as shown in the picture on the right. Here you can enable/disable monitoring for entire group, select an appropriate ICMP monitoring profile, assign email and SMS lists for alerts.

Switch to the next tab of “VMware – vCenters” form to add/remove VMware vCenter servers.

The following window will appear after pressing “Add” button.

Fill out the fields here. The field “Server name” does not affect functioning and may be assigned to any value you like.

Username/Password must represent a valid VMware vCenter account.

Use “Test” button to check if the connection to vCenter may be established using the credentials provided.

After adding all desired vCenters you will see them on the list:

Managing VMware infrastructure

After configuring VMware groups and adding one or more vCenter servers the discovery of VMware infrastructure will start automatically.

You do not need to add ESX hosts, Datastores and Virtual machines manually.

Wait one or two monitoring cycles (5-10 minutes) for VMware entities to appear.

 

 

The discovered entities will appear in the Inventory:

After clicking “ESX hosts” you will see the following window displaying ESX host groups:

 

You can add more groups here (see picture below) or enable monitoring for the Default group.

If you move to the tab “ESX hosts” you can see the list of discovered items:

Warning: it is not possible to delete a non-empty group.

This applies to Datastores and Virtual Machines as well.

Discovered entities will also appear in the left tree of Nectus GUI.

To move an ESX host to another group switch to Groups in VMware combo, right click on the desired host, choose “Move ESX Host to…” and select the appropriate group.

The same applies to other VMware entities: you can view properties, graphs for Datastores and Virtual machines,

move them to other groups either from the tree or from the Inventory/VMware menu.

However, creating new groups is only available at Inventory/VMware menu.

 

Managing metrics to monitor

To set up metrics to monitor select Monitoring/VMware Monitoring Settings menu.

You will see the window as shown in the picture below.

Switch between tabs of VMware devices and metric groups to enable/disable selected metrics, customize them (see picture below) or to edit alert message templates.

 

After you have configured the desired metrics, Nectus server will automatically load them and start to monitor.

How to install SSL Certificate for Nectus GUI

,

This guide explains how to generate the CSR code and install a commercial SSL certificate for Windows Apache so that you could access your Nectus GUI page securely via HTTPS.

It assumes that during Nectus installation, you selected the default location which is C:\Program Files\Nectus.

If you installed Nectus in a different folder, make sure to adjust the commands and locations given in this guide accordingly.

In general, in order to have a website accessible using secure HTTPS connection, the web server must have a pair of public and private keys configured.

The public key must be signed by a trusted Certificate Authority and added to a digital SSL certificate.

To obtain that certificate, you will need to send the certificate signing request (CSR) code to your SSL provider. Please refer to instructions below:

Generating CSR using OpenSSL

  1. On your Windows server, press Win+R, enter cmd and hit OK

 

2. Enter the following command to run OpenSSL: “C:\Program Files\Nectus\Web\Apache24\bin\openssl.exe”

 

 

3. The prompt will change to OpenSSL>. This means we can run the OpenSSL commands now.

To generate a new CSR/Key pair for your future SSL certificate, execute the following this command:

 

req -new -newkey rsa:2048 -nodes -keyout “C:\Program Files\Nectus\Web\Apache24\conf\yourdomain.key” -out “C:\Program Files\Nectus\Web\Apache24\conf\yourdomain.csr” -config “C:\Program Files\Nectus\Web\Apache24\conf\openssl.cnf”

 

4. You will be prompted to enter certain information related to your domain.

The commentaries for each field are provided after the // sign.

Country Name (2 letter code) [AU]:US // enter the ISO 3166-2 compliant country code here

State or Province Name (full name) [Some-State]:California // the field for the state

Locality Name (eg, city) []:Los Angeles // the field for the city

Organization Name (eg, company) [Internet Widgits Pty Ltd]:NA // the name of your company. If you do not have a company or do not wish to indicate it, simply put NA

Organizational Unit Name (eg, section) []:NA // a department of your company. NA can be used here

Common Name (e.g. server FQDN or YOUR name) []:example.com // this is the field for your domain

Email Address []:. // this field is not required generally so you can leave it blank

Please enter the following ‘extra’ attributes

to be sent with your certificate request

A challenge password []:. // can be left blank

An optional company name []:. // can be left blank

 

5. Once done, the C:\Program Files\Nectus\Web\Apache24\conf\ directory will have two new files, the file with the CSR code (.csr) and the file with the private key (.key).

We’ll leave the private key for the time being. The CSR code has to be provided to your certificate vendor — this code is the base for your commercial SSL certificate.

Please contact your SSL vendor for instructions with SSL activation.

6. When the SSL is issued, you should receive at least two files: SSL certificate in a .crt (or .pem, .cer) file, and the CA-bundle (also can be called intermediate CA, root CA certificates) with extensions like .ca-bundle, .crt.

Please note that Apache requires only PEM-encoded certificates, so PKCS#7 or PKCS#12 encoded SSLs won’t work.

Configuring SSL for Apache

7. Upload those files to the C:\Program Files\Nectus\Web\Apache24\conf\ directory.

8. Then, go to the C:\Program Files\Nectus\Web\Apache24\conf\extra folder, and open the httpd-ssl.conf file in Notepad.

9. Find and edit the following directives and make sure that they point to the SSL certificate, Private Key, and the CA-bundle files accordingly:

 

SSLCertificateFile “${SRVROOT}/conf/yourdomain.crt”

SSLCertificateKeyFile “${SRVROOT}/conf/yourdomain.key”

SSLCACertificateFile “${SRVROOT}/conf/yourdomain.ca-bundle”

 

Note that the SSLCACertificateFile directive is commented out by default. You need to delete the # sign at the beginning of the string to uncomment the directive.

10. Save the configuration file

11. Return back to the C:\Program Files\Nectus\Web\Apache24\bin folder and double-click on ApacheMonitor.exe

 

12. The ApacheMonitor app will appear in the system tray at the lower right corner of your screen. Find and click it there.

13. Hit “Restart”

 

14. Now you can try accessing your Nectus GUI page in the browser via HTTPS: https://yourdomain.com

Configuring Linux Monitoring in Nectus

,

Configuring Linux Monitoring in Nectus

Nectus Server 1.55 adds feature to monitor some system parameters on hosts running Linux. Enabling this feature for your infrastructure requires two steps:

  • Configuring of Nectus Server;
  • Installing and configuring of Nectus remote agents on target Linux machines.

This guide describes steps for Nectus Server configs. Installing and configuring of Linux remote agents are described here.

Linux monitoring integration

Choose the following menu item from the Nectus GUI to set global Linux monitoring parameters.

This will open the next window:

  • Agent mode determines whether the agent runs in passive mode (when it waits for an incoming connection from the server and then collects the required metrics) or in active mode when the agent connects to the server pro-actively and sends the collected data.
  • Server TCP port sets the server port number for incoming connections from the agents running in active mode. If you set Agent mode to passive then this value is not used.
  • Pre-shared Key determines the secret key used to encrypt and decrypt messages between Nectus Server and the monitoring agents. You can set string of any length but recommended length is from 8 to 16 characters. The exactly same key should be set in all agents’ configuration files (parameter SERVER_PRESHARED_KEY, see details here).

Click OK to save configured parameters.

 

 

Select “Linux Monitoring Settings” from the “Monitoring” menu to configure your monitoring profiles for Linux machines.

Click “Create” to create a new monitoring profile:

In the following form enter the name of your profile and choose metrics you would like to monitor:

 

Configure the necessary metric parameters like minimal and maximal thresholds, alerting etc.

You can create any number of profiles and assign each of them to different group of Linux machines.

Linux Servers

 

Select “Linux Servers” from the “Inventory” menu to configure groups and servers to be monitored.

Click “Create new Group” in the next form:

 

Enter “Group Name” for the new group, select “Enable monitoring” and choose the desired Monitoring Profile for this server group:

Also select the appropriate alert recipients in this form.

You can create any number of monitoring groups if you need to apply different profiles or alert recipients for different server groups.

When you have finished with the groups switch to the next tab “Servers” in the same form and click “Add Server” to add a Linux server to be monitored:

In the next window enter the Hostname (optional, it will be obtained later during the monitoring process), IP address, TCP port of the remote agent’s listening socket (default 5400) and choose the appropriate Group:

You can choose different values of TCP port for different servers according to your network configuration. But note that this value must match the parameter AGENT_PORT set in the agent’s configuration file (see details here).

After clicking “OK” you will see the server in the following list and you will be able to View, Edit and Delete the server (operations are marked with a red square).

After you have added all the desired servers and installed the remote agents the process of monitoring of your Linux hosts will start automatically.

 

Device View Auto Population Rules

, ,

Device View Auto Population Rules

Device View is the logical grouping of the devices that can be used in different places within the Nectus application. In the previous versions of Nectus, the user would manually add devices into device views which may become a significant management overhead.

In Nectus version 1.55 we introduced an ability to automatically populate device views based on specific conditions such as device names, types, etc.

User can define a set of conditions which has to be true for Nectus to automatically add devices to device views.

This article will guide you through the process of defining the auto population rules for device views.

To access your SNMP Device Views go to Inventory Views SNMP Device View

 

 

To add a new Device View, click Create in the upper right hand corner of the SNMP Devices Views page.

 

Give a name to your new Device View.

 

.

Press Save button to finish creation of Device view.

 

Open again newly created device view and in the upper right-hand corner, select Edit Rules.

This will open the Devices View Auto Population Rules page.

 

Select the plus sign to add a new Auto Population Rule.

 

Add all the required Auto-population rules and press Ok button to Save.

If multiple rules are defined all the rules must be TRUE for device to be automatically added. (Logical AND).

Your rules will be processed daily at 3:00 PM.

If you would like to apply your rules immediately, press the Apply Rules button.

 

Linux Monitoring Agent Installation

Linux Monitoring Agent Installation

Nectus Linux Monitoring Agent is required to be installed on target machine to enable Nectus to monitor Linux system parameters such as CPU and RAM utilization, Storage and Network Utilization.

Agent collects all the required monitoring metrics and reports to the main Nectus Server every 5 minutes.

 

Step 1: Download Monitoring Agent Package

Download binary package appropriate to your target machine Linux flavor and version from the download page.

 

Step 2a: Installation for Debian-based systems (including Ubuntu)

After downloading the package run the following installation command:

$ sudo dpkg -i <package-name>

This will install Nectus monitoring agent on your target machine. If everything is OK you’ll see some output like this:

$ sudo dpkg -i nectus-agent-1.0-1.deb

(Reading database … 79643 files and directories currently installed.)

Preparing to unpack nectus-agent-1.0-1.deb …

Unpacking nectus-agent (1.0-1) over (1.0-1) …

Setting up nectus-agent (1.0-1) …

Processing triggers for systemd (229-4ubuntu21.21) …

Processing triggers for ureadahead (0.100.0-19) …

Step 2b: Installation for RedHat, CentOS and Amazon Linux

After downloading the package run the following installation command:

$ sudo rpm -U <package-name>.rpm

You’ll see output like this:

$ sudo rpm -U nectus-agent-1.0-1.el7.x86_64.rpm

Preparing…

 ################################# [100%]

Updating / installing…

    1:nectus-agent-1.0-1.el7           

################################# [100%]

 

Step 3: Configuration

After installation is complete you need to set up the agent’s basic configuration.

Nectus agent configuration file is located at: /etc/nectus/nectus-agent.conf.

Default configuration file content is listed in Appendix 1. Most of the values are set to defaults and don’t require a change except following two parameters:

  • SERVER_PRESHARED_KEY
  • AGENT_PORT

SERVER_PRESHARED_KEY is used to encrypt messages between the Agent and Nectus Server. Initially it’s set to value <YourSecretKey>.

Edit this parameter to match the key configured in Nectus GUI (Settings->General Settings ->Linux Monitoring Integration).

SERVER_PRESHARED_KEY is a global parameters that is used for all Linux Servers.

AGENT_PORT parameter determines the TCP port used by Agent to listen for incoming connections from the Nectus server. By default the TCP port is set to 5400.

AGENT_PORT is Server specific parameter that can be different on each Linux Server.

 

Step 4: Generate SSL Certificate (optional)

The Linux Monitoring Agent listens on pre-configured TCP port for incoming HTTPS connection and needs an SSL certificate to operate.

Default location for storing certificate files is /etc/nectus but it’s configurable (parameter SSL_CERTIFICATE_DIR in the configuration file).

You can either use any existing certificate or generate a new self-signed one.

To generate new self-signed certificate run commands:

$ cd /etc/nectus

$ openssl dhparam -out dh.pem 2048

$ openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 10000 -out certificate.pem

The directory pointed by SSL_CERTIFICATE_DIR parameter should finally contain files dh.pem, key.pem and certificate.pem.

 

Step 5: Open TCP port at the Firewall

If there is firewall between Nectus Server and Linux Monitoring Agent you need to permit connections on TCP port 5400 (Unless it is changed to a different port)

Make sure your Linux internal firewall also permits inbound connections on this port.

 

Step 6: Start Agent

Restart the agent in order for configuration changes to take effect:

$ service nectus-agent restart

Check it’s status to ensure proper operation:

$ service nectus-agent status

If case of successful start you’ll see some output like this:

$ service nectus-agent status

● nectus-agent.service – Nectus Agent

Loaded: loaded (/lib/systemd/system/nectus-agent.service; disabled; vendor preset: enabled)

Active: active (running) since Mon 2019-04-29 17:55:39 UTC; 4s ago

Process: 10247 ExecStart=/usr/bin/nectus-agent $CONFFILE (code=exited, status=0/SUCCESS)

Main PID: 10255 (nectus-agent)

Tasks: 2

Memory: 1.2M

CPU: 14ms

CGroup: /system.slice/nectus-agent.service

└─10255 /usr/bin/nectus-agent /etc/nectus/nectus-agent.conf

Apr 29 17:55:39 ubuntu-16 systemd[1]: Starting Nectus Agent…

Apr 29 17:55:39 ubuntu-16 systemd[1]: nectus-agent.service: PID file /run/nectus/nectus-agent.pid not readable

Apr 29 17:55:39 ubuntu-16 systemd[1]: Started Nectus Agent.

User account

For security reasons it’s not allowed to run Monitoring Agent as root user. If it’s trying to start as ‘root’ then the agent will drop its privileges to the user account set in configuration file

(usually /etc/nectus/nectus-agent.conf) as USER_INSTEAD_OF_ROOT.

Default USER_INSTEAD_OF_ROOT is ‘nectus’.

The agent automatically creates this user account during installation (if this user does not exist already) and provides minimal set of permissions required to run the agent code.

Troubleshooting

Nectus agent runs as a daemon process. You can use the following commands to start, stop restart and check status of the agent:

$ service nectus-agent start

$ service nectus-agent stop

$ service nectus-agent restart

$ service nectus-agent status

If there are any problems with starting the agent first check the agent’s status:

$ service nectus-agent status

Then check the log file (usually /var/log/nectus/nectus-agent.log). If it does not help then you can try to run the agent manually. Usage of the module:

nectus-agent <config-file> [-D]

config-file full path to configuration file

-D debug mode (agent starts not as a daemon but as a usual process)

Locate the executable nectus-agent in /usr/bin and try to run the agent not as a daemon:

$ /usr/bin/nectus-agent /etc/nectus/nectus-agent.conf -D

Check the output and log files at /var/log/nectus.

Upgrade

Upgrade to a new version of the agent is the same as a new installation: download the appropriate package and run either:

> sudo dpkg -i <package-name>.deb

for Debian/Ubuntu systems or

> sudo rpm -U <package-name>.rpm

for RedHat/CentOS/Amazon Linux.

Uninstallation

To uninstall Nectus agent run the following command:

> sudo dpkg -r nectus-agent

for Debian/Ubuntu systems or

> sudo rpm -e nectus-agent

for RedHat/CentOS/Amazon Linux.

Appendix 1. Default Configuration File

#########################################
####       GENERAL PARAMETERS        ####
AGENT_IP                0.0.0.0          # IP address of listening socket. 
                                         # Default 0.0.0.0 (listen on all interfaces)
 
AGENT_PORT              5400             # TCP/IP port of the listening socket. Default 5400
 
SSL_CERTIFICATE_DIR     /etc/nectus      # Path to agent’s SSL certificate. 
        # Directory should contain files:
        # dh.pem, certificate.pem and key.pem.
        # To generate those files (self-signed certificate) run commands:
        # openssl dhparam -out dh.pem 1024 
        # openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 10000 -out certificate.pem
        # Maybe you would need root privileges for this, then run: sudo openssl etc…
 
SERVER_PRESHARED_KEY    <YourSecretKey> # Pre-shared key to encrypt messages between 
                                        # the agent and Nectus monitoring server. 
                                        # Must be the same as set in Nectus GUI.
 
NUM_OF_THREADS          1               # Number of agent’s threads. Valid values are from 1 to 32.
                                        # Default value = 1.
 
USER_INSTEAD_OF_ROOT    nectus          # Drop privileges to a specific user existing in the system.
                                        # Only has effect if the agent is run as root.
                                        # Default value = nectus.
 
#########################################
######### Logging parameters ############
LOG_DIR                         /var/log/nectus  # Path to log files
 
LOG_LEVEL                       info
# Log verbosity level. Possible values are:
#       error – only errors are reported in log
#       info  – default logging level
#       debug – most verbose level including debug information.
 
LOG_FLUSH_PERIOD_SECONDS 30     # Flush log data to disk every X seconds. 
                                # Valid values are from 1 to 900. Default value = 30.
 
LOG_FILE_MAX_SIZE_MBYTES 30     # Maximum size of a single log file. After reaching this size 
                                # next log file is opened. Valid values are from 1 to 1000.
                                # Default value = 30.
 
LOG_FILE_MAX_COUNT      30      # Maximum count of log files stored. After reaching this count
                                # the oldest log files are deleted. 
                                # Valid values are from 1 to 1000. Default value = 30.

ClickHouse DB Installation for Nectus Netflow & Syslog Storage

, ,

ClickHouse Database Installation for Nectus Netflow & Syslog Storage

Requirements: Ubuntu Server 20

More information about installation on other OS’s can be found here: https://clickhouse.com

Step 1

Import the public key:

apt-get update

sudo apt-key adv –keyserver keyserver.ubuntu.com –recv C8F1E19FE0C56BD4

NOTE: It is recommended to import the public key if it’s a fresh Ubuntu install.

Otherwise you may get the following error when adding the repository:GPG error: http://repo.clickhouse.com/deb/stable/main/release:

The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY C8F1E19FE0C56BD4

Optional commands to run:

sudo apt-key adv –keyserver keyserver.ubuntu.com –recv E0C56BD4

Step 2

Create Clickhouse repository:

sudo apt-get install dirmngr

sudo apt-add-repository “deb http://repo.clickhouse.com/clickhouse/deb/stable/main/”

 

NOTE: Please edit the sources.list file if you receive the following error:

“E: Mailformed entry 55 in list file /etc/apt/sources.list”.

Delete the entry XX and save/exit the file. Perform the update (and upgrade if you wish):

sudo apt-get update

Step 3

Get the packages list for the latest updates and the dependencies:

apt-get update && apt-get upgrade

Step 4

Download and Install the ClickHouse packages:

sudo apt-get install -y clickhouse-server clickhouse-client

Step 5

Start the Clickhouse server as a daemon:

sudo service clickhouse-server start

Step 6

Now that we have installed the ClickHouse, it is time to test:

NOTE: TCP ports 8123 & 9000 must be open.

Start the Client:

sudo clickhouse-client

Step 7

Create the Netflow/Syslog database.

In this example we are creating the databases named NETFLOW and SYSLOG:

clickhouse-client -h 127.0.0.1 

CREATE DATABASE NETFLOW;

CREATE DATABASE SYSLOG;

Step 8

We will now add the Clickhouse internal user “root” with password “************” to the Users.xml file located at: /etc/clickhouse-server/users.xml

NOTE: Paste the snippet of the code below starting at line 31 after “<users>” in the users.xml file. You can use vi or nano text editor to edit the file. WinSCP can also be used to accomplish this task. Use the file change owner command if needed “sudo chown -R xxxx users.xml”, where “xxxx” is the user that will take over the ownership of the file.

<root>

<password>***********</password>

<networks incl=”networks” replace=”replace”>

<ip>::/0</ip>

</networks>

<profile>default</profile>

<quota>default</quota>

</root>

Save the file and exit.

Step 9

Restart the ClickHouse Server:

clickhouse-server restart

Step 10

Now that the ClickHouse Server has been restarted, we can start the ClickHouse client using the internal user that we created in step 8:

clickhouse-client –user default –password ***********

Step 11

We have completed the ClickHouse installation. This last step requires login to Nectus to finish the Netflow/Syslog integration.

Open to “Nectus Settings -> General Settings -> Netflow Integration” page

Enter the required information and click Test DB Connection (Remote Server IP is the IP address of the Ubuntu/ClickHouse server). The result should be “Test DB Connection OK”

Click “Run Integration Scripts” and finally Save.

Step 12

Restart Nectus NetFlow and Syslog Services.

Monitoring BGP Sessions with Nectus

,

Monitoring BGP Sessions with Nectus

Nectus 1.2.53 introduces ability to automatically discover and monitor iBGP and eBGP sessions across all router types and manufacturers.

Nectus scheduled network discovery automatically finds all the BGP sessions via SNMP polls and adds it to Nectus database where user can group them by type and enable active monitoring and alerting.

BGP Session Discovery

As part of regular scheduled network discovery Nectus detects all existing BGP Sessions and adds it to one of the existing BGP group which has “Default” flag set to ON.

You can see all the BGP sessions that were discovered in Inventory -> BGP Sessions or in left side panel called “BGP Sessions

 

If you right-click on BGP Session and select “Properties

 

.. you can assign a human friendly name or change a group membership for any of the BGP sessions.

 

You can create multiple BGP session groups and assign discovered BGP sessions to different groups according to its type or functional purpose.

To create a new Group, right-click on “BGP Sessions” line and select “Add New Group” on context menu.

 

Configure New Group name, set “Enable monitoring” to ON if you want all BGP Sessions in this group to be monitored for UP/DOWN Status.

 

If you set “Default” value to ON, this group will become a group where all newly discovered BGP sessions be added automatically. Only one group can have “Default” value set to ON

You can also assign BGP Session to a Group by right-clicking on BGP session and selecting “Move BGP Session to..” option

 

 

By clicking “View Session Info” on BGP Session context menu you can view detailed information about BGP Session

 

 

After you finished creating BGP session groups, assigning BGP sessions to corresponding groups and enabling BGP session groups for Monitoring the final step is to enable BGP Sessions monitoring in corresponding SNMP Device Monitoring Profiles that are applied to the routers that terminate all the BGP sessions.

Find required SNMP Monitoring Profile and enable “BGP Session Status” Monitoring Option

Now are you all set to start monitoring your BGP sessions line a pro.

 

Features coming up in next Nectus release

  1. BGP sessions monitoring with UP/DOWN Alerting
  2. Linux Servers Monitoring (CPU, RAM,  Storage, Up/Down)

UPS Health Status Monitoring with Nectus

,

UPS Status Monitoring with Nectus

Health monitoring of UPS units is one of the most critical tasks of network infrastructure monitoring.

If UPS fails during power outage it results in immediate network downtime resulting in loss of revenue and degrading user experience.

Most of the modern UPS Units perform daily self-tests and results of those self-tests are available via SNMP protocol.

Our goal is to collect those self-test results on regular basis and generate an alert or incident when self-test indicates a UPS failure.

Step 1. Determine which SNMP OID to use

Very first step before you can start monitoring UPS health status is to determine which SNMP OID contains self-test information for your UPS units.

You can open a support case with your UPS vendor and request SNNP OID string for self-test information.

For example, SNMP OID for self-test information from UPS manufactured by APC is .1.3.6.1.4.1.318.1.1.1.7.2.3.0

This OID returns following values:

1 = Ok

2 = Failed

3 = Invalid Test

4 = Test In Progress

 

Step 2. Create Device View that contain all UPS units

Next step is to create a Device View that contain all UPS units that we want to monitor.

To create a Device View go to Inventory -> Views -> SNMP Device Views.

 

Create a new Device Vice called “UPS Units”

 

 

Step 3. Create Custom SNMP Tracker for UPS Self-Test Info

Now we are ready to create a custom SNMP tracker that will be polling our UPS units every 5 min for self-test information.

In Nectus GUI go to Monitoring → SNMP Monitoring Settings → Custom SNMP Trackers

 

Press “Create” button to bring up Custom SNMP Tracker creation interface.

Complete tracker General information tab with correct SNMP OID and select Device View that contains all UPS units that we want to monitor.

 

Select Email and SMS list for Alert Recipients.

In “Alerts” Tab we need to specify which status values will be considered Normal and which values should trigger Alerts.

You can specify multiple values separated by comma.

 

Define an Alert Severity level for Alarm Values as Informational, Warning or Critical.

Define number of consecutive readings for which UPS self-test status must report an Alarm condition before formal Alert is created.

Nectus performs one SNMP poll per 5 min.

If you define value for consecutive readings as 3 it should result in Alert created after 15 minutes of True Alarm conditions.

Press “Save” to complete Custom SNMP tracker creation for UPS Status Monitoring

This completes creation of custom tracker that will be monitoring UPS self-test information on all APC UPS units in your network.

 

Suppression of Frequent Identical Alerts In Nectus

,

Suppression of Frequent Identical Alerts In Nectus

Often when a network device or interface changes its state between Up and Down multiple times in a short time interval, numerous identical alerts will be sent to all the configured alert recipients.

Nectus offers the ability to suppress frequent identical alerts to reduce informational noise level by specifying a suppression timer for up to three hours.

Nectus calculates a CRC hash value from each of the email alert bodies and if hash values of two alerts are matching they are considered to be identical and can be suppressed.

Nectus excludes event timer values and specific metric values from hash calculation logic. You can configure the suppression timer from 0 to 180 minutes where 0 means no suppression.

To configure the suppression timer, go to    Monitoring -> Global Monitoring Settings

 

 

Under Monitoring Settings, select the Alerts tab.

To enable suppression specify a time interval from 1 to 180 minutes.

At the end of the time interval, alert logic will resume as normal.

Setting timer to 0 will disable the suppression.

 

 

Importing WMI Servers from CSV file to Nectus

,

Importing WMI Servers from CSV file to Nectus

To import a list of Windows Servers from CSV file to Nectus prepare a CSV file with only single column containing list of IP addresses of Windows Servers.

No other information is required.

File format example in Excel.

To start import, right-click on WMI Server Group that you want to import servers into and select “Import  WMI Servers from CSV file” option

 

 

Select CSV File that you prepared.

 

 

Press “Start” button

 

Nectus will import each server individually and collect basic Server information via WMI Interface.