0

Am new to cacti so please forgive me if my question sounds stupid, I have tried my best to find the solution for the problem but still needs help. I want to gather number of lines in the haproxy.log file from a remote front end(FE) machine, I have added this device successfully in cacti and graphs like load average are being drawn. I followed this: http://www.cacti.net/downloads/docs/html/how_to.html to add a graph to this device using shell script, I added a Data input method selecting Script/Command as the input type and /home/ubuntu/script.sh as the input string, added a output field too. Next I added a data source with out a template and selecting FE as the host, then as mentioned in the link I added the graph and things look fine till now, problem is that nothing is being plotted in the graph, cacti log files(Debug mode) shows the following:

CMDPHP: Poller[0] Host[5] DS[29] CMD: /home/ubuntu/script.sh, output: U 12/30/2011 12:35:07 AM - CMDPHP: Poller[0] Host[5] DS[29] WARNING: Result from CMD not valid. Partial Result: U

Now I know that script should print out the output only as this is one output field, my script contains the following

temp=$(sudo ssh -i /home/ubuntu/key.pem user@1.1.1.1 '/var/log/haproxy.log | wc -l') echo $temp

the script is owned by ubuntu as there is no cacti user on cacti server, someone else installed cacti server and I have now been asked to take care of it.

If I execute the script from cacti server command line it works fine and am executing it as user ubuntu only.

Please help me I dont know where am I going wrong.

Thanks

APZ
  • 954
  • 2
  • 12
  • 25

2 Answers2

1

From memory, the cacti poller runs as the www-data user, therefore won't have permission to read your private key.

growse
  • 8,020
  • 13
  • 74
  • 115
  • Thanks for the reply, so can you please suggest how can I connect to the remote machine to get the data. – APZ Dec 30 '11 at 15:09
  • First thing, check it actually is `www-data` the poller's running as. There should be a job in `/etc/cron.d` somewhere that fires it every 5 minutes. Then `chown` the private key file to `www-data`. Finally `su` to the `www-data` user: `su - www-data` and try to run the script from as the `www-data` user and see if it works. – growse Dec 30 '11 at 15:19
  • but isn't changing the ownership of pem key to www-data insecure? – APZ Dec 30 '11 at 15:38
  • Quite probably. Which is why SNMP might be a better way to go, rather than logging in via SSH just to count the number of lines in a text file. `snmpd` on ubuntu can handle the `exec` statement to run a script in response to a particular SNMP query, and cacti loves using SNMP for everything. In fact, I'll write you a better answer. – growse Dec 30 '11 at 15:43
1

SSH isn't a brilliant way for cacti to get data from remote machines. There's numerous alternatives, but the one I've had success with is using SNMP to return data from the remote host back to cacti.

The SNMP daemon on ubuntu can use the exec configuration to execute scripts in response to specific SNMP queries. The example given in the ubuntu snmpd.conf is this:

exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq

This will return the current mailq output to any client that queries .1.3.6.1.4.1.2021.53. You should be able to set up something similar and configure cacti to use a simple SNMP query to receive the data.

This is a lot easier than faffing around with custom script inputs, in my view.

growse
  • 8,020
  • 13
  • 74
  • 115
  • I tried what u mentioned, added sh shelltest /bin/bash /tmp/shtest to conf file but the output am getting is not correct. UCD-SNMP-MIB::extIndex.1 = INTEGER: 1 UCD-SNMP-MIB::extCommand.1 =STRING: /bin/bash UCD-SNMP-MIB::extResult.1 = INTEGER: 0 UCD-SNMP-MIB::extOutput.1 = STRING: 0 UCD-SNMP-MIB::extErrFix.1 = INTEGER: noError(0) UCD-SNMP-MIB::extErrFixCmd.1 = STRING: Please help me in getting just the lines in haproxy log file getting displayed, script is owned by ubuntu. Please help. – APZ Jan 02 '12 at 02:12
  • Continuation of the last comment, I used snmp walk command and got this output both on local machine and from cacti server. – APZ Jan 02 '12 at 02:23
  • That snmp output says that you just ran bash, and it exited code 0. Why are you trying to run `sh shelltest /bin/bash /tmp/shtest`? Why not just have `exec [oid] shelltest /tmp/shtest` directly? What happens if you run `shtest` from the command line? Also, don't put scripts like this in `/tmp` - There's no guarantee that they'll get left alone by the kernel. Put them in `/usr/local/bin/` or similar instead. – growse Jan 02 '12 at 10:45
  • from the command line, shtest gives the right output:25061(number of lines in haproxy.log file) but when I use snmpwalk snmpwalk -v 1 -c aaaa 1.2.2.5 .1.1.1.1.1.1.2223.1 I get permission denied UCD-SNMP-MIB::extIndex.1 = INTEGER: 1 UCD-SNMP-MIB::extNames.1 = STRING: shelltest UCD-SNMP-MIB::extCommand.1 = STRING: /bin/bash UCD-SNMP-MIB::extResult.1 = INTEGER: 0 UCD-SNMP-MIB::extOutput.1 = STRING: cat: /var/log/haproxy.log: Permission denied UCD-SNMP-MIB::extErrFix.1 = INTEGER: noError(0) UCD-SNMP-MIB::extErrFixCmd.1 = STRING: – APZ Jan 03 '12 at 18:44
  • Sounds like the user snmpd is running as doesn't have permission to read `haproxy.log`. – growse Jan 03 '12 at 19:08
  • Yes exactly, whats the way around for this then? – APZ Jan 03 '12 at 19:14
  • You could try granting the user snmpd is running as to have read access to `haproxy.log`.....? – growse Jan 03 '12 at 19:48
  • SNMPwalk now gives the correct output: UCD-SNMP-MIB::extOutput.1 = STRING: 384213, thanks for your patience, now from this point onwards can you throw some light on how to get a graph from this. I guess I need to replace the script/command with SNMP in the data input method. Can you please guide me a little more. – APZ Jan 04 '12 at 02:42
  • You should be able to just create a graph for your host, and in graph templates select "Generic SNMP OID". In the next screens, you should be able to add the OID and other things like colour, max value, data type etc. and it should just graph it. – growse Jan 04 '12 at 12:38
  • thanks for this info but because of time constraint and my familiarity with SSH concept I have decided to go with script/command method for now. Things seem to be working fine partially, problem is that debug logs show that output is getting generated via the bash script but graphis not being plotted, am pasting lines from log file for convenience, I know I have been bugging you but this by far has been the hardest tool for me to configure, please help as am running short on time for this project. I am putting logs in next comment. – APZ Jan 06 '12 at 08:16
  • CMDPHP: Poller[0] Host[0] DS[36] CMD: /home/ubuntu/cacti/incomingRequests.sh, output: Requests:9559 01/05/2012 09:28:19 PM - WEBLOG: Poller[0] CACTI2RRD: /usr/bin/rrdtool graph - --imgformat=PNG --start=-33053184 --end=-86400 --title='Traffic SiteName' --base=1000 --height=120 --width=500 --alt-autoscale-max --lower-limit=0 --units-exponent='0' --vertical-label='Incoming Requests' --slope-mode --font TITLE:12: --font AXIS:8: --font LEGEND:10: --font UNIT:8: DEF:a="/var/lib/cacti/rra/fe_requests_36.rrd":FE_Requests:AVERAGE LINE2:a#0000FFFF:"" GPRINT:a:LAST:"Current%8.2lf %s" – APZ Jan 06 '12 at 08:21