|-o-|
Comment corriger cette alerte !
Editer le fichier /etc/munin/plugin-conf.d/mysql_innodb
Et y mettre ceci :
[mysql_innodb]
env.warning 0
env.critical 0
Relancer Munin : /etc/init.d/munin-node restart
L’alerte devrait disparaitre
https://www.howtoforge.com/tutorial/server-monitoring-with-munin-and-monit-on-debian/
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
<Location /munin-cgi/munin-cgi-graph>
# Require local
# Require all granted
AuthUserFile /etc/munin/munin-htpasswd
AuthName « Munin »
AuthType Basic
Require valid-user
<IfModule mod_fcgid.c>
SetHandler fcgid-script
</IfModule>
<IfModule !mod_fcgid.c>
SetHandler cgi-script
</IfModule>
</Location>
#!/usr/bin/perl -w
#
# Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; version 2 dated June,
# 1991.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place – Suite 330, Boston, MA 02111-1307, USA.
#
# If you improve this script please send your version to my email address
# with the copyright notice upgrade with your name.
#
# Plugin to monitor number of tcp ports attack detected by portsentry
#
# $Log$
# Revision 1.1 2006/03/28 21:04:01 rodo
# Created by Rodolphe Quiedeville
#
# Add following lines to etc/munin/plugin-conf.d/munin-node file
#
# [portsentry*]
# user root
#
#%# family=network
#%# capabilities=autoconf
use strict;
my ($port,$number,$name);
my (%ports, %names);
my $a = « </var/lib/portsentry/portsentry.blocked.tcp »;
my $line = undef;
if ($ARGV[0] and $ARGV[0] eq « config »)
{
print « graph_title Portsentry TCP Attacks Detected\n »;
print « graph_args –base 1000 -l 0\n »;
print « graph_category network\n »;
print « graph_vlabel attacks blocked\n »;
print « graph_total total\n »;
open(PTCP,$a) || die « cannot open $a: $! »;
while ($line = <PTCP>)
{
$ports{$1}++ if $line =~ /.*Port: ([0-9]+) TCP Blocked$/;
}
close(PTCP);
my @np = (keys(%ports));
foreach my $x (@np) {
$names{$x} = « inconnu »;
open(PETC, »grep $x/tcp /etc/services| ») || die « cannot open /etc/services : $! »;
while ($line = <PETC>){
$names{$x} = $1 if $line =~ /^(\w*)\s*$x\/tcp.*/;
}
close(PETC);
}
while (($port,$number) = each(%ports))
{
print « port_$port.label Port $port\n »;
print « port_$port.info $names{$port}\n »;
}
exit 0;
}
open(PTCP,$a) || die « cannot open $a: $! »;
while ($line = <PTCP>)
{
$ports{$1}++ if $line =~ /.*Port: ([0-9]+) TCP Blocked$/;
}
close(PTCP);
while (($port,$number) = each(%ports))
{
print « port_$port.value $number\n »;
}
# vim:syntax=perl
#!/usr/bin/perl -w
#
# Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; version 2 dated June,
# 1991.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place – Suite 330, Boston, MA 02111-1307, USA.
#
# If you improve this script please send your version to my email address
# with the copyright notice upgrade with your name.
#
# Plugin to monitor number of tcp ports attack detected by portsentry
#
# $Log$
# Revision 1.1 2006/03/28 21:04:01 rodo
# Created by Rodolphe Quiedeville
#
#%# family=network
#%# capabilities=autoconf
use strict;
my ($port,$number);
my %ports;
my $a = « /var/lib/portsentry/portsentry.blocked.udp »;
my $line = undef;
if ($ARGV[0] and $ARGV[0] eq « config »)
{
print « graph_title Portsentry UDP Attacks Detected\n »;
print « graph_args –base 1000 -l 0\n »;
print « graph_category network\n »;
print « graph_vlabel attacks blocked\n »;
open(PUDP,$a) || die « cannot open $a: $! »;
while ($line = <PUDP>)
{
$ports{$1}++ if $line =~ /.*Port: ([0-9]+) UDP Blocked$/;
}
close(PUDP);
while (($port,$number) = each(%ports))
{
print « port_$port.label Port $port\n »;
print « port_$port.info Port UDP $port\n »;
}
exit 0;
}
open(PUDP,$a) || die « cannot open $a: $! »;
while ($line = <PUDP>)
{
$ports{$1}++ if $line =~ /.*Port: ([0-9]+) UDP Blocked$/;
}
close(PUDP);
while (($port,$number) = each(%ports))
{
print « port_$port.value $number\n »;
}
# vim:syntax=perl
Dans un premier temps il faut réaliser le tuto suivant afin d’activer les logs de Bind9 !!! ICI
Lors de l’installation de Munin sous Debian Jessy, bind9 n’est pas monitoré.
Pour cela il faut :
| cd /etc/munin/plugins
ln -s /usr/share/munin/plugins/bind9 ln -s /usr/share/munin/plugins/bind9_rndc |
| [bind9] user root |
| env.logfile /var/log/named/query.log
par env.logfile /var/log/named/queries.log |
et la ligne
| my $QUERYLOG = $ENV{logfile} || ‘/var/log/named/query.log’;
par my $QUERYLOG = $ENV{logfile} || ‘/var/log/named/queries.log‘; |