Computerization has boosted human intellectual capacity to such a level that a new era of communication has begun. There is hardly any human activity that has not been affected by a computer in one way or another; be it production, agriculture, health, education, military, travel, crime detection, and so on. Naturally, computerization is so deep that we humans can't think of living a single day without it.
In the field of Information Technology, computer communication means networking between computers that can be classified as LAN (Local Area Network), WAN (Wide Area Network), ISDN (Integrated Services Digital Network), and so on. A network is a series of points or nodes interconnected by communication paths. Networks can interconnect with other networks and contain sub-networks. This interconnectivity is done by devices such as routers, switches, hubs, network interface cards (NIC), and so on. In the present infrastructure, devices are very complex, and hard to maintain and monitor, so it is not possible to monitor devices and servers manually at production level.
One of the fundamental jobs of a network administrator is network monitoring. Network monitoring is the process of checking computers, systems, and services that comprise a network. This examination allows a network administrator to maintain a robust network and even improve the network.
You'll never know when a power supply is going to burn out, when a server is going to crash, when network bandwidth drops, when a router just stops working, when your LAN is hacked, and so on. You will never know when these things will happen, but you can be prepared for situations like these. Effective network monitoring will help to cope with such situations and minimize down-time. It will also help to collect periodic information about the network, which will help you to generate log files and performance charts of system capabilities and responses. With such data, you will be able to optimize your network infrastructure and performance.
To do this job effectively, ISO (International Organization for Standardization) designed a model called FCAPS to aid in the understanding of the major functions of a network management system:
Fault management
Configuration management
Accounting management
Performance management
Security management
By implementing network monitoring software, system administrators can gather sufficient amounts of data and reports periodically, which will help them to perform management processes fairly and more easily. There are several commercial and open source network monitoring software that are robust and one-stop guiding tools. Cacti is one such tool, robust and one of the best!
Cacti is an open source, network monitoring and graphing tool written in PHP/MySQL. It uses the RRDTool (Round-robin database tool) engine to store data and generate graphics, and collects periodical data through Net-SNMP (an application suite to implement SNMP—Simple Network Management Protocol).
Ian Berry had started developing Cacti back in June 2001, while he was working with a local Internet service provider in the U.S. He found that RRDTool is flexible enough to generate complex graphing and reports about network infrastructures, but it was lacking a friendly interface. So, he started developing the interface with PHP/MySQL and had the first public release (version 0.6) on November 21, 2001. Soon, the application gained its popularity in the open source community.
In 2004, Ian brought a second developer into the team, which has expanded to six developers today. Here they are (in the order of joining the project):
Ian Berry
Larry Adams
Tony Roman
J.P. Pasnak
Jimmy Conner
Reinhard Scheck
Cacti is an open source, network monitoring and graphing tool written in PHP/MySQL. It uses the RRDTool (Round-robin database tool) engine to store data and generate graphics, and collects periodical data through Net-SNMP (an application suite to implement SNMP—Simple Network Management Protocol).
Ian Berry had started developing Cacti back in June 2001, while he was working with a local Internet service provider in the U.S. He found that RRDTool is flexible enough to generate complex graphing and reports about network infrastructures, but it was lacking a friendly interface. So, he started developing the interface with PHP/MySQL and had the first public release (version 0.6) on November 21, 2001. Soon, the application gained its popularity in the open source community.
In 2004, Ian brought a second developer into the team, which has expanded to six developers today. Here they are (in the order of joining the project):
Ian Berry
Larry Adams
Tony Roman
J.P. Pasnak
Jimmy Conner
Reinhard Scheck
First of all, Cacti is an open source tool. Classically, it can graph network bandwidth with SNMP; but a lot of different graphing can be done with SNMP, Perl, or Shell scripts. There are several important reasons why a system administrator should choose Cacti as a network monitoring tool—it is by far the best RRDTool front-end:
It's easy to install and you don't need to be a guru or spend tons of hours to configure it.
It has a very flexible web interface built with PHP/MySQL.
It has a very active public forum to get support and updates.
You can share "Cacti templates" with other users on the forum, which will save a lot of time, rather than design all the templates from scratch.
You can add plug-ins to Cacti and enable integration of other free tools such as Ntop and PHP Weathermap. (We will talk about plug-ins in a later chapter.)
Cacti operation is divided into three different tasks:
Cacti retrieves data through poller. It's an application executed at a constant time interval as a schedule service under different operating systems. It is set in the operating system scheduler. In Unix, it is set under crontab.
Note
Cacti uses cmp.php
by default. But if a faster poller is required due to a large infrastructure, then you can use spine, formally known as cactid, a very fast poller written in C that makes use of POSIX threads and links directly to Net-SNMP library for minimal SNMP polling overhead.
Presently, network infrastructure contains lot of different devices such as routers, switches, servers, UPS, and different computer and network appliances. To retrieve data from these remote devices, Cacti use SNMP (Simple Network Management Protocol). Devices that are capable of using SNMP can be monitored by Cacti.
There are lot of options to do this task, such as SQL database and flat file database. Cacti uses RRDTool to store data. We will learn more about the RRDTool later in this chapter.
RRD is a system to store and show time series data collected from different SNMP-capable devices. It consolidates historical data based on consolidation functions such as AVERAGE, MINIMUM, MAXIMUM, and so on to keep the storage size minimum. That's why it's fast and easy to create graphs and reports from RRD files.
The most important feature of the RRDTool is a built-in graphing function. Cacti uses this built-in graphing function to deploy customized graphing reports based on time series data collected from different SNMP-capable devices. This built-in graphing function supports auto-scaling and logarithmic y-axis. It is possible to graph one or many items in one graph, also adding different legends denoting characteristics such as maximum, average, minimum, etc.
In today's complex network of routers, switches, servers, and UPS, it can be a daunting task to manage all the devices on a network and make sure they're not only up and running but also performing optimally. This is where Simple Network Management Protocol (SNMP) can help. SNMP was introduced in 1988 to meet the growing need for a standard for managing Internet Protocol (IP) devices.
Net-SNMP is a suite of software for using and deploying SNMP protocol (version v1, v2c, and v3) and AgentX subagent protocol. It supports IPv4, Ipv6, IPX, AAL5, UNIX domain sockets and others. The suite includes:
Command line applications
A generic client library
A graphical MIB browser using Perl/TK
A daemon application for receiving SNMP notifications (snmptrapd)
An extensible SNMP agent to respond to management queries (snmpd)
Perl, C, and Python modules and sets of APIs to build external applications
The root of the Net-SNMP goes all the way back to 1992; Steve Waldbusser of Carnegie-Mellon University started a freely available SNMP tool kit. Later, Wes Hardaker at University of California Davis took over the project. He extended the agent to provide more information about his local systems (a private precursor to the Host Resources MIB) and to flag certain error situations. He also added a simple way for the agent to run additional scripts and report the results, turning it into an extensible agent. In 1995, this code was made publicly available.
RRDTool is a high performance data logging and graphing system, designed to handle time series data like network bandwidth, room temperature, CPU load, server load, and to monitor devices such as routers, UPS, etc. It is also known as the round-robin database tool, an industry standard, open source solution. It lets the administrator log and analyze data collected from all kinds of data sources (DS), which are capable of answering SNMP queries. The data analysis part of the RRDTool is based on the ability to generate graphical representations of the data values collected over a definable time period.
RRDTool is developed by Tobi Oeticker, also known for his famous creation MRTG. RRDTool is written in C language and stores its data in .rdd
files. The number of records in a single .rrd
file never increases, meaning that old records are frequently removed, and it presents useful graphs by processing the data to enforce a certain data density. RRDTool offers several command line switches to access and manipulate .rdd
files:
create
update
updatev
graph
dump
restore
fetch
tune
last
info
rrdresize
xport
rrdcgi
Note
Details of the command line switches of the RRDTool can be obtained from http://oss.oetiker.ch/rrdtool/doc/rrdtool.en.html.
There are also a number of language bindings for RRDTool, which allow administrators or programmers to use it directly from Perl, Python, tcl, PHP, and Ruby. So, it can be used to write custom monitoring shell scripts or create whole applications using its language bindings. Cacti is an application written in PHP, using its PHP language binding.
RRDTool follows a logical design to acquire and process data collected from data sources (DS). The following is a brief discussion of the different steps in the logical process:
Data acquisition: When monitoring a device or system, it is necessary to receive data on a constant time interval. Manually, it is not possible to maintain such activity as a system administrator. In such situations, the RRDTool comes in handy. It stores the data in a round-robin database, which is received on a constant time interval set by the system administrator, using the poller application set as scheduler in the operating system.
Data consolidation: The system administrator may log the data in a five-minute interval, but he/she might be interested in knowing the accumulated update over the last month. In this case, simply storing the data in a five-minute interval for the whole month will solve the problem. But this will require huge disk space and a considerable amount of time to analyse the data, as in a network environment, administrators are not monitoring only a single device. RRDTool solves this problem with the data consolidation feature. When creating a round-robin database, the administrator can define at which interval data consolidation should occur using consolidation functions (CF) such as MAXIMIUM, AVERAGE, MINIMUM, and others.
Round Robin Archives of consolidated data: Data values of consolidation setup are stored in Round Robin Archives (RRA). In this way, the RRDTool stores data in the most efficient way for a certain time period defined by the system administrator. This process keeps the database file at a constant size for faster processing and analyzing.
Unknown data: RRDTool stores data at a constant interval in a round-robin database. Sometimes, this data might not be available to store in RRD due to device failure or other causes. In this case, the RRDTool stores the RRD file with *UNKNOWN* data value. This *UNKNOWN* value is supported by all RRDTool functions.
Graphing: RRDtool allows system administrator to generate reports in graphical and numerical forms based on data stored in the round-robin database (RDD) by using its built-in graph processing functions. Customization of these graphics is possible based on color, size, and contents.
Now, we have a basic knowledge about the Cacti application and its operation by using Net-SNMP and the RRDTool. Cacti is a one-stop, web-based solution to monitor network infrastructure and resources. It's easy to use and configure. The most amazing thing about it—you don't need to be an expert Linux administrator to use it. So, let's see how to install Cacti.