In this exercise, we will set up LibreNMS as our network monitoring tool. You should work as a team. You can update the dashboards on your LibreNMS install for your group so that each person has one, but you need to coordinate who adds what devices to make sure you don’t create duplicate entries.
When you are ready to view LibreNMS in your web browser you will go to:
https://pacnog.nsrc.org/Then select Web==>libreNMS under your Campus name.
The Username is “admin” and the password is “<CLASS_PASSWORD>” to get in.
Now you can begin to explore the information being collected for your monitored devices.
You can add devices via the LibreNMS web interface. Why not add:
Note If SNMP is not configured on a device, then LibreNMS will not be able to add that device.
Note: When you first add a device it may appear in the Generic devices group. This is because LibreNMS must first execute the cron poller and discovery cron jobs that are configured in /etc/cron.d/librenms to determine what type of device has been added and all the features that will be graphed and tracked. This can take 5 to 10 minutes to happen.
In LibreNMS select the “Devices” menu and then select “+ Add Device”
Add each router and switch in your group following the format shown below:
Remember that the servers in your group are configured using SNMP version 3, which includes a user and password and encryption type that need to be specified. If you remember on your host you configured the following in the file ~/.snmp/snmp.conf:
defVersion 3
defSecurityLevel authNoPriv
defSecurityName admin
defAuthPassphrase NetManage
defAuthType SHA
defPrivType AES
# Default community when using SNMP v2c
defCommunity NetManage Using this information you can figure what to fill out when you select “+ Add Device” in LibreNMS and you use SNMP V3 for that device. Here is an example of what you should fill in below:
Now you can finish by adding the remaining routers, switches, hosts and servers in your campus.
When you first log in to LibreNMS your default screen is empty. This is because you are allowed to edit your default screen using the Dashboard editing tool to make it look as you prefer. To do this do:
* Click on the Edit Dashboard icon that looks like a Pencil next to a Red icon of a garbage
can.
* Name your Dashboard or leave it as "Default"
* If you select Private then your dashboard is only available to your user.
* If you make it Shared (Read) then you control the look, but others can use it.
* If you make it just Shared, then anyone can update the look and feel of the dashboard.
* Click on Add Widgets and select items you would like to see by default when you log in.
* Place the selected widget on the screen where you want it.
* You can click on the "X" to close the notice about editing dashboards so that it
does not appear next time you log in.
* If you want specific graphs you can select the "Graph" widget and customize this.
* Many people use the Top-devices and Top-interfaces widgets.
* For Top-interfaces note you can set the details on this widget. When done, press the "Set" button.Remember, you can resize the widgets as you like.
When you are done press the “Update” button. Note that the top-devices and top-interfaces widgets will take some time before they populate with interesting information, so they will appear as largely blank for a while.
If you create multiple Dashboards you can switch between your default log in Dashboard by going to the person icon, selecting “My Settings” and going down to “Default Dashboard”.
In the LibreNMS interface do:
* Select Devices ==> All Devices ==> Server
* Select a server from the resulting screen (click on it's name)
* Click on the "Ports" item near the top.
* Click on network interface "ens3"
* Next to the Graphs item select "Real time"
* Select a "Polling Interval" that is long enough to see information.
* Click on "60s"If you do not see any traffic, go to that host and do something… Like,
$ ping hostX.campusY.ws.nsrc.orgOr some other device or machine, or run an apt update, etc…
The LibreNMS instance installed on the NOC has some additional information that has been collected from the workshop routers, switches and hosts for each group. You can explore and see what information is available on the NOC instance by going to:
https://pacnog.nsrc.org/p/librenms/
And, then use the “admin” userid and the “<CLASS_PASSWORD>” to get in.
It is possible to create a global map of all your entries that is displayed by LibreNMS. If you are interested you can view the LibreNMS documentation on this at:
* http://docs.librenms.org/Extensions/Globe-Frontpage/
* http://docs.librenms.org/Support/SNMP-Configuration-Examples/You must use the sysLocation snmp variable on your hosts and network devices providing latitude and longitude information for each item for this to work.
LibreNMS performs daily updates by default. At 00:15 system time every day, a git pull –no-edit –quiet is performed. If you don’t want this, change the default by editing your ‘’config.php’’ file. Remove the comment (the ’‘#’’ mark) on the line:
#$config['update'] = 0;so that it looks like this:
$config['update'] = 0;We recommend that you do not make this change, but it is good to be aware of this option.
(Note This has not been tested recently and may need to be updated. If you do get alerts to work and you do something different than described here feel free to share with the class!)
LibreNMS has a number of built-in alerts that you can add easily. By default you will set up a Default contact for your install. This is the contact that will receive all alerts.
We are going to set up an alert that will trigger if a device goes down and when a device comes backup. You can, also, set up an alert that triggers only when a device goes down - as well as many, many other alerts.
To get started we need to set up our LibreNMS install to work with alerts.
In your LibreNMS interface do the following:
Enable email alerting: Yes
How to deliver mail: smtp
From name: LibreNMS
From email address: root@srv1.campusY.ws.nsrc.org
Use HTML emails: No
Sendmail path: /usr/sbin/sendmail
SMTP Host: localhost
SMTP Port: 25
SMTP Timeout: 10
SMTP secure: <blank>
SMTP Auto TLS Support: false
SMTP Authentication: No
SMTP Authentication Username: NULL
SMTP Authentication Password: <blank>You can test that your email is working on srv1.campusY.ws.nsrc.org by clicking on the “Test transport” button on the “Email transport” tab.
NOTE: Email may not work for your sysadm@srv1.campusY.ws.nsrc user. To fix this do the following from the command line:
# touch /var/mail/sysadm
# chown sysadm:mail /var/mail/sysadmYou may need to click the “Test Transport” button again, then type:
# su - sysadm
$ muttand see if email has arrived from LibreNMS. It should have a subject of ” Testing transport from LibreNMS”. You can exit from Mutt by press the “q” key twice.
Now we are ready to add an alert to our LibreNMS install.
Now we need to fill in some reasonable choices. The devices.status Entity will alert whenever a device goes down, or comes back up. This means an email will be sent to sysadm@srv1.campusY.ws.nsrc.org from root@srv1.campusY.ws.nsrc.org.
You can enter in the following to the Alert Rules box:
Entity: devices.status
Condition: Equals
Value: <blank>
Connection: <leave as is>
Severity: Critical
Max alerts: 1
Delay: 1 m
Interval: <blank>
Mute alerts: OFF
Invert match: OFF
Rule name: Devices up/down
Map to: <blank>
Procedure URL: <blank>Now press “Save Rule”.
To verify that your new alert is working you need to bring down a host that you are monitoring in LibreNMS. Select one of the hosts in your campus that is visible in LibreNMS and halt that host. To do this log in on the host (hostX.campusY.ws.nsrc.org) and type:
$ sudo halt -pNow go back to the srv1.campusY.ws.nsrc.org command line and type:
$ muttand wait for a few minutes. Eventually you should get an email with a subject like:
Alert for device hostX.campusY.ws.nsrc.org - Devices up/downYou can read the alert and it will say something like:
Date: Tue, 20 Feb 2018 10:29:01 +0000
From: root@srv1.campusY.ws.nsrc.org
To: NOC <sysadm@srv1.campusY.ws.nsrc.org>
Subject: Alert for device hostX.campusY.ws.nsrc.org - Devices up/down
X-Mailer: LibreNMS
Alert for device hostX.campusY.ws.nsrc.org - Devices up/down
Severity: critical
Timestamp: 2018-02-20 10:25:28
Unique-ID: 371
Rule: Devices up/down
Faults:
#1: sysObjectID => enterprises.8072.3.2.10; sysDescr => Linux
hostX.campusY.ws.nsrc.org 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12
14:59:54 UTC 2017 x86_64;
Alert sent to: NOC <sysadm@srv1.campusY.ws.nsrc.org>Notice the sysObjectID and the SysDescr
items. These are names for OIDs that are contained within install MIB
files on the srv1.campusY.ws.nsrc.org host.
Now you can exit from Mutt (press “q” twice) and return to the root prompt
$ exit
#Note that when we bring your host back up you will receive another alert with a subject like:
Device hostX.campusY.ws.nsrc.org recovered from Devices up/downIf you add an alert with the Entity field of “macros.device_down” you will only be alerted when the device goes down.
Note: You should ask an instructor to restart the host that you brought down at this time.