Mrtg for Winxp設定安裝問題



贊助商連結


頁 : 1 [2] 3

tvirus
2009-07-03, 03:20 AM
http://www.google.com.tw/search?hl=zh-TW&q=hyperv+linux&meta=&aq=f&oq=

贊助商連結


shung0116
2009-07-04, 12:33 PM
我後來覺得,如果要去每台電腦設定那些snmp的設定與軟體安裝,在小公司中,似乎就是滿大的工程,更不用說在大公司了,業界因該比較少這樣處理吧,是不是業界都用硬體防火牆,在最外層出去那一端來作監視控管呢?
謝謝

bx2aa
2009-07-04, 08:26 PM
我後來覺得,如果要去每台電腦設定那些snmp的設定與軟體安裝,在小公司中,似乎就是滿大的工程,更不用說在大公司了,業界因該比較少這樣處理吧,是不是業界都用硬體防火牆,在最外層出去那一端來作監視控管呢?
謝謝

我以前做 PC Support (現在已沒工作三年), 當時前一兩個星期, 每天都是拿著一個報表到各樓層各部門找到報表上的 PC 確認設定, 隔一兩個月要確認每台電腦都要升級到某大小的 RAM.

我又帶著清單去每台電腦向 User 借, 說要關機拆開機殼查看 RAM 目前狀況主機板有沒有足夠的插槽, 是加 RAM 還是移除舊的 RAM 更換或是增加.
這次好像一兩天或是兩三天就解決.

又過一年要確認所有人的 Notes 有漏洞檔案要刪除, SmartIT MCAFEE 的 EPOAgent WSUS 要用到的 SID 有沒有安裝或是問題,這時就不是笨到去 User 那裡改.
而是先掃描每段 ip , 抓出有問題的電腦名稱和 MAC ADDRESS 和 IP Address, 請網路管理員給我是哪個位置的電腦, 我在直接到那台電腦改.

不知道所謂的小公司是多少人以下算小, 約 500 台 PC , 100 台 Notebook外點也約近百台 PC , 這是算大還是小?
我就是一台一台去改, 一台一台去拆開那約 500 台 PC.

我聽過比較有趣的是, 花錢有時只是 50-60% 有時剩至只有 20-30%.
我寫的批次檔能有80-90% 剩至有 95% 的效果.
我心裏想"而且還能重複一直用", 只要想確認什麼設定加到批次檔裡, 下次跑完就有設定相關的初步結果, 在一兩個小時以內(例如:wins 設定,proxy 設定, PROXY 掠過清單,某路徑是否存在特定名稱檔案, 或是把 SNMP Service 改為手動關閉 等等).
我當時是把 SNMP Service 開了, 那家公司說要關, 我就把 SNMP Service 加到我的批次檔裡, 跑完一次就把體制內的所有 user 電腦的 SNMP 都關了.
sc \\%1 config SNMP start= demand
sc \\%1 stop SNMP

在上一個工作是用頻寬管理設備 好像是核心交換機接到頻寬管理設備 BRIDGE 到 Firewall 在出去.

剛剛測試的 CACTI + NTOP
不用 CACTI 也可以 直接 HTTP://localhost:3000 畫面是一樣的.

安裝 mactrack-1.1.zip plunins 後
CLI 進到 CACTI PLUGIN 目錄執行
C:\php\php database_upgrade.php

C:\www\cacti\plugins\mactrack>c:\php\php database_upgrade.php
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> snmp_timeout, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> snmp_retries, Ok
SUCCESS: Add Column, Table -> mac_track_ports, Column -> dns_hostname, Alread
y Exists!
SUCCESS: Add Column, Table -> mac_track_temp_ports, Column -> dns_hostname, A
lready Exists!
SUCCESS: Add Column, Table -> mac_track_ips, Column -> dns_hostname, Already
Exists!
SUCCESS: Add Column, Table -> mac_track_devices, Column -> snmp_port, Already
Exists!
SUCCESS: Add Column, Table -> mac_track_devices, Column -> macs_active, Alrea
dy Exists!
SUCCESS: Add Column, Table -> mac_track_devices, Column -> snmp_sysName, Alre
ady Exists!
SUCCESS: Add Column, Table -> mac_track_devices, Column -> snmp_sysLocation,
Already Exists!
SUCCESS: Add Column, Table -> mac_track_devices, Column -> snmp_sysContact, A
lready Exists!
SUCCESS: Create Table, Table -> mac_track_scanning_functions, Already Exists!
SUCCESS: Execute SQL, Change Primary Key For 'mac_track_devices', Ok
SUCCESS: Add Index, Table -> mac_track_devices, Index -> device_id, Already
Exists!
SUCCESS: Add Column, Table -> mac_track_sites, Column -> total_oper_ports, Al
ready Exists!
SUCCESS: Execute SQL, Change Primary Key For 'mac_track_device_types', Ok
SUCCESS: Add Index, Table -> mac_track_device_types, Index -> device_type_id
, Already Exists!
SUCCESS: Modify Column, Table -> mac_track_scanning_functions, Column -> scannin
g_function, Ok
SUCCESS: Modify Column, Table -> mac_track_scanning_functions, Column -> descrip
tion, Ok
SUCCESS: Create Table, Table -> mac_track_scan_dates, Already Exists!
SUCCESS: Execute SQL, Addition of Scan Dates, Ok
SUCCESS: Add Index, Table -> mac_track_devices, Index -> snmp_sysDescr, Alre
ady Exists!
SUCCESS: Add Index, Table -> mac_track_devices, Index -> snmp_sysObjectID, A
lready Exists!
SUCCESS: Add Column, Table -> mac_track_devices, Column -> device_type_id, Al
ready Exists!
SUCCESS: Add Index, Table -> mac_track_devices, Index -> device_type_id, Alr
eady Exists!
SUCCESS: Add Index, Table -> mac_track_ports, Index -> port_name, Already Ex
ists!
SUCCESS: Add Index, Table -> mac_track_ports, Index -> dns_hostname, Already
Exists!
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> ips_total, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> vlans_total, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> ports_total, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> ports_active, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> ports_trunk, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> macs_active, Ok
SUCCESS: Add Column, Table -> mac_track_temp_ports, Column -> updated, Alread
y Exists!
SUCCESS: Add Index, Table -> mac_track_temp_ports, Index -> updated, Already
Exists!
SUCCESS: Add Index, Table -> mac_track_temp_ports, Index -> ip_address, Alre
ady Exists!
SUCCESS: Create Table, Table -> mac_track_ip_ranges, Already Exists!
SUCCESS: Add Column, Table -> mac_track_ip_ranges, Column -> ips_max_date, Al
ready Exists!
SUCCESS: Add Column, Table -> mac_track_ip_ranges, Column -> ips_current_date
, Ok
SUCCESS: Add Column, Table -> mac_track_processes, Column -> device_id, Alrea
dy Exists!
SUCCESS: Add Column, Table -> mac_track_processes, Column -> process_id, Alre
ady Exists!
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> snmp_readstring, O
k
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> snmp_readstrings,
Ok
SUCCESS: Execute SQL, Change mac_track_temp_ports to Memory Table, Ok
SUCCESS: Execute SQL, Change mac_track_ips to Memory Table, Ok
SUCCESS: Create Table, Table -> mac_track_approved_macs, Already Exists!
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> ignorePorts, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> snmp_readstring, O
k
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> snmp_readstrings,
Ok
SUCCESS: Create Table, Table -> mac_track_oui_database, Already Exists!
SUCCESS: Add Column, Table -> mac_track_ports, Column -> vendor_mac, Ok
SUCCESS: Add Index, Table -> mac_track_ports, Index -> vendor_mac, Ok
SUCCESS: Add Column, Table -> mac_track_temp_ports, Column -> vendor_mac, Ok
SUCCESS: Add Index, Table -> mac_track_temp_ports, Index -> vendor_mac, Ok
SUCCESS: Execute SQL, Add Vendor Macs To 'mac_track_ports', Ok
SUCCESS: Execute SQL, Add Vendor Macs To 'mac_track_temp_ports', Ok
SUCCESS: Add Column, Table -> mac_track_temp_ports, Column -> authorized, Ok
SUCCESS: Add Index, Table -> mac_track_temp_ports, Index -> authorized, Ok
SUCCESS: Add Column, Table -> mac_track_ports, Column -> authorized, Ok
SUCCESS: Add Index, Table -> mac_track_ports, Index -> authorized, Ok
SUCCESS: Create Table, Table -> mac_track_macwatch, Already Exists!
SUCCESS: Create Table, Table -> mac_track_macauth, Already Exists!
SUCCESS: Create Table, Table -> mac_track_vlans, Ok
SUCCESS: Execute SQL, Add VLANS to VLAN Table, Ok
SUCCESS: Modify Column, Table -> mac_track_devices, Column -> description, Ok
SUCCESS: Add Column, Table -> mac_track_devices, Column -> device_name, Ok
SUCCESS: Add Index, Table -> mac_track_devices, Index -> device_name, Ok
SUCCESS: Add Column, Table -> mac_track_sites, Column -> customer_contact, Ok

SUCCESS: Add Column, Table -> mac_track_sites, Column -> netops_contact, Ok
SUCCESS: Add Column, Table -> mac_track_sites, Column -> facilities_contact,
Ok
ERROR: Add Column, Table -> mac_track_sites, Column -> site_info, Failed!
SUCCESS: Add Column, Table -> mac_track_device_types, Column -> serial_number
_oid, Ok
SUCCESS: Execute SQL, Move Device Names from the 'description' field to the 'd
evice_name' field., Ok
SUCCESS: Execute SQL, Blank out the 'description' field as it will now be used
for something else, Ok
SUCCESS: Add Column, Table -> mac_track_macwatch, Column -> email_addresses,
Ok
SUCCESS: Add Column, Table -> mac_track_macwatch, Column -> mac_id, Ok
SUCCESS: Add Column, Table -> mac_track_macwatch, Column -> date_last_seen, O
k
SUCCESS: Add Column, Table -> mac_track_macauth, Column -> mac_id, Ok
SUCCESS: Add Column, Table -> mac_track_ports, Column -> device_name, Ok
SUCCESS: Add Column, Table -> mac_track_temp_ports, Column -> device_name, Ok

SUCCESS: Add Column, Table -> mac_track_devices, Column -> notes, Ok
SUCCESS: Modify Column, Table -> mac_track_ips, Column -> description, Ok
SUCCESS: Delete Column, Table -> mac_track_devices, Column -> serial_number, Col
umn Does NOT Exist!
SUCCESS: Delete Column, Table -> mac_track_devices, Column -> asset_id, Column D
oes NOT Exist!
SUCCESS: Create Table, Table -> mac_track_interfaces, Ok
SUCCESS: Add Column, Table -> mac_track_scanning_functions, Column -> type, O
k
SUCCESS: Add Column, Table -> mac_track_device_types, Column -> ip_scanning_f
unction, Ok
SUCCESS: Execute SQL, Update the Scanning Function Type to 'Mac' for undefined
types, Ok
SUCCESS: Execute SQL, Set the IP Scanning function to N/A for Device Type 1, O
k
SUCCESS: Execute SQL, Set the IP Scanning function to 'get_standard_arp_table'
for Routers and L3 Switches, Ok
SUCCESS: Add Column, Table -> mac_track_interfaces, Column -> vlan_trunk, Ok
SUCCESS: Add Column, Table -> mac_track_devices, Column -> user_name, Ok
SUCCESS: Add Column, Table -> mac_track_devices, Column -> user_password, Ok

Updating Device Types in Devices Table. Please be patient.


Device Types Updated, You have '0' Good Device Type Mapping and '0' Bad Device T
ype Mapping.
If the Bad Device type mapping is greater than '0', you should inspect your devi
ces for unmapped device types.

Importing the Vendor MAC Address Table from the IEEE


Notice: Undefined variable: oui_file in C:\www\cacti\plugins\mactrack\mactrack_i
mport_ouidb.php on line 70
Getting OUI Database from the IEEE
OUI Database Download from IEEE Complete
................................................................................
...............................................
There were '12659' Entries Added/Updated in the database.
There were '0' Records Removed from the database.

Database Upgrade Complete

可以查詢 Vendor Macs

shung0116
2009-07-07, 09:35 AM
請教前輩
是否曾遇過該電腦沒有開機 但是卻還是有流量圖產生呢?
謝謝

bx2aa
2009-07-07, 05:21 PM
如果網路設備支援 NETFLOW 用 nfsen 來分析.

我是 Fedora11 用 fprobe 把抓到的流量轉換到 127.0.0.1 給 nfsen

我用 Fedora11 + nfsen + fprobe

./install.pl etc/nfsen.conf <====== 解開後用這個指令安裝
/data/nfsen/bin/nfsen start <====== 裝好用這個指令執行, 要依 nfsen.conf 修改的路徑

fprobe 一般方法安裝 ./configure ; make; make install
fprobe -i eth0 127.0.0.1:9995 <====== 裝好用這個指令執行

用 tcpdump 確認有沒有導過去

tcpdump -n -i lo dst port 9995

[root@Fedora11 /]# tcpdump -n -i lo dst port 9995
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 96 bytes
05:11:18.002401 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 360
05:11:23.006516 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 504
05:11:28.006178 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 600
05:11:38.002707 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 744
05:11:48.000562 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 888
05:11:58.001012 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 1032
05:12:08.007764 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 456
05:12:13.010937 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 360
05:12:18.000930 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 72
05:12:23.002254 IP 127.0.0.1.32866 > 127.0.0.1.palace-4: UDP, length 360

shung0116
2009-07-08, 08:00 PM
如果區網中沒有linux的電腦
是否有其它替代的檢測方式呢?(For Windows OS)
另外在mrtg的記錄文字檔中,會有類似下列的數據
-->
1247051100 83 5 83 5
1247050800 83 5 83 5
1247050500 83 5 83 5

我能否找到記錄的時間點呢?來比對防火牆log 看是那邊的問題
謝謝

tvirus
2009-07-08, 10:37 PM
看樣子,Linux好像對於很多人來說,還是高牆一面...
http://www.cacti.net/downloads/packages/VMware/contrib/
記得版本是蠻舊的...
後來自己在VMware裡灌較新的版本,再加灌Cacti進去,除了時間會稍微delay之外,沒啥大問題

bx2aa
2009-07-08, 11:29 PM
如果區網中沒有linux的電腦
是否有其它替代的檢測方式呢?(For Windows OS)
另外在mrtg的記錄文字檔中,會有類似下列的數據
-->
1247051100 83 5 83 5
1247050800 83 5 83 5
1247050500 83 5 83 5

我能否找到記錄的時間點呢?來比對防火牆log 看是那邊的問題
謝謝

比較簡單就是使用 TCPDUMP 抓下封包存為檔案.
再用 TCPDUMP 去撈檔案裡的資料.
在 MS 上用的是叫 windump 但是要先裝 winpcap 封包擷取驅動程式.

另一種 http://www.wireshark.org/

安裝 cacti 用 CactiEZ 也相當方便, 光碟放進去用光碟開.
等裝好就好了, 還有中文的 CactiEZ_V9.1.iso.

shung0116
2009-07-19, 10:50 AM
請教前輩
mrtg能否看出每台pc的每天的總流量呢?
謝謝

tvirus
2009-07-19, 12:14 PM
請教前輩
mrtg能否看出每台pc的每天的總流量呢?
謝謝

http://www.pczone.com.tw/thread/47/146892/