Solved and howto attached: Monitoring the router with snmp or an agent?


#1

Hey,

I want to monitor the router itself by snmp, ping or maybe an monitoring agent.
Which experiences did you gather?

Regards
Mikee


#2

What device do you have on hand?

Can you let me know your real purpose? Or do you just want to learn technologies?


#3

I have got gl-ar750 and gl-am300m, both are in my network, that is monitored with Check_MK.
My goal is to monitor the vpn connection that is established on the gl-ar750, working as a gateway for internal subnets towards the internet dsl router.


#4

Do you mean that, you need snmp protocol and connect your data to Check_MK?

I never used Check_MK but it looks good. So it support snmp protocol, right?

There is openwrt docs about snmp e.g. https://openwrt.org/docs/guide-user/services/snmp/mini_snmpd

You may need some skills to configure.


#5

There are two common ways to get data from the host into check_MK, first of all with the check_MK-agent, that would be my main goal to achieve, or using the data by retrieving over snmp.

After looking through the current agents, there is a agent script for openwrt.
I will try to enable it by test and report back to you.


#6

Hi alzhao,

the script “check_mk_agent.openwrt” functions out of the box, BUT:
to get it run, check_mk_agent needs xinetd.
Is it possible install that service?

Regards
Mikee

root@GL-AR300M:~# check_mk_agent.openwrt |head
<<<check_mk>>>
Version: 1.5.0p11
AgentOS: openwrt
Hostname: GL-AR300M
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
<<>>


#7

ok, found a another way over ssh.
what has to be configured, that login per ssh keyfile as root is possibe to gl-m300m?


#8

to do that:

  1. generate ssh-key on monitoring-server, ssh-copy-id of public key to openwrt
  2. touch /etc/dropbear/authorized_keys; copy public into it

#9

Solved via ssh an Skript of check_MK.

OMD[homebase]:~$ cmk -nv gl-m300m
Check_MK version 1.5.0p11

  • FETCHING DATA
    [agent] Execute data source
    [piggyback] Execute data source
    CPU load OK - 15 min load 0.01
    CPU utilization OK - user: 13.8%, system: 3.9%, wait: 0.0%, steal: 0.0%, guest: 0.0%, total: 17.8%
    Interface 2 OK - [eth0] (up) MAC: E4:95:6E:42:03:E0, 100 Mbit/s, in: 1.97 kB/s(0.0%), out: 2.50 kB/s(0.0%)
    Interface 7 OK - [br-wan] (up) MAC: E4:95:6E:42:03:E0, speed unknown, in: 1.76 kB/s, out: 2.45 kB/s
    Interface 8 OK - [eth0.1] (up) MAC: E4:95:6E:42:03:E0, 100 Mbit/s, in: 1.76 kB/s(0.0%), out: 2.45 kB/s(0.0%)
    Kernel Context Switches OK - 227/s
    Kernel Process Creations OK - 15/s
    Memory OK - RAM used: 20.32 MB of 121.93 MB (16.7%),
    Mount options of /overlay OK - Mount options exactly as expected
    Mount options of /rom OK - Mount options exactly as expected
    Number of threads OK - 53 threads
    TCP Connections OK - ESTABLISHED: 2, LISTEN: 10
    Uptime OK - Up since Fri Jan 25 09:33:16 2019 (0d 03:30:51)
    OK - [agent] Version: 1.5.0p11, OS: openwrt, execution time 1.3 sec | execution_time=1.271 user_time=0.080 system_time=0.020 children_user_time=0.070 children_system_time=0.020 cmk_time_ds=1.068 cmk_time_agent=0.002

#10

I am glad that you worked this out and shared with us.

Please post more about the final result. I’d like to know how the platform really looks like when morning the router.


#11

I think, it would be usefull, if I create a howto in a wiki, for example of openwrt. what is you opinion?


#12

That is nice. Pls share.


#13

Hm, good idea of mine to publish a howto on openwrt wiki, but I do not have a clue how the publishing work has to be done.
Anyone, who can give me a howto link? thx


#14

Many you can just post here first.


#15

Is it possible to post screenshots?


#16

Yes. You can just paste to the input box here and it is very convenient.


#17

Fine, I will be back soon


#18

Services in Check_MK of GL-AR300M with Monitoring by check_MK over ssh:

Quick and dirty howto :smile::

  1. Install Check_MK-Server https://mathias-kettner.com/cms_install_packages.html
  2. Generate a ssh key of the user, that runs the check_MK server
    i.e.: ssh-keygen -t rsa -b 4096 (no password needed)
  3. Copy the public key to the g-inet router
    i.e.: ssh-copy-id -i id-rsa.pub root@ip-of-gl-inet-router
  4. log into gl-inet-router via ssh and copy ssh authorized_keys file to dropbear etc directory
    i.e.: cat /root/.ssh/authorized_keys >> /etc/dropbear/authorized_keys
  5. log in to check_MK server and try ssh connection with user of check_MK server process
    i.e.: ssh -i /opt/omd/sites/cmksite/.ssh/id_rsa root@ip-of-gl-inet-router
  6. get into the web interface of check_MK server and create a rule for check via ssh:
  7. finally log into gl-inet router by ssh as root and create a file in /usr/bin/ and make it executable:
    vi /usr/bin/check_mk_agent.openwrt
    chmod 755 /usr/bin/check_mk_agent.openwrt
  8. insert the script in the file https://github.com/ypid-bot/check_mk/blob/master/agents/check_mk_agent.openwrt
  9. inventarize the host (gl-inet router) in check_MK and reload the config.