MRTG records a graph of historic data on anything which can be represented by a number. This entry focuses on a quick setup to graph information pulled from SNMP on a network switch. Our demonstration network consists of around fifteen switches, with SNMP supported on ten of them. Additionally, not all ports are clearly labelled, although historically 1 Gbps ports are reserved for switch to switch connections while switch to system connections are 100 Mbps. Still This lets us put together some simple collection gathering and provided the administrator of the network some insight on usage of his network. The demo system is an Ubuntu box with MRTG installed, other Linux distributions should behave similarly, and while you can run MRTG on Windows, I have not had occasion to do so.
On the switches
For demonstration purposes we have configured SNMP with a read only community of public, in production systems, treat this similarly to a password as SNMP can divulge potentially useful information to an attacker. If your device supports SNMPv3, then you should use that instead of SNMP v2c. Additionally, it is good practice to limit SNMP access to the collector system and not allow your full network to read SNMP data.
On the collector
Once you have SNMP configured on the target systems, it’s time to setup the collector. First install mrtg using your package manager (
apt-get install mrtg on Ubuntu / Debian and derivatives,
yum install mrtg on Fedora / CentOS / RedHat and derivatives). Once MRTG is installed you’ll need to run cfgmaker to build configuration files for each device to monitor. It’s a good idea to read this page anyway to see what other options there are. Run this command for each device to be monitored. It will generate the configuration file /etc/mrtg/10.1.3.31.cfg. You can repeat the line for each address you want to monitor.
cfgmaker --global "options[_]: growright,bits" --global "WorkDir: /var/www/mrtg" firstname.lastname@example.org > /etc/mrtg/10.1.3.31.cfg
Next, open /etc/mrtg/10.1.3.31.cfg and set the “Title” and “PageTop” for each section to something descriptive and meaningful. Doing this will make your life easier later on. Then edit the MRTG config file ( /etc/mrtg.cfg on Ubuntu / Debian derivatives, /etc/mrtg/mrtg.cfg on Fedora / CentOS / RedHat and derivatives) and include this line, repeat for each address you are monitoring.
On most distributions, the MRTG package is configured to run automatically at five minute intervals, but if it doesn’t, then you’ll need to add a line similar to this to /etc/cron.d/mrtg
*/5 * * * * root if [ -d /var/lock/mrtg ]; then if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ]; \
then env LANG=C /usr/bin/mrtg /etc/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi else mkdir /var/lock/mrtg; fi
Once this is done, you should be able to go to http://SERVER_IP/mrtg/10.1.3.31.html and see the graphs generated for your device. Our mrtg sample includes a handful of routers providing