Monitoring Apache using SNMP

The Apache SNMP modules only seems to be available in de commercial JON-version; no modules or sourcecode is available in JOPR. Spending some searching the internet, it turns out it is possible to use de modules from the HQ Open Source project from http://www.hyperic.com/community/

 

The complete sourcecode can be downloaded using svn:

svn co http://svn.hyperic.org/projects/hq/trunk hyperic-hq

 

Somewhere in the trunk the needed tar-files are hidden. Downloading will take some time and space (about 400 MB) If someone knows how to download the tar-files directly, please tell! Anyway, after checking out, the files can be found at:

 

  • <path to download dir>/hyperic-hq/hq_bin/product_connectors/rt-1.0.2.tar.gz
    <path to download dir>/hyperic-hq/hq_bin/product_connectors/snmp-1.0.2.tar.gz

 

For testing the modules, I used a Centos 5.2 32-bit basic installation with extra Development Tools and nmap. SE-Linux and the firewall are completely disabled.

I Installed as well: httpd (Apache) and httpd-devel. Installed are now:

 

Installed:

  • httpd
  • httpd-devel

Installed for dependencies:

  • apr-devel
  • apr-util-devel
  • cyrus-sasl-devel
  • db4-devel
  • expat-devel
  • openldap-devel

 

Now, upload the snmp tar file to your server and:

  • tar -zxf snmp-1.0.2.tar.gz 
  • cd snmp-1.0.2
  • ./build_apache_snmp.sh 2.0 /usr/sbin/apxs; echo $?

building sdbm
building libsmi
building ucd-snmp
building Apache module
0

 

The modules builds OK. (party, yeah!!!)

  • The modules can be found in ./snmp_module_2.0/module
  • The snmp.conf file can be find in ./snmp_module_2.0/conf
  • Some snmp tools can be found in ./snmp_module_2.0/tools

 

Now configure Apache:

 

  • cd /etc/httpd/conf
  • Add to http.conf:

 

## Apache SNMP
LoadModule snmpcommon_module modules-snmp/libsnmpcommon.so
LoadModule snmpagt_module modules-snmp/libsnmpmonagt.so
SNMPConf conf
SNMPVar var
## End of apache SNMP

 

  • mkdir /etc/httpd/modules-snmp  (I prefer to keep these modules seperated from the rest)
  • Copy all the modules to /etc/httpd/modules-snmp
  • mkdir /var/tmp/apache-snmp (I prefer to keep the variable stuff out of /etc/http)
  • chown apache.apache /var/tmp/apache-snmp
  • chmod 750 /var/tmp/apache-snmp
  • cd /etc/httpd
  • ln -s /var/tmp/apache-snmp var
  • Copy  snmp.conf to /etc/httpd/conf
  • Test the configuration:

/etc/init.d/httpd configtest
Syntax OK

 

  • Without Apache started, port 1610 (UDP) is closed:

 

[root@jboss1 bin]# nmap -sV -sU -p 1610 localhost

 

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2010-02-03 11:47 CET
Interesting ports on jboss1.blabla.bla (127.0.0.1):
PORT     STATE  SERVICE VERSION
1610/udp closed unknown

 

Nmap finished: 1 IP address (1 host up) scanned in 0.052 seconds

 

  • Now start Apache; the snmp-port should be open (on localhost)

 

[root@jboss1 bin]# nmap -sV -sU -p 1610 localhost

 

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2010-02-03 11:48 CET
Interesting ports on jboss1.blabla.bla (127.0.0.1):
PORT     STATE SERVICE VERSION
1610/udp open  snmp    SNMPv1 server (public)

 

Nmap finished: 1 IP address (1 host up) scanned in 37.042 seconds

 

  • Deploy and start the Jopr agent in the regular way. Apache SNMP should be available. Edit the connection string:

 

apache-snmp-connection-props.jpg

 

  • Now wait some minutes, and a new Apache host will appear: (jboss1.blabla.bla in this case)

 

apache-snmp-newhost.jpg

 

  • However, an error occures which is easy to repair:

 

apache-snmp-newhosterror.jpg

 

 

  • Wait some more minutes, the new host will turn available with tons of metrics available (Monitor --> Tables)

 

apache-snmp-newhost-metrics.jpg

 

So after all, it seems quite nice. Lot's of information can be taken from Apache now. Response time metrics are not yet available. The Apache mod_rt module must be compiled and installed first. (taken from rt-1.0.2.tar.gz) I'll descibe that later.

 

Comments on this approach appreciated!