Pandora: Documentation en: Raspberry Monitoring

From Pandora FMS Wiki
Jump to: navigation, search

Raspberry logo.png Pandora logo.png

1 Objectives

  • Network Connection and device configuration Guide.
  • Installation of pandora agent and satellite on a Raspberry device.
  • Automatic creation of the pandora user, secure the ssh protocol.

2 Hardware Components

2.1 Raspberry

A Raspberry device is a reduced-plate computer, single-plate computer or low-cost single-plate computer (SBC). Its official operating system is an open source version adapted from Debian, called Raspbian.

Raspberry placa.png

2.2 Keyboard

USB-connected Keyboard

2.3 Monitor

Monitor with HDMI connector

3 Software

3.1 Pandora FMS image for Raspberry

The distributed image is based on the Raspbian operating system. It contains the agent, the satellite, the eHorus client, the packages to install a netflow probe and all the dependencies of these.

Raspbian.png Ehorus.png Pandora logo.png

4 Installation

4.1 Flashear imagen en la tarjeta SD

4.1.1 Download Pandora FMS official image for Raspberry

The initial step of installation is to download the official Pandora FMS image for raspberry in its official download page: Official Download Form We will have downloaded a .img file that we will proceed to flash in our sd card of at least 4gb.

4.1.2 Download Etcher

To flash the image we will use the Etcher software that can be downloaded at Official Etcher Page and which works similarly on both Windows and Linux.

4.1.3 Process for flashing the image on the SD card

Select the image of Pandora FMS that we want to mount on the SD card by clicking on select image. This will open the file explorer to select our previously downloaded Pandora FMS image.

Etcher1.png

We select our SD card previously inserted in the computer. If our card is the one that appears by default we leave it as it is and if not, we click on change and select the desired SD card.

Etcher2.png

Click on the Flash! button to mount the image on the card. Then, remove the card securely.

Etcher2.png

4.2 Hardware Connection

In this step we will connect all the components to power up the Raspberry with our operating system:

  • We insert the sd card into the compartment at the bottom of the box.
  • We connect the keyboard to any USB port
  • We connect the HDMI cable to the Raspberry monitor and HDMI port.
  • We connect the power cable to the device and to the power supply.

4.3 Network configuration

In the monitor we will see how the device starts and after this we will see an installer where we can select which interface we want to configure.

4.3.1 DHCP

Select Eth0 to configure the wired network interface:

Cable1.png

It will ask us if we want to change the Eth0 interface settings

Cable2.png

We select DHCP in case we have a dhcp server in the network

Cable3.png

After this a message will appear saying that the wired network has been correctly configured.

4.3.2 Static

Cable4.png

Select IP STATIC if you want to configure the wired interface manually

Cable5.png

Enter the static IP of our Raspberry

Cable6.png

Enter the Gateway of our network

Cable7.png

Enter the network mask

Cable8.png

Enter the public DNS

Cable9.png

We will get a message that the configuration has been successfully completed

Cable10.png

4.3.3 Wireless DHCP

Select Wlan0 to configure the wireless network interface

Wifi1.png

It will ask us if we want to change the configuration of the Wlan0 interface

Wifi2.png

We select DHCP in case we have a dhcp server in the network

Wifi3.png

It will give us a choice of the name of our access point from a list

Enter the password of your access point

Wifi5.png

We will get a message that the configuration was successful

4.3.4 Wireless Static

Wifi6.png

Select WIFI STATIC if you want to configure the wired interface manually

Wifi7.png

It will give us to choose from a list the name of our access point

Enter the password of our access point

Wifi9.png

Enter the static IP of our device

Wifi10.png

Enter the network mask

Wifi11.png

Enter the Gateway of our access point

Wifi12.png

We'll get a message saying the configuration was successful.

Wifi13.png

4.3.5 Exit the Installer

To exit the installer go back to the main menu and press cancel.

Wifi14.png

4.4 Agent/Satellite Configuration

4.4.1 Agent

To install the agent select AGENT from the menu

Agente1.1.png

It will ask us the IP of the Pandora server that we want to point the agent to

Agente2.2.png

Now we enter the existing group in the server to which we want to add the agent

Agente3.3.png

4.4.2 Satellite

To install the satellite select SATELLITE from the menu

Satelite1.png

It will ask us the IP of the Pandora server that we want to point the agent to

Satelite2.png

Enter the range of the network we want to monitor along with its mask

Satelite3.png

Enter the community or list of SNMP communities of the devices in our network

Satelite4.png

Enter the user or list of users to make WMI queries to the computers on the network

Satelite5.png

5 Postinstallation

5.1 eHorus client Configuration

Edit the file /etc/ehorus/ehorus.conf and replace the "eh_user" token with your eHorus user. Decomment the password secret line and replace it with a password to access your agent from eHorus. Start the service with:

/etc/init.d/ehorus_agent_daemon start

Ehorus conf.png

5.2 Netflow Probe

Its operation is based on the use of several components:

  • A device with netflow compatibility, usually a switch or router type network hardware that generates information packets, or a netflow probe.
  • A netflow collector, which receives the packets generated by the previous device, storing and processing them. It is usually a tool or server with these capabilities.

Pandora FMS uses an OpenSource tool called nfcapd to process all the netflow traffic. This daemon is automatically launched by Pandora FMS server. This system stores the data in binary files, in a certain location. You must install nfcapd on your system before you can work with Netflow in Pandora. The default nfcapd daemon listens on port 9995/UDP by default, so you will need to consider this if you have firewalls to open this port and when configuring your Netflow probes.

Netflow architecture.png

5.2.1 Netflow Probe via software

If you do not have a Netflow router, but your traffic "passes" through a Linux system, you can install software that acts as a probe, and sends Netflow traffic information to the collector. In Linux there is a program called fprobe that captures the traffic and forwards it to a NetFlow server. With it you can generate Netflow traffic, from all network traffic passing through your interfaces.

First we must install fprobe:

apt-get install fprobe

It will ask us which interface we want to monitor and to which ip:port we want to send the information. In case you don't ask us, we'll have to run it with the following command:

/usr/sbin/fprobe -i <interfaz_monitorizar> -fip <ip_colector>:<puerto>

In the following example all traffic from the eth0 interface will be sent to the Netflow collector listening on the port 9995 de la IP 192.168.70.185:

/usr/sbin/fprobe -i eth0 -fip 192.168.70.185:9995

Once traffic is generated, you can view statistics of this traffic on the Netflow collector with the command:

nfdump -R /var/spool/pandora/data_in/netflow

Netflow must be enabled to be accessible from the Operation and Administration menus: Habilitar netflow

Once the Netflow is configured, it will be necessary to restart the Pandora FMS server to raise the nfcapd server. It must be properly installed before attempting to start it. Check the server logs for any questions.

5.2.2 Netflow Probe with Port Mirroring

Explained in the section: Netflow Port Mirroring