Monitoring Apache using SNMP

    The Apache SNMP modules only seems to be available in de commercial JON-version; no modules or sourcecode is available in JOPR. Spending some searching the internet, it turns out it is possible to use de modules from the HQ Open Source project from http://www.hyperic.com/community/

     

    The complete sourcecode can be downloaded using svn:

    svn co http://svn.hyperic.org/projects/hq/trunk hyperic-hq

     

    Somewhere in the trunk the needed tar-files are hidden. Downloading will take some time and space (about 400 MB) If someone knows how to download the tar-files directly, please tell! Anyway, after checking out, the files can be found at:

     

    • <path to download dir>/hyperic-hq/hq_bin/product_connectors/rt-1.0.2.tar.gz
      <path to download dir>/hyperic-hq/hq_bin/product_connectors/snmp-1.0.2.tar.gz

     

    For testing the modules, I used a Centos 5.2 32-bit basic installation with extra Development Tools and nmap. SE-Linux and the firewall are completely disabled.

    I Installed as well: httpd (Apache) and httpd-devel. Installed are now:

     

    Installed:

    • httpd
    • httpd-devel

    Installed for dependencies:

    • apr-devel
    • apr-util-devel
    • cyrus-sasl-devel
    • db4-devel
    • expat-devel
    • openldap-devel

     

    Now, upload the snmp tar file to your server and:

    • tar -zxf snmp-1.0.2.tar.gz 
    • cd snmp-1.0.2
    • ./build_apache_snmp.sh 2.0 /usr/sbin/apxs; echo $?

    building sdbm
    building libsmi
    building ucd-snmp
    building Apache module
    0

     

    The modules builds OK. (party, yeah!!!)

    • The modules can be found in ./snmp_module_2.0/module
    • The snmp.conf file can be find in ./snmp_module_2.0/conf
    • Some snmp tools can be found in ./snmp_module_2.0/tools

     

    Now configure Apache:

     

    • cd /etc/httpd/conf
    • Add to http.conf:

     

    ## Apache SNMP
    LoadModule snmpcommon_module modules-snmp/libsnmpcommon.so
    LoadModule snmpagt_module modules-snmp/libsnmpmonagt.so
    SNMPConf conf
    SNMPVar var
    ## End of apache SNMP

     

    • mkdir /etc/httpd/modules-snmp  (I prefer to keep these modules seperated from the rest)
    • Copy all the modules to /etc/httpd/modules-snmp
    • mkdir /var/tmp/apache-snmp (I prefer to keep the variable stuff out of /etc/http)
    • chown apache.apache /var/tmp/apache-snmp
    • chmod 750 /var/tmp/apache-snmp
    • cd /etc/httpd
    • ln -s /var/tmp/apache-snmp var
    • Copy  snmp.conf to /etc/httpd/conf
    • Test the configuration:

    /etc/init.d/httpd configtest
    Syntax OK

     

    • Without Apache started, port 1610 (UDP) is closed:

     

    [root@jboss1 bin]# nmap -sV -sU -p 1610 localhost

     

    Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2010-02-03 11:47 CET
    Interesting ports on jboss1.blabla.bla (127.0.0.1):
    PORT     STATE  SERVICE VERSION
    1610/udp closed unknown

     

    Nmap finished: 1 IP address (1 host up) scanned in 0.052 seconds

     

    • Now start Apache; the snmp-port should be open (on localhost)

     

    [root@jboss1 bin]# nmap -sV -sU -p 1610 localhost

     

    Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2010-02-03 11:48 CET
    Interesting ports on jboss1.blabla.bla (127.0.0.1):
    PORT     STATE SERVICE VERSION
    1610/udp open  snmp    SNMPv1 server (public)

     

    Nmap finished: 1 IP address (1 host up) scanned in 37.042 seconds

     

    • Deploy and start the Jopr agent in the regular way. Apache SNMP should be available. Edit the connection string:

     

    apache-snmp-connection-props.jpg

     

    • Now wait some minutes, and a new Apache host will appear: (jboss1.blabla.bla in this case)

     

    apache-snmp-newhost.jpg

     

    • However, an error occures which is easy to repair:

     

    apache-snmp-newhosterror.jpg

     

     

    • Wait some more minutes, the new host will turn available with tons of metrics available (Monitor --> Tables)

     

    apache-snmp-newhost-metrics.jpg

     

    So after all, it seems quite nice. Lot's of information can be taken from Apache now. Response time metrics are not yet available. The Apache mod_rt module must be compiled and installed first. (taken from rt-1.0.2.tar.gz) I'll descibe that later.

     

    Comments on this approach appreciated!