Monitoring

OpenBSD - Smokeping

How to Install Smokeping on OpenBSD

Requiremens

  • running Server with OpenBSD
  • Root Permission
  • FQDN with Cert

Install Software

pkg_add smokeping

Update Config

cat << 'EOF' >/etc/smokeping/config
*** General ***

owner    = YOUR NAME
contact  = YOUR@EMAIL.NET
mailhost = localhost
sendmail = /usr/sbin/sendmail
# NOTE: do not put the Image Cache below cgi-bin
# since all files under cgi-bin will be executed ... this is not
# good for images.
imgcache = /var/www/htdocs/smokeping/cache
imgurl   = cache
datadir  = /var/db/smokeping
piddir  = /var/run
cgiurl   = https://YOUR.URL.NET/smokeping/smokeping.cgi
smokemail = /etc/smokeping/smokemail
tmail = /etc/smokeping/tmail
# specify this to get syslog logging
syslogfacility = local0
# each probe is now run in its own process
# disable this to revert to the old behaviour
# concurrentprobes = no

*** Alerts ***
to = YOUR@EMAIL.NET
from = smokealert@localhost

+someloss
type = loss
# in percent
pattern = >0%,*12*,>0%,*12*,>0%
comment = loss 3 times  in a row

*** Database ***

step     = 300
pings    = 20

# consfn mrhb steps total

AVERAGE  0.5   1  28800
AVERAGE  0.5  12   9600
    MIN  0.5  12   9600
    MAX  0.5  12   9600
AVERAGE  0.5 144   2400
    MAX  0.5 144   2400
    MIN  0.5 144   2400

*** Presentation ***

template = /etc/smokeping/basepage.html

htmltitle = yes
graphborders = no

+ charts

menu = Charts
title = The most interesting destinations

++ stddev
sorter = StdDev(entries=>4)
title = Top Standard Deviation
menu = Std Deviation
format = Standard Deviation %f

++ max
sorter = Max(entries=>5)
title = Top Max Roundtrip Time
menu = by Max
format = Max Roundtrip Time %f seconds

++ loss
sorter = Loss(entries=>5)
title = Top Packet Loss
menu = Loss
format = Packets Lost %f

++ median
sorter = Median(entries=>5)
title = Top Median Roundtrip Time
menu = by Median
format = Median RTT %f seconds

+ overview 

width = 600
height = 50
range = 10h

+ detail

width = 600
height = 200
unison_tolerance = 2

"Last 3 Hours"    3h
"Last 30 Hours"   30h
"Last 10 Days"    10d
"Last 360 Days"   360d

#+ hierarchies
#++ owner
#title = Host Owner
#++ location
#title = Location

*** Probes ***

+ FPing

binary = /usr/local/sbin/fping

*** Targets ***

probe = FPing

menu = Top
title = Network Latency Grapher
remark = Welcome to the SmokePing

+ Remote
menu= Remote
title= Remote hosts

+ DNS
menu = DNS
title = DNS

++ cf
menu = 1.1.1.1
title = 1.1.1.1
host = 1.1.1.1

++ google
menu = 8.8.8.8
title = 8.8.8.8
host = 8.8.8.8

++ quad9
menu = 9.9.9.9
title = 9.9.9.9
host = 9.9.9.9
EOF

Create Folders

don’t like to set permission to 777. but it does not work without :(

Kuma - API

i like kuma. simple, flexibel, selfhosted, and open source. one thing i missed is an API for adding / modifing hosted services.

now, i found a webapi for kuma and gave a try.

pre-condition

  • you have some Maschine with Docker
  • you have traefik running, which can terminate TLS, handle Loadbalancing

docker-compose.yml

version: '3.3'

networks:
  traefik:
    external: true

volumes:
  uptime-kuma:
  api-db:

services:
  kuma:
    container_name: uptime-kuma
    image: louislam/uptime-kuma:1.19.6
    restart: always
    volumes:
      - uptime-kuma:/app/data
    networks:
      - traefik
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.kuma.rule=Host(`kuma.your.domain`)"
      - "traefik.http.routers.kuma.tls=true"

  api:
    container_name: backend
    image: medaziz11/uptimekuma_restapi:latest
    restart: always
    volumes:
      - ./db:/db:rwx
    environment:
      - KUMA_SERVER=${KUMA_SERVER:-http://kuma:3001}
      - KUMA_USERNAME=xxxxxx
      - KUMA_PASSWORD=xxxxxx
      - ADMIN_PASSWORD=xxxxxx
      - SECRET_KEY=${SECRET_KEY:-xxxxxx}
    depends_on:
      - kuma
    networks:
      - traefik

Get Token

# API
token=$(http --form POST 127.0.0.1:8001/login/access-token 'username=xxxxxx' 'password=xxxxxx' |jq '.access_token')

List Monitors

$ http -A bearer -a $token 127.0.0.1:8001/monitors
HTTP/1.1 200 OK
content-length: 15
content-type: application/json
date: Mon, 17 Apr 2023 04:48:59 GMT
server: uvicorn

{
    "monitors": []
}

Add Service

$ http -A bearer -a $token 127.0.0.1:8001/monitors type=http name=compass url=https://www.compass-security.com


HTTP/1.1 200 OK
content-length: 43
content-type: application/json
date: Mon, 17 Apr 2023 05:07:02 GMT
server: uvicorn


{
    "monitorID": 5,
    "msg": "Added Successfully."
}

Check Monitoring

$ http -A bearer -a $token 127.0.0.1:8001/monitors |jq '.monitors |map({id, name, url, active, interval})'
[
  {
    "id": 1,
    "name": "https://www.stoege.net",
    "url": "https://www.stoege.net",
    "active": true,
    "interval": 60
  },
  ... snip ...
  {
    "id": 5,
    "name": "compass",
    "url": "https://www.compass-security.com",
    "active": true,
    "interval": 60
  }
]

that’s great !

OpenBSD - NTopNG

NTOPNG with Self Signed Cert

ntopng is a network traffic probe that provides 360° Network visibility, with its ability to gather traffic information from traffic mirrors, Netflow exporters, SNMP devices, Firewall logs, Intrusion Detection systems.

package

as root

pkg_add ntopng

Cert

To use HTTPS on the built-in web server, create /etc/ssl/ntopng-cert.pem containing both the private key and certificate in the same file and make this readable by the _ntopng user. Use the -W flag to listen on HTTPS.