How to install Webmin and MRTG on CentOS 7

Install Webmin

Install Webmin requirements and install Webmin via RPM directly from the website.

# yum -y install perl-Net-SSLeay
# yum -y install perl-Encode-Detect
# rpm -ihv https://netix.dl.sourceforge.net/project/webadmin/webmin/1.840/webmin-1.840-1.noarch.rpm

Install Apache

Here we are performing a basic installation of the apache web server, start the webserver afterwards and enable the service on boot.

# yum -y install httpd
# systemctl start httpd.service
# systemctl enable httpd.service

Install MRTG

Below command is for MRTG and the SNMP installation including utilities and dependencies.

# yum -y install net-snmp mrtg net-snmp-utils

Configure SNMP

Edit the configuration file, below an example of a non-restrictive SNMP configuration.

# vi /etc/snmp/snmpd.conf

################################################################################# snmpd.conf:# An example configuration file for configuring the ucd-snmp snmpd agent.################################################################################## This file is intended to only be as a starting point. Many more# configuration directives exist than are mentioned in this file. For# full details, see the snmpd.conf(5) manual page.## All lines beginning with a '#' are comments and are intended for you# to read. All other lines are configuration commands for the agent.
###############################################################################
# Access Control################################################################################ As shipped, the snmpd demon will only respond to queries on the# system mib group until this file is replaced or modified for# security purposes. Examples are shown below about how to increase the# level of access.# By far, the most common question I get about the agent is "why won't# it work?", when really it should be "how do I configure the agent to# allow me to access it?"## By default, the agent responds to the "public" community for read# only access, if run out of the box without any configuration file in# place. The following examples show you other ways of configuring# the agent so that you can change the community names, and give# yourself write access to the mib tree as well.## For more information, read the FAQ as well as the snmpd.conf(5)# manual page.# Here is a commented out example configuration that allows less# restrictive access.# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
# sec.name source community
com2sec local localhost publiccom2sec dmznet 10.0.1.0/24 publiccom2sec lannet 192.168.1.0/24 public
# group.name sec.model sec.name
group RWGroup any localgroup ROGroup any dmznetgroup ROGroup any lannet
# incl/excl subtree mask
view all included .1 80## context sec.model sec.level prefix read write notifyaccess ROGroup "" any noauth 0 all none noneaccess RWGroup "" any noauth 0 all all all
###############################################################################
# System contact information## It is also possible to set the sysContact and sysLocation system# variables through the snmpd.conf file:syslocation Unknown (edit /etc/snmp/snmpd.conf)syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
###############################################################################
# Logging## We do not want annoying "Connection from UDP: " messages in syslog.# If the following option is commented out, snmpd will print each incoming# connection, which can be useful for debugging.dontLogTCPWrappersConnects yes
# -----------------------------------------------------------------------------

Start the service and enable the service on boot.

# systemctl start snmpd.service# systemctl enable snmpd.service

Test if your SNMP service is responding to SNMP requests

# snmpwalk -v2c -c public localhost system

Configure MRTG

Create a configuration file for MRTG data storage. Run the command below and redirect the output to the MRTG configuration file.

# cfgmaker --ifref=descr --ifdesc=descr --global 'WorkDir: /var/www/html/mrtg' public@172.24.0.69 > /etc/mrtg/172.24.0.69.cfg

I suggest to create a configuration file for each host you want to query/observe. If you have a configuration file for every host, merge them into /etc/mrtg/mrtg.cfg.

Additionally I’ve added those global configuration settings to /etc/mrtg/mrtg.cfg

HtmlDir: /var/www/mrtg
ImageDir: /var/www/mrtg
LogDir: /var/lib/mrtg
ThreshDir: /var/lib/mrtg
Refresh: 300
Interval: 5
Language: german
Options[_]: growright, nobanner, noborder, transparent

Create Index File on MRTG document root through below command.

# indexmaker --columns=1 /etc/mrtg/mrtg.cfg > /var/www/html/mrtg/index.html
Make MRTG executing every minute.

# crontab -e
Add the following line and save :x!

*/1 * * * * env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --logging /var/log/mrtg.log

Configure Apache

Edit the Apache config file for MRTG’s virtual directory:

# vi /etc/httpd/conf.d/mrtg.conf
Make sure you disable the local access only:

#
# This configuration file maps the mrtg output (generated daily)
# into the URL space. By default these results are only accessible
# from the local host.
#
Alias /mrtg /var/www/mrtg
<Location /mrtg>
# Require local
# Require ip 10.1.2.3
# Require host example.org
</Location>

Restart Apache webserver:

# systemctl restart httpd.service
Open MRTG website:

http://server-ipaddress/mrtg
Thank you 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.