October 28, 2005

Network monitoring with Cacti

Author: Aditya Nag

GNU/Linux is without doubt a brilliant server OS, but monitoring your Linux server can be a challenge. There are a few powerful tools available, such as MRTG, the Multi Router Traffic Grapher, but setting them up can be an exercise in frustration for first-time users. By contrast, Cacti, a graphing program for network statistics, is designed to be easy for relatively inexperienced systems administrators to use, while at the same time being powerful enough to be used in complex networks.

Cacti's Web site describes the software as

a complete network graphing solution designed to harness the power of
RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy-to-use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.

RRD stands for Round Robin Database, which is a system to store and display time-series data such as network bandwidth, machine-room temperature, and server load average. Cacti leverages the features of RRDtool and stores the data it collects in Round Robin archives.

I recently set up three new servers at my university. To monitor and track various parameters, I decided to install Cacti to see if it lived up to the description. I previously used MRTG to monitor our network, but I was never able to configure it to my complete satisfaction. MRTG is pretty complex, and takes a lot of getting used to.

The network in question comprises about 600 nodes. Three Linux servers prove DHCP, DNS, Squid network caching, and other services. The devices that I needed to monitor were the three servers themselves, some Layer 3 managed switches, Wi-Fi access points, and a few workstations.

Installation and configuration

Cacti installation was simple. After downloading the latest tarball (version 0.8.6g) I had to set up the MySQL database and change a few lines in one file. The installation instructions are easy to follow. It took me about five minutes to install Cacti. After logging in and changing the default password, I was ready to start monitoring my network.

After logging in, you have to tell Cacti about the devices that you want to monitor. Cacti comes with a list of common devices, such as Linux servers, Cisco routers, NetWare servers, and even Windows 2000/XP workstations. If your device is not in the list, you can create a generic device, and specify the parameters you need to monitor. You can also save this as a template for the future. The user-friendly Web interface coupled with the documentation makes this a refreshing change from MRTG.

After you create the devices, you have to select the parameters that you want to monitor for each device, and set up the graphs. Cacti provides templates for common parameters such as CPU usage, network traffic, users logged in, and the like. You can quickly make your own templates as well. It took me a few minutes to set up the graphs for the three Linux servers. The parameters I wanted to track were load averages, bandwidth used, and processes running. Cacti already offers templates for these, so setting them up was easy. To monitor the switches, I had to create my own templates, which was slightly more complex, but the documentation came to my rescue.

Click to enlarge

All the information Cacti collects is useful only if it is presented properly. If you are monitoring a handful of devices, you can go through each graph quickly, but if you are tracking a few hundred parameters, that is simply not possible. To help you understand the data, Cacti lets you organize the graphs in various ways. You can set up graph trees, collecting all graphs of one type under one umbrella graph. You can have a graph in two or more trees as well. In my case, I set up individual trees for each parameter, with all the graphs of that parameter in each tree. For example, in the graph tree for bandwidth, the bandwidth graphs of all the devices are collected. Every device has an individual graph tree as well. This allows me to quickly check by parameter or by device to make sure everything is running smoothly. You can set up the trees in myriad different ways according to your needs.

Cacti can graph just about anything you throw at it. The variety of templates that come with the default installation is sufficient to take care of simple networks, and you can create your own data types and templates for more complex networks. However, Cacti cannot display tabular numeric data.

Cacti is not limited to using SNMP data. You can feed Cacti the paths to an external script or command -- standard *nix bash scripts, Perl scripts, or any script that runs from the command prompt of your Linux server. Cacti gathers the data in a cron job and populates a MySQL database or the round robin archives. Users have developed more than 20 scripts for Cacti, ranging from collecting data from Sendmail queues to gathering Apache statistics.

Cacti does not take too many resources on the host machine. It is written in PHP, and renders quickly. I had it tracking about 30 parameters over a dozen different devices, and it was snappy to use.

By default, Cacti allows anyone to view the graphs at http://<your hostname>/cacti/graph_view.php, but you can turn this access off.

You can authorize multiple administrators as Cacti users. You can add users and give them rights to only certain areas of Cacti. This allows you to create some users that can change graph parameters, and others that can only view graphs. Each user can maintain his own settings when it comes to viewing graphs.

Conclusion

Cacti does a good job of monitoring network usage. I encountered no bugs or flaws in it, but you might want to test Cacti on a spare box before you implement it in a critical production environment. The software is extremely extensible, and can be used to monitor very large networks, tracking parameters as diverse as temperature and humidity. The user community is active, and development is proceeding at a rapid clip.

Cacti is an extremely useful and easy to use tool for network administrators, and best of all, you do not need to be a network guru to use it.