Tony Roman | 24 Nov 00:53 2014
Picon

Release of Cacti 0.8.8c (About Time!)

Release of Cacti 0.8.8c

We the Cacti Group are proud to release the following:

    Cacti 0.8.8c
    Spine 0.8.8c

Important Security Fixes

 * CVE-2013-5588 - XSS issue via installer or device editing
 * CVE-2013-5589 - SQL injection vulnerability in device editing
 * CVE-2014-2326 - XSS issue via CDEF editing
 * CVE-2014-2327 - Cross-site request forgery (CSRF) vulnerability
 * CVE-2014-2328 - Remote Command Execution Vulnerability in graph export
 * CVE-2014-4002 - XSS issues in multiple files
 * CVE-2014-5025 - XSS issue via data source editing
 * CVE-2014-5026 - XSS issues in multiple files

Important Updates

 * New graph tree view
 * Updated graph list and graph preview
 * Refactor graph tree view to remove GPL incompatible code
 * Updated command line database upgrade utility
 * Graph zooming now from everywhere

Change Log

 bug#0002228: GPL incompatible files included in Cacti project in
  include/treeview
(Continue reading)

perfectpei@gmail.com | 13 Nov 03:12 2014
Picon

Which type to choose in "Select a graph type" dropdown box

Hi,
At the bottom of the "Create Graphs for this Host" page, there is a “Select a graph type” dropdown box.
What is the difference between the three options in the dropdown box: “In/Out Bits (64-bit
Counters)”, “In/Out Bits with Total Bandwidth” and “In/Out Bye”?



perfectpei <at> gmail.com
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
cacti-user mailing list
cacti-user <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cacti-user
Ryan Garland | 23 Oct 07:51 2014
Picon

Re: Issues with Cacti running very long rrdtool commands

To follow up on this, I did some tests with the graph that is failing vs
the graph that is working by adding:

print strlen($command_line);

inside the following function in rrd.php:

function rrdtool_execute

The graph that fails has a string length of 131104, the graph that succeeds
has a string length of 130864.  So, it would seem as though we are running
into a 131072 limitation.

Any ideas how we can get around this, or get Cacti to run the command as if
it were at the command prompt which does not seem to have such a limitation?

Cheers,

Ryan

On Wed, Oct 22, 2014 at 9:47 PM, Ryan Garland <sheffy <at> gmail.com> wrote:

> I believe I am running into a character limit for the commands that
> rrdtool can successfully run.
>
> I currently have a stacked aggregate graph with 1376 line items (3/4 of
> which are the Legend lines).  This graph renders just fine, and with Debug
> mode turned on, after the long rrdtool command, rrdtool returns "OK".  The
> character count of the command (including any white space) of this command
> is 132961.  (Yes, I know that's a lot - I have my reasons :))
(Continue reading)

Ryan Garland | 23 Oct 06:47 2014
Picon

Issues with Cacti running very long rrdtool commands

I believe I am running into a character limit for the commands that rrdtool
can successfully run.

I currently have a stacked aggregate graph with 1376 line items (3/4 of
which are the Legend lines).  This graph renders just fine, and with Debug
mode turned on, after the long rrdtool command, rrdtool returns "OK".  The
character count of the command (including any white space) of this command
is 132961.  (Yes, I know that's a lot - I have my reasons :))

However, as soon as I add a new line item to the graph, the graph no longer
renders, and with Debug mode turned on, rrdtool does not return OK -- it
merely shows nothing.  The character count of this command is 133204.

Here's the kicker:  When the failing rrdtool command is manually ran at the
system's command prompt, the command succeeds.  It seems that only within
Cacti does the rrdtool command not work.

I have done a lot of research and found some seemingly related information
( such as http://www.mail-archive.com/bug-make <at> gnu.org/msg05522.html )
which discusses command length limitations by the OS / kernel, limiting to
131072 MAX_ARG_STRLEN, but:

1) this number is slightly lower than the length of the full rrdtool
command that is succeed, and
2) if that was the problem, the command should not succeed when manually
run at the command prompt

So what is Cacti doing when it runs rrdtool that could be limiting the
command length?  Does anyone have any suggestions as to how to resolve this
apparent limitation?
(Continue reading)

Michael Grant | 17 Oct 13:56 2014

thold

I've just installed cacti on my debian wheezy system via apt-get.

I managed to get the bundled graphs working though I did have to delete
them and add them again.

Today I installed thold and settings plugins.

For a test, I created a threshold for the number of logged in users, thus I
can log in and get it to trigger the threshold.

I see the threshold go red, but I don't get an email.

However, when I log out, I do get a notification that the threshold went
back to normal, so something seems to be working.

Some other strange thing with thold I noticed, on the graphs, that button
to toggle VHOLD rules, I read in the forum that this is supposed to put a
red line on the graph but I don't see any red line appear.  I did wait
quite a while for the graph to refresh on the server.
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho
Brad | 1 Oct 11:18 2014

Poller[0] ERROR: SQL Row Failed!, Error:'1033'

I have cacti working flawlessly on a centos 7.0 machine but I need it
working on a centos 6.3 machine.

I download the same version as what is on the 7.0, I installed rrdtool from
yum.

After performing a successful base installation of cacti and confirm it
works. 

I then copy over the database and restart mysqld 

I see my data but 'none of the charts appear' and I get this error in my
cacti.log

10/01/2014 04:12:31 AM - CMDPHP: Poller[0] ERROR: SQL Row Failed!,
Error:'1033', SQL:"select  host.id,  host.hostname,  host.snmp_community,
host.snmp_version,  host.snmp_username,  host.snmp_password,
host.snmp_auth_protocol,  host.snmp_priv_passphrase,
host.snmp_priv_protocol,  host.snmp_context,  host.snmp_port,
host.snmp_timeout,  host.disabled  from host  where host.id=1"

I have upgraded MySQL to 5.4 and rddtool  to 1.4.8 and tried a different
cacti versions

I have also tried every script in cli/

Mysqlcheck say the database is just fine

Same error

(Continue reading)

Remy | 5 Sep 20:07 2014
Picon

ldap authentication: unexpected behaviour

Hi cacti-user <at> ,

I'm using cacti with LDAP authentication configured to authenticate with 
an OpenLDAP server.
My ldap user has no right except to bind and search for my own 
attributes in the ldap schema, so no ldap compare works with my own 
user.

In cacti I have set up the "specific DN search" option and provided a 
service account which has more privileges so it can be used to search, 
compare, etc.

The problem i'm facing is that if I check the "require group membership" 
option, cacti is trying to ldap_compare() using a ldap_bind() previously 
done with my credentials instead of the specific DN provided, which in 
my setup fails because my account can't see group attributes in the ldap 
schema.

I would have expected it to use the specific DN to ldap_compare().

Is this done on purpose ? If so, could you help me understand in which 
situation this is usefull ?
I think this can only works with a ldap server who allows your user to 
read group attributes like Microsoft Active Directory.

This patch in Authenticate() from ldap.php works for me:

[remy <at> cactiserver lib]# diff -u ldap.php.backup_original ldap.php
--- ldap.php.backup_original 2014-08-06 15:27:52.000000000 -0400
+++ ldap.php 2014-08-07 20:21:20.000000000 -0400
(Continue reading)

Mark Haney | 22 Aug 20:07 2014

Cacti on CentOS 7

I've got Cacti setup on CentOS 7, but I'm encountering a problem getting 
any graph data. I get graphs, just nothing in them, including the 
localhost graphs. I've setup the file permissions on the rra/ and log/ 
directories to the 'cacti' user and the poller creates and appears to 
update the RRD files, but still no data in the graphs.

I've disabled SELinux, but that hasn't done anything to fix it. Anyone 
got any ideas on where I look next?

--

-- 
Mark Haney::: Sr. Systems Engineer

VIF International Education
P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA
919-265-5007 office

Make Learning Global.
www.vifprogram.com

Recognized as a ‘Best for the World’ B Corp!

------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
Jaap Winius | 15 Aug 02:15 2014
Picon

Kerberos authentication

Hi folks,

My site uses Apache web servers that support authentication via MIT 
Kerberos (mod-auth-krb). If my admin users have Cacti login names that 
match their Kerberos principal names, is it possible to set up Kerberos 
authentication for their Cacti accounts?

Thanks,

Jaap

------------------------------------------------------------------------------
Matthew Newton | 25 Jul 19:37 2014
Picon
Picon

Spine "is_numeric" incorrectly returns TRUE for some hexadecimal values

Hi,

[Ref cacti spine v0.8.8a, same as latest HEAD.]

We're polling a Brocade fibre channel switch, which returns its
64-bit data in an octet-string format (rather than the more
sensible plain 64-bit integer).

It looks like spine should have code to handle this already with
the is_hexadecimal tests at e.g. poller.c:1107, but the values are
not getting converted to decimal. The returned values look like
"00 01 66 D7 44 4E 17 34".

It turns out that the is_numeric test (poller.c:1105) is returning
true for the above value, which means that it never falls through
- of course, it never parses as a decimal number, either... :)

The code in is_numeric tests as follows:

  is it a long (strtol) - check return code and matched length
  is it a double (strtod) - ditto return code and length
  some other test for a space, if no errno set.

The final bit of the code doesn't seem to make sense -
util.c:839-847.

It says that if there was an error (this will be from strtod
only), then return false - OK.

However, if there _wasn't_ an error then it should test to see if
(Continue reading)

Turbo Fredriksson | 20 Jul 21:59 2014

Simplify creating templates etc

I've created a SNMP module for ZFS (I previously had made Bind9, Bacula
and some other minor modules) that uses pass_persist and 'tablified'
data.

If anyone is interested - https://github.com/FransUrbo/snmp-modules.

It's been three-four years since I wrote the last one and I remember that
writing the module and the XML file(s) was _easy_ compared to configuring
Cacti to output graphs from this...

Eventually I succeeded and if I remember correctly, the exported template(s)
couldn't be imported into another machine/installation. Something about some
UUID/hash mismatching or something like that - https://github.com/FransUrbo/snmp-modules/blob/master/bacula/cacti_data_query_snmp_local_bacula_statistics_query.xml

I've googled and looked at the documentation on cacti.net, but the part
about indexed SNMP data is very sparse. And every single one I found is
almost word-by-word identical! And even worse, they're almost word-by-word
identical to the 'postit info documentation' I wrote for my self at the
time - https://github.com/FransUrbo/snmp-modules/blob/master/bacula/README.txt :).

So what's the simplest/fastest way to go from a number of SNMP tables
to actual graphs?
--
You know, boys, a nuclear reactor is a lot like a woman.
You just have to read the manual and press the right buttons
- Homer Simpson

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
(Continue reading)


Gmane