Homework
Jump to navigation
Jump to search
This homework project is for John to develop a network monitoring capability under the tutelage of his Sensei, Jedd.
Messages from Jedd
- Fri Jun 28 09:01:40 AEST 2019
- Wed Jun 12 19:11:53 AEST 2019
- Wed Jun 12 00:40:49 AEST 2019
- Wed Jun 12 00:22:50 AEST 2019
- Tue Jun 11 23:58:41 AEST 2019
- Tue Jun 11 23:21:46 AEST 2019
- Thu Mar 21 08:37:55 AEDT 2019
- Wed Mar 13 21:34:52 AEDT 2019
- Fri Aug 31 23:40:10 AEST 2018
Component summary
| Software | Note | Function |
|---|---|---|
| Prometheus | ||
| Loki | by the Grafana guys | |
| Grafana | ||
| Elasticsearch | ||
| metricbeat | ||
| Graylog | ||
| Zabbix | ||
| PostgreSQL | say with TimescaleDB | |
| Logstash | ||
| Kibana | ||
| NetFlow (elastiflow) | ||
| NetData |
Further reading
Buzzwords
Terms Jedd is liable to drop on you:
| Term | Meaning |
|---|---|
| APM | Application Performance Monitoring |
| RCA | Root Cause Analysis |
| SIEM | Security Information and Event Management |
Tasks
TODO
Stuff to do. Priorities on top.
Do all this in your test environment so you don't need to worry about firewalls and user auth:
- read the Zabbix documentation
- How to Install and Configure Grafana (also Install Grafana)
- gandalf: Spin up a VM for logging - install graylog as per instructions. Point some rsyslog stuff towards it. Review the tutorials.
- ripley: Spin up a VM with Prometheus and Grafana - install node-exporter on one of your other boxes, and point that towards your Prometheus server.
- faith: Spin up a VM for Elasticsearch + Logstash + Kibana and set up Metricbeat on one of your other boxes, and point that towards your Elasticsearch server.
Done
Stuff that's done. Latest on top.
- 2020-03-29 jj5 - I completed Install and configure Zabbix server for your platform
- 2020-03-28 jj5 - I completed Get started with Metricbeat
- 2020-03-28 jj5 - I found Getting started with the Elastic Stack
- 2020-03-28 jj5 - I completed Install Kibana with Debian Package
- 2020-03-28 jj5 - I completed How to Install Elasticsearch on Ubuntu 18.04
- 2020-03-28 jj5 - created 'knowledge-test' (sm-log-1) and did a basic base config with Salt Stack: see instructions from Jedd
Virtual machines
gandalf-test
These notes are obsolete, see knowledge-test instead.
| Setting | Value |
|---|---|
| Sysid | 141 |
| System | sm-log-1 |
| Host | gandalf-test |
| Deployment | test |
| Provider | vbox |
| Salt ID | 141-sm-log-1-gandalf-test-vbox |
| Machine Folder | /srv/vbox/fast |
| Type | Linux |
| Version | Ubuntu (64-bit) |
| Memory Size | 3072 MB |
| Processor(s) | 2 CUPs |
| Root Volume Size | 30 GB |
| Root Volume Path | /srv/vbox/fast/gandalf-test/gandalf-test.vdi |
| LVM PV 1 Size | 500 GB |
| LVM PV 1 Path | /srv/vbox/slow/gandalf-test/gandalf-test-pv-1-500.vdi |
| Attached to | Bridged Adapter |
| Ethernet Adapter | enp3s0f0 |
| IP Address | 10.1.3.141/16 |
| Gateway | 10.1.1.1 |
| DNS | 10.1.1.113 |
knowledge-test
Box: single box: 2 core, 6GB RAM, 100GB disk
| Setting | Value |
|---|---|
| Sysid | 141 |
| System | sm-log-1 |
| Host | knowledge-test |
| Deployment | test |
| Provider | vbox |
| Salt ID | 141-sm-log-1-knowledge-test-vbox |
| Machine Folder | /srv/vbox/fast |
| Type | Linux |
| Version | Ubuntu (64-bit) |
| Memory Size | 6 GB |
| Processor(s) | 2 CUPs |
| Root Volume Size | 100 GB |
| Root Volume Path | /srv/vbox/fast/knowledge-test/knowledge-test.vdi |
| Attached to | Bridged Adapter |
| Ethernet Adapter | enp3s0f0 |
| IP Address | 10.1.2.141/16 |
| Gateway | 10.1.2.1 |
| DNS | 10.1.1.113 |