System monitoring is the evaluation of system’s resources and their usage. Monitored resources include; the CPU, server memory, routers and switches, bandwidth and the performance of a network. This monitoring has been made easy by use of LibreNMS.

LibreNMS is an open source software originally licensed by Observium. It is used as an auto discovering and monitoring tool based on MySQL, PHP and SNMP. It displays a series of graphs suitable for bandwidth and system resource utilization analysis.

LibreNMS has many features, among the are:

  1. Customization of dashboards.
  2. Offers service monitoring
  3. Can use multiple authentication methods including; MySQL, Radius, HTTP, LDAP and Active directory.
  4. Has Two Factor Authentication.
  5. Has Auto updating and auto discovery.
  6. Has distributed polling.
  7. Offers device backup integration (RANCID, Oxidized)
  8. Has multiple data collection protocols such as STP, BGP among others.
  9. Supports VLAN, ARP and FDB collection table

In this guide, I will be demonstrating on how to install, configure and use LibreNMS on Rocky Linux 8.

Installation Pre-requisites

To do the installation, you will need the following

  1. Rocky linux 8 (physical or virtual)
  2. Hostname – e.g librenms.techviewleo.com

How To Install LibreNMS on Rocky Linux 8

The steps below will guide you on how to install LibreNMS on Rocky Linux 8

Step 1: Update Your System

Before you begin the installation task, first update and upgrade the system to ensure all packages are up to date.

sudo dnf -y update
sudo reboot

Step 2: Configure TimeZone

Set your timezone with the command, replacing “Africa/Nairobi” with your TimeZone.

sudo timedatectl set-timezone Africa/Nairobi
sudo timedatectl set-ntp yes

Confirm timezone configuration:

$ timedatectl
               Local time: Thu 2021-06-24 00:11:58 EAT
           Universal time: Wed 2021-06-23 21:11:58 UTC
                 RTC time: Wed 2021-06-23 21:11:57
                Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Step 3: Set SELinux in Permissive Mode

You can choose to disable SELINUX or set it in Permissive mode by editing this file /etc/selinux/config as below;

sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

If you do complete SELinux disable you need to reboot your system for the changes to take effect.

Step 4: Install EPEL repository on Rocky Linux 8

Before proceeding to install packages it is recommended to add extra Linux enterprise repository.

sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
ARCH=$( /bin/arch )
sudo dnf -y config-manager --set-enabled powertools

Step 5: Installing Dependancies on Rocky Linux

Here we will need to install a couple of dependencies required for the application.

sudo dnf -y install git cronie fping ImageMagick mtr net-snmp net-snmp-utils nmap rrdtool unzip tar wget 

1. Install PHP on Rocky Linux 8

PHP packages are important for the web interface and are installed with this command.

This will install Php 7.4 and its dependancies to your system

sudo dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
sudo dnf module -y reset php
sudo dnf module install php:remi-7.4 -y
sudo dnf -y install php php-{cli,common,fpm,curl,gd,mbstring,process,snmp,xml,zip,memcached,mysqlnd,json,mbstring,pdo,pdo-dblib,xml}

2. Install Nginx on Rocky Linux 8

Although there are other web servers like Apache, in this guide I will be using Nginx as my web server.

sudo dnf -y install nginx

3. Install MariaDB on Rocky Linux 8

Install MariaDB server and client packages

sudo dnf -y install mariadb mariadb-server

4. Add LibreNMS System User

We need to have a user for the LibreNMS. I will name my user as librenms and add the user to the nginx group.

sudo useradd librenms -d /opt/librenms -M -r
sudo usermod -a -G librenms nginx

Step 6: Download LibreNMS on Rocky Linux 8

After the above, we now need to clone the LIbreNMS software from GitHub with the command;

git clone https://github.com/librenms/librenms.git
sudo mv librenms /opt

Step 6: Configure LibreNMS on Rocky Linux 8

After a successful download, we will now proceed to configuring it so that we can access the web UI and monitor systems.

1. Set File Permissions

With our user and directories for LibreNMS that have been downloaded at /opt/librenms, we need to issue the following permissions.

sudo chown -R librenms:librenms /opt/librenms
sudo chmod -R 770 /opt/librenms
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ /opt/librenms/cache
sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ /opt/librenms/cache

2. Running a composer Wrapper on Rocky Linux

To allow the use of composer from within a script, we will issue the command;

sudo su - librenms
cd /opt/librenms
curl -sS https://getcomposer.org/installer | php
./scripts/composer_wrapper.php install --no-dev

This will give the following output;

When complete, issue the exit command to return to the root user

exit

3. Configuring MariaDB Database

Start and enable MariaDB service.

sudo systemctl start mariadb
sudo systemctl enable mariadb

Run the command below to harden your MariaDB server.

sudo mysql_secure_installation

This code, results to the following interface, where we create a strong password for the database.

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

4. Create a Database On MariaDB

Now we need to get in MariaDB and create our database with a user and password. you will be required to choose your username and a strong password.

$ mysql -u root -p

In this case, I created a user named librenms with my password as [email protected]

CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY '[email protected]';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit

Then, we need to edit this file /etc/my.cnf as below

sudo vi /etc/my.cnf

In the [mysqld] section, paste the following;

innodb_file_per_table=1
lower_case_table_names=0

Then, restart the service

sudo systemctl enable mariadb
sudo systemctl restart mariadb

5. Configure PHP on Rocky Linux

Ensure that the timezone is well configured in this file

$ sudo vi  /etc/php.ini
date.timezone = Africa/Nairobi

Then, we will be required to edit this file as below;

sudo vi /etc/php-fpm.d/www.conf

Edit your file to match this;

;user = apache
user = nginx

; RPM: Keep a group allowed to write in log dir.
group = nginx
;listen = 127.0.0.1:9000
listen = /var/run/php-fpm/php7.4-fpm.sock

listen.owner = nginx
listen.group = nginx
listen.mode = 0660

After this, enable and restart php – fpm

sudo systemctl enable php-fpm
sudo systemctl restart php-fpm

6. Configure Nginx On Rocky Linux

Create the librenms.conf file under /etc/nginx/conf.d/ and replace parameters as shown below

sudo vi /etc/nginx/conf.d/librenms.conf

Now edit your file as below (remember to replace my server name with your FQDN)

server {

    # Add your own domain name
    listen      80;
    server_name librenms.techviewleo.com;

    # LibreNMS Webroot directory
    root        /opt/librenms/html;
    index       index.php;

    # LibreNMS logs
    access_log  /opt/librenms/logs/access_log;
    error_log   /opt/librenms/logs/error_log;

    # Enabling Gzip compression on Nginx
    charset utf-8;
    gzip on;
    gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

Enable and restart the service as below

sudo systemctl start nginx
sudo systemctl enable nginx

7. Add Firewall Rules On Rocky Linux

Add the following to allow hhtp and https through the firewall

sudo firewall-cmd --zone public --add-service http
sudo firewall-cmd --permanent --zone public --add-service http
sudo firewall-cmd --reload

8. Configure SNMP Settings On Rocky Linux

Copy and configure SNMP configuration template as below;

sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
sudo vi /etc/snmp/snmpd.conf

In the file, you need to set your own community name by replacing RANDOMSTRINGGOESHERE as in this image

Download LibreNMS-Agent and make it executable:

sudo curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
sudo chmod +x /usr/bin/distro

Start and enable SNMPD service.

sudo systemctl start snmpd
sudo systemctl enable snmpd

Then we add Cron Job and copy Legrorate as below

sudo cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

9. Access the LibreNMS Web Installer

Now open your browser and and input the following address to launch the installation webpage.

http://Your_Server_IP/install/user or http://Your_Server_Name/install/user and follow the steps below.

This is the page that appear after you input the ip or server name on the browser. Alternatively, you can get to the page using http://Your_Server_IP/install/checks

Proceed to the next step where, you input your db username and password, db host, port and the Unix-socket. If you do not have the Unix-socket you leave it blank as below.

After a successful login, we now build a database for LibreNMS

Now after this step, you enter a user and desired password as your admin login to the web page and click Add user. Provide the username, password and email.

Then finally FINISH install

Validating LibreNMS Installation and Fixing Issues

After this step we are now required to validate the installation and fix any issues. We now go back to the command line in the terminal to validate and fix issues

sudo vi /opt/librenms/config.php

Add this to the file.

### Fping6
$config['fping6'] = '/usr/sbin/fping';

Then, type the following to grant appropriate permissions to these files.

sudo chown -R librenms:librenms /opt/librenms
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
sudo chmod -R ug=rwX /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootst

Finally, run this script to remove unmodified and untracked files

sudo su - librenms
python3 ./scripts/github-remove -d

This results to the following output. which you are required to answer with Y as below

Are you sure you want to delete all modified and untracked files? [y/N] y

Now you can validate your installation

sudo su - librenms
./validate.php

Output

After this validation process, go back to the webpage and click on validate and fix any issues. The URL changes now to http://Your HOST_IP/login or http://Your_Server_Name/login

Once you login in you will see this page where you can add your devices and monitor them.

Navigate to Devices>>Add Device

Then proceed to adding the device using the IP address, also choose the community that you had created earlier or public community, if public community has been enabled on the client devices.

On the above page you Input your Host_IP SNMP version, Community and port

When added successfully, you will be able to monitor your resources utilization for your server,router or any other attached device as shown

When you click on the IP of the device you can now see how resources are utilized. For this case, I clicked on the Microtik router and saw this

From the above information, there is a lot I can monitor on the device including ports usage, latency of the signal, wireless connectivity amongst many others.

We have successfully installed and configured LibreNMS network monitoring tool on Rocky LInux 8.

Check out some of the related articles:

How To Install LibreNMS On Oracle Linux 8

Monitor Linux Servers with SQL queries using osquery

LEAVE A REPLY

Please enter your comment!
Please enter your name here