MG-SOFT Net Inspector V10 - Installation and Configuration

Transcription

MG-SOFT Corporation
Net Inspector 2015
Version 10.6
INSTALLATION AND CONFIGURATION
GUIDE
(Document Version: 10.6)
Document published on October 16, 2015
Copyright © 1995-2015 MG-SOFT Corporation
MG-SOFT Net Inspector — Installation and Configuration
Introduction
In order to improve the design or performance characteristics, MG-SOFT reserves
the right to make changes in this document or in the software without notice.
No part of this document may be reproduced or transmitted in any form or by any
means, electronic or mechanical, for any purpose, without the express written
permission of MG-SOFT Corporation. Permission to print one copy is hereby granted
if your only means of access is electronic.
Depending on your license, certain functions described in this document may not be
available in the version of the software that you are currently using.
Screenshots used in this document may slightly differ from those on your display.
MG-SOFT may have patents, patent applications, trademarks, copyrights, or other
intellectual property rights covering subject matter in this document. The furnishing of
this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
Copyright © 1995-2015 MG-SOFT Corporation. All rights reserved.
2
Introduction
TABLE OF CONTENTS
1 Introduction........................................................................................................... 5
2 About Net Inspector ............................................................................................. 6
3 Net Inspector Architecture .................................................................................. 8
3.1 Main Components of Net Inspector .............................................................................8
3.2 Different Setup Scenarios .........................................................................................11
3.2.1 Simple Setup – All Components Installed on One Computer ..............................................11
3.2.2 Distributed Setup - Performance Manager and NetFlow Module Installed Remotely .....................11
Adding Additional Performance Manager Polling Engine and NetFlow Module for Linux to the System .... 11
Assigning Performance Manager Polling Engine to Devices .............................................................................. 13
Setting Devices as NetFlow Sources........................................................................................................................ 14
3.3 Linux System Integration Files ..................................................................................17
3.3.1 System (init.d) Startup Files .................................................................................................17
3.3.2 Apache HTTPD Integration File............................................................................................17
3.4 Server TCP and UDP Listening Ports ....................................................................... 17
4 Installing Net Inspector on Windows ................................................................ 19
4.1 Requirements ...........................................................................................................19
4.2 Installing Net Inspector for Windows ......................................................................... 20
5 Installing Net Inspector on Linux ...................................................................... 30
5.1 Requirements ...........................................................................................................30
5.2 Installing Net Inspector on RHEL 5 ........................................................................... 31
5.2.1 Fresh Installation ..................................................................................................................31
5.2.2 Upgrading Existing Installation .............................................................................................35
Upgrading Net Inspector 2010 Version 7.2 ............................................................................................................ 35
Upgrading Net Inspector 2012 Version 8.x ............................................................................................................ 36
Upgrading Net Inspector 2013 Version 9.x ............................................................................................................ 36
Upgrading Net Inspector 2014 Version 10.0.......................................................................................................... 37
5.2.3 Updating Net Inspector 2015 Version 10.5 ..........................................................................37
5.2.4 Installing Java Runtime Environment (JRE) for Linux ..........................................................38
5.2.5 Installing Mozilla Firefox 3.x on RHEL5 ................................................................................40
5.3 Starting and Stopping Net Inspector Server from Command Prompt......................... 42
6 Net Inspector Server Initialization File.............................................................. 43
6.1
6.2
6.3
6.4
Section [connection] ..................................................................................................43
Section [user] ............................................................................................................44
Section [config] .........................................................................................................45
Section [action] .........................................................................................................47
6.4.1 Defining Actions ....................................................................................................................47
6.5
6.6
6.7
6.8
Section [event] ..........................................................................................................52
Section [log] ..............................................................................................................53
Section [snmp notifications].......................................................................................55
Section [snmp agent] ................................................................................................57
7 Net Inspector Server Profiles File ..................................................................... 58
3
Introduction
7.1 Section [poll profile] ...................................................................................................58
7.2 Section [snmp access profile]....................................................................................60
8 Net Inspector Performance Manager Initialization File ................................... 62
8.1 Section [database] ....................................................................................................62
8.2 Section [net inspector]...............................................................................................63
8.3 Section [system]........................................................................................................63
9 Net Inspector NetFlow Module Initialization File ............................................. 64
9.1 Section [database] ....................................................................................................64
9.2 Section [netflow_processor] ......................................................................................65
10 Net Inspector NetFlow Module Known Ports File ............................................ 65
11 Net Inspector NetFlow Module Known URLs File ............................................ 67
12 Back Up and Restore Net Inspector Configuration and Database ................. 68
12.1 Back Up Procedure ...................................................................................................68
12.1.1
12.1.2
On Windows ...................................................................................................................69
On Linux .........................................................................................................................69
12.2 Restore Procedure ....................................................................................................70
12.2.1
12.2.2
On Windows ...................................................................................................................70
On Linux .........................................................................................................................70
13 Configuring SNMP Notification Destination on SNMP Agents ....................... 72
4
1
Introduction
INTRODUCTION
This guide provides instructions for installing and configuring Net Inspector Server
version 10.x for Windows and Linux operating systems.
All command line commands, filenames, paths and examples in this guide are
formatted with a fixed width font, e.g., port = 5221.
The path to Net Inspector v10.x installation directory in this guide is specified as
//Engine. By default, this is equivalent to C:\Program Files\MG-SOFT\Net
Inspector 10 on Windows and to /usr/local/mg-soft/mgnetinspector path
on Linux operating systems.
This guide also references the Net Inspector workspace directory, where the majority
of files containing the program settings and initialization parameters are located. The
path to the workspace directory is different in Windows and Linux operating systems,
as follows:
In Linux, the workspace directory full path is:
/var/mg-soft/mgnetinspector/workspace/
In Windows, the workspace directory full path depends on the Windows version:
a) Windows XP, Windows Server 2003:
C:\Documents and Settings\All Users\Application Data\MG-SOFT\Net Inspector\Workspace
b) Windows Vista, Windows Server 2008, Windows 7, Windows Server 2012, Windows 8.x:
C:\ProgramData\MG-SOFT\Net Inspector\Workspace
The content of this guide is listed in the Table of Contents.
5
2
About Net Inspector
ABOUT NET INSPECTOR
MG-SOFT Net Inspector 2015 (version 10.5) is a powerful fault and performance
network management application designed for monitoring the status and performance
of managed devices and managing alarms associated with devices in the supervised
IPv4 and IPv6 networks.
Net Inspector is a client/server application. After installing the software, the server
module automatically discovers and graphically depicts your network by means of icons
representing devices and lines representing connections between devices. Then, the
server, which runs as a service/daemon application, continually monitors network
devices using the standard management protocols (ICMP, SNMP) and triggers alarms
when there is a problem, e.g., if a device or a service (e.g., HTTP, FTP, DNS, SSH, etc.)
stops responding, if an SNMP variable crosses the user-defined threshold value (CPU
load, memory usage, bandwidth usage, etc.), if a monitored process stops running etc.
Besides, the software receives event reports (SNMP Trap or Inform), which are sent to it
by managed devices when important events occur (link is lost, device is rebooted,
chassis temperature is high…). Received SNMP notifications are translated to alarms.
All alarms are stored in an SQL database and dispatched to connected clients.
Net Inspector Client, on the other hand, is an OS independent JavaTM application that
connects to the server and provides a graphical user interface that lets you monitor the
status and performance of managed objects as well as view and manage alarms
(acknowledge, clear, filter, find, etc.). The status of every managed device is indicated
by the color of its icon, while active alarms are chronologically listed in a dedicated
window using different (configurable) colors reflecting different severity levels of
alarms (e.g., red for critical, orange for major, yellow for warning, etc.). This principle
lets you tell at a glance if all systems are functioning as expected, and in case of
problems, quickly concentrate on them by viewing alarm messages that contain
detailed description of the problem.
In addition to fault management, Net Inspector now incorporates also full-featured
performance management functionalities (provided by the integrated MG-SOFT
Performance Manager application), effectively covering both crucial network
management areas. The advantage of the integrated fault and performance
management is that full history of alarms and performance data is available at the
central point, which allows you to see a more realistic picture of the health of the network
and let you bring educated decisions, based on trend reports, regarding its
maintenance. Further advantage is that the integrated system enables you to monitor
virtually any parameter available through SNMP (vendor-specific metrics, vendorspecific traps), and let you deploy distributed polling engines that enable load balancing
and better performance of the management system. Distributed management also
makes the system easily scalable without seriously degrading its performance, so the
management system's capacity can seamlessly grow with your network.
Besides, Net Inspector now incorporates NetFlow and sFlow monitoring, providing
detailed IP traffic statistics, i.e., the applications that generate the most traffic,
endpoints (IP addresses) that receive and generate the most traffic, protocols that are
used most, etc. This information is obtained by collecting, analyzing and aggregating
NetFlow and sFlow packets exported by the network devices. NetFlow/sFlow
monitoring effectively complements the standard SNMP monitoring and together they
6
About Net Inspector
offer a valuable insight into the network infrastructure and bandwidth utilization and let
you easily identify the cause of congestions, etc.
Furthermore, Net Inspector also lets you monitor the IP SLA statistics, including HTTP,
FTP, TCP, DNS and VoIP Quality-Of-Service metrics (e.g., MOS, jitter, latency, packet
loss, etc.) on devices implementing the IP SLA functionality (e.g., Cisco routers).
Net Inspector Server is available for MS Windows operating systems (Windows XP,
Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows
Server 2012, Windows 8.x) and for Red Hat Enterprise Linux version 5, 6 and 7. Net
Inspector Client, on the other hand, runs on all operating systems with the Java
Runtime Environment (JRE), version 6.0 (a.k.a. 1.6) or later.
7
3
Net Inspector Architecture
NET INSPECTOR ARCHITECTURE
3.1 Main Components of Net Inspector
Net Inspector Server components
1
Distributed modules
Core modules
Performance
Manager Engine
(mgperfmngd)
Net Inspector Server
Fault Manager
(mgniengined)
NetFlow module
(mgnetflowd)
SNMP Trap service
(mgtrapd)
PM presentation
layer using Web
Server and PHP
(MS IIS or Apache)
SNMP Trap
service (mgtrapd)
NetFlow
database
PM
database
Net Inspector Client
(JavaTM application)
NI Micro HTTP server
For Java Web Start
(mghttpd)
NI I/O module
(mgoiserver)
NI services poller
(mgservpoll)
NI event
database
1
Distributed modules may be installed to the same or different computer as NI Server core
modules. Distributed modules are not available in Net Inspector LITE Edition.
Short Description of Net Inspector Components
Net Inspector Server (Fault Manager) – main server module to which Net Inspector
Clients connect. It is a fault management application that listens for SNMP Trap and
Inform notifications messages and triggers and maintains events and alarms and
controls execution of actions on events (sending e-mails, SMS messages, running
commands) through satellite processes (mgmail, mgsms). If used as polling engine
8
(e.g., in Net Inspector LITE Edition), it polls devices via ICMP Ping and SNMP to
check their status and collect their current system resource utilization parameters and
network interface statistics.
Net Inspector Performance Manager Engine – perfromance manager module that is
used as the polling engine in Net Inspector WorkGroup and Enterprise Edition. It runs
as a daemon/server application and continually polls devices via ICMP Ping and
SNMP protocols to determine the status (up/down) of managed devices; measure
network latency and packet loss and collect device performance parameters (CPU,
memory, disk usage), status of processes running on managed computers and
network interface statistics. This module supports monitoring the IP SLA metrics on
Cisco routers and can also be configured to monitor arbitrary, vendor-specific SNMP
parameters. In distributed configurations, this module can also receive SNMP Trap
and Inform notification messages and pass them to remote Net Inspector Server.
Additionally, this module itself triggers alarms if polled devices stop responding or if
monitored parameters cross the threshold values (all alarms are passed further to Net
Inspector Server). Performance manager module stores performance related data in
the PM database (PostgreSQL).
In Net Inspector Enterprise Edition, more than one performance manager module can
be employed to enable distributed network management and load balancing.
Net Inspector NetFlow module – NetFlow/sFlow collector and analyzer daemon/service
that receives NetFlow and sFlow packets exported from configured NetFlow sources and
calculates IP traffic statistics identifying the applications that generate the most traffic (in
packets and bytes), endpoints (IP addresses) that receive and send the most data,
protocols that are used most, etc.
SNMP Trap service - MG-SOFT SNMP Trap service that listens on configured ports
(default: UDP 162) for incoming SNMP Trap and SNMP Inform notifications messages
and passes them to Net Inspector Server (in simple setup) or Net Inspector Performance
Manager Engine (in distributed setup), which converts and displays them as alarms.
Web presentation layer for PM and Netflow – a collection of PHP scripts for
presenting the data gathered by Performance Manager Engine and NetFlow module in
PHP-powered Web pages served via the HTTP server (MS IIS or Apache). These
Web pages are viewed in Net Inspector Client (by means of an integrated Java Web
browser).
Net Inspector Micro HTTP server - tiny HTTP server daemon/service that serves the
Web page for launching Net Inspector Client via the Java Web Start method and
provides access to Net Inspector documentation in electronic form.
Net Inspector services poller – a process used for monitoring the status of 19 wellknown network services on managed devices, like HTTP, SMTP, POP3, IMAP, SSH,
FTP, NNTP, …
Net Inspector I/O module – a Net Inspector Server satellite process that provides an
interface for exporting Net Inspector configuration and alarms to third-party
applications via the SOAP (XML-based) protocol.
9
Net Inspector database – SQL relational database (e.g., PostgreSQL) that stores
complete event and alarm data history for all managed devices.
Performance Manager and NetFlow database – SQL relational databases (e.g.,
PostgreSQL) that store the data collected by the Performance Manager engine and
NetFlow module, respectively.
Net Inspector services watchdog – a script that regularly checks the status of all Net
Inspector vital services and automatically restarts the services in case any of them is
terminated ungracefully.
Net Inspector Client - pure JavaTM application that connects to Net Inspector Server
and provides a graphical user interface that lets you view and manage alarms on
managed objects, monitor the status and performance of managed objects, as well as
configure the client and certain parameters of the server application. Net Inspector
Client is downloaded to host computers and launched there via the Java Web Start
mechanism (i.e., by clicking the relevant link in the Java Web Start HTML page served
by the Micro HTTP server).
An Example of Net Inspector Configuration Using Three Distributed
Performance Manager Polling Engines
 10
3.2 Different Setup Scenarios
3.2.1 Simple Setup – All Components Installed on One Computer
In the simple scenario, all server components are installed and run on the same
computer.
For the step-by-step installation procedure that applies to this scenario, please refer to
Installing Net Inspector on Windows section or Installing Net Inspector on Linux
section, respectively.
Net Inspector Client, on the other hand, can be run either on the same (local)
computer or on remote computers. Net Inspector Client is deployed and lunched using
the Java Web Start method from the computer where Net Inspector Server is installed.
This is achieved by simply clicking the Java Web Start link in the Net Inspector Client
web page hosted by Net Inspector Micro HTTP server.
3.2.2 Distributed Setup - Performance Manager and NetFlow Module Installed
Remotely
MG-SOFT Net Inspector Enterprise Edition supports distributed network management,
meaning that Performance Manager and NetFlow module can be installed and run on
remote computers to enable distributed polling, distributed SNMP notification reception
and distributed NetFlow and sFlow packet collection. This option also enables load
balancing.
The distributed setup scenario involves installing the full Net Inspector package to one
computer and Net Inspector distributed modules (additional Performance Manager and
NetFlow module) to one or more remote computers and connecting those modules to
Net Inspector Server, as described in the following sub-section.
Adding Additional Performance Manager Polling Engine and NetFlow Module
for Linux to the System
1. Install Net Inspector distributed modules on a remote computer (please note down
the computer’s IP address). For detailed installation instructions, please refer to
the section Installing Net Inspector on Linux section, Option 2: Installing Net
Inspector distributed modules.
2. If the new Performance Manager polling engine and NetFlow engine are already
running, stop them by using the following commands:
/etc/init.d/mgperfmngd stop
/etc/init.d/mgnetflowd stop
3. Open the Net Inspector Performance Manager initialization file in a text editor
(e.g., vi, nano, gedit, etc):
/var/mg-soft/mgnetinspector/mgperfmng/pollingengine.ini
 11
4. In section [net inspector], set the value of the ipaddress parameter to the
IP address of the Net Inspector Server computer. Set the value of the port
parameter to match the port number on which Net Inspector Server listens to
incoming Performance Manager connections (by default 5223). Leave other
parameters unchanged. The [net inspector] section of the pollingengine.ini
file should look similar to this:
[net inspector]
ipaddress=10.0.3.151
port=5223
5. The distributed modules installation package, installs also MG-SOFT NetFlow
engine together with Performance Manager. The NetFlow engine is configured to
start automatically at system startup and to listen on TCP port 9991 for incoming
NetFlow v5 and v9 and sFlow v5 packets. Make sure to open the TCP port 9991 in
the firewall if applicable (e.g., iptables).
If you do not need the NetFlow/sFlow monitoring, you can disable it. To do this, set the
NetFlow engine startup mode to off for all runlevels and stop the service:
chkconfig mgnetflowd off
/etc/init.d/mgnetflowd stop
6. Start the Performance Manager polling engine and the NetFlow engine by using
the following commands:
/etc/init.d/mgperfmngd start
/etc/init.d/mgnetflowd start
7. Performance Manager polling engine will try to establish a connection with the Net
Inspector Server, as configured above.
8. To verify if the new polling engine has been successfully added to the system, use
the Net Inspector Client and connect it to the Net Inspector Server. Then, choose
the Tools/ Server Settings command. The Server Settings dialog box appears.
Select the Polling Engines option and check if the new polling engine is listed in
the list within the Server Settings dialog box (Figure 1). If yes, you can assign the
new poling engine to one or more managed objects as described in the following
section. If not, please double-check the configuration in the pollingengine.ini
file and the log file (/var/mg-soft/mgnetinspector/log/pollingengine.log).
Make sure also no firewall is blocking the connection between the polling engine
and Net Inspector Server (TCP port 5223 must be open in the firewall on the Net
Inspector Server computer).
 12
Figure 1: Viewing the properties of a newly added polling engine
Assigning Performance Manager Polling Engine to Devices
After adding a new Performance Manager polling engine to the system, one needs to
assign it to managed objects in order for the polling engine to start polling those
devices and store collected results to the relevant instance of Performance Manager
database.
1. To assign the new poling engine to one or more managed objects, select the
relevant managed objects in the Net Inspector Client, right-click them and choose
the Tools / Change Polling Engine pop-up command (Figure 2). The Change
Polling Engine dialog box appears. Select the IP address of the new
Performance Manager polling engine from the Polling engine drop-down list in
the Change Polling Engine dialog box and click the OK button.
2. From this moment on, the selected managed objects will be polled by the given
Performance Manager polling engine. To view the polling results (device
performance data), right-click the device in Net Inspector Client and select the
Show Performance Statistics command from the pop-up menu.
 13
Figure 2: Changing the polling engine for multiple managed objects
Setting Devices as NetFlow Sources
To enable NetFlow and sFlow monitoring, the source devices (e.g., routers) must first
be configured (using vendor-specific commands) to send (export) NetFlow v5 or v9
packets or sFlow v5 packets to one or more Net Inspector NetFlow modules. For
instructions on how to configure the source device to export NetFlow/sFlow packets to
a specific target, please refer to the documentation that came with your NetFlow/
sFlow-capable device.
In order for a Net Inspector NetFlow module to accept NetFlow and/or sFlow packets
from a specific device and start producing NetFlow reports from them, this device
needs to be set as a NetFlow source in Net Inspector.
Note: A device cannot be set as a NetFlow source if it s being polled by the Net Inspector Server
(built-in polling engine). To be able to set a device is a NetFlow source, it needs to be monitored
(polled) by a Performance Manager polling engine.
1. To set a device as a NetFlow source, right-click its icon in Net Inspector Client and
select the Tools/NetFlow Source pop-up command (Figure 3).
 14
Figure 3: Setting a device as the NetFlow source in Net Insepctor Client
2. This command marks the selected device as a NetFlow source in Net Inspector
(Figure 4), meaning that from this “moment on, the Net Inspector NetFlow module
(which runs on the same computer as the Performance Manager polling engine
that is assigned to the given device), will start accepting the NetFlow or sFlow
stream from the given source device (its IP address). The Net Inspector NetFlow
module will analyze and aggregate received NetFlow and sFlow packets, generate
NetFlow traffic statistics and make them accessible via the Net Inspector Client.
Figure 4: The “NF” sign on the icon indicates that device is a NetFlow source
3. To view the NetFlow/sFlow statistics for a given NetFlow source device, right-click
its icon in the Net Inspector Client and choose the Show NetFlow Statistics
command from the pop-up menu (Figure 5).
 15
Figure 5: Opening NetFlow reports from a selected NetFlow source
 16
3.3 Linux System Integration Files
3.3.1 System (init.d) Startup Files
Service startup files
Description
/etc/init.d/mgnipgd
PostgreSQL service for MG-SOFT Net Inspector
/etc/init.d/mgniengined MG-SOFT Net Inspector Server service
/etc/init.d/mgperfmngd
MG-SOFT Net Inspector Performance service
/etc/init.d/mgnetflowd
MG-SOFT Net Inspector NetFlow service
/etc/init.d/mgtrapd
MG-SOFT SNMP Trap Listening service (mgtrapd package)
/etc/init.d/mgniwatchdogd MG-SOFT Net Inspector Daemon Watchdog service
3.3.2 Apache HTTPD Integration File
Integration files
/etc/httpd/conf.d/mgnetinspector.conf
Comment
Apache HTTPD PHP integration
3.4 Server TCP and UDP Listening Ports
MG-SOFT Net Inspector services listen on several ports that need to be open in the firewall
where Net Inspector Server is running (for example, iptables on Linux or Windows
Firewall on Windows).
MG-SOFT Net Inspector services listen on the following ports by default:
Comment
MG-SOFT Net Inspector Client connection
listening port
2 5223 TCP
mgniengined
all
MG-SOFT Net Inspector distributed modules
connection listening port
3 5225 TCP
localhost mgnipostmaster PostgreSQL database connection listening
port
4 5228 TCP
mghttpd
all
MG-SOFT Micro HTTP server Web-Start port
5 162 UDP
mgtrapd
all
MG-SOFT SNMP Trap daemon listening port
6 9991 UDP
mgnetflowd
all
MG-SOFT Net Inspector NetFlow router flows
listening port
7 8080 TCP
mgoiserver
all
Net Inspector I/O (SOAP) module listening port
In addition, the HTTP port (TCP 80) needs to be open in the firewall to allow displaying
Performance Manager and NetFlow Web pages in remotely connected Net Inspector Clients.
1
Port Protocol Interface
Service
mgniengined
all
5221 TCP
 17
The MG-SOFT Net Inspector services ports are configured in the following configuration files:
Port
1
2
3
4
5
6
7
INI File
INI File Section
Parameter Name
[connection]
port
[connection]
extension_port
pollingengine.ini [net inspector] port
5225 N/A
N/A
N/A
5228 niengine.ini
[httpd]
port
162 niengine.ini
[snmp
port, port1, port2, … portN
notifications]
9991 N/A – configur.
Tools/Manage
Edit Polling Engine/NetFlow Ports
through Client
Polling Engines/Edit
8080 niengine.ini
[connection]
soap_port
5221 niengine.ini
5223 niengine.ini
 18
4
Installing Net Inspector on Windows
INSTALLING NET INSPECTOR ON WINDOWS
4.1 Requirements
In order to install and use MG-SOFT Net Inspector 2015 for Windows (version 10.x),
the following software needs to be installed on your computer:



Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7,
1
Windows Server 2012 or Windows 8.x
Java Runtime Environment (JRE) for Windows, version 6.0 (a.k.a. 1.6) or later is
required on all computers that will run Net Inspector Client. JRE can be
downloaded from the following Web page: http://www.java.com/
2
MS Internet Information Services (IIS) , with enabled Web server (WWW services) and
at least the following features:
 Common HTTP features (Directory Browsing, HTTP Errors, Static Content),
 Application Development features (ISAPI Extensions and (Fast)CGI)
Please consult your Windows documentation for instructions on installing IIS.
Figure 6: Example of installing the required IIS components (Windows Server 2008)
1
2
Windows Server operating system is strongly recommended for using the WorkGroup and
Enterprise Edition of Net Inspector
This is not required for installing the LITE Edition of Net Inspector (which does not include
performance management functionalities).
 19
Additional requirements:

Administrative user privileges are required to successfully install Net Inspector.

IP address(es) of the host(s) running Net Inspector and Performance Manager
applications must not change after the software has been installed.

At least 250 GB free disk space is required for the Net Inspector NetFlow database
if the Net Inspector NetFlow module (installs together with Performance Manager)
is used for actively collecting and analyzing NetFlow and sFlow streams.
4.2 Installing Net Inspector for Windows
Note: This manual describes only those installation steps that are specific to the MG-SOFT Net
Inspector installation procedure.
1. In Windows Explorer open the folder that contains MG-SOFT Net Inspector setup
executable and double-click the setup.exe file to run the installer.
Note: Administrative user privileges are required to install MG-SOFT Net Inspector.
2. MG-SOFT Net Inspector 2015 setup routine first checks if PostgreSQL ODBC driver
is installed on the system. If no matching software can be found, installer displays a
dialog box offering you the option to install the required component (Figure 7).
Note: Net Inspector 2015 for Windows installs and uses the PostgreSQL database. If you are
upgrading from older versions of Net Inspector (i.e., versions 6.x–7.0), old alarms and events
will not be preserved after the upgrade.
Figure 7: The installation requirements screen
 20
3. Click the Install button to install the required software component (e.g.,
PostgreSQL ODBC driver). A separate installation wizard is launched. Follow the
installation wizard guidelines accepting the default settings.
4. After successfully installing the required component, MG-SOFT Net Inspector 2015
installer Welcome screen appears (Figure 8). The installer lets you install either all
components of the package or only selected components: i.e., Net Inspector Fault
Manager or Net Inspector Performance Manager (and corresponding databases).
Click the Next button at the bottom of the installation wizard screen to proceed with
the installation and pass from one screen to another.
Figure 8: Net Inspector installer - Welcome screen
5. Net Inspector installer then verifies if all the required MS Internet Information
Services (IIS) components are properly installed on the system. If one or more
required IIS components are missing, the “Required IIS Components Not Installed”
screen is displayed (Figure 9), asking if you want to continue the installation. You
have two options:

If you want to install the entire Net Inspector package (Fault + Performance
Manager) or only Net Inspector Performance Manager component, click the No
button to quit the installer without installing the Net Inspector software. Then,
install the required IIS components and run the Net Inspector setup again.

If you want to install only Net Inspector Fault Manager without the
Performance Manager component or if you are installing Net Inspector LITE
Edition (which does not include Performance Manager), you can proceed with
the installation by clicking the Yes button at the bottom of the “Required IIS
Components Not Installed” screen.
 21
Figure 9: Net Inspector installer – missing IIS components screen
6. After passing the standard installation steps of accepting the license agreement,
specifying the license key file location, providing the user information, and specifying
the installation destination folder, the “Program Features” screen appears (Figure 10),
where you can select which main components of the package will be installed:
Figure 10: Net Inspector installer – Program Features screen
 22

Typical configuration (Fault and Performance Manager installed on the same host)
To install all components of the package to the same computer, select both
options in the Program Features screen and click the Next button. The installer
continues as described in step 8 below.

Distributed configuration (Fault and Performance Manager installed on different
hosts; one or more Performance Manager polling engines can be installed)
To install only Net Inspector Fault Manager or only Net Inspector Performance
Manager application to the local computer, select the corresponding option in the
Program Features screen and deselect the other option (click the disk drive icon
in front of the application’s name and select the “This feature will not be available”
entry from the drop-down menu). Then, click the Next button.
a) If you have selected to install only Net Inspector Fault Manager, proceed as
described in steps 7-13 (except step 8) below. Please note down the IP
address of the computer to which you are installing Net Inspector Fault
Manager, as you will need to enter it later when installing Performance
Manager. After Net Inspector Fault Manager installation finishes, run the
setup again on a different computer to install the Performance Manager
(including NetFlow module) component.
b) If you have selected to install only Net Inspector Performance Manager, the
“Information About Remote Net Inspector Installation” screen appears (Figure 11).
Into the IP address input line enter the IP address of the computer that runs or
will run Net Inspector Fault Manager. If you specify this address now, the
Performance Manager polling engine you are installing will automatically
connect to the remote Net Inspector server and receive configuration from it. If
you leave the IP address input line empty, you need to specify the relevant IP
address later in the pollingengine.ini file. Click the Next button to
proceed to the “Select Install Mode” screen (Figure 12). After Performance
Manager installation finishes, run the setup again on a different computer to
install Net Inspector Fault Manager.
Figure 11: Net Inspector installer – entering the address of Net Inspector Server
 23

Installing Net Inspector LITE Edition (includes only Fault Manager)
To install Net Inspector LITE Edition, select the Net Inspector Fault Manager
option in the Program Features screen and deselect the Net Inspector
Performance Manager. Then, click the Next button to install only Net Inspector
Fault Manager as described in steps 7-13 (except step 8) below.
7. Next, the “Select Install Mode” screen is displayed (Figure 12). You can choose
between the Default and Custom installation modes as follows:
 If you want to quickly install the selected software component(s) using the
default settings, select the Default option and click the Next button in the
“Select Install Mode” screen. The “Ready to Install” screen appears (Figure 16).
Proceed as described in steps 12-13 below.

If you want to view or change the settings in each installation step, select the
Custom option and click the Next button in the “Select Install Mode” screen.
Proceed as described in the following steps.
Figure 12: Net Inspector installer – selecting installation mode
8. If you have selected the Custom installation mode in the previous step and Net
Inspector Performance Manager is selected for installation, the “Performance
Manager Server Settings” screen appears next (Figure 13).
 24
Figure 13: Net Inspector installer – configuring Performance Manager Server settings

Leave the Open HTTP server port (TCP 80) checkbox checked if you want
the installer to open TCP port 80 in Windows Firewall (if applicable). By
default, IIS WWW server listens on this port for incoming HTTP connections.
This port needs to be open to allow accessing the performance management
reports from Net Inspector Clients running on remote computers.

Leave the Add MG-SOFT NetFlow Service (mgNetFlowRcv.exe) to
allowed programs checkbox checked if you want the installer to add the
corresponding exception to the Windows Firewall configuration (if applicable). If
you disable this option, Net Inspector NetFlow module will not be able to
receive NetFlow and sFlow packets sent to it from remote devices.

On Windows Vista and newer operating systems, another checkbox is displayed
that allows you to enable passing outgoing and incoming Ping request and
responses through the Windows Firewall (in Windows versions preceding Vista,
this is allowed by default). It is recommended to leave this option enabled.
Note: Net Inspector Installation Wizard will configure the above enabled exceptions
only in the built-in Windows Firewall. If you use third-party firewall software, you need to
configure the above-described exceptions manually. For details, please check the
documentation that came with the third party firewall software.
9. Click the Next button to proceed to the “Net Inspector Server Settings” screen (Figure 14).
Note: If Net Inspector Fault Manager is not selected for installation, this and the next 4
screens are skipped and the Ready to Install the Program screen appears.
 25
Figure 14: Net Inspector installer – configuring Net Inspector Server settings

Into the Net Inspector Server communication port input line, enter the TCP
port on which Net Inspector Server will listen to for incoming Net Inspector
Client connections. By default, this port number is 5221.

Into the Net Inspector HTTP Server port input line, enter the TCP port on
which Net Inspector HTTP Server will listen to for incoming HTTP
connections. By default, this port number is 5228.
Note: Net Inspector comes with its own micro HTTP (Web) server program that installs
to the same computer as Net Inspector Server and other components of the package.
Net Inspector HTTP Server serves a Web page that enables launching Net Inspector
Client (locally or remotely) by using the Java Web Start framework. The latter enables
starting Java applications from anywhere in the network by using a Web browser.
Additionally, Net Inspector HTTP Server provides also Web-based access to Net
Inspector documentation in electronic form.

Into the Net Inspector Performance port input line, enter the TCP port on
which Net Inspector Server will listen to for incoming connections from
Performance Manager polling engines. By default, this port number is 5223.

Leave the Open above ports in Windows Firewall checkbox checked if you
want the Installation Wizard to open the above specified TCP ports in Windows
Firewall (if applicable). If you disable this option, remote users will not be able
to connect to Net Inspector Server and Net Inspector HTTP Server.

Leave the Add MG-SOFT SNMP Trap Service (mgwtrap3.exe) to allowed
programs checkbox checked if you want the Installation Wizard to add the
you disable this option, Net Inspector will not be able to receive SNMP Trap
and Inform notifications sent to it from remote hosts.
 26

Leave the Add Microsoft SNMP Trap Service (snmptrap.exe) to allowed
programs checkbox checked if you want the Installation Wizard to add the
Microsoft SNMP Trap Service is installed and not disabled, MG-SOFT SNMP
Trap Service will bind to it and receive SNMP Trap and Inform notifications
through it and then pass these notifications further to MG-SOFT’s applications
on the given computer. If you disable this option, Net Inspector will not be able
to receive SNMP Trap and Inform notifications sent to it from remote hosts.

On Windows Vista and newer operating systems, another checkbox is
displayed that allows you to enable passing outgoing and incoming ICMP Ping
request and responses through the Windows Firewall (in Windows versions
preceding Vista, this is allowed by default). This exception is required for Net
Inspector Server to be able to poll remote hosts.
Leave the above checkbox(es) checked if you want the Installation Wizard to
add the above specified exceptions to the Windows Firewall configuration (if
applicable). If you disable these options, remote users will not be able to
connect to Net Inspector Server and the latter will not be able to successfully
poll devices and receive SNMP notifications from them.
Note: Net Inspector Installation Wizard will open the relevant ports only in the built-in
Windows Firewall. If you use third-party firewall software, you need to manually
configure the above exceptions in it. For details, please check the documentation that
came with the third party firewall software.
10. Click the Next button to proceed to the “Create Administrator User Account” screen
(Figure 15), which prompts you to enter a password for the built-in Net Inspector
administrative user account:
 The Username filed displays the username of the built-in administrative user
account (admin). The username is displayed read-only and cannot be modified.
 Enter the password into the Password input line and confirm the password
by re-entering it into the Confirm password input line below.
Note: Carefully note the username and password (both are case sensitive!). After installing the
software, you will need to log on to Net Inspector Server using this user account in order to
create other user accounts and perform other administrative tasks.
 27
Figure 15: Net Inspector installer – setting administrator password
11. Click the Next button to proceed to the “Ready to Install the Program” screen (Figure 16).
Figure 16: Net Inspector installer – Ready to Install screen
12. Click the Install button to install the software according to the settings specified in
previous steps. After copying the required files and setting up necessary registry
entries, the final screen of the Net Inspector Installation Wizard appears (Figure 17).
 28
Figure 17: Net Inspector installer – final screen
13. Click the Finish button to end the Net Inspector Installation Wizard. If you check
the Launch MG-SOFT Net Inspector Client checkbox, this operation also
displays the Net Inspector Web Start page in the default Web browser application,
which lets you launch Net Inspector Client by clicking the Start MG-SOFT Net
Inspector Client link (provided that JRE 1.6 or later is installed on your computer)
and connect it to the Server using the File / Connect command.
Note 1: Please refer the Net Inspector Client Getting Started Guide and the Net
Inspector Client Reference Manual for more information on using Net Inspector.
Note 2: If you received a valid license key file after you had installed the software, you need
to copy the license.key file to the Net Inspector’s Bin folder (i.e., C:\Program
Files\MG-SOFT\Net Inspector 10\Bin) and restart the MG-SOFT Net Inspector
Server service in the Services window (Start / Settings / Control Panel / Administrative
Tools / Services).
 29
5
Installing Net Inspector on Linux
INSTALLING NET INSPECTOR ON LINUX
5.1 Requirements
In order to install MG-SOFT Net Inspector 2015 for Linux (version 10.x), the following
software needs to be installed on your computer:
1
2
3
Red Hat Enterprise Linux version 5, 6 or 7 for x86 or x86_64 architecture
ODBC driver manager for Linux (unixODBC) version 2.2 or greater
GNU Libtool Dynamic Module Loader (libtool-ltdl) version 1.5 or greater
x
Apache HTTP server (httpd) version 2.0 or greater
x
PHP (php, php-pdo, php-pgsql, php-gd) version 5.1 or greater





Additional software requirements:

Java Runtime Environment (JRE), version 6.0.x (a.k.a. 1.6.x) or newer must be
installed on all computers that will run Net Inspector Client. JRE for various
operating systems can be downloaded from the following Web page:
http://www.java.com/. For detailed instructions for installing JRE 7.0 on RHEL5,
please refer to the Installing Java Runtime Environment (JRE) for Linux section.

Mozilla-Firefox version 3.0.12 or greater is required for viewing Net Inspector
x
Performance Manager and NetFlow reports on Linux . For detailed instructions,
please refer to the Installing Mozilla Firefox 3.x on RHEL5 section.
1
2
3
For detailed instructions on installing Net Inspector 2015 on RHEL6, please refer to the
“Installing Net Inspector on RHEL 6” section of the bundled READ_ME.TXT file.
For detailed instructions on installing Net Inspector 2015 on RHEL7, please refer to the
“Installing Net Inspector on RHEL 7” section of the bundled READ_ME.TXT file.
Net Inspector installation bundle contains both, 32-bit (i386) and 64-bit (x86_64) version of
Net Inspector RPM installation packages. On 64-bit RHEL, install the 64-bit (x86_64)
version Net Inspector. On 32-bit RHEL, install the 32-bit (i386) version Net Inspector.
x
Not required for Net Inspector LITE Edition.
Furthermore, TCP port 5225 on the loopback network interface must be free (it is used
by Net Inspector PostgreSQL database postmaster).
At least 250 GB free disk space on /var/mg-soft/ is required for the Net Inspector
NetFlow database if the Net Inspector NetFlow module is used for actively collecting
and analyzing NetFlow and/or sFlow packets.
Administrative (root) privileges are required to successfully install or update Net Inspector.
The procedure of installing Net Inspector on a Linux operating system includes several steps,
as described in this section. Throughout this guide it is presumed that the contents of the Net
Inspector installation tarball is accessible in the temporary directory /install_niv10. The
entire installation procedure is carried out from this temporary directory. To create the
temporary directory, execute the following command at a command prompt:
mkdir /install_niv10
 30
5.2 Installing Net Inspector on RHEL 5
For information on installing Net Inspector 2015 on RHEL 6 and 7, please refer to the
“Installing Net Inspector on RHEL 6” and “Installing Net Inspector on RHEL 7” sections
of the bundled READ_ME.TXT file, respectively.
5.2.1 Fresh Installation
A) Using Yum RPM Installer:
If you have RHN subscription and access to the Internet, use the Yum RPM
installer/updater facility to install the required modules (Apache, PHP, unixODBC,
etc.). To do this, run the following commands with root user privileges in a terminal
window:
1. Install required modules: Apache v2, PHP v5, unixODBC,...:
yum install unixODBC*
yum install libtool-ltdl*
yum install httpd
yum install php
yum install php-pgsql
yum install php-gd
yum install postgresql-libs
*Only these two commands need to be run if installing Net Inspector v10.x LITE Edition
2. Change to temporary directory where Net Inspector v10 RPM packages are (e.g.:
cd /install_niv10) and install MG-SOFT SNMP Trap service:
rpm -Uvh mgtrapd-7.x-x.AAA.rpm
Note: Net Inspector Enterprise Edition supports distributed setup that supports also distributed
SNMP Trap collection. More specifically, remote Net Inspector Performance Manager modules
can be configured to receive SNMP Trap and Inform notification messages and pass them to Net
Inspector Server, which acts as a central station that displays all alarms. In such configuration,
MG-SOFT SNMP Trap service needs to be installed on every computer that runs Net Inspector
distributed modules.
3. Install Net Inspector:
Option 1: Install the complete package of Net Inspector v10.x
rpm -ivh mgNetInspector_2015-10.x-x.AAA.rpm
Where x-x is the version of the software, and AAA is the architecture, i.e., "i386" for 32-bit
systems and "x86_64" for 64-bit Linux systems.
 31
Option 2: Install only Net Inspector v10.x distributed modules
(i.e., Net Inspector Performance Manager, NetFlow module and database).
This option may be used if the complete Net Inspector v10.x package is or will be
installed on another computer (see the Distributed Setup section of this manual).
To install only Net Inspector distributed modules, install the “dm” RPM package, as
follows:
rpm -ivh mgNetInspector_dm_2015-10.x-x.AAA.rpm
Note: After installing Net Inspector v10 distributed modules, you need to edit the
pollingengine.ini file to connect this Performance Manager polling engine to Net
Inspector Server, as described in this section. See also section Assigning Performance
Manager Polling Engine to Devices and Setting Devices as NetFlow Sources.
Option 3: Install Net Inspector v10.x LITE Edition
(LITE Edition does not include Net Inspector Performance Manager and NetFlow module).
rpm -ivh mgNetInspector_lite_2015-10.x-x.AAA.rpm
Note: If iptables firewall is running, Net Inspector installation script automatically opens the
relevant TCP and UDP ports which Net Inspector services listen to.
4. Copy your license.key file to proper directories:
cp license.key /usr/local/mg-soft/mgtrapd/bin
cp license.key /usr/local/mg-soft/mgnetinspector/bin
5. Restart Net Inspector services to read the license key:
/usr/local/mg-soft/mgnetinspector/bin/mg_ni_restart_services.sh
6. Once the entire installation process is completed, you can delete the temporary
directory from which you installed the software by issuing the following commands:
cd ..
rm –Rf /install_niv10
After successfully installing Net Inspector, you can launch Net Inspector Client from the
Net Inspector Client Java Web Start page (if JRE 1.6 or later is installed - see the
Installing Java Runtime Environment (JRE) section) and connect it to Net Inspector
 32
Server. For detailed instructions, please refer to the Net Inspector Client Getting Started
Guide.
Note: To be able to effectively monitor alarms on managed objects, you need to configure the
SNMP agents on managed devices to send SNMP notifications to Net Inspector Server.
Otherwise, Net Inspector will not receive those notifications and consequently will not display and
notify you about the corresponding alarms.
B) Manually Installing RPM Packages:
Instead of using the Yum updater/installer, you can install the required modules
manually from the RHEL5 DVD medium using the RPM Package Manager. This option
requires no Internet connection. To do this, insert the RHEL5 DVD medium into the
DVD drive, mount the DVD drive (e.g., mount /dev/hdc /media/cdrom) and use
the following commands in a Terminal window to install all the required modules and
MG-SOFT Net Inspector v10.x for Linux (root privileges are needed):
1. Change current directory to directory with i386 RPM modules on RHEL5 DVD:
Note: Versions in RPM file names in the examples below are for RHEL_5.5 i386 Server
DVD. For other RHEL 5 releases, please use the corresponding versions of RPM packages
available in the used release.
cd /media/cdrom/Server
2. Install required modules (Libtool Dynamic Module Loader, ODBC driver manager):
rpm -Uvh libtool-ltdl-1.5.22-7.el5_4.i386.rpm
rpm -Uvh unixODBC-2.2.11-7.1.i386.rpm
Note: If installing Net Inspector v10.x LITE Edition, skip the steps 3-5 below and continue in step
6.
3. Install Apache HTTP server v2.x and dependencies:
rpm
rpm
rpm
rpm
-Uvh
-Uvh
-Uvh
-Uvh
apr-1.2.7-11.el5_3.1.i386.rpm
postgresql-libs-8.1.18-2.el5_4.1.i386.rpm
apr-util-1.2.7-11.el5.i386.rpm
httpd-2.2.3-43.el5.i386.rpm
4. Set the auto startup for httpd service for runlevels 2, 3, 4, 5:
/sbin/chkconfig --level 2345 httpd on
5. Install PHP v5.1 and the required PHP components:
rpm
rpm
rpm
rpm
rpm
-Uvh
-Uvh
-Uvh
-Uvh
-Uvh
php-common-5.1.6-27.el5.i386.rpm
php-pdo-5.1.6-27.el5.i386.rpm
php-pgsql-5.1.6-27.el5.i386.rpm
gmp-4.1.4-10.el5.i386.rpm
php-cli-5.1.6-27.el5.i386.rpm
 33
rpm -Uvh php-5.1.6-27.el5.i386.rpm
rpm -Uvh php-gd-5.1.6-27.el5.i386.rpm
6. Change to temporary directory where the Net Inspector v10 RPM packages are
(e.g.: cd /install_niv10) and install MG-SOFT SNMP Trap service:
rpm -Uvh mgtrapd-7.x-x.i386.rpm
Note: Net Inspector Enterprise Edition supports distributed setup that supports also distributed
SNMP Trap collection. More specifically, remote Net Inspector Performance Manager modules
can be configured to receive SNMP Trap and Inform notification messages and pass them to Net
Inspector Server, which acts as a central station that displays all alarms. In such configuration,
MG-SOFT SNMP Trap service needs to be installed on every computer that runs Net Inspector
distributed modules.
7. Install Net Inspector:
Option 1: Install the complete package of Net Inspector v10.x
rpm -ivh mgNetInspector_2015-10.x-x.i386.rpm
Option 2: Install only Net Inspector v10.x distributed modules
(i.e., Net Inspector Performance Manager, NetFlow module and database).
This option may be used if the complete Net Inspector v10.x package is or will be
installed on another computer (see the Distributed Setup section of this manual).
To install only Net Inspector distributed modules, install the “dm” RPM package, as
follows:
rpm -ivh mgNetInspector_dm_2015-10.x-x.i386.rpm
Note: After installing Net Inspector v10 distributed modules, you need to edit the
pollingengine.ini file to connect this Performance Manager polling engine to Net
Inspector Server, as described in this section. See also section Assigning Performance
Manager Polling Engine to Devices and Setting Devices as NetFlow Sources.
Option 3: Install Net Inspector v10.x LITE Edition
(LITE Edition does not include Net Inspector Performance Manager and NetFlow
module).
rpm -ivh mgNetInspector_lite_2015-10.x-x.i386.rpm
8. Copy your license.key file to proper directories:
 34
10. Once the entire installation process is completed, you can delete the temporary
directory from which you installed the software by issuing the following commands:
cd ..
rm –Rf /install_niv10
After successfully installing Net Inspector, you can launch Net Inspector Client from the
Net Inspector Client Java Web Start page (if JRE 1.6 is installed - see the Installing Java
Runtime Environment (JRE) section) and connect it to Net Inspector Server. For detailed
instructions, please refer to the Net Inspector Client Getting Started Guide.
Note: To be able to effectively monitor alarms on managed objects, you need to configure the
SNMP agents on managed devices to send SNMP notifications to Net Inspector Server.
Otherwise, Net Inspector will not receive those notifications and consequently will not display and
notify you about the corresponding alarms.
5.2.2 Upgrading Existing Installation
The procedure of upgrading existing Net Inspector installation to the latest release
depends on the version that is currently installed.
Upgrading Net Inspector 2010 Version 7.2
To upgrade Net Inspector 2010 (version 7.2) for Linux, first stop the Net Inspector
services and uninstall the Net Inspector 2010 RPM package. Then, install the latest
version, as follows:
1. Stop MG-SOFT Net Inspector services and MG-SOFT SNMP Trap daemon
(mgtrapd), using the following commands:
/etc/init.d/mgniwatchdogd stop
/etc/init.d/mgnetflowd stop*
/etc/init.d/mgperfmngd stop*
/etc/init.d/mgniengined stop
/etc/init.d/mgtrapd stop
/etc/init.d/mgnipgd stop
*Not applicable if updating Net Inspector LITE Edition.
2. Then, remove the existing Net Inspector 2010 version 7.2 installation by running
the following command:
rpm –e mgnetinspector_2010
 35
Note: Net Inspector workspace (user views, devices) and all the settings will be preserved.
3. Finally, install the latest version of Net Inspector for Linux by following the
procedure described in the Fresh Installation section. The old settings from Net
Inspector for Linux version 7.2 will be automatically imported and applied to the
new version of the software.
Upgrading Net Inspector 2012 Version 8.x
To upgrade Net Inspector 2012 (version 8.x) for Linux , first stop the Net Inspector
/usr/local/mg-soft/mgnetinspector/bin/mg_ni_stop_services.sh
2. Then, remove the existing Net Inspector 2012 version 8.x installation by running
Inspector for Linux version 8.x will be automatically imported and applied to the
Upgrading Net Inspector 2013 Version 9.x
To upgrade Net Inspector 2013 for Linux (version 9.0 or newer), first stop the Net
Inspector services and uninstall the Net Inspector 2013 RPM package. Then, install
the latest version, as follows:
2. Update the existing installation of MG-SOFT SNMP Trap daemon (mgtrapd) by
using the rpm –Uvh command:
 36
Inspector for Linux version 9.x will be automatically imported and applied to the
Upgrading Net Inspector 2014 Version 10.0
To upgrade Net Inspector 2014 for Linux (version 10.0), first stop the Net Inspector
Inspector for Linux version 10.0 will be automatically imported and applied to the
5.2.3 Updating Net Inspector 2015 Version 10.5
This section describes the procedure of applying updates to the current major release
of Net Inspector (e.g., from v10.5 to v10.6).
 37
3. Update the existing installation of MG-SOFT Net Inspector by using one of the
following “rpm –Uvh“ commands:
Option 1: Install/update the complete Net Inspector v10.x installation
rpm -Uvh mgNetInspector_2015-10.x-x.i386.rpm
Option 2: Install/update Net Inspector v10.x distributed modules installation
rpm -Uvh mgNetInspector_dm_2015-10.x-x.i386.rpm
Option 3: Install/update Net Inspector v10.x LITE Edition installation
rpm -Uvh mgNetInspector_lite_2015-10.x-x.i386.rpm
4. If you obtained a new license, copy your license.key file to proper directories:
5.2.4 Installing Java Runtime Environment (JRE) for Linux
Java Runtime Environment (JRE), version 6.x (a.k.a. 1.6.x) must be installed on all
computers that will run Net Inspector Client. JRE for various operating systems can be
downloaded from the following Web page: http://www.java.com/
By default, JRE 1.4.x is installed with RHEL5, however, this version is not compatible
with Net Inspector Client. Net Inspector Client requires JRE 1.6.x (a.k.a. 6.x) or later
version. This section describes how to install JRE 1.7.x on RHEL5 and configure it
either for use with Net Inspector Client exclusively, or make it the system-wide default
version of JRE (used for all Java applications).
Note: Provided example is for JRE 1.7u51 for x86. Please change the commands accordingly for
installing a different version of JRE.
 38
1. Login as root. This will allow you to install Java system-wide (/usr/local/).
2. Download the Java for Linux RPM installation package
(e.g., jre-7u51-linux-i586.rpm) from the following web page:
http://www.java.com/en/download/linux_manual.jsp?locale=en&host=www.java.com
3. Execute the following command to install the RPM package:
rpm -ivh jre-7u51-linux-i586.rpm
4. Set this version of Java for use with MG-SOFT Net Inspector (2 options):

Set this Java version for use only with Net Inspector. Select this option if
you use other Java applications that require lower JRE version than 1.6. To
apply this setting, execute the following command (type everything in one line):
echo "MG_JAVA_BIN=/usr/java/jre1.7.0_51/bin/java ; export MG_JAVA_BIN" >
/etc/mg-soft/mg-java-defs.sh

Set this Java version as the default Java installation on your machine:
Type the following command in one continuous line (no line breaks):
/usr/sbin/update-alternatives --install /usr/bin/java java
/usr/java/jre1.7.0_51/bin/java 500
Execute the following two commands:
/usr/sbin/update-alternatives
/usr/sbin/update-alternatives
--set java /usr/java/jre1.7.0_51/bin/java
--config java
The last command above will prompt you to select the desired Java binary, e.g.:
There are 2 programs which provide 'java'.
Selection
Command
----------------------------------------------* 1
/usr/lib/jvm/jre-1.4.2-gcj/bin/java
+ 2
/usr/java/jre1.7.0_51/bin/java
Enter to keep the current selection[+], or type selection number: 2
Enter the number for the JRE version 1.7 and press Enter.
Verify that the installation was successful:
java -version
This prints out the JRE version information, e.g.:
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) Client VM (build 24.51-b03, mixed mode)
After successfully finishing the installation procedure, you can launch Net Inspector Client
from the Net Inspector Client Java Web Start page and connect it to Net Inspector Server.
For detailed instructions, please refer to Net Inspector Client Getting Started Guide.
 39
5.2.5 Installing Mozilla Firefox 3.x on RHEL5
In addition to Java Runtime Environment, Mozilla Firefox 3.0.12 (or newer) Web
browser is required for viewing Net Inspector Performance Manager and NetFlow
reports in Net Inspector Client that is running on Linux. This section describes how to
install Mozilla Firefox 3.x on a RHEL5 computer, either by using the Yum
updater/installer or by manually installing the RPM packages from the RHEL5 DVD.
1. First, check if a version of Mozilla Firefox prior to 3.x is installed on the system
(e.g., rpm –qa | grep firefox). If yes, uninstall it by using the following
command:
rpm -e --force firefox-1.5.0.9-10.el5
The above example is for uninstalling Firefox version 1.5. Please change the command
accordingly for uninstalling a different version of Firefox.
2. Then, install Mozilla Firefox 3.0.12 or newer, as follows:
A) Using Yum RPM Installer:
If you have RHN subscription and access to the Internet, use the Yum RPM
installer/updater facility to install the latest version of Mozilla Firefox. To do this,
run the following commands with root user privileges in a Terminal window:
yum install firefox
B) Manually Installing RPM Packages:
Instead of using the Yum updater/installer, you can install the required modules
manually from the RHEL5 DVD medium using the RPM Package Manager. This
option does not require Internet connection. To do this, insert the RHEL5.4 or
newer DVD medium into the DVD drive, mount the DVD drive (e.g., mount
/dev/hdc /media/cdrom) and use the following commands in a Terminal
window to install all the required modules (dependencies) and Mozilla Firefox 3.x
for Linux (root privileges are needed):
1. Change current directory to directory with i386 RPM modules on RHEL5 DVD
Note: Versions in RPM file names in the examples below are for RHEL_5.5 i386 Server
DVD. For other RHEL 5 releases, please use corresponding versions of RPM packages
available in the used release:
cd /media/cdrom/Server
2. Install dependencies:
rpm -Uvh prelink-0.4.0-2.el5.i386.rpm
rpm -Uvh nss-tools-3.12.3.99.3-1.el5_3.2.i386.rpm
 40
rpm -Uvh nspr-4.7.6-1.el5_4.i386.rpm
rpm -Uvh nss-3.12.3.99.3-1el5_3.2.i386.rpm
rpm -Uvh xulrunner-1.9.0.18-1.el5_4.i386.rpm
3. Install Mozilla Firefox 3.x for RHEL5:
rpm -Uvh firefox-3.0.18-1.el5_4.i386.rpm
 41
5.3 Starting and Stopping Net Inspector Server from Command
Prompt
If you would like to configure any parameters in the Net Inspector Server initialization
file or the Net Inspector Server profiles file, you first need to stop the Net Inspector
Server daemon, then edit the configuration (.ini) file(s) and then start the Net Inspector
Server daemon.
You need the root user privileges to successfully start and stop Net Inspector Server
from the command prompt.

To start the Net Inspector Server (mgniengined), run the following command from
the command prompt:
/etc/init.d/mgniengined start

To stop the Net Inspector Server (mgniengined), run the following command from
the command prompt:
/etc/init.d/mgniengined stop
Note: If using Net Inspector in a clustered environment, you must start and stop Net Inspector
Server from the cluster management software.
 42
6
Net Inspector Server Initialization File
NET INSPECTOR SERVER INITIALIZATION FILE
Net Inspector Server initialization parameters are specified in the niengine.ini file.
This initialization file should be located in the workspace directory. When Net Inspector
Server starts up, it reads the initialization parameters from the niengine.ini file,
and initializes itself accordingly. If the niengine.ini file is not present in the
workspace directory, the default initialization parameters are used.
The Net Inspector Server initialization file (niengine.ini) is a plain ASCII file that can
be edited in any text editor. It has the following format:
[section1]
; optional
parameter1
parameter2
parameter3
comment
= value1
= value2
= value3
[section2]
; optional comment
parameter1 = value1
parameter2 = value2
...
The initialization file contains several sections. Every section contains one or more
parameter. Supported sections and corresponding parameters are described below.
6.1 Section [connection]
The [connection] section contains the connection parameters.
The port parameter value determines the TCP port number on which Net Inspector
Server listens to for Client connections. The default value of this parameter is 5221.
The timeout parameter specifies how long (in seconds) the Client will wait for the
Server response (or vice-versa), before generating the timeout signal. The retries
parameter specifies how many times the program re-sends the connection request
after the first timeout.
The extension_port parameter value specifies the TCP port number on which Net
Inspector Server listens to for incoming connections initiated by its program extensions
(e.g., Net Inspector mgmail extension, Performance Manager polling engines, etc.).
The soap_port parameter value specifies the TCP port number on which Net
Inspector Server listens to for incoming connections initiated by Net Inspector
Configuration Browser application. The default value of this parameter is 8080.
 43
Example:
[connection]
port = 5221
timeout = 10
retries = 3
extension_port = 5223
soap_port = 8081
6.2 Section [user]
Note: Net Inspector user accounts can be configured in Net Inspector Client, in the Server
Preferences dialog box. For details, please refer to the Net Inspector Client Reference Manual.
The [user] section specifies where the Net Inspector user accounts are defined.
The type parameter determines the source of the user data. Available values are:

txt – the data about users is in a text file.
The dsn parameter specifies the location of the user accounts data.
The default username is admin with the password admin.
Example:
[user]
; available type is: txt.
type = txt
dsn = //workspace/user_config.txt
Example of a text file defining users:
[user]
username=admin
passwd=admin
access=admin
[user1]
username=operator
passwd=operator
access=operator
[user2]
username=guest
 44
passwd=guest
access=guest
6.3
Section [config]
The [config] section provides information about the Net Inspector configuration
database, which contains data about the managed objects. The niengine.ini file
can contain more than one configuration section. In this case, sections must be named
according to the following scheme: [config], [config1], [config2],
...[configN], where N ≤ 63.
The value of the type parameter specifies the type of the configuration database.
Valid values are:

txt – the configuration information is stored in a text file,
The dsn parameter specifies the location of the configuration database. The user and
passwd parameters are used for specifying the username and password for accessing
the database (if required).
The passive_resync parameter is used for enabling or disabling the passive
resynchronization of event records maintained by Net Inspector Server and the SNMP
agents on managed objects. The default value of this parameter is false. If the
passive resynchronization is enabled, the resynchronization will occur only if initiated
by the user and immediately after the managed object starts responding to Net
Inspector Server queries; while there will be no resynchronization in case the SNMP
notifications are lost.
The change_gateway parameter controls if Net Inspector Server should change the
gateway for accessing duplicated objects when their state turns from active to passive.
The default value of this parameter is true.
Examples of different configurations:
[config]
type = txt
dsn = //workspace/simpleconfig.txt
passive_resync = true
change_gateway = true
[config1]
type = txt
dsn = //workspace/simpleconfig2.txt
passive_resync = false
change_gateway = false
 45
Example of device configuration information specified in a text file (e.g.,
simpleconfig.txt):
Note: All parameters of managed objects (devices) can be configured in Net Inspector Client, in
the managed objects’ Properties window. For details, please refer to the Net Inspector Client
Reference Manual.
[device1]
mstate = 1
hostname = local
ipaddr = 127.0.0.1
type = IP
device_class = 1
poll_profile = default_no_snmp
snmp_access_profile = default
polling_engine = 192.168.0.34
netflow_source = false
[device2]
mstate = 1
hostname = router1
ipaddr = 192.168.69.10
type = IP
device_class = 512
poll_profile = default
snmp_access_profile = default
polling_engine = 192.168.0.1
netflow_source = true
The mstate parameter above designates if the device is being monitored (polled) or
not. Valid values are 1 (monitoring is enabled) and 0 (monitoring is disabled).
In the hostname parameter specifies the hostname of the managed object (device).
The ipaddr parameter specifies the IP address of the managed object (device).
The type parameter specifies the type of the managed device. The valid value is IP.
The device_class parameter specifies the class of the object. Valid values are the
following:






1 = Workstation
2 = Server
4 = Printer
256 = Switch
512 = Router
1024 = Gateway
The poll_profile parameter specifies the name of the polling profile assigned to
the managed object. A valid value can be any polling profile name listed in the
nieprofiles.ini file.
 46
The snmp_access_profile parameter specifies the name of the SNMP access
profile assigned to the managed object. A valid value can be any SNMP access
profile name listed in the nieprofiles.ini file.
The polling_engine parameter specifies the IP address of the Net Inspector
Performance Manager polling engine that polls the managed object. If this parameter
is missing, the given managed object is polled by the Net Inspector Server
(mgniegined).
The netflow_source parameter determines whether the managed object is set as a
NetFlow source in Net Inspector. Valid values are true and false.
6.4 Section [action]
Note: Actions and their parameters can be configured in Net Inspector Client, in the system
action objects’ Properties window. For details, please refer to the Net Inspector Client Reference
Manual.
The [action] section specifies where the Net Inspector actions are configured.
The type parameter determines the source of the actions information. Available
values are:

txt – the actions information is in a text file.
The dsn parameter specifies the location of the actions information.
Example:
[action]
; available type is: txt.
type = txt
dsn = //workspace/actionconfig.txt
6.4.1 Defining Actions
A text file that defines Net Inspector actions (e.g., actionconfig.txt) should be
present in the workspace directory.
 47
An action is defined with the [actionX] section. If more than one action is defined,
the action sections should be named according to the following scheme: [action1],
[action2],...,[actionN].
The action section contains the following parameters:
The mstate parameter controls if the action functionality (e.g., e-mail sending) is
enabled or not. Valid values are 1 (enabled) and 0 (disabled).
The name parameter specifies the name of the action (action object).
The type parameter above specifies the type of the action (action object). Valid
values are:



CMD - command object
SMS - SMS object
MAIL - mail object
The desc parameter is used for describing the action (action object).
The filter_name parameter specifies the name of the action filter applied to the
action object.
The remaining parameters depend on type of the action, as follows:
CMD:
cmd_line
The system command or the path to the program or
script to be executed on events.
cmd_args
The switches and parameters to be appended to the
command line specified above. It supports using the
reserved words.
auto_term_enable
Controls if Net Inspector will check if started processes
still run and automatically terminate such processes.
Valid values are true and false.
auto_term_timeout
Controls how long (in seconds) Net Inspector waits
before it checks if started processes still run. This setting
is effective only if the auto_term_enable parameter
value is set to true.
SMS:
port
The serial port to which the mobile phone for sending
SMS messages is connected.
speed
The baud rate (speed in bits per second) for
communication with the mobile phone.
 48
data_bits
The number of data bits used for each character that is
transmitted and received.
parity
The communication parity setting..
stop_bits
The communication stop bits setting.
phone
The phone number of the SMS message recipient. The
phone number must include the international country
code, the area code or mobile network code (without the
leading zero), and the actual mobile phone number. Do
not prefix the number with the international direct-dial
prefix (which is 00 in most countries (011 in North
America) and sometimes substituted with the plus (+)
sign).
Specifies the contents of the SMS messages. You can
specify the contents of the SMS message by combining
regular text with reserved words.
msg
MAIL:
mail_server_addr
The name or IP address of the SMTP mail server used for
sending e-mails.
mail_server_port
The TCP port on which the SMTP server listens to for
incoming connections.
mail_server_timeout
The timeout value (in seconds) for connecting to the
SMTP server.
user_name
The name of the e-mail sender (e.g., the name of the
e-mail account holder).
user_org
The sender’s organization name.
user_email
The sender’s e-mail address.
user_reply_to
The “reply to” e-mail address.
send_to
The e-mail address of the recipient.
msg_custom_subject
Specifies the contents of the e-mail subject section by
combining arbitrary text and reserved words, which let
you include desired information about events into the email subject.
msg_body_file
The file in which the contents of the e-mail body
section is specified (e.g.,
//Engine/workspace/action3_msg_body.txt)
 49
msg_as_html
Enables or disables sending e-mails in HTML format.
msg_merge_max
Specifies up to how many events triggered within a
particular time frame (defined with the
msg_merge_interval) will be included into one e-mail
message.
msg_merge_interval
Specifies the time frame for merging e-mails.
Example of the contents of the message body section definition file (e.g.,
//Engine/workspace/action3_msg_body.txt):
$FOR_EACH_BEGIN
'$SEVERITY' alarm from '$SOURCE_NAME' at '$DATE_TIME'
('$MESSAGE', cause: '$CAUSE')
$FOR_EACH_END
Reserved Words
a) The following reserved words are available for all events:
$SEVERITY
$SEVERITY_ID
$SOURCE_ID
$SOURCE_NAME
$SOURCE_INFO
$SOURCE_TYPE
$MESSAGE
$MESSAGE_ID
$CAUSE
$CAUSE_ID
$EVENT_TYPE
$EVENT_TYPE_ID
$DATE_TIME
$THRESHOLD
Event severity level (e.g., critical, major,…)
Event severity ID number (2=normal, 4=informational,
8=warning, 16=minor, 32=major, 64=critical)
ID number of event source object (e.g., 65595)
Name of event source object (e.g., MyServer)
Additional information about the source of event
(e.g., Physical Memory)
Type of source object (e.g., IP)
Event message (e.g., Threshold value for storage
usage exceeded)
Event message ID number (e.g., 11007)
Event cause (e.g., Threshold Crossed)
Event cause number (e.g., 549)
Event type (e.g., Equipment)
Event type ID number (e.g., 5)
Date and time of event (e.g., Thu 19 Oct 2006
01:50:28 PM CEST)
Value in case of a threshold event (e.g., 86.774)
b) The following additional reserved words are available for events generated from
received SNMP Trap and SNMP Inform notifications, which are not included in the
built-in notification-to-event mapping table:
$NOTIFICATION
$TIME_STAMP
$AGENT_ADDRESS
$V1AGENT_ADDRESS
$PROTOCOL
$ENTERPRISE
$COMMUNITY
$TRANSPORT
$PORT
$VBCOUNT
Identity (name) of SNMP notification
Notification’s time stamp value
Address of notification sender
SNMPv1 agent address (from SNMPv1 Trap)
SNMP protocol version of notification
Enterprise associated with notification
SNMPv1/v2c community string
Notification’s transport protocol
UDP port of notification receiver
Total number of variable bindings in notification
 50
$VB(E)
$VBALL
$SEC_USER_NAME
$SEC_AUTH_PROTOCOL
$SEC_PRIV_PROTOCOL
$SEC_CONTEXT
Log E bindings. E can be individual bindings from
the variable bindings list (1,3,19), ranges of
bindings (3-6), or both (1,3-6,19).
Log all bindings
SNMPv3 security user name
SNMPv3 authentication protocol
SNMPv3 privacy protocol
SNMPv3 context name
c) The following for-each loop reserved words are available:
$FOR_EACH_BEGIN
$FOR_EACH_END
Starts the for-each loop
Ends the for-each loop
Every reserved word inside the for-each loop (i.e., between the $FOR_EACH_BEGIN
and $FOR_EACH_END reserved words) is expanded repeatedly for each event that is
merged and sent in one message.
Example of a text file defining actions (e.g., actionconfig.txt):
[action1]
mstate = 0
name = dummy_cmd
type = CMD
desc = command test1
filter_name = critical_events
cmd_line = //Engine/mycmd.sh
cmd_args = $SEVERITY $SOURCE_NAME $MESSAGE
auto_term_enable = true
auto_term_timeout = 30
[action2]
mstate = 1
name = sms test
type = SMS
desc = sms test1
filter_name = critical_events
port = /dev/ttyS0
speed = 19200
data_bits = 8
parity = 0
stop_bits = 1
phone = 38641222333
msg = NIE '$SEVERITY' alarm: '$MESSAGE' from '$SOURCE_NAME' at
'$DATE_TIME'
[action3]
mstate = 0
name = Test mail
type = MAIL
desc = test mail
filter_name = my_filter
 51
mail_server_addr = mail.my-company.com
mail_server_port = 25
mail_server_timeout = 10
user_name = ni@my-company.com
user_org = my-company
user_email = ni@my-company.com
user_reply_to = ni@my-company.com
send_to = admin@my-company.com
msg_custom_subject = Net Inspector Engine '$SEVERITY' alarm:
'$MESSAGE' from '$SOURCE_NAME' at '$DATE_TIME'
msg_body_file = //Engine/workspace/action3_msg_body.txt
msg_as_html = false
msg_merge_max = 10
msg_merge_interval = 5
6.5 Section [event]
The [event] section provides the event database information. The type parameter
specifies the type of the event database used. Valid values are:

odbc – event database is accessible via the ODBC interface,
The dsn parameter value is the ODBC data source name of the event database.
The user and passwd parameters are used for specifying the username and
password for accessing the database (if required).
The write parameter determines what events are logged in the event database. Valid
values are:

all – alarms and events are logged,

alarm – only alarms are logged.
The maintenance_type and maintenance_value parameters control the
database maintenance operation. The maintenance_type parameter specifies
whether the maintenance operation is enabled, and if yes, how the database size is
controlled (i.e., by the number of events, or by the age of events stored in the
database). The maintenance_value parameter specifies the max. number of
events or the max. age of events to be kept in the database. The
maintenance_type value also determines the units in which the
maintenance_value is expressed. Valid values of the maintenance_type
parameter are:

days or hours or minutes or seconds – limits the age of events in the database,

count – limits the number of events in the database,

none – disables the database maintenance.
 52
Every hour Net Inspector Server checks if the condition for performing the database
maintenance is met. If the condition s met, it carries out the maintenance operation. If the
maintenance_type value is days or hours or minutes or seconds, the
maintenance operation deletes all events older than specified by the
maintenance_value parameter from the events database. If the maintenance_type
value is count, the oldest events are deleted from the database (when required) in order
to keep the total number of events below or at the value of the maintenance_value
parameter.
The statistics parameter determines what statistics about database records is
kept. Valid values of this parameter are:

count – the number of events is kept track of,

count_time – the number of events and their timestamps are kept track of,

none – statistics is disabled.
Example:
[event]
; available type is: odbc
type = odbc
dsn = Net Inspector DataBase
user = NI6
passwd = NI6
; available write types are: all, alarm
write = alarm
; available maintenance types are: days, hours, minutes,
seconds, count, none
maintenance_type = count
maintenance_value = 10000
; avaialble statistics types are: count, count_time, none
statistics = count_time
6.6
Section [log]
The [log] section contains parameters that control the Net Inspector Server logging
behavior.
Net Inspector Server logs messages to the following log files located in the
//workspace/log directory:

niengine.log,

niengine_action.log,

niengine_stat.log,

niengine_trap.log.
 53
The system parameter controls what messages related to Net Inspector Server
functioning are logged. Valid values are:

debug – all messages are logged,

notice – all normal (but relevant) messages, warning and error messages are
logged,

warning – only warning and error messages are logged,

error – only error messages are logged.
The system_size parameter controls the size of the niengine.log file. The
maximum value of this parameter is 2 GB, while the default value is 10 MB. The value
of this parameter must be specified in bytes; for example, 10 MB (=10485760 bytes)
needs to be entered as 10485760.
The action parameter controls the logging of Net Inspector Server actions. Valid
values are:

admin – all actions performed by the users with admin access rights are logged,

none – actions are not logged.
The default_size parameter controls the size of the niengine_action.log
and niengine_stat.log log files. The maximum and default value of this
parameter is 2 MB. The value must be specified in bytes.
The stat parameter controls the logging of Net Inspector Server operating statistics.
Valid values are:

all – statistics on Net Inspector Server functioning is logged,

none – statistics on Net Inspector Server functioning is not logged.
The stat_interval parameter value (in minutes) specifies the interval for statistics
logging.
The trap parameter controls the logging of received SNMP notifications. Valid values are:

all – all received SNMP notifications are logged,

none – SNMP notifications are not logged.
The trap_size parameter controls the size of the niengine_trap.log file. The
maximum value of this parameter is 2 GB, while the default value is 10 MB. The value
must be specified in bytes.
The trap_format parameters specifies which details of SNMP notifications are
logged and in what format. This is achieved by using the reserved words, which are:
$NOTIFICATION
$TIME_STAMP
$AGENT_ADDRESS
The identity (name) of the SNMP notification
The notification’s time stamp value
The address of the notification sender
 54
$V1AGENT_ADDRESS
$PROTOCOL
$ENTERPRISE
$COMMUNITY
$TRANSPORT
$PORT
$VBCOUNT
The SNMPv1 agent address from the SNMPv1 Trap
The SNMP protocol version of the notification
The enterprise associated with notification
The SNMPv1/v2c community string
The notification’s transport protocol
The UDP port of notification receiver
The total number of variable bindings in the
notification
$VB(E)
Log E bindings. E can be individual bindings
from the variable bindings list (1,3,19),
ranges of bindings (3-6), or both (1,3-6,19).
$VBALL
Log all bindings
$SEC_USER_NAME
SNMPv3 security user name
$SEC_AUTH_PROTOCOL SNMPv3 authentication protocol
$SEC_PRIV_PROTOCOL SNMPv3 privacy protocol
$SEC_CONTEXT
SNMPv3 context name
Example:
[log]
; system log types are: debug, notice, warning, error
system = notice
system_size = 50000000
; action log types are: admin, none
action = admin
default_size = 1200000
; trap types are: all, none
trap = all
trap_size = 70000000
trap_format = $NOTIFICATION($PROTOCOL) $AGENT_ADDRESS $COMMUNITY
$VB(1-3)
; stat types are: all, none
stat = all
; interval is in minutes
stat_interval = 5
6.7
Section [snmp notifications]
The [snmp notifications] section controls the SNMP notification reception.
The port parameter specifies on which UDP port(s) Net Inspector Server listens to
for incoming SNMP notifications. More than one port can be specified, using the
following notation:
port = 6162
port1 = 7000
...
portN = 8000
 55
The assign_to_object parameter controls whether the received SNMP notification
messages are assigned to managed objects or not.
Valid values of this parameter are true and false. If the value of this parameter is
true, Net Inspector Server checks the address from which the generic SNMP
notification has been sent and tries to assign the received SNMP notification to the
managed object with the same address. If the managed object with the matching
address exists in Net inspector, its name is displayed in the “Source” field of the alarm
or event that has been created from the notification. If the managed object with the
matching address does not exist in Net inspector, the generic SNMP notification is
either assigned to the SNMP notification system object or silently discarded,
depending on the value of the ignore_unassigned parameter. If the value of this
parameter is false, Net Inspector Server does not assign received SNMP
notifications to managed objects. Whether notifications in this case will be discarded or
converted to events/alarms and displayed depends on the value of the
ignore_unassigned parameter.
The ignore_unassigned parameter controls whether the received SNMP
notification messages that were not assigned to managed objects (because no such
managed objects exist in Net Inspector or because the assign_to_object value is
set to false) are ignored or not. Valid values are true and false.
The unknown_to_alarm parameter controls whether the “unknown” SNMP
notifications are mapped to alarms and thus logged and displayed by Net Inspector or
not. “Unknown” notifications are those SNMP notifications for which neither built-in nor
user-defined trap-to-alarm rules exist in Net Inspector. Note that Net Inspector comes
with a built-in set of rules for mapping the generic SNMP notifications (coldStart,
warmStart, linkDown, linkUp, authenticationFailure, egpNeighborLoss) to alarms/events.
Therefore, the generic SNMP notifications are “known” notifications. Additionally, users can
define their own trap-to-alarm mapping rules for enterprise specific SNMP notifications and
thus make those types of notifications “known” to Net Inspector.
The unknown_to_event parameters controls whether the “unknown” SNMP
notifications are mapped to events or not. If the value of the unknown_to_alarm
parameter is true, then the value of this parameter must also be true.
The unknown_ignore_duplicate parameters controls whether the duplicate
“unknown” SNMP notifications are ignored or not. The default value is true, meaning
that only the first “unknown” SNMP notification of a certain type, coming from a certain
source, will be mapped to a new alarm and event (if the unknown_to_alarm
parameter is true), while all subsequently sent “unknown” SNMP notifications of the
same type (timestamps are ignored) and coming from the same source will not
generate new alarms or events in Net Inspector.
The check_community parameter controls if the community names included in
received SNMP notification messages should be compared with the trap community
names configured for the managed objects the notifications are being assigned to.
 56
Example:
[snmp notifications]
port = 6162
port1 = 7000
unknown_to_alarm = true
unknown_to_event = true
unknown_ignore_duplicate = true
assign_to_object = true
ignore_unassigned = false
check_community = false
6.8
Section [snmp agent]
The [snmp agent] section controls the connection with the SNMP agent extension.
The supported parameter controls if the connection between Net Inspector Server
and the Net Inspector SNMP agent extension is enabled or disabled. Valid values are
true and false.
The ipaddr parameter specifies the IP address of the PC running the SNMP agent
extension application.
The downscaleid parameter controls whether the device indices should be
downscaled from 32 to 16 bits. If this parameter is not present or if its value is 0, the
parameter is ignored. If the value of this parameter is in the range 1-6, the index is
downscaled so that the upper 16 bits, which represent the configuration number (0-63),
are copied to the upper N bits of the 16-bit index, where the N is the value of the
downscaleid parameter.
Example:
[snmp agent]
supported = true
ipaddr = 127.0.0.1
downscaleid = 4
 57
7
Net Inspector Server Profiles File
NET INSPECTOR SERVER PROFILES FILE
The profiles used by Net Inspector Server to poll managed objects can be specified in
the nieprofiles.ini file. This initialization file should be located in the workspace
directory. When Net Inspector Server starts up, it reads the profiles from the
nieprofiles.ini file, and initializes itself accordingly. If the nieprofiles.ini file
is not present in the /workspace directory, the default profile parameters are used.
The Net Inspector profiles file (nieprofiles.ini) is a plain ASCII file that can be
edited in any text editor. It can contain two types of profiles (sections):

poll profile - contains parameters for polling managed objects by means of
ICMP and SNMP protocols (e.g., polling intervals, monitored OID groups, etc.)

snmp access profile – contains SNMP access parameters used for polling
SNMP agents on managed objects (SNMP version, community names, etc.)
7.1 Section [poll profile]
The [poll profile] section includes a set of parameters for polling managed
objects by means of ICMP and SNMP protocols (e.g., polling intervals, monitored OID
groups, etc.).
The nieprofiles.ini file can contain more than one polling profile section. In this
case, sections must be named according to the following scheme: [poll profile],
[poll profile1], [poll profile2], ...[poll profileN], where N is a
unique polling profile number.
The polling profile sections contain the following parameters:

name – the name of the polling profile,

polling_plan – specifies what protocols are used for monitoring (ICMP, SNMP)
and what OID groups are monitored (when SNMP monitoring is enabled). Valid
values are (more than one value can be specified):


icmp_ping – enables the ICMP Ping polling,

snmp_ping - enables the SNMP Ping polling,

snmp_if – enables monitoring network interfaces on managed objects via
SNMP,

snmp_resources – enables monitoring the managed object system
resources, like the memory consumption, CPU load, etc. via SNMP,

snmp_storage - enables monitoring the data storage units, like the disk
capacity utilization etc. via SNMP,
timeout – specifies the timeout value for ICMP and SNMP queries (in seconds),
 58

retries – specifies how many times the request will be retransmitted after the
first timeout occurs (applies to both, SNMP and ICMP queries),

ttl – specifies the TTL (Time To Live) value for ICMP packets,

ping_poll_interval – specifies the ICMP in SNMP Ping polling interval (in
seconds),

stat_poll_interval – specifies the polling interval for collecting statistics via
SNMP (in seconds),

resync_interval – sets the alarm resynchronization interval (in seconds). The
alarm resynchronization occurs if the managed object does not respond to queries
within this interval.
Threshold parameters:
Valid value for threshold parameters consists of three numbers separated by comma
(,). The first number controls if the threshold is enabled (1) or disabled (0), the second
and third numbers specify the threshold alarm raise and clear values. The following
threshold parameters exist:

if_inutil_threshold – Controls the interface inbound utilization threshold
values.

if_oututil_threshold – Controls the interface outbound utilization threshold
values.

if_inerrorrate_threshold
threshold values.

if_outerrorrate_threshold – Controls the interface outbound error rate
threshold values.

if_status_threshold – Controls the interface status threshold values.

hr_memoryused_threshold – Controls the memory usage threshold values.

hr_processorload_threshold
values.

hr_storageused_threshold – Controls the storage usage threshold values.
– Controls the interface inbound error rate
– Controls the processor load threshold
Example:
[poll profile]
name = default
polling_plan = icmp_ping,snmp_ping,snmp_if,
timeout = 3
retries = 2
ping_poll_interval = 30
stat_poll_interval = 60
ttl = 64
resync_interval = 120
if_inutil_threshold = 1,80,70
 59
if_oututil_threshold = 1,80,70
if_inerrorrate_threshold = 1,20,10
if_outerrorrate_threshold = 1,20,10
if_status_threshold = 1,1,0
hr_memoryused_threshold = 1,20,10
hr_processorload_threshold = 1,5,2
hr_storageused_threshold = 1,20,10
[poll profile1]
name = fast_test
polling_plan = icmp_ping,snmp_ping
timeout = 10
retries = 3
ping_poll_interval = 10
stat_poll_interval = 15
ttl = 64
resync_interval = 0
7.2 Section [snmp access profile]
The [snmp access profile] section includes parameters for accessing the SNMP
agents on managed objects. It also specifies the community name included in SNMP
notifications sent by SNMP agents.
The nieprofiles.ini file can contain more than one SNMP access profile section.
In this case, sections must be named according to the following scheme: [snmp access
profile], [snmp access profile1], ...[snmp access profileN], where
N is a unique SNMP access profile number.
The SNMP access profile sections contain the following parameters:

name - the name of the profile,

version – specifies the version of SNMP protocol used for querying SNMP agents
on managed objects. Valid values are:

snmpv1

snmpv2c

snmpv3

port – specifies the UDP port number on which SNMP agents on managed
objects listen to for incoming SNMP requests,

read_context – specifies the community name expected by the SNMP agents
for SNMP Get, GetNext and GetBulk operations,

set_context – specifies the community name expected by the SNMP agents
for SNMP Set operation,
 60

trap_context – specifies the community name included in SNMP Trap
messages sent by the SNMP agents on managed devices. If this parameter is not
specified or if its value is missing, this community name is not checked.
SNMPv3 access profile parameters:

v3_user_name - The name of the SNMPv3 USM user.

v3_context_name - The SNMPv3 USM context name.

v3_not_localize_keys – Controls if the software uses localized or nonlocalized authentication and privacy keys. Valid values are true and false (default).

v3_auth_proto - The SNMPv3 authentication protocol (HMAC-MD5 or HMACSHA).

v3_auth_key – The SNMPv3 authentication security key (hex).

v3_priv_proto - The SNMPv3 privacy protocol (CBC-DES or CFB-AES-128).

v3_priv_key – The SNMPv3 privacy security key (hex).
Example:
[snmp access profile]
name = default
version = snmpv1
port = 161
read_context = public
set_context =
trap_context =
[snmp access profile1]
name = snmpv3_profile
version = snmpv3
port = 161
read_context = public
set_context = private
trap_context = SNMP_trap
v3_user_name = MD5_DES_User
v3_context_name = public
v3_not_localize_keys = false
v3_auth_proto = hmac-md5
v3_auth_key = B65EDE1E0371C43BDFDBB0F189096F15
v3_priv_proto = cbc-des
v3_priv_key = A634AEB72FB4BA9C331FA6BE766311CB
 61
8
Net Inspector Performance Manager Initialization File
NET INSPECTOR PERFORMANCE MANAGER INITIALIZATION
FILE
Net Inspector Performance Manager initialization parameters are specified in the
pollingengine.ini file. When Net Inspector Performance Manager Engine starts
up, it reads the initialization parameters from the pollingengine.ini file, and
initializes itself accordingly.
The pollingengine.ini is a plain ASCII file that can be edited in any text editor.
Before editing the file, you need to stop the Net Inspector Performance Manager
Engine service (in Linux use the /etc/init.d/mgperfmngd stop command).
The pollingengine.ini is located in the following directory:
In Linux:
/var/mg-soft/mgnetinspector/mgperfmng
In Windows, the location depends on the Windows version used:
C:\Documents and Settings\All Users\Application Data\MG-SOFT\Net Inspector\mgperfmng
b) Windows Vista, Windows Server 2008, Windows 7, Windows Server 2012, Windows 8:
C:\ProgramData\MG-SOFT\Net Inspector\mgperfmng
The initialization file contains several sections containing one or more parameters, as
described below.
8.1 Section [database]
The [database] section contains parameters for accessing the Net Inspector
Performance Manager and NetFlow databases.
The dsn parameter value is the ODBC data source name of the Net Inspector
Performance Manager database.
The nfdsn parameter value is the ODBC data source name of the Net Inspector
NetFlow database.
The user and passwd parameters specify the username and password for accessing
the databases.
The keep_raw parameter controls how long (in days) the raw data (individual
readings without aggregation) will be kept in the Net Inspector Performance Manager
database. The default value is 7 days.
The keep_hour parameter controls how long (in days) the hourly averages will be
kept in the Net Inspector Performance Manager database. The default value is 32
days.
 62
Net Inspector Performance Manager Initialization File
The keep_day parameter controls how long (in days) the daily averages will be kept
in the Net Inspector Performance Manager database. The default value is 366 days.
Example:
[database]
dsn = MG-SOFT_PE_DB
nfdsn = MG-SOFT_NF_DB
user = mgpeusr
password = mgpepwd
8.2 Section [net inspector]
The [net inspector] section contains parameters used by Net Inspector
Performance Manager Engine to connect to the Net Inspector Server Engine.
the ipaddress parameter specifies the IP address of the computer running Net
Inspector Server.
The port parameter specifies the TCP port number on which Net Inspector Server
listens to for incoming Performance Manager connections (by default: 5223).
The local_ipaddress parameter specifies the IP address that will be used by the
Performance Manager Engine to connect to Net Inspector Server. This parameter
needs to be configured only when running Performance Manager Engine in a high
availability cluster in order to instruct both (all) instances of Performance Manager
Engine to connect from the cluster’s floating IP address (e.g., in case of a failover
event). This parameter can also be used in non-clustered environments on computers
that have two or more network interfaces or IP addresses assigned in order for the
Performance Manager Engine to always use the specified IP address to connect to
Net Inspector Server.
Example:
[net inspector]
ipaddress = 10.0.3.151
port = 5223
local_ipaddress = 10.0.0.123
8.3 Section [system]
The [system] section controls whether the Performance Manager Engine should
receive SNMP notifications or not (if not, Net Inspector Server can receive them).
the receive_traps parameter specifies if Performance Manager should receive
SNMP Trap and Inform notification messages or not. The default value in a simple
installation (all components of Net Inspector installed on one computer) is false,
while the default value in a distributed setup is true.
 63
Net Inspector NetFlow Module Initialization File
Note: For Performance Manager Engine or Net Inspector Server to be able to receive SNMP
Trap and Inform messages, MG-SOFT SNMP Trap service must be installed and running on the
same computer. Net Inspector installer for Windows installs this service automatically, however,
on Linux, you need to install it from a separate RPM package (mgtrapd-x.x-x.i386.rpm), as
described in the Installing Net Inspector on Linux section.
Example:
[system]
receive_traps = true
9
NET INSPECTOR NETFLOW MODULE INITIALIZATION FILE
Net Inspector NetFlow module initialization parameters are specified in the
netflowengine.ini file. When Net Inspector NetFlow engine starts up, it reads the
initialization parameters from the netflowengine.ini file, and initializes itself
accordingly.
The netflowengine.ini is a plain ASCII file that can be edited in any text editor.
Before editing the file, you need to stop the Net Inspector NetFlow Manager engine
service (in Linux use the /etc/init.d/mgnetflowd stop command).
The netflowengine.ini is located in the following directory:
In Linux:
/var/mg-soft/mgnetinspector/mgnetflow/
C:\Documents and Settings\All Users\Application Data\MG-SOFT\Net Inspector\mgnetflow
C:\ProgramData\MG-SOFT\Net Inspector\mgnetflow
The initialization file contains several sections containing one or more parameters, as
described below.
9.1 Section [database]
The [database] section contains parameters for accessing the Net Inspector
NetFlow database.
The dsn parameter value is the ODBC data source name of the Net Inspector NetFlow
database.
The nfdsn parameter value is the ODBC data source name of the Net Inspector
NetFlow database.
 64
Net Inspector NetFlow Module Known Ports File
The user and passwd parameters specify the username and password for accessing
the NetFlow database.
The approx_max_db_size_gb parameter value specifies the approximate maximum
size of the NetFlow database in gigabytes (GB). The default value is 200 GB.
Example:
[database]
dsn = MG-SOFT_NF_DB
user = mgpeusr
password = mgpepwd
approx_max_db_size_gb = 200
9.2 Section [netflow_processor]
The [netflow_processor] section contains parameters that controls the NetFlow
engine processing behavior.
The resolve_url_file parameter controls whether the domain names specified in
the known_urls.dat file will be resolved to IP addresses or not. The
known_urls.dat file contains a list of domain names of the 200 world’s most
important Internet sites (e.g., google.com, youtube.com, etc.). By default, Net
Inspector NetFlow Engine resolves each of these domain names to (a list of) IP
addresses in order to ‘identify’ the IP addresses found in the received NetFlow packets
more accurately and quickly by names.
The resolve_url_file_interval_hr parameter controls the interval in hours to
repeat resolving domain names specified in the known_urls.dat file. The default
value is 2.
The list_of_supplemental_ports parameter specifies an array of comma
separated ports above 1024, found in received NetFlow packets that will not be set to
zero. This functionality is also configurable in the known_ports.dat file (the latter
takes precedence over the list_of_supplemental_ports parameter setting).
Example:
[netflow_processor]
resolve_url_file = true
resolve_url_file_interval_hr = 10
list_of_supplemental_ports = 5221,5223,5225,5228
10
NET INSPECTOR NETFLOW MODULE KNOWN PORTS FILE
By default, Net Inspector NetFlow engine ignores the source and destination TCP and
UDP ports above 1024 in collected flows and replaces those ports with the value 0 when
storing flow records in the NetFlow database (to prevent excessive database growth). As
 65
Net Inspector NetFlow Module Known Ports File
a consequence, NetFlow Conversation Details web pages generated by Net Inspector
Performance Manager show the “random high port” label for port numbers above 1024
(instead of displaying the actual port numbers). To enable storing and displaying source
and destination TCP and UDP ports greater than 1024, one needs to edit the
known_ports.dat file in the following location:
In Linux:
When Net Inspector NetFlow module starts up, it reads the known_ports.dat file
and initializes itself accordingly. If this file is not present in the above path, the
default behavior described above is applied.
The known_ports.dat is a plain ASCII file that can be edited in any text editor. It
lists ports and port ranges above 1024 that are not ignored (each port or port range is
specified in one line), as follows:
To name a port or a port range, use a colon (:) and specify the name of the port or
port range as it will appear in the NetFlow reports (Top N Applications), e.g.;
9991: NetFlow Engine
5221-5225: Net Inspector
If the name is omitted, the port number will appear in the NetFlow reports instead.
Use '#' or ';' for comments.
Example of the known_ports.dat file contents:
5221: NI C/S
5223: NI Ext
5228: NI HTTP
16384-16386: XY
#
#
#
#
MG-SOFT Net Inspector
Port range used by XY
Server (listening for Clients)
Server (listening for extensions)
Micro HTTP Server (Web Start)
application
After editing the known_ports.dat file, apply the changes by restarting the NetFlow
engine, as follows:
In Linux:
/etc/init.d/mgnetflowd restart
In Windows:
net stop “MG-SOFT Net Inspector NetFlow Manager”
net start “MG-SOFT Net Inspector NetFlow Manager”
 66
11
Net Inspector NetFlow Module Known URLs File
NET INSPECTOR NETFLOW MODULE KNOWN URLS FILE
By default, when the Net Inspector NetFlow engine starts up, it reads the
known_urls.dat file and resolves the domain names listed in this file to IP
addresses and stores this information in the NetFlow database. The
known_urls.dat file contains a list of domain names of the 200 world’s most
important Internet sites (e.g., google.com, youtube.com, etc.). By default, Net
Inspector NetFlow Engine resolves each of these domain names to (a list of) IP
addresses via DNS or NBNS in order to ‘identify’ and tag the IP addresses found in the
received NetFlow packets more accurately and quickly with names (NetFlow reports
generated by Net Inspector display the names of endpoints if possible). This behavior
(resolving well known domains to IP addresses) is controlled by the
resolve_url_file parameter in the netflowengine.ini file.
The known_urls.dat file is located in the following directory:
In Linux:
The known_urls.dat is a plain ASCII file that can be edited in any text editor.
 67
MG-SOFT Net Inspector — Installation and Configuration Back Up and Restore Net Inspector Configuration and Database
12
BACK UP AND RESTORE NET INSPECTOR CONFIGURATION
AND DATABASE
Net Inspector comes with the mg_ni_backup script that lets you create a backup
copy of the entire Net Inspector configuration (i.e., workspace and related files) and
optionally a backup copy of all Net Inspector databases (event, performance and
NetFlow databases) and save it to a disk archive. The back up operation can be
performed during runtime, i.e., while Net Inspector system is running.
Furthermore, the bundled mg_ni_restore script can restore the entire Net
Inspector configuration and databases from a backup archive.
Note: Back up and restore operations should always be performed by using the same version of
Net Inspector. Restoring a configuration and/or databases from a backup archive created in an
earlier version of Net Inspector is strongly discouraged and may cause Net Inspector to stop
functioning.
12.1 Back Up Procedure
The mg_ni_backup script supports several command line switches, as follows:
Usage: mg_ni_backup [-w][-d][-f path/file.tar.gz][-s][-h][-?]
Options:
-h
-w
-d
-f
-s
Show the usage
Archive Net Inspector workspace (configuration)
Archive Net Inspector database(s)
Save archive to user-specified path*
Silent mode
* The path may contain only US-ASCII characters and must follow the operating system
rules for specifying a valid path.
The default backup archive location is:
Windows:
C:\Documents and Settings\All Users\Application Data\MG-SOFT\Net Inspector\archive\date_time\
C:\ProgramData\MG-SOFT\Net Inspector\archive\date_time\
Note: date_time is the date and time of archive creation in YYYY-MM-DD_hh-mm-ss format
 68
Linux:
/var/mg-soft/mgnetinspector/archive/mg_ni_archive_date_time.tar.gz
Note: date_time is the date and time of archive creation in YYYY-MM-DD_hh-mm-ss format
12.1.1 On Windows
Open a command prompt (CMD) window as administrator.
Change directory to the //Engine/bin, i.e.:
cd “C:\Program Files\MG-SOFT\Net Inspector 10\Bin”
Run the following command to back up the Net Inspector configuration (workspace) and
databases to the default location:
mg_ni_backup –w –d
The above command creates a backup archive in the default folder (exact location
depends on the Windows version used).
12.1.2 On Linux
Root user privileges are required.
cd /usr/local/mg-soft/mgnetinspector/bin
Run the following command to back up the Net Inspector configuration (workspace) and
databases to the default location:
./mg_ni_backup.sh –w –d
The backup script creates a backup archive in the default folder. The archive is stored
in a compressed tarball (.tar.gz) file. The archive files are named according to the following
scheme:
mg_ni_archive prefix indicating that this is a Net Inspector backup archive
ws
if present, the archive contains Net Inspector configuration files (workspace)
db
if present, the archive contains a backup of Net Inspector database(s)
date_time
the date and time of archive creation in YYYY-MM-DD_hh-mm-ss format
Example:
mg_ni_archive_ws_db_2015-02-16_15-01-35.tar.gz
Note that it is not necessary to stop the Net Inspector services while creating a
backup.
 69
12.2 Restore Procedure
The mg_ni_restore script restores the Net Inspector configuration and databases
(if present in the archive) from a backup archive.
Usage: mg_ni_restore [-s] [-h] path*/mg_ni_archive_file.tar.gz
Options:
-h
Show the usage
-s
Silent mode
* The path may contain only US-ASCII characters
The script stops all relevant Net Inspector services, restores the configuration and
database(s) from the backup archive (if present in the archive), and restarts Net
Inspector services.
12.2.1 On Windows
Net Inspector for Window. Restoring a configuration and/or databases from a backup archive
created in an earlier version of Net Inspector is strongly discouraged and may cause Net
Inspector to stop functioning.
Open a command prompt (CMD) window as administrator.
cd “C:\Program Files\MG-SOFT\Net Inspector 8\Bin”
Example of a command that restores the Net Inspector configuration (workspace) and
databases from a backup:
mg_ni_restore “C:\ProgramData\MG-SOFT\Net Inspector\archive\2015-02-16_15-01-35”
12.2.2 On Linux
Net Inspector for Linux. Restoring a configuration and/or databases from a backup archive
created in an earlier version of Net Inspector is strongly discouraged and may and may cause Net
Inspector to stop functioning.
Root user privileges are required.
 70
cd /usr/local/mg-soft/mgnetinspector/bin
Example of a command that restores the Net Inspector configuration (workspace) and
databases from a backup archive:
./mg_ni_restore.sh /var/mg-soft/mgnetinspector/archive/mg_ni_archive_ws
_db_2015-02-16_15-01-35.tar.gz
 71
13
Configuring SNMP Notification Destination on SNMP Agents
CONFIGURING SNMP NOTIFICATION DESTINATION ON SNMP
AGENTS
To be able to discover devices based on SNMP Trap or Inform notifications received
from them (using the auto configuration feature) and to effectively monitor alarms on
managed objects with Net Inspector, you need to configure the SNMP agents on
managed devices to send SNMP notifications to the computer (IP address) running
Net Inspector Server (simple setup scenario) or a Net Inspector Performance Manager
engine (distributed setup scenario). Otherwise, Net Inspector will not receive those
notifications and consequently will not display and notify you about the corresponding
alarms. For details on configuring SNMP agents on managed objects, kindly refer to
user manuals of the relevant network elements.
 72

MG-SOFT Net Inspector V10 - Installation and Configuration

Transcription

Similar documents

Lessons Learned Medlar Field at Lubrano Park

Artlantis 4™ Demo Script Note : Each camera view belongs to a

The NSPCA:

thE govERNmeNt inspectoR

Government Inspector

July 2016 Newsletter - Janice Busovne for Niceville Real Estate

AGS-203_We Did It - Practical Lessons_Mon_330_116_0517TES.pptx