malhuda/AS-Stats
1
0
Fork 0
mirror of https://github.com/manuelkasper/AS-Stats.git synced 2025-02-20 11:44:12 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Page: How to install AS stats on Ubuntu
Pages
Home How to install AS stats on Ubuntu
Clone
7
How to install AS stats on Ubuntu
vias79 edited this page 2018-09-28 14:14:30 +02:00
Table of Contents

First, thanks to all for creating these projects! :)

I wanted to add my guide for how I installed and got AS-Stats to work. For anyone out there struggling to get this to work. My network consists of Cisco 7604 and Cisco 6880s.

Perl > 5.9 is needed so I selected Ubuntu 16.04.

Install the necessary packages

sudo apt-get install libnet-patricia-perl libjson-xs-perl build-essential git librrds-perl librrd-dev rrdtool rrdtool-dev libdbd-sqlite3-perl php7.0-sqlite3 apache2 -y
perl -MCPAN -e 'install Net::sFlow'
perl -MCPAN -e 'install File::Find::Rule'

Git clone the repositories

cd /root
git clone https://github.com/JackSlateur/perl-ip2as
cp perl-ip2as/ip2as.pm /usr/share/perl5/
git clone https://github.com/manuelkasper/AS-Stats.git
git clone https://github.com/nidebr/as-stats-gui.git

I've selected /home for my code, you can use /opt if you like just change.

cp -r AS-Stats /home
rm -r /home/AS-Stats/www/*
cp -r /root/as-stats-gui/* /home/AS-Stats/www/
chown -R www-data:www-data /home/AS-Stats/www/
mkdir /home/AS-Stats/rrd
mkdir /home/AS-Stats/asstats/
chmod -R 777 /home/AS-Stats/www/

Now you need to add the links to /home/AS-Stats/conf/knownlinks. An example row can look like this:

SWITCHIP 69 IXdesc PortDesc A6CEE3 1

To get the IDs you use the command show snmp mib ifmib ifindex on your Cisco switches.

To start AS-Stats poller:

/home/AS-Stats/start_asstatd.sh

The script contains this:

#!/bin/bash
/usr/bin/nohup /home/AS-Stats/bin/asstatd.pl -r /home/AS-Stats/rrd -k /home/AS-Stats/conf/knownlinks -a YOURASN &
#sleep 2
ps aux | grep asstatd

To stop AS-Stats poller:

/home/AS-Stats/kill_asstatd.sh

The script contains this:

#!/bin/bash
/usr/bin/pkill -f asstatd
ps aux | grep asstatd

Also you need to add a cronjob for AS-Stats:

crontab -e
*/5 * * * * /home/AS-Stats/bin/rrd-extractstats.pl /home/AS-Stats/rrd/ /home/AS-Stats/conf/knownlinks /home/AS-Stats/asstats/asstats_day.txt

NOTE: When stopping and changing /home/AS-Stats/conf/knownlinks you need to remove the rrd folder and also the /home/AS-Stats/asstats/asstats_day.txt file.

Config I used for C760x

Also this is the config I used on the Ciscos:

#NOTE: TCAM will probably go full, but that should be OK, only used for NetFlow? Atleast it worked for me :) You can see the netflow usage with: sh mls netflow table-contention summary TCAM Utilization : 99% So to get the switch to stop spam, just add no service internal

no service internal
mls aging fast time 4 threshold 2
mls aging long 128
mls aging normal 64
mls flow ip interface-full
ip flow-cache timeout active 5
ip flow-export source lo0
ip flow-export version 5 origin-as
ip flow-aggregation cache as
 cache timeout active 5
 cache entries 16384
 export destination **ASSTATSIP** 9000
 enabled
 exit
int te5/6
 ip flow ingress

Config I used for C6880

flow record ASSTAT-RECORD
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match interface output
 match flow direction
 collect routing source as
 collect routing destination as
 collect counter bytes long
 collect counter packets long
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
 exit
flow record ASSTAT-RECORD-V6
 match ipv6 source address
 match ipv6 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match interface output
 match flow direction
 collect routing source as
 collect routing destination as
 collect counter bytes long
 collect counter packets long
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
 exit
flow exporter ASSTAT-EXPORT
 destination **ASSTATSIP**
 source Loopback0
 transport udp 9000
 exit
flow monitor ASSTAT-MONITOR
 exporter ASSTAT-EXPORT
 cache timeout inactive 5
 cache timeout active 5
 cache entries 16384
 record ASSTAT-RECORD
 exit
flow monitor ASSTAT-MONITOR-V6
 exporter ASSTAT-EXPORT
 cache timeout inactive 5
 cache timeout active 5
 cache entries 16384
 record ASSTAT-RECORD-V6
 exit
sampler flow-sampler
 mode random 1 out-of 1024
 exit
int Te5/1
 ip flow monitor ASSTAT-MONITOR sampler flow-sampler input
 ip flow monitor ASSTAT-MONITOR sampler flow-sampler output
 ipv6 flow monitor ASSTAT-MONITOR-V6 sampler flow-sampler input
 ipv6 flow monitor ASSTAT-MONITOR-V6 sampler flow-sampler output

Add your site to Apache2

cd /etc/apache2/sites-available/
vim mysite.domain.com
<VirtualHost *:80>
        ServerName mysite.domain.com
        DocumentRoot /home/AS-Stats/www/
        ServerAdmin myadmin@domain.com
        AddDefaultCharset utf-8
        <Directory "/home/AS-Stats/www/">
                Options All
                AllowOverride All
                require all granted
                DirectoryIndex index.php
        </Directory>
        ServerSignature Off
        ErrorLog "/var/log/apache2/asstats-error-log"
        CustomLog "/var/log/apache2/asstats-access-log" common
</VirtualHost>

a2ensite mysite.domain.com

Configuring as-stats-gui

<?php

/* changes these values to suit your local configuration */

$rrdpath = "/home/AS-Stats/rrd";
$daystatsfile = "/home/AS-Stats/asstats/asstats_day.txt";
$rrdtool = "/usr/bin/rrdtool";

$daypeerstatsfile = "/home/AS-Stats/asstats/peerasstats_day.txt";
$showpeeras = false;

$asinfofile = "asinfo.txt";
$knownlinksfile = "/home/AS-Stats/conf/knownlinks";
$outispositive = false;
$show95th = true;

$ntop = 20;
$showv6 = true;
$showtitledetail = true;
$vertical_label = true;                 # vertical IN/OUT label in graph
$brighten_negative = true;              # brighten the "negative" part of graphs

$whois = "/usr/bin/whois";
$assetpath = "asset";
$asset_cache_life = "604800";   # 604800 seconds = 7 days

$compat_rrdtool12 = false;              # compatibility with RRDtool 1.2 (show95th will not work if this is set)

$my_asn = "YOURASN";

/* Custom links to be shown for each AS. You can use %as% as a
   placeholder for the ASN. */
$customlinks = array(
        'PeeringDB' => 'https://www.peeringdb.com/asn/%as%',
        'robtex' => 'https://www.robtex.com/as/as%as%.html',
        'HE' => 'http://bgp.he.net/AS%as%',
        'RIPEstat' => 'https://stat.ripe.net/AS%as%#tabId=at-a-glance',
        'CIDR v4' => 'http://www.cidr-report.org/cgi-bin/as-report?as=AS%as%&view=2.0',
        'CIDR v6' => 'http://www.cidr-report.org/cgi-bin/as-report?as=AS%as%&view=2.0&v=6',
        'Radar Qrator' => 'https://radar.qrator.net/as%as%/'
);

/* Custom time intervals for top N AS */
/*
$top_intervals[] = array(
        'hours' => 7*24,
        'statsfile' => '/data/as-stats/asstats_week.txt',
        'label' => '1 week'
);
$top_intervals[] = array(
        'hours' => 30*24,
        'statsfile' => '/data/as-stats/asstats_month.txt',
        'label' => '30 days'
);
*/


/* END - no closing php tag needed here (prevents problems with stray whitespace) */

Another good file to know is /home/AS-Stats/www/asinfo.txt. Mod it to your liking.

Now it should work for you. Enjoy :)

Debugging

tcpdump -i ens160 -n udp port 9000 -T cnfp

Inspiration and sources

https://github.com/manuelkasper/AS-Stats
https://github.com/manuelkasper/AS-Stats/issues/56
https://supportforums.cisco.com/discussion/12261796/cisco7604-tcam-utilization-logged
https://fakrul.me/2013/04/08/as-stats-a-netflow-sflow-collector/