Raspberry Pi 監視

Pandora FMS ドキュメント一覧に戻る

• Network connection and device configuration guide.
• Pandora FMS agent and satellite installation on a Raspberry device.
• Automatic creation Pandora FMS user, securing the ssh protocol.

• ネットワーク接続とデバイス設定ガイド。
• Raspberry デバイスへの Pandora FMS エージェントとサテライトのインストール。
• SSH プロトコルによるセキュアな Pandora FMS ユーザの自動作成。

A Raspberry device is a reduced-plate computer, single-plate computer or low-cost single-plate computer (SBC). Its official operating system is an open source version adapted from Debian, called Raspbian.

Raspberryデバイスは、小型コンピュータ、シングルプレートコンピュータ、または低価格シングルプレートコンピュータ（SBC）です。公式オペレーティングシステムは、Debian をベースとしたオープンソース版である Raspbian です。

The distributed image is based on the Raspbian operating system. It contains the agent, the satellite, the eHorus client, the packages to install a NetFlow probe and all their dependencies.

配布されるイメージは Raspbian オペレーティングシステムをベースにしており、エージェント、サテライト、eHorus クライアント、NetFlow プローブをインストールするためのパッケージ、およびそれらの依存関係がすべて含まれています。

The initial step for installing it is to download the official Pandora FMS image for raspberry from the official download page:

インストールの最初のステップは、公式ダウンロードページから Raspberry 用の公式 Pandora FMS イメージをダウンロードすることです。

Once the .img file is downloaded, flash it onto your SD card of at least 4gb.

.img ファイルをダウンロードしたら、少なくとも 4 GB 以上の SD カードに書き込みます。

To flash the image, use the Etcher software that can be downloaded at

イメージを書き込むには、ダウンロードできる Etcher ソフトウェアを使用します。

It works similarly on both Windows® and Linux®.

Windows® と Linux® の両方で動作します。

Insert the SD card into your computer which should have a special port for those kinds of devices. Execute Etcher.

SD カードスロットがあるコンピュータに SD カードを挿入します。Etcher を実行します。

Click Select image. This will open the file explorer to select the previously downloaded Pandora FMS image.

Select image をクリックします。ファイルエクスプローラーが開き、先ほどダウンロードした Pandora FMS イメージを選択できます。

Select the SD card inserted in the computer. If the SD card is the one that appears by default, leave it as it is and if not, click Change and select the desired SD card.

コンピュータに挿入されている SD カードを選択します。デフォルトで表示される SD カードの場合はそのままにし、そうでない場合は Change をクリックして目的の SD カードを選択します。

Click Flash! to mount the image on the card.

Flash! をクリックして、カードをマウントします。

Then, remove the card securely according to your OS instructions.

次に、OS の指示に従ってカードを安全に取り外します。

Thorough this step, all the components will be connected to power up the Raspberry:

この手順により、すべてのコンポーネントが接続され、Raspberry の電源がオンになります。

• Insert the SD card into the slot at the bottom of the box.
• Connect the keyboard to any USB port
• Connect the HDMI wire to the Raspberry monitor and HDMI port.
• Connect the device to the power supply.

• SDカードをボックス底部のスロットに挿入します。
• キーボードを任意のUSBポートに接続します。
• HDMIケーブルをRaspberryモニターとHDMIポートに接続します。
• デバイスを電源に接続します。

The monitor will display how the device starts and an installer where you can select which interface you wish to configure.

モニターには、デバイスの起動方法と、設定するインターフェイスを選択できるインストーラーが表示されます。

Select Eth0 to configure the wired network interface:

It will ask whether you want to change the Eth0 interface settings. Click Yes

Select DHCP if there is a DHCP server in the network

Then, a message will appear saying that the wired network has been correctly configured.

Select IP STATIC if you wish to configure the wired interface manually.

Enter the Raspberry's static IP.

Enter the network's Gateway.

Enter the network mask.

Enter the public DNS.

You will get a message that the configuration has been successfully completed.

Select Wlan0 to configure the wireless network interface

It will ask whether you wish to change the Wlan0 interface configuration. Click Yes.

Select DHCP if there is a DHCP server in the network.

Choose the name of the access point from the provided list. Enter the password of the access point.

You will get a message that the configuration was successful.

• Select WIFI STATIC if you wish to configure the wired interface manually.
• Choose the name of the access point from the provided list. Enter the password of the access point.
• Enter the device static IP address.
• Enter the network mask.
• Enter the access point Gateway.
• You will receive a message saying the configuration was successful.

• To install the agent, select AGENT from the menu.
• It will ask for the IP address of the Pandora FMS server the agent must point to.
• Enter the existing group in the Pandora FMS server you wish to add the agent to.

• To install the satellite, select SATELLITE from the menu.
• Enter the IP address of Pandora FMS server the agent must point to.
• Enter the network range you wish to monitor along with its mask.
• Enter the community or list of SNMP communities of the devices in your network.
• Enter the user or list of users to make WMI queries to the computers on your network.

Edit the file with the nano text editor:

/etc/ehorus/ehorus.conf

Replace the eh_user token with your Pandora RC user. In line #password secret delete the sharp that indicates the beginning of the comment (uncomment the line) and replace the word “secret” by a password to access your agent from Pandora RC.

To see the graphical environment, install the x11vnc dependency:

apt-get install x11vnc

Start Pandora RC service with:

systemctl start pandorarc_agent_daemon

Its operation is based on the use of several components:

• A device with NetFlow compatibility, usually a switch or router type network hardware that generates information packets, or a NetFlow probe.
• A NetFlow collector, which receives the packets generated by the previous device, storing and processing them. It is usually a tool or server with these features.

Pandora FMS uses an OpenSource tool called nfcapd to process all NetFlow traffic. This daemon is automatically launched by Pandora FMS server. This system stores data in binary files, in a certain location. Install nfcapd on your system before working with NetFlow in Pandora FMS. The default nfcapd daemon listens on port 9995/UDP by default, so keep this in mind if you have firewalls to open this port and when configuring NetFlow probes.

If you do not have a NetFlow router, but your traffic “goes” through a Linux system, you can install a software that works as a probe and sends NetFlow traffic information to the collector. In Linux, there is a program called fprobe that captures traffic and forwards it to a NetFlow server. With that you can generate NetFlow traffic, from all network traffic going through your interfaces.

First, install fprobe:

apt-get install fprobe

It will ask which interface must be monitored and to which ip:port the information must be sent to. In case it does not ask, run the following command:

/usr/sbin/fprobe -i <interface_moniteur> -fip <ip_collector>><port>

In the following example, all traffic from the eth0 interface will be sent to the NetFlow collector listening on port 9995 of IP 192.168.70.185:

/usr/sbin/fprobe -i eth0 -fip 192.168.70.185:9995

Once traffic is generated, you can see the statistics of this traffic on the NetFlow collector with this command:

nfdump -R /var/spool/pandora/data_in/netflow

NetFlow must be enabled to be accessible from the Operation and Administration menus: Enable NetFlow

Once NetFlow is configured, restart Pandora FMS server to boot the nfcapd server. It must be properly installed before attempting to start it. Check the server logs for any questions.

Explained in section: Netflow Port Mirroring

Pandora FMS ドキュメント一覧に戻る