Ryan's Journal

Working with Cacti, a general purpose graphing tool, is a little opaque. The overall process I went through to add a graph for tracking failed login attempts (or more appropriately, failed break-in attempts): add a data input method, add an input field and an output field to it, add a data template that utilizes the new input method (script based), add a graph template that mirrors the new data template, add a new graph based on the graph template, selecting the data templates as sources for the graph's inputs. I had to write a couple scripts to get the most interesting parts of the security log and reduce them to numbers for input fields.

I can see this process being useful across a multi-machine network, but it's a bit cumbersome for one time graphs.

You must login to leave a comment