traceroute.monitor - Route monitor for mon.
Monitor routes from monitor machine to a remote system using traceroute. Alarm and log when changes are detected.
traceroute.monitor -d -t 20 -c /path/to/traceroute.cf -l /usr/local/mon/logs/routes_YYYYMM.log
The logfile template is usually specified in the configuration file.
hostgroup route1 rt-tb-paris-26 rt-tb-london-18 rt-tta-pr01r00-4
rt-cam-cer001-5 rt-tta-pn01r00-4
watch route1
service traceroute
interval 15m
monitor traceroute.monitor -c /usr/local/mon/traceroute.cf
period wd {Sun-Sat}
alert mail.alert meekj
alertevery 1h summary
# tracreoute.monitor Config File RouteLogFile /usr/local/mon/logs/routes_YYYYMM.log RouterList /usr/local/mon/rt.list Traceroute /usr/sbin/traceroute StateDir /usr/local/mon/state.d EquivIP 10.22.4.254 10.22.5.254 10.22.6.254 EquivIP 10.28.4.254 10.28.5.254 10.28.6.254
Lines with '#' in the first column are ignored.
RouteLogFile - A new log file will be created each month in the above example the files will be of the form routes_199810.log The YYYYMM format is the only date string possible in the current version The logs contain time stamped route changes.
RouterList - Optional IP address to router name translation in /etc/hosts format (IP_address router_bame). Supplying this list will provide considerably more meaningful alarm messages, especially if the router names contain geographical information. Without this list the extended alarm is just a list of interface IP addresses.
Traceroute - Overrides the default of /usr/sbin/traceroute
StateDir - Overrides the default path of the mon environment variable MON_STATEDIR. Files named lastroute.router_name contain the last observed route.
EquivIP - A space separated list of IP addresses that should be considered equivalent for the purposes of determining route changes. Likely used where there are secondary addresses on router or switch interfaces.
There probably are some.
Jon Meek, meekj@ieee.org
traceroute.anal - A CGI script to display route change information.
