Configure Collectd as a Central Monitoring Server for Clients

Step 3: Configure Collectd Clients

6. The activation of client instances for Collectd daemon resembles with the server configuration, meaning the same Network plugin must be loaded, the only difference here being the fact that you should instruct the Network client where to send the data.

So, repeat the same steps as for the server setup, and, when you reach the Network plugin block, uncomment the below statements and replace the Server IP Address according to your Collectd server IP.

# nano /etc/collectd/collectd.conf
OR
# nano /etc/collectd.conf

Client file excerpt:

<Plugin network>
# client setup:
      <Server "192.168.1.211" "25826">
       </Server>
...
</Plugin>

Configure Collectd Clients

7. Finally, restart the collectd daemon to apply changes and visit your Collectd server IP Address in order to visualize the collected data so far as illustrated on the below screenshot.

# service collectd restart
or
# systemctl restart collectd   [For systemd init services]
Collectd Client Monitoring
Collectd Client Monitoring

Repeat the client configuration steps on all your collectd systems that you want to monitor and they should appear on your central Collectd server.

Step 4: Encrypt Collectd Client-Server Traffic

8. So far, all of the client transmitted data is done in clear text make it easy for unauthorized users to intercept and read data.

In order to cryptographically sign and encrypt the traffic using a mechanism similar to Apache .htacces authentication, you need to create an htpasswd file on the server and instruct all the clients to sign and encrypt data with the htpasswd credentials.

On the first step go to the Collectd server machine and create a passwd file by issuing the below command (install apache-utils or httpd-tools package if htpasswd command is not present on your server).

# htpasswd -c /etc/collectd/passwd your_username
Apache Password Protection
Create Apache Password Protection

9. After the credentials are created, use the cat command to view passwd file content and copy the password string to a safe location – you will need it later for client setup.

# cat /etc/collectd/passwd
View Password
View Password

10. Next, on the server side, open the main collectd configuration file for editing, navigate to Network plugin block, uncomment following statements (replace AuthFile statement according to your local passwd file path):

# nano /etc/collectd/collectd.conf
OR
# nano /etc/collectd.conf

Server File excerpt:

<Plugin network>
...
# server setup:
      <Listen "0.0.0.0" "25826">
	   SecurityLevel Sign
                  AuthFile "/etc/collectd/passwd"
       </Listen>
...
</Plugin>

11. Once you’re done, restart Collectd server to apply the changes and move to client side.

# service collectd restart
or
# systemctl restart collectd   [For systemd init services]

12. On the client side, repeat the same steps and uncomment the client statements from the Network plugin block, replacing the Username and Password statements according to your server passwd file.

# nano /etc/collectd/collectd.conf
OR
# nano /etc/collectd.conf

Client file excerpt:

<Plugin network>
# client setup:
      <Server "192.168.1.211" "25826">
SecurityLevel Encrypt
              	Username "your_server_passwd_username"
             	Password "your_server_passwd_hash_password"
       </Server>
...
</Plugin>
Configure Collectd Authentication
Configure Collectd Authentication

That’s it! restart Collectd daemon and repeat this step on all your Collectd client instances in order to communicate with the central node over a secure channel.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Matei Cezar
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

3 Comments

Leave a Reply
  1. Hi,

    Just had a small query since i am setting up a client server architecture for collectd, is it possible that for all the clients my thresholds are set on the server side?

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.