Does anyone have any recommendations for network monitoring systems that work with CentOS 3 or 4?
thanks
On 3/30/06, Ryan ryanag@zoominternet.net wrote:
Does anyone have any recommendations for network monitoring systems that work with CentOS 3 or 4?
I'm a fan of nagios, which will generate uptime stats and watch loads of other things for you. I've got a how-to for nagios+centos here -> http://www.cognitive-dissonance.org/journal/category/nagios/ There are some other tools you may want to look at also, like cacti or smokeping. Of the three, nagios and cacti are the best I feel. Depends on what information you want out of it.
-- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety'' Benjamin Franklin 1775
Ryan wrote:
Does anyone have any recommendations for network monitoring systems that work with CentOS 3 or 4?
thanks _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Ryan,
It might be helpful if you could say what your monitoring requirements are?
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
Camron W. Fox wrote:
Ryan,
It might be helpful if you could say what your monitoringrequirements are?
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I don't really have any, I was just curious as to what was popular among CentOS users.
If I had to give some requirements.... - Free (as in speech and beer) or low cost - SNMP capable - ping / fping options - GUI (http, I'd guess) of some sort for monitoring - TCP connect options
I use Argus for monitoring and alerting: http://argus.tcp4me.com Initially I was almost going to write a full essay about how much and why I like it :) but a pic worths a thousands words. Just check out the demo, and you'll get a pretty good ideea about what it can do. The configuration files are also very nice and clean, you can break the configuration into several files, group the options as you see fit, etc.
Here's a glimpse of how the config files look like, it can be as simple as:
Host "alex" { hostname: localhost Service TCP/SSH Service TCP/SMTP Service TCP/POP Service TCP/IMAP Service TCP/HTTP Service UDP/Domain/slack.i Service UDP/NFS }
or as complete as you need:
Host "alex" { note: This is the main monitoring server, located in Oradea, Romania. details: The system is a PIII @600 MHz box with 256RAM, 2xSCSI disks.
graph: yes hostname: localhost Service TCP/SSH Group "Email" { Service TCP/SMTP { label: SMTP } Service TCP/POP { label: POP3 } Service TCP/IMAP { label: IMAP } } Service TCP/HTTP
# UDP/DNS sends a 'status-query', UDP/DNSQ sends an 'IN ANY' query. # Some DNS servers (notably djbdns) do not handle 'status' queries. # UDP/DNSQ is available only in versions 3.1 and later. Service UDP/DNSQ { hostname: 192.168.0.1 } Service DNSQ/A/slack.i { hostname: 192.168.0.1 expect: 192.168.0.1 } Service UDP/NFS Service Prog { severity: major label: Storage command: /usr/bin/nc localhost filestat expect: OK } Service Prog { label: MySQL command: /usr/bin/nc localhost mysql-ping expect: 2500 } Service Ping { uname: alive } }
Good luck, Alex
Alexandru E. Ungur wrote on Fri, 31 Mar 2006 12:11:49 +0300:
I use Argus for monitoring and alerting: http://argus.tcp4me.com ...Initially I was almost going to write a full essay about how much and why I like it :)
I'm using bigsister at the moment. Argus looks similar and not similar. I may want to try it out. How does it remote monitoring? Only by SNMP or is there an agent application available (short glimpse over the documentation doesn't reveal one)? I'm not familiar with SNMP at all, so it's not an option for me.
Kai
On Fri, 2006-03-31 at 08:33, Kai Schaetzl wrote:
I use Argus for monitoring and alerting: http://argus.tcp4me.com ...Initially I was almost going to write a full essay about how much and why I like it :)
I'm using bigsister at the moment. Argus looks similar and not similar. I may want to try it out. How does it remote monitoring? Only by SNMP or is there an agent application available (short glimpse over the documentation doesn't reveal one)? I'm not familiar with SNMP at all, so it's not an option for me.
I've also had 'spong' http://spong.sourceforge.net/ running for close to 10 years and it still works great although some of the others may be easier to set up. It doesn't have SNMP at all but does network probes from a central location and has an optional local agent for additional information. A nice touch is that it has a message throttling mechanism where you can have it notify you about problems but limit both the number of times for any particular notification and the number of total notifications it will send. If the machine doing the probing looses network connectivity for a while it won't page you thousands of times.
I use zabbix.. http://www.zabbix.com
Here's a little how to install http://howtoforge.net/zabbix_network_monitoring
Configuration is a little complicated. but it works great!! and the price is right => $GPL
sender: "Les Mikesell" date: "Fri, Mar 31, 2006 at 11:55:30AM -0600" <<<EOQ
On Fri, 2006-03-31 at 08:33, Kai Schaetzl wrote:
I use Argus for monitoring and alerting: http://argus.tcp4me.com ...Initially I was almost going to write a full essay about how much and why I like it :)
I'm using bigsister at the moment. Argus looks similar and not similar. I may want to try it out. How does it remote monitoring? Only by SNMP or is there an agent application available (short glimpse over the documentation doesn't reveal one)? I'm not familiar with SNMP at all, so it's not an option for me.
I've also had 'spong' http://spong.sourceforge.net/ running for close to 10 years and it still works great although some of the others may be easier to set up. It doesn't have SNMP at all but does network probes from a central location and has an optional local agent for additional information. A nice touch is that it has a message throttling mechanism where you can have it notify you about problems but limit both the number of times for any particular notification and the number of total notifications it will send. If the machine doing the probing looses network connectivity for a while it won't page you thousands of times.
Nice, that's one feature I like very much in Argus too :D Besides that it has escalation features, that are also very useful:
--- quote http://argus.tcp4me.com/notif.html --- Escalating
After attempting to notify someone of a problem repeatedly, you may want to try notifying someone else:
escalate: 10 qpage:manager; 30 qpage:cio; 60 qpage:ceo
which means:
* after 10 minutes page the manager * after 30 minutes page the CIO * after 1 hour page the CEO --- end --- Of course you can send emails too, instead of paging people :) And it may be a good ideea to notify your coleagues, if a problem is not solved within a certain amount of time, before notifying your manager :D
All the best, Alex
sender: "Kai Schaetzl" date: "Fri, Mar 31, 2006 at 04:33:10PM +0200" <<<EOQ
Alexandru E. Ungur wrote on Fri, 31 Mar 2006 12:11:49 +0300:
I use Argus for monitoring and alerting: http://argus.tcp4me.com ...Initially I was almost going to write a full essay about how much and why I like it :)
I'm using bigsister at the moment. Argus looks similar and not similar. I may want to try it out. How does it remote monitoring? Only by SNMP or is there an agent application available (short glimpse over the documentation doesn't reveal one)? I'm not familiar with SNMP at all, so it's not an option for me.
You can use SNMP with Argus, but you can do just fine without it (I don't use SNMP either btw). The remote monitoring is done by connecting to the remote application's TCP or UDP port. It does not come with an agent application (except some alfa try which I never used anyway).
It has 4 types of tests, quote from: http://argus.tcp4me.com/services.html --- quote --- * Ping - Pings a host * Prog - runs a program * TCP - tests a TCP port * UDP - tests a UDP port
Both TCP and UDP have a number of application tests built-in. Specifying an application does the same thing as setting the various bits of data to values appropriate for the protocol. But you could just as easily specify them directly.
The currently built-in application tests are:
* TCP/SMTP TCP/FTP TCP/NNTP TCP/HTTP TCP/HTTPS TCP/Gopher TCP/Telnet TCP/SSH TCP/POP TCP/IMAP TCP/NFS TCP/NFSv3 TCP/POPS TCP/IMAPS TCP/SMTPS TCP/NNTPS TCP/SIP[6] * UDP/SNMP UDP/SNMPv3 UDP/DNS UDP/DNSQ[1] UDP/NTP UDP/Portmap UDP/NFS UDP/NFSv3[2] UDP/RADIUS[3] UDP/SIP[6] UDP/IAX2[6] * several "special" tests: TCP/URL UDP/Domain TCP/RPC[6] UDP/RPC --- endquote ---
With a little swiss army knife :) aka netcat + the 'Prog' test there's no limit to what you can monitor. I monitor besides usual TCP ports, some file sizes, partitions' free space and some other stuff.
For more questions on this you can try the http://www.tcp4me.com/mailman/listinfo/arguslist mailling list as that would probably be more appropriate.
Hope it helps, Alex
On Fri, 2006-03-31 at 03:30, Tom Brown wrote:
Does anyone have any recommendations for network monitoring systems that work with CentOS 3 or 4?
for monitoring i use nagios and for reporting i use cacti
I'd add ntop (http://www.ntop.org) to the list. It can summarize the traffic going by in many useful ways. And ethereal for more specific sniffing.
-
Alexandru E. Ungur -
Camron W. Fox -
Jaymz Ringler -
Jim Perrin -
Kai Schaetzl -
Les Mikesell -
Ryan -
Tom Brown