Slightly [OT] Network Monitoring/Alerting tools

Adam Hough adam at gradientzero.com
Fri Aug 22 16:14:06 UTC 2008


On Thu, Aug 21, 2008 at 10:35 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
> Adam Hough wrote:
>
>> My only beef with OpenNMS is that it is a polling type monitoring
>> system which is fine for say network gear but I would rather have a
>> client/server setup for servers that I want to monitor.
>
> Polling is the best way to know if a service is actually working, but
> OpenNMS also listens for SNMP traps, syslog messages, or xmlrpc events if
> you want to send things to it.

So I have seen polling systems fail to properly diagnose a s system(s)
when said system(s) would be under very heavy load (like say a process
using almost all available resources) but the they system was just to
slow to actually respond to the poll request.  The monitoring system
(Nagios) would mark the system as just down.  With a client/server
system it gives you a better chance of figuring out that you are
running out of memory then the polling system.

>
>> OpenNMS from
>>
>> what I can tell still does not give me the flexibility that I want or
>> need that I get from other system such as Hobbit (BB) or Nagios.
>
> Example?  Stock SNMP will report most of the usual stuff (interface
> bandwidth/errors, memory/disk/cpu use, etc.) and there are ways to extend it
> to other values.

But when I was using Big Brother as a monitoring server we were able
to easily right scripts to extend information that was reported to the
monitoring server.  We were able to use to scripts to moniter database
operations for some of our users so they would know how many and what
ones were running.  We were able to use the monitor to look for
hardware problems (AIX/pseries) and dump the log of the hardware
reporting to the monitoring server.  We were able to monitor when
backups were running on the system and if they have been running for
an unusually long time.

See below as I have never tried to configure SNMP other then to get
the basic system information, but I think it would be much harder to
setup SNMP to do some of those tasks then just having to write a
simple script in bash, korn, perl, or python.

>
>> Though I will admit I had not know all that much about snmp other then
>> to make sure that it is turned off on systems I install to give bots
>> one less attack point if they make it past my iptable rules in some
>> manner.
>
> Don't turn read access off, just use a hard-to-guess community string.
> Usually you would block inbound access at your internet firewalls anyway.

My machines live on a university network which are notoriously unsafe.
  Further more since I deal with systems devoted to research so I have
to allow (ssh) access to the machines from from other universities all
over the world.   I cannot trust my public networks and can only trust
my non-routeable networks to the extent that no user has used a easy
to guess password.  Coupled with the fact that SNMP had a history of
security issues though with SNMPv3 they have actually added security
from what I have read.  Running SNMP just seems like an unnecessary
risk when you can have your monitored systems pushing data to the
monitor server(s) and just have to secure the monitor server(s).

>
> --
>  Les Mikesell
>   lesmikesell at gmail.com
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>




More information about the fedora-list mailing list