Alerting systems, Logicmonitor and/or alternatives

I know that this topic has been kicking around for at least a decade,
but wanted to get current opinions of other network operators. Most of
us have explored Nagios, MRTG, and several front-ends for MRTG.

We are looking into a new player in the space called Logicmonitor. They
have a very functional and easy to navigate front end and configuration
tool, and I very much like the look-and-feel of their product.

What I don't like is that they only offer it as a cloud-based service.
Internal probes tie in to a "collector" which we maintain. The collector
then phones home over the Internet to their hosted service periodically
and they remotely analyze the data and generate alerts, plot graphs, etc.

From a technical standpoint this adds more points of failure in series,

will cause missed alerts if their cloud-based service goes down (who is
guarding the guards?) will cause false alarms if their service is still
up but can't reach the collector, and doesn't give us a full view under
the hood.

Of course their sales guys are giving us "Our time and energy is
dedicated to reliability" and "professionally managed multi-carrier
highly secure data centers" language to encourage the warm fuzzies.

From a scalability standpoint we incur ever-increasing recurring costs

as we grow and add monitored devices and services.

What's the collective opinion here? Is anyone using them or a similar
service? Are there non-cloud-based alternatives that are relatively easy
to set up and manage? We've explored Zabbix, Nagios, MRTG and its
various wrappers, and Intermapper. Anything else new on the horizon that
has a GUI front-end that is configurable without a lot of scripting
experience, etc.?

We would love to buy something that works for us and pay a reasonable
price for it, but I'm not particularly interested in the equivalent of
renting a time-share in order to monitor our networks.

We have used LogicMonitor for a few years to monitor hundreds of network devices with no reliability issues, at all. The agents have proven to be lightweight and rather unobtrusive. I can’t recall a time where we have ever had to intervene during regular operations or one of their upgrades.

We do not use the alerting service at this time so no history to report there.

We have only a few dislikes. One of them is the new skin and use the prior one still available to us so its a relatively minor issue. The pricing is something I’m also not crazy about though they have been willing to work with us on some pricing tiers.

Jeff

jeff cornejo
blue ridge internetworks

321 east main st • suite 200
charlottesville va 22902
434.817.0707 x 2001
www.briworks.com <http://www.briworks.com/>

Central Virginia’s technology authority since 2000.

The value proposition of all cloud services is that you get instant technical capability without building your own infrastructure. I see cloud NMS services like LogicMonitor and Spiceworks as a good deal for small organizations without their own IT people. But for all the reasons you give, the model doesn't scale very well.

For network professionals, the value of self-managed internal monitoring infrastructure far outweighs the temporary ease and low cost of cloud monitoring. In particular, commercial monitoring offerings, such as Intermapper, PRTG, and SolarWinds, are extremely cost effective for business network operations. Their cost is easily justifiable, especially if you have a busy staff. Yes, you can get many of the commercial tool capabilities in open source projects such as OpenNMS and Cacti. But as you note, they can be a pain to configure, and if your labor is worth anything, the commercial options are usually a better deal.

One exception I've found recently is Mikrotik's The Dude, which is free, but not FOSS. It's fully graphical, is straightforward to install and configure. It has a client/server architecture like Intermapper, but doesn't run natively on as many platforms (Windows only; other OSes must use emulation). Although it works with any SNMP device, it has special support for Mikrotik, since Mikrotik devised it.

To recap, I think cloud monitoring is pointless for managing inside networks for any organization having a reasonably capable IT staff.

What's the collective opinion here? Is anyone using them or a similar
service? Are there non-cloud-based alternatives that are relatively easy
to set up and manage? We've explored Zabbix, Nagios, MRTG and its
various wrappers, and Intermapper. Anything else new on the horizon that
has a GUI front-end that is configurable without a lot of scripting
experience, etc.?

Zenoss. I have it monitoring about 4k end points. The documentation is phenomnal. I've not had to touch the command line at all for any operations. I have two cron jobs on the server (one to do a weekly backup to a tar file that gets grabbed by my backup systems, one to run zendisc on only subnets I care about (and not everything in zenoss which is the default). The learning curve was pretty much non existent (you install it (which is apt-get or yum or scripted [i think appliances exist, i dunno]) , connect with default creds, change your creds, scan your network, classify devices, setup alerting rules and contacts). This all presumes you have SNMP already setup of course (which is trivial to do on just about everything). (Oh I did use the CLI to load in mibs, but that's a one time operation (unless you are constantly adding new vendors to your network i guess).

We would love to buy something that works for us and pay a reasonable
price for it, but I'm not particularly interested in the equivalent of
renting a time-share in order to monitor our networks.

Indeed. You should be able to find plenty of Linux engineers that could easily set this up. I would probably charge about $250.00 to $500.00 flat rate for a zenoss deployment, and could deliver it in 8 to 30 hours fully ready to go (range depends on size of deployment, HA, multi site etc). I expect most other engineers could do about the same (or maybe a bit longer if they've never worked with Zenoss before).

(I'm that weird Linux/Windows/VM/storage/security/app admin type who is now getting his CCIE cause networking looks fun).

Hi Jay,

I have experience with nagios and cacti, now I'm experimenting with logic
monitor and observium. The observium is a great tool to discover your
network devices but don't have great graphics and don't have any alarm
system, but you can get a lot of information about your network devices,
connections, ip address, protocols and configurations. Logic Monitor is a
new tool for me, but without comparison with nagios, they have well
support, but some times you need time to create personal data-points
because they don't have recognising for all devices.

Nagios could require time for implementation and experience with command
line and snmp. not is a expensive tool only if you don't want pay for it.
But the nagios XI is a great tool with lot of functions, automatización
process, graphics, and capacity planning. You can try with nagios xi with
network analyzer.

If you don't have budget maybe nagios core and observium can offer a great
solution.

For comercial solution, I recommend you nagios xi and nagios network
analyzer.

What's the collective opinion here? Is anyone using them or a similar service?
Are there non-cloud-based alternatives that are relatively easy to set up and
manage? We've explored Zabbix, Nagios, MRTG and its various wrappers,
and Intermapper. Anything else new on the horizon that has a GUI front-end
that is configurable without a lot of scripting experience, etc.?

Try OMD. It packages a python wrapper called check_mk around Nagios and adds on charts via an already integrated pnp4nagios.

The guys doing check_mk have done an amazing job of harnessing the power of Nagios through the use of configuration files which nicely minimizes the amount of work necessary for getting things monitored, while maximizing how things are grouped and structured.

Since I like it so much, I'm in the process of migrating our monitoring from a combination of NagiosXI, Observium, and Cacti over to the OMD package.

It has fast agents for monitoring vsphere. Has native agents for Linux and Windows. And can do SNMP. And has good customization for those who want more done that what is supplied out of the box.

We would love to buy something that works for us and pay a reasonable
price for it, but I'm not particularly interested in the equivalent of renting a
time-share in order to monitor our networks.

Check_mk has support and professional services available. It is open source for those who wish to go the DIY route.

Raymond

blog.raymond.burkholder.net

One of the downsides of all such services is that the more successful
they are, the bigger a target they are. And they're a tempting target,
since successful penetration would yield a wealth of data about every
client they have (if that penetration was limited to read-only access)
and possibly more, e.g., silencing alarms that would otherwise be
triggered (if that penetration allowed write access).

---rsk