-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm looking for open-source alternatives for network management,
such as Nagios or Big Brother. We are currently using WhatsUp Gold,
and would like to move to something more flexible (and not running
on a Windows platform). Something that has email/paging
capabilities, and can process SNMP traps would be a plus for us as
well.
>
Recommendations?
Thanks.
I'd like to expand the question by asking, what Open-Source
applications do people use for SNMP Trap collecting and alarming?
We're very happy with Nagios for polling, but we have a lot of
optical components that send information via Traps that then needs to
be culled, trimmed and analyzed.
Thanks,
Mike
I always tried to avoid any deal with SNMP TRAPS as most unreliable and
unconvenient way of alerting (unfortunately, it can not be avoided totally).
We use 'syslog' (syslog-ng + home written syslog analyzers + copmmercial
soft, sometimes) when possible.
Since several folks showed interest in this, I have posted the slides
for the design talk at:
http://sourceforge.net/projects/nexb
Just curious, what kind of commercial/opensource software do you use for
syslog analysis and alerting?
I also run syslog-ng and have some filters written to ignore some of the
more mundane syslog messages. Also have swatch half implemented and
semi working, but I'm looking for a cleaner, and more manageable tool
for syslog based alerting.
What makes syslog so much more reliable in your opinion? There's no ability
to find lost messages or have guaranteed delivery. At least not on 514/udp.
If you can toss a trap, you can toss a syslog message.
That is, unless I've lost my mind this morning and need to go get more
coffee.
Chris Allermann wrote:
Just curious, what kind of commercial/opensource software do you use for
syslog analysis and alerting?
http://www.l0t3k.net/tools/Loganalysis/lire-1.4.tar.gz
http://www.sawmill.net/features.html
Nothing good exists (I tried all opensource I could find). We are developing
(improving) our scripts, and I hope to make it the same quality as CCR or
snmpstat and post on the sourceforge, but now it is just
set of scripts - on one server, and MySQL database + set of scripts - on
another, without documentatikn etc.
Problem is that it should not be simple filterts; system should:
- assign recipients to the host;
- allow user to set up temporary BLACK and WHILE filters;
- send alert first time, when it see something, and do not send it if
messages are repeated (until time expired or number of messages will be to
great);
- allows filkters such as _too many messages of this kind_ or _logfile size
too big_;
- etc etc.
We have CA (99% junk!) and tried ProactiveNetwork (very good, but syslog and
eventlog analizers are still very primitive). I do not need software _write
your own filters_, I need written filters, it is difference.
(Anyway, we post all syslogs on monitoring web, in a few groups:
- all todays messages in a big heap;
- access logs;
- errors;
- logs per host;
all logs are saved separately for every date (we generate web links every
night, so making unnecessary file rotation) and are gzipped after some time.
As a result, I have ull 2 years history of syslog on the web, easy to
analyze, and have 'search' script allowing to find anything.
Syslog is a text protocol, so system developer can always write any message.
SNMPTRAP is '1.2.3.4.5.6.7.8 'something happen blablabla' type of messages.
They are the same in other properties, I do agree - that;s why we detect
everything we can by 'polling'.
There are many tools, converting one to another, so take it easy -:).
I'm looking for open-source alternatives for network management,
such as Nagios or Big Brother. We are currently using WhatsUp Gold,
and would like to move to something more flexible (and not running
on a Windows platform). Something that has email/paging
capabilities, and can process SNMP traps would be a plus for us as
well.
Recommendations?
Thanks.
Have a look at http://www.itprc.com/nms.htm - I put together a list of open
source/free NMS tools a while ago, hopefully it is still somewhat current.
irwin