Reading Linux

Dec 18, 2007 07:05 # 45316

sid * wants to know...

Monitoring Tools on Linux

?% | 1

Can anyone suggest me a good monitoring tool(s) on linux that does the following.

1 - Monitors the system state with support for graphical reports/mail notifications.
2 - Network throughput ( Calculates Data Transfers from Linux servers).
3 - Traffic Classification ( Different types of traffic generated ) , Detecting malicous network activity.
4 - Should be extensible ( Plugin Support ).

Jan 09, 2008 09:27 # 45353

sid * has all the information you need...

Re: Monitoring Tools on Linux

92% | 2

After much reading on the net, talking to my nerdy friends and discussing with some sys-admins I couldn't find that one package that would do it all for me. The functionality I was looking for wasnít offered by any single tool, but a combination of a few tools namely Nagios ( very popular when it comes to monitoring on Linux) , MRTG ( extensive graphical reporting ), Ntop ( traffic classification).

I didnít play a lot with Ntop and MRTG so Iíll just talk a bit about Nagios for now.

Good thing about Nagios is: itís easy to install. But the basic configuration only works for the local Linux box; it has no configuration for monitoring remote boxes or services.
It could take while to come up with a Nagios configuration that does what you actually it to do.

You need to add new configuration for the boxes you need to monitor. For this you'll need to get familiar with the terminology used in Nagios configuration files. You might end up spending a considerable amount of time getting yourself familiar with Nagios terminology of grouping things. Think of it as you're writing a program & when you compile it throws errors but when you get used to programming it's not too bad.

Compile/Install additional services on remote boxes (Nagios plug-in: npre, ncsa) for monitoring basic things like hard disk usage, procs, logged in users, CPU load. These services may or may not work right away , maybe you'll wonder about the security of the boxes where you installed these services.

Finally you'll need to do some fine tuning as in where to send what notifications and to whom. I think this is the most important part; you canít keep an eye on Nagios Web Interface 24/7. Do an audit on which services are critical on what boxes and some services might require you to come up with your own plug-in. Another thing is how often you want the checks to be triggered by Nagios depending on your own needs and criticality of the remote system you're monitoring. This list is endless , it will go on and on , theres not just one way to optimize. There's always something new that you had missed earlier.

I think more or less Nagios does a pretty good job, but itís gonna take sometime to get it up and running with that Perfect Configuration that works for you. So be patient.

This post was edited by sid on Jan 09, 2008.

Jan 16, 2008 11:32 # 45370

Magicdead *** replies...

Re: Monitoring Tools on Linux

Try Snort for detecting malicious stuff, especially attacks from the outside. great tool

snort

"The wise have always said the same things, and fools have always done the opposite"-Schopenhauer


Small text Large text

Netalive Amp (Skin for Winamp)