[ previous ] [ next ] [ threads ]
 From:  "Timothy Taylor" <TimT at BALLI dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] snmp monitoring
 Date:  Sat, 08 Mar 2008 08:50:04 +0000
I use cacti, opennms and a batch file for internal monitoring. Never tried to monitor over the
Internet or from the public interface. I guess snmp should be subjectable to a rule, and might even
be accessible via a vpn link.

Cacti is pretty and runs under windows or linux. There is a pre-made linux distribution called
ez-cacti that installs most stuff, I believe. Mine is on Windows and has been running for several
years. I've avoided updating or upgrading because I fear that I'll lose my historical data. It's
also a low enough priority that other things fill my day, that and it works! I'm not sure I quite
yet understand the concepts well enough yet to simply add counters without recourse to
documentation, but I have added some quad-processor utilisation measures, arithmetic and graphs. It
doesn't scan the network for new hosts like opennms does. It also didn't have network diagrams, but
that may have changed.

Opensnmp I tried for it's ability to alert, which is laterly available in Cacti (I think). It's not
as pretty as cacti, but may scale better - my network just isn't big enough to tell. The alerting is
very granular and supports many paths. I use mail and sms, but after a while, the sms component
gives up. Adding other non-out-of-the-box monitors was easier than cacti, but mine don't alert me.
Reporting is better and it gives you up-time figures. Again, time constraints have stopped me
investigating the sms and alerting issues. I don't recall any diagramming tools.

Lastly, to alert me about via sms about critical failures to the email system I wrote a batch file
with pings and wget.  I thought it would be quicker than fixing the above niggles and it gave me
some defence in depth. I even used a laptop so that it had it's own modem and battery. It needs to
count files in four folders using batch file trickery, check that the routers and switches are on
using ping, and that the email agents are running using authenticated wget. It's still proving it's
value, so it's running on an 128MB w2k box that needs to be restarted regularly (I've set that for
every 4 hours). With new laptops coming in at £200 at morgancomputers.co.uk, I'll upgrade soon. I
force it to send a status email at restart so I know on my BB that things are being watched for me.

Not really monitoring, but on the watching side, I installed an arp monitoring tool on one of my
Linux boxes that sends me a mail when it sees new MAC addresses on my lan. I haven't tried extending
it to querying the switches to see what port it is on, but I ran through the idea on paper.

I've recently looked at NetCrunch from adrem/emereo and in combination with Server Manager for my
NetWare boxes, I'm tempted to use that. It does all of the above, I think, and prettily too - it
even has a access controlled web portal so that you could let the high-ups glimpse the network. The
new release of NetCrunch 5, which was demoed to me yesterday, has an enhanced network diagram
component from v4 that uses scalable views.

I hope that helps, or may be of interest.
-----Original Message----- 
From: YvesDM <ydmlog at gmail dot com> 
To: Monowall User List <m0n0wall at lists dot m0n0 dot ch> 
Sent: 08/03/2008 07:55:38 
Subject: [m0n0wall] snmp monitoring 
I'm looking for a nice, centralized way to monitor about 100 m0n0walls over 
I'm sure many people already doing this. What are you using for monitoring? 
All suggestions are welcome. 
Kind regards 

This communication and any attachments are confidential and may be protected from disclosure. We
endorse no information, opinion or advice contained in this communication that is not the subject of
a contract between the recipient and us. If you have received it in error please notify us
immediately and note that any storage, use or disclosure is strictly prohibited and may be unlawful.
Whilst we check the communications we send for virus infection, we accept no responsibility for any
loss or damage caused to your systems by this communication.
Those communicating with us by electronic mail will be deemed to have accepted the risks associated
with interception, amendment, loss and late or incomplete delivery. They will also be deemed to have
consented to our intercepting and monitoring such communications.
The company numbers (England and Wales) of group companies are as follows: Balli Holdings Limited -
1919104; Balli Group plc - 2632984; Balli Steel plc- 3418142; Balli Trading Limited - 2098770;
Balrox Limited - 2824454; BBM Machinery Limited - 5466613; Balli Real Estate Holdings Limited -
6101815. The registered office of all these companies is 5 Stanhope Gate, London, W1K 1AH. The VAT
number for all these companies is 539 0006 67.