[ previous ] [ next ] [ threads ]
 
 From:  YvesDM <ydmlog at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] snmp monitoring
 Date:  Sat, 8 Mar 2008 12:40:24 +0100
Hi Tim,

Tnx for the interesting info.
I tried cacti some years ago, but it wasn't quite what I expected.
But maybe I didn't give myself the time to explore it enough.

I want to monitor over the WAN.
PS Do I have to add a nat/firewall rule to enable this or is enabling snmp
enough?

Uptime, sysload, memory usage, bytes transfered, etc are the most important
creteria for me.
I will sure take a look at ez-cacti and opennms. The monitor host runs
debian etch. (now using smokeping, but I want more)
I also bumped into jffnms (http://www.jffnms.org) which also seemed to have
the things I want.
The sms alerts are very interesting. Is it really full included or did you
also write a script to use a service as voipcheap or something like it?

Kind regards
Y.

On Sat, Mar 8, 2008 at 9:50 AM, Timothy Taylor <TimT at balli dot co dot uk> wrote:

> I use cacti, opennms and a batch file for internal monitoring. Never tried
> to monitor over the Internet or from the public interface. I guess snmp
> should be subjectable to a rule, and might even be accessible via a vpn
> link.
>
> Cacti is pretty and runs under windows or linux. There is a pre-made linux
> distribution called ez-cacti that installs most stuff, I believe. Mine is on
> Windows and has been running for several years. I've avoided updating or
> upgrading because I fear that I'll lose my historical data. It's also a low
> enough priority that other things fill my day, that and it works! I'm not
> sure I quite yet understand the concepts well enough yet to simply add
> counters without recourse to documentation, but I have added some
> quad-processor utilisation measures, arithmetic and graphs. It doesn't scan
> the network for new hosts like opennms does. It also didn't have network
> diagrams, but that may have changed.
>
> Opensnmp I tried for it's ability to alert, which is laterly available in
> Cacti (I think). It's not as pretty as cacti, but may scale better - my
> network just isn't big enough to tell. The alerting is very granular and
> supports many paths. I use mail and sms, but after a while, the sms
> component gives up. Adding other non-out-of-the-box monitors was easier than
> cacti, but mine don't alert me. Reporting is better and it gives you up-time
> figures. Again, time constraints have stopped me investigating the sms and
> alerting issues. I don't recall any diagramming tools.
>
> Lastly, to alert me about via sms about critical failures to the email
> system I wrote a batch file with pings and wget.  I thought it would be
> quicker than fixing the above niggles and it gave me some defence in depth.
> I even used a laptop so that it had it's own modem and battery. It needs to
> count files in four folders using batch file trickery, check that the
> routers and switches are on using ping, and that the email agents are
> running using authenticated wget. It's still proving it's value, so it's
> running on an 128MB w2k box that needs to be restarted regularly (I've set

> morgancomputers.co.uk, I'll upgrade soon. I force it to send a status
> email at restart so I know on my BB that things are being watched for me.
>
> Not really monitoring, but on the watching side, I installed an arp
> monitoring tool on one of my Linux boxes that sends me a mail when it sees
> new MAC addresses on my lan. I haven't tried extending it to querying the
> switches to see what port it is on, but I ran through the idea on paper.
>
> I've recently looked at NetCrunch from adrem/emereo and in combination
> with Server Manager for my NetWare boxes, I'm tempted to use that. It does
> all of the above, I think, and prettily too - it even has a access
> controlled web portal so that you could let the high-ups glimpse the
> network. The new release of NetCrunch 5, which was demoed to me yesterday,
> has an enhanced network diagram component from v4 that uses scalable views.
>
> I hope that helps, or may be of interest.
> Tim
> -----Original Message-----
> From: YvesDM <ydmlog at gmail dot com>
> To: Monowall User List <m0n0wall at lists dot m0n0 dot ch>
>
> Sent: 08/03/2008 07:55:38
> Subject: [m0n0wall] snmp monitoring
>
> Hi,
>
> I'm looking for a nice, centralized way to monitor about 100 m0n0walls
> over
> snmp.
> I'm sure many people already doing this. What are you using for
> monitoring?
> All suggestions are welcome.
>
> Kind regards
> Y.
>
>
> IMPORTANT NOTICE.
> This communication and any attachments are confidential and may be
> protected from disclosure. We endorse no information, opinion or advice
> contained in this communication that is not the subject of a contract
> between the recipient and us. If you have received it in error please notify
> us immediately and note that any storage, use or disclosure is strictly
> prohibited and may be unlawful.
> Whilst we check the communications we send for virus infection, we accept
> no responsibility for any loss or damage caused to your systems by this
> communication.
> Those communicating with us by electronic mail will be deemed to have
> accepted the risks associated with interception, amendment, loss and late or
> incomplete delivery. They will also be deemed to have consented to our
> intercepting and monitoring such communications.
> The company numbers (England and Wales) of group companies are as follows:
> Balli Holdings Limited - 1919104; Balli Group plc - 2632984; Balli Steel
> plc- 3418142; Balli Trading Limited - 2098770; Balrox Limited - 2824454; BBM
> Machinery Limited - 5466613; Balli Real Estate Holdings Limited - 6101815.
> The registered office of all these companies is 5 Stanhope Gate, London, W1K
> 1AH. The VAT number for all these companies is 539 0006 67.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>