[ previous ] [ next ] [ threads ]
 
 From:  "Neil A. Hillard" <m0n0 at dana dot org dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] snmp monitoring
 Date:  Sat, 8 Mar 2008 11:57:23 +0000
Hi,

In message
<799e44b30803080340v4c3bccd4gaf4567aa84077944 at mail dot gmail dot com>, YvesDM
<ydmlog at gmail dot com> writes
>Hi Tim,
>
>Tnx for the interesting info.
>I tried cacti some years ago, but it wasn't quite what I expected.
>But maybe I didn't give myself the time to explore it enough.
>
>I want to monitor over the WAN.
>PS Do I have to add a nat/firewall rule to enable this or is enabling snmp
>enough?
>
>Uptime, sysload, memory usage, bytes transfered, etc are the most important
>creteria for me.
>I will sure take a look at ez-cacti and opennms. The monitor host runs
>debian etch. (now using smokeping, but I want more)
>I also bumped into jffnms (http://www.jffnms.org) which also seemed to have
>the things I want.
>The sms alerts are very interesting. Is it really full included or did you
>also write a script to use a service as voipcheap or something like it?

I currently use Cacti for performance graphing and Nagios for
availability monitoring.

I have a Wismo GSM modem (with a Pay As You Go SIM) hooked up to the
serial port on my Linux box and when Nagios spots a problem I have a
script that will dump a message into a database which is picked up by
gnokii-smsd and sent through the GSM modem (I was originally using an
old Nokia phone but found that it would sometimes loose the connection
to gnokii-smsd - things may have improved now, though).

I also have an APC MasterSwitch which Nagios can tell to powercycle a
specific port (using SNMP) - currently only set to powercycle my ADSL
router as it has been problematic (until I attached it to the
MasterSwitch) but could be set to powercycle any port if it detects that
the device is unresponsive!

HTH,


                                Neil.


>On Sat, Mar 8, 2008 at 9:50 AM, Timothy Taylor <TimT at balli dot co dot uk> wrote:
>
>> I use cacti, opennms and a batch file for internal monitoring. Never tried
>> to monitor over the Internet or from the public interface. I guess snmp
>> should be subjectable to a rule, and might even be accessible via a vpn
>> link.
>>
>> Cacti is pretty and runs under windows or linux. There is a pre-made linux
>> distribution called ez-cacti that installs most stuff, I believe. Mine is on
>> Windows and has been running for several years. I've avoided updating or
>> upgrading because I fear that I'll lose my historical data. It's also a low
>> enough priority that other things fill my day, that and it works! I'm not
>> sure I quite yet understand the concepts well enough yet to simply add
>> counters without recourse to documentation, but I have added some
>> quad-processor utilisation measures, arithmetic and graphs. It doesn't scan
>> the network for new hosts like opennms does. It also didn't have network
>> diagrams, but that may have changed.
>>
>> Opensnmp I tried for it's ability to alert, which is laterly available in
>> Cacti (I think). It's not as pretty as cacti, but may scale better - my
>> network just isn't big enough to tell. The alerting is very granular and
>> supports many paths. I use mail and sms, but after a while, the sms
>> component gives up. Adding other non-out-of-the-box monitors was easier than
>> cacti, but mine don't alert me. Reporting is better and it gives you up-time
>> figures. Again, time constraints have stopped me investigating the sms and
>> alerting issues. I don't recall any diagramming tools.
>>
>> Lastly, to alert me about via sms about critical failures to the email
>> system I wrote a batch file with pings and wget.  I thought it would be
>> quicker than fixing the above niggles and it gave me some defence in depth.
>> I even used a laptop so that it had it's own modem and battery. It needs to
>> count files in four folders using batch file trickery, check that the
>> routers and switches are on using ping, and that the email agents are
>> running using authenticated wget. It's still proving it's value, so it's
>> running on an 128MB w2k box that needs to be restarted regularly (I've set

>> morgancomputers.co.uk, I'll upgrade soon. I force it to send a status
>> email at restart so I know on my BB that things are being watched for me.
>>
>> Not really monitoring, but on the watching side, I installed an arp
>> monitoring tool on one of my Linux boxes that sends me a mail when it sees
>> new MAC addresses on my lan. I haven't tried extending it to querying the
>> switches to see what port it is on, but I ran through the idea on paper.
>>
>> I've recently looked at NetCrunch from adrem/emereo and in combination
>> with Server Manager for my NetWare boxes, I'm tempted to use that. It does
>> all of the above, I think, and prettily too - it even has a access
>> controlled web portal so that you could let the high-ups glimpse the
>> network. The new release of NetCrunch 5, which was demoed to me yesterday,
>> has an enhanced network diagram component from v4 that uses scalable views.
>>
>> I hope that helps, or may be of interest.
>> Tim
>> -----Original Message-----
>> From: YvesDM <ydmlog at gmail dot com>
>> To: Monowall User List <m0n0wall at lists dot m0n0 dot ch>
>>
>> Sent: 08/03/2008 07:55:38
>> Subject: [m0n0wall] snmp monitoring
>>
>> Hi,
>>
>> I'm looking for a nice, centralized way to monitor about 100 m0n0walls
>> over
>> snmp.
>> I'm sure many people already doing this. What are you using for
>> monitoring?
>> All suggestions are welcome.
>>
>> Kind regards
>> Y.
>>
>>
>> IMPORTANT NOTICE.
>> This communication and any attachments are confidential and may be
>> protected from disclosure. We endorse no information, opinion or advice
>> contained in this communication that is not the subject of a contract
>> between the recipient and us. If you have received it in error please notify
>> us immediately and note that any storage, use or disclosure is strictly
>> prohibited and may be unlawful.
>> Whilst we check the communications we send for virus infection, we accept
>> no responsibility for any loss or damage caused to your systems by this
>> communication.
>> Those communicating with us by electronic mail will be deemed to have
>> accepted the risks associated with interception, amendment, loss and late or
>> incomplete delivery. They will also be deemed to have consented to our
>> intercepting and monitoring such communications.
>> The company numbers (England and Wales) of group companies are as follows:
>> Balli Holdings Limited - 1919104; Balli Group plc - 2632984; Balli Steel
>> plc- 3418142; Balli Trading Limited - 2098770; Balrox Limited - 2824454; BBM
>> Machinery Limited - 5466613; Balli Real Estate Holdings Limited - 6101815.
>> The registered office of all these companies is 5 Stanhope Gate, London, W1K
>> 1AH. The VAT number for all these companies is 539 0006 67.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>

-- 
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk