Alerting systems, Logicmonitor and/or alternatives
From a technical standpoint this adds more points of failure in series, will cause missed alerts if their cloud-based service goes down (who is guarding the guards?) will cause false alarms if their service is still up but can't reach the collector, and doesn't give us a full view under
I know that this topic has been kicking around for at least a decade, but wanted to get current opinions of other network operators. Most of us have explored Nagios, MRTG, and several front-ends for MRTG. We are looking into a new player in the space called Logicmonitor. They have a very functional and easy to navigate front end and configuration tool, and I very much like the look-and-feel of their product. What I don't like is that they only offer it as a cloud-based service. Internal probes tie in to a "collector" which we maintain. The collector then phones home over the Internet to their hosted service periodically and they remotely analyze the data and generate alerts, plot graphs, etc. the hood. Of course their sales guys are giving us "Our time and energy is dedicated to reliability" and "professionally managed multi-carrier highly secure data centers" language to encourage the warm fuzzies.
From a scalability standpoint we incur ever-increasing recurring costs as we grow and add monitored devices and services.
What's the collective opinion here? Is anyone using them or a similar service? Are there non-cloud-based alternatives that are relatively easy to set up and manage? We've explored Zabbix, Nagios, MRTG and its various wrappers, and Intermapper. Anything else new on the horizon that has a GUI front-end that is configurable without a lot of scripting experience, etc.? We would love to buy something that works for us and pay a reasonable price for it, but I'm not particularly interested in the equivalent of renting a time-share in order to monitor our networks. -- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
We have used LogicMonitor for a few years to monitor hundreds of network devices with no reliability issues, at all. The agents have proven to be lightweight and rather unobtrusive. I can’t recall a time where we have ever had to intervene during regular operations or one of their upgrades. We do not use the alerting service at this time so no history to report there. We have only a few dislikes. One of them is the new skin and use the prior one still available to us so its a relatively minor issue. The pricing is something I’m also not crazy about though they have been willing to work with us on some pricing tiers. Jeff jeff cornejo blue ridge internetworks 321 east main st • suite 200 charlottesville va 22902 434.817.0707 x 2001 www.briworks.com <http://www.briworks.com/> Central Virginia’s technology authority since 2000.
On Jan 28, 2015, at 1:06 PM, Jay Hennigan <jay@west.net> wrote:
I know that this topic has been kicking around for at least a decade, but wanted to get current opinions of other network operators. Most of us have explored Nagios, MRTG, and several front-ends for MRTG.
We are looking into a new player in the space called Logicmonitor. They have a very functional and easy to navigate front end and configuration tool, and I very much like the look-and-feel of their product.
What I don't like is that they only offer it as a cloud-based service. Internal probes tie in to a "collector" which we maintain. The collector then phones home over the Internet to their hosted service periodically and they remotely analyze the data and generate alerts, plot graphs, etc.
From a technical standpoint this adds more points of failure in series, will cause missed alerts if their cloud-based service goes down (who is guarding the guards?) will cause false alarms if their service is still up but can't reach the collector, and doesn't give us a full view under the hood.
Of course their sales guys are giving us "Our time and energy is dedicated to reliability" and "professionally managed multi-carrier highly secure data centers" language to encourage the warm fuzzies.
From a scalability standpoint we incur ever-increasing recurring costs as we grow and add monitored devices and services.
What's the collective opinion here? Is anyone using them or a similar service? Are there non-cloud-based alternatives that are relatively easy to set up and manage? We've explored Zabbix, Nagios, MRTG and its various wrappers, and Intermapper. Anything else new on the horizon that has a GUI front-end that is configurable without a lot of scripting experience, etc.?
We would love to buy something that works for us and pay a reasonable price for it, but I'm not particularly interested in the equivalent of renting a time-share in order to monitor our networks.
-- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
The value proposition of all cloud services is that you get instant technical capability without building your own infrastructure. I see cloud NMS services like LogicMonitor and Spiceworks as a good deal for small organizations without their own IT people. But for all the reasons you give, the model doesn't scale very well. For network professionals, the value of self-managed internal monitoring infrastructure far outweighs the temporary ease and low cost of cloud monitoring. In particular, commercial monitoring offerings, such as Intermapper, PRTG, and SolarWinds, are extremely cost effective for business network operations. Their cost is easily justifiable, especially if you have a busy staff. Yes, you can get many of the commercial tool capabilities in open source projects such as OpenNMS and Cacti. But as you note, they can be a pain to configure, and if your labor is worth anything, the commercial options are usually a better deal. One exception I've found recently is Mikrotik's The Dude, which is free, but not FOSS. It's fully graphical, is straightforward to install and configure. It has a client/server architecture like Intermapper, but doesn't run natively on as many platforms (Windows only; other OSes must use emulation). Although it works with any SNMP device, it has special support for Mikrotik, since Mikrotik devised it. To recap, I think cloud monitoring is pointless for managing inside networks for any organization having a reasonably capable IT staff. On Jan 28, 2015, at 10:06 AM, Jay Hennigan <jay@west.net> wrote:
I know that this topic has been kicking around for at least a decade, but wanted to get current opinions of other network operators. Most of us have explored Nagios, MRTG, and several front-ends for MRTG.
We are looking into a new player in the space called Logicmonitor. They have a very functional and easy to navigate front end and configuration tool, and I very much like the look-and-feel of their product.
What I don't like is that they only offer it as a cloud-based service. Internal probes tie in to a "collector" which we maintain. The collector then phones home over the Internet to their hosted service periodically and they remotely analyze the data and generate alerts, plot graphs, etc.
From a technical standpoint this adds more points of failure in series, will cause missed alerts if their cloud-based service goes down (who is guarding the guards?) will cause false alarms if their service is still up but can't reach the collector, and doesn't give us a full view under the hood.
Of course their sales guys are giving us "Our time and energy is dedicated to reliability" and "professionally managed multi-carrier highly secure data centers" language to encourage the warm fuzzies.
From a scalability standpoint we incur ever-increasing recurring costs as we grow and add monitored devices and services.
What's the collective opinion here? Is anyone using them or a similar service? Are there non-cloud-based alternatives that are relatively easy to set up and manage? We've explored Zabbix, Nagios, MRTG and its various wrappers, and Intermapper. Anything else new on the horizon that has a GUI front-end that is configurable without a lot of scripting experience, etc.?
We would love to buy something that works for us and pay a reasonable price for it, but I'm not particularly interested in the equivalent of renting a time-share in order to monitor our networks.
-- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
What's the collective opinion here? Is anyone using them or a similar service? Are there non-cloud-based alternatives that are relatively easy to set up and manage? We've explored Zabbix, Nagios, MRTG and its various wrappers, and Intermapper. Anything else new on the horizon that has a GUI front-end that is configurable without a lot of scripting experience, etc.?
Zenoss. I have it monitoring about 4k end points. The documentation is phenomnal. I've not had to touch the command line at all for any operations. I have two cron jobs on the server (one to do a weekly backup to a tar file that gets grabbed by my backup systems, one to run zendisc on only subnets I care about (and not everything in zenoss which is the default). The learning curve was pretty much non existent (you install it (which is apt-get or yum or scripted [i think appliances exist, i dunno]) , connect with default creds, change your creds, scan your network, classify devices, setup alerting rules and contacts). This all presumes you have SNMP already setup of course (which is trivial to do on just about everything). (Oh I did use the CLI to load in mibs, but that's a one time operation (unless you are constantly adding new vendors to your network i guess).
We would love to buy something that works for us and pay a reasonable price for it, but I'm not particularly interested in the equivalent of renting a time-share in order to monitor our networks.
Indeed. You should be able to find plenty of Linux engineers that could easily set this up. I would probably charge about $250.00 to $500.00 flat rate for a zenoss deployment, and could deliver it in 8 to 30 hours fully ready to go (range depends on size of deployment, HA, multi site etc). I expect most other engineers could do about the same (or maybe a bit longer if they've never worked with Zenoss before). (I'm that weird Linux/Windows/VM/storage/security/app admin type who is now getting his CCIE cause networking looks fun).
-- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
!DSPAM:54c925874441589320983!
Hi Jay, I have experience with nagios and cacti, now I'm experimenting with logic monitor and observium. The observium is a great tool to discover your network devices but don't have great graphics and don't have any alarm system, but you can get a lot of information about your network devices, connections, ip address, protocols and configurations. Logic Monitor is a new tool for me, but without comparison with nagios, they have well support, but some times you need time to create personal data-points because they don't have recognising for all devices. Nagios could require time for implementation and experience with command line and snmp. not is a expensive tool only if you don't want pay for it. But the nagios XI is a great tool with lot of functions, automatización process, graphics, and capacity planning. You can try with nagios xi with network analyzer. If you don't have budget maybe nagios core and observium can offer a great solution. For comercial solution, I recommend you nagios xi and nagios network analyzer. 2015-01-28 13:06 GMT-05:00 Jay Hennigan <jay@west.net>:
I know that this topic has been kicking around for at least a decade, but wanted to get current opinions of other network operators. Most of us have explored Nagios, MRTG, and several front-ends for MRTG.
We are looking into a new player in the space called Logicmonitor. They have a very functional and easy to navigate front end and configuration tool, and I very much like the look-and-feel of their product.
What I don't like is that they only offer it as a cloud-based service. Internal probes tie in to a "collector" which we maintain. The collector then phones home over the Internet to their hosted service periodically and they remotely analyze the data and generate alerts, plot graphs, etc.
From a technical standpoint this adds more points of failure in series, will cause missed alerts if their cloud-based service goes down (who is guarding the guards?) will cause false alarms if their service is still up but can't reach the collector, and doesn't give us a full view under the hood.
Of course their sales guys are giving us "Our time and energy is dedicated to reliability" and "professionally managed multi-carrier highly secure data centers" language to encourage the warm fuzzies.
From a scalability standpoint we incur ever-increasing recurring costs as we grow and add monitored devices and services.
What's the collective opinion here? Is anyone using them or a similar service? Are there non-cloud-based alternatives that are relatively easy to set up and manage? We've explored Zabbix, Nagios, MRTG and its various wrappers, and Intermapper. Anything else new on the horizon that has a GUI front-end that is configurable without a lot of scripting experience, etc.?
We would love to buy something that works for us and pay a reasonable price for it, but I'm not particularly interested in the equivalent of renting a time-share in order to monitor our networks.
-- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
-- Cordialmente, Dorancé Martínez Cortés +57 320 6968121 Linux User Number 112632 Nagios Certified Administrator Certificación ITIL Fundation 2011 ed. Cali - Colombia dorancemc@gmail.com http://dmcingenieria.net http://dmci.co "Si piensas que la tecnología puede solucionar tus problemas de seguridad, está claro que ni entiendes los problemas ni entiendes la tecnología" Bruce Schneier
What's the collective opinion here? Is anyone using them or a similar service? Are there non-cloud-based alternatives that are relatively easy to set up and manage? We've explored Zabbix, Nagios, MRTG and its various wrappers, and Intermapper. Anything else new on the horizon that has a GUI front-end that is configurable without a lot of scripting experience, etc.?
Try OMD. It packages a python wrapper called check_mk around Nagios and adds on charts via an already integrated pnp4nagios. The guys doing check_mk have done an amazing job of harnessing the power of Nagios through the use of configuration files which nicely minimizes the amount of work necessary for getting things monitored, while maximizing how things are grouped and structured. Since I like it so much, I'm in the process of migrating our monitoring from a combination of NagiosXI, Observium, and Cacti over to the OMD package. It has fast agents for monitoring vsphere. Has native agents for Linux and Windows. And can do SNMP. And has good customization for those who want more done that what is supplied out of the box.
We would love to buy something that works for us and pay a reasonable price for it, but I'm not particularly interested in the equivalent of renting a time-share in order to monitor our networks.
Check_mk has support and professional services available. It is open source for those who wish to go the DIY route. Raymond blog.raymond.burkholder.net -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
On Wed, Jan 28, 2015 at 10:06:26AM -0800, Jay Hennigan wrote:
What I don't like is that they only offer it as a cloud-based service.
One of the downsides of all such services is that the more successful they are, the bigger a target they are. And they're a tempting target, since successful penetration would yield a wealth of data about every client they have (if that penetration was limited to read-only access) and possibly more, e.g., silencing alarms that would otherwise be triggered (if that penetration allowed write access). ---rsk
participants (7)
-
charles@thefnf.org
-
Dorance Martinez Cortes
-
Jay Hennigan
-
Jeff Cornejo
-
Mel Beckman
-
Raymond Burkholder
-
Rich Kulawiec