Re: NANOG Digest, Vol 127, Issue 16
- PRTG, it's realy easy to configure. Most of the senssors are SNMP of: traffic/ping/cpu/memory and some senssors for servers like DNS and Radius, etc. - Zabbix, there's 2 things that made us use Zabbix, the first one it's Zabbix Proxy, since the network it's geographical distribuited we need a tool that provides us monitoring from another places with a low price. And LLD that i use for monitoring BGP/OSPF sessions and prefix. - Elastiflow - For Syslog we use Graylog, that i recomend, it's a excelente tool for monitoring syslog messages and there's a lot of features such as extractors, streams and alerts. I think that PRTG it's kind expensive solution ( if you buy the license ), but provides a easy way to monitor a lot of things. Just one thing, if your license expires your are no able to update your software and if you want to buy the license for upgrade, the days without the license counts as negative days, i never seen that before, like, if you don't update the license for 1 year and bought the 3 years lisence, you will got 2 years of support and upgrade. Atenciosamente, Em sex, 17 de ago de 2018 às 09:00, <nanog-request@nanog.org> escreveu:
Send NANOG mailing list submissions to nanog@nanog.org
To subscribe or unsubscribe via the World Wide Web, visit https://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-request@nanog.org
You can reach the person managing the list at nanog-owner@nanog.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of NANOG digest..."
Today's Topics:
1. Re: What NMS do you use and why? (Nick Peelman) 2. Re: What NMS do you use and why? (Joe Loiacono) 3. RE: What NMS do you use and why? (Stan Ouchakov) 4. Re: What NMS do you use and why? (Nick Peelman) 5. Re: What NMS do you use and why? (Kushal) 6. RE: What NMS do you use and why? (Michael Braun (michbrau)) 7. Re: What NMS do you use and why? (Nick W) 8. Akamia Contact (Romeo Czumbil)
----------------------------------------------------------------------
Message: 1 Date: Wed, 15 Aug 2018 23:14:32 +0000 From: Nick Peelman <npeelman@ETC1.net> To: Colton Conor <colton.conor@gmail.com> Cc: NANOG <nanog@nanog.org> Subject: Re: What NMS do you use and why? Message-ID: <D0CDB355-16C7-49E1-9FD6-EDFFB618CC70@ETC1.net> Content-Type: text/plain; charset="Windows-1252"
I think anybody looking for a be-all-end-all solution will find nothing but heartburn.
different suites have different strong suits, and deciding you are going to pursue one and ignore all others may mean living without a feature or set of features you may find really useful or eventually necessary. but maintaining multiple complete NMSes isn’t really tenable either.
all of that said, we use a combination of a couple. Nagios/Icinga because it’s been around forever (both in the world and in our network), and the power of script based checks, being able to write your own handlers and pretty much just leverage it as a framework you can shove questions into and get regular answers from is invaluable.
LibreNMS gives us the best pretty pictures, letting us monitor much much more than just interface traffic, out of the box. much more than cacti is capable of without a ton of work (i.e. down to the tx/rx power and temperature readings of individual SFPs). it scales relatively well; at least in theory. i will be able to tell you for sure later this year as we are near the limits of what we can monitor with a single polling device. alerting out of Libre into Slack has proven quite fantastic. we can spawn threads attached to anything from a BGP peer dropping or a CPU alert as we move to triage and solve, even if we are in the field or meetings or whatever.
we also still have cacti around for random one-offs. as great as Libre is, its poller can be a bit intense for some devices; so in those cases it’s safer for us to just have cacti graph the one or two OIDs we need specifically, without trolling all the other available sensors.
we ran OpenNMS for a bit, but it proved way to dumb to maintain a large (and growing) complex network, without dedicating at least one or two people to the care and feeding of it.
-nick
— Nick Peelman Network Engineer | Enhanced Telecommunications Corp. 812-222-0169<tel:812-222-0169> | npeelman@etc1.net<mailto: npeelman@etc1.net> | www.etczone.com<http://www.etczone.com/>
Sent from my iPhone
On Aug 15, 2018, at 09:49, Colton Conor <colton.conor@gmail.com<mailto: colton.conor@gmail.com>> wrote:
We are looking for a new network monitoring system. Since there are so many operators on this list, I would like to know which NMS do you use and why? Is there one that you really like, and others that you hate?
For free options (opensouce), LibreNMS and NetXMS come highly recommended by many wireless ISPs on low budgets. However, I am not sure the commercial options available nor their price points.
------------------------------
Message: 2 Date: Wed, 15 Aug 2018 20:31:13 -0400 (EDT) From: Joe Loiacono <jloiacon@gmail.com> To: William Herrin <bill@herrin.us> Cc: NANOG <nanog@nanog.org>, Colton Conor <colton.conor@gmail.com> Subject: Re: What NMS do you use and why? Message-ID: <593335944.184.1534379472982.JavaMail.jloia@DESKTOP-FDMC6S8> Content-Type: text/plain; charset=utf-8
Consider also open-source FlowViewer for netflow capture and analysis. A lot of very useful netflow based analytical tools in an easy UI. Sits on top of a robust set of Carnegie-Mellon's high-capacity SiLK netflow tools.
https://sourceforge.net/projects/flowviewer/
Joe
----- Original Message ----- From: "William Herrin" <bill@herrin.us> To: "Colton Conor" <colton.conor@gmail.com> Cc: "NANOG" <nanog@nanog.org> Sent: Wednesday, August 15, 2018 3:25:48 PM Subject: Re: What NMS do you use and why?
On Wed, Aug 15, 2018 at 9:49 AM, Colton Conor <colton.conor@gmail.com> wrote:
We are looking for a new network monitoring system. Since there are so many operators on this list, I would like to know which NMS do you use and why? Is there one that you really like, and others that you hate?
I still use a tool I wrote in perl nearly 20 years ago called "MrPing." MrPing handles multi-dependency graphs.
Consider:
A is reachable via either B or C.
If A and B are down but C is up, A being down is a separate failure from B being down. I need to know about both.
If B and C are both down, A is unreachable. I don't want to receive alerts about A because they'll distract me from the root cause of the problem: that both B and C are down. The NMS should record that A is unreachable but it should also tell me that A being unreachable is a dependent failure that I can ignore until I fix the failures it depends on.
The NMSes I've paid attention to either don't support dependencies well at all or support only simple hierarchical dependencies. Resilient, professional networks simply aren't built that way.
Regards, Bill Herrin
-- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
------------------------------
Message: 3 Date: Thu, 16 Aug 2018 15:39:52 +0000 From: Stan Ouchakov <stano@imaginesoftware.com> To: Joe Loiacono <jloiacon@gmail.com>, William Herrin <bill@herrin.us> Cc: NANOG <nanog@nanog.org> Subject: RE: What NMS do you use and why? Message-ID: <e12e489f5c6c4837bd2cee6efe9cb3e0@imaginesoftware.com> Content-Type: text/plain; charset="utf-8"
Regarding netflow/sflow/ipfix monitoring, we had recently started using elastiflow by Robert Cowart. Scales very well with pretty visualizations. Cannot imagine what paid / supported version has to offer :)
https://github.com/robcowart/elastiflow
-----Original Message----- From: NANOG <nanog-bounces@nanog.org> On Behalf Of Joe Loiacono Sent: Wednesday, August 15, 2018 8:31 PM To: William Herrin <bill@herrin.us> Cc: NANOG <nanog@nanog.org> Subject: Re: What NMS do you use and why?
Consider also open-source FlowViewer for netflow capture and analysis. A lot of very useful netflow based analytical tools in an easy UI. Sits on top of a robust set of Carnegie-Mellon's high-capacity SiLK netflow tools.
https://sourceforge.net/projects/flowviewer/
Joe
----- Original Message ----- From: "William Herrin" <bill@herrin.us> To: "Colton Conor" <colton.conor@gmail.com> Cc: "NANOG" <nanog@nanog.org> Sent: Wednesday, August 15, 2018 3:25:48 PM Subject: Re: What NMS do you use and why?
On Wed, Aug 15, 2018 at 9:49 AM, Colton Conor <colton.conor@gmail.com> wrote:
We are looking for a new network monitoring system. Since there are so many operators on this list, I would like to know which NMS do you use and why? Is there one that you really like, and others that you hate?
I still use a tool I wrote in perl nearly 20 years ago called "MrPing." MrPing handles multi-dependency graphs.
Consider:
A is reachable via either B or C.
If A and B are down but C is up, A being down is a separate failure from B being down. I need to know about both.
If B and C are both down, A is unreachable. I don't want to receive alerts about A because they'll distract me from the root cause of the problem: that both B and C are down. The NMS should record that A is unreachable but it should also tell me that A being unreachable is a dependent failure that I can ignore until I fix the failures it depends on.
The NMSes I've paid attention to either don't support dependencies well at all or support only simple hierarchical dependencies. Resilient, professional networks simply aren't built that way.
Regards, Bill Herrin
-- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
------------------------------
Message: 4 Date: Thu, 16 Aug 2018 15:42:44 +0000 From: Nick Peelman <npeelman@ETC1.net> To: Stan Ouchakov <stano@imaginesoftware.com> Cc: Joe Loiacono <jloiacon@gmail.com>, William Herrin <bill@herrin.us>, NANOG <nanog@nanog.org> Subject: Re: What NMS do you use and why? Message-ID: <61BD4D17-F5EB-46AC-BEE2-5D289FECDDBD@ETC1.net> Content-Type: text/plain; charset="Windows-1252"
seconded. the pains of maintaining ELK are made worthwhile by this alone.
-nick
— Nick Peelman Network Engineer | Enhanced Telecommunications Corp. 812-222-0169<tel:812-222-0169> | npeelman@etc1.net<mailto: npeelman@etc1.net> | www.etczone.com<http://www.etczone.com/>
Sent from my iPhone
On Aug 16, 2018, at 11:41, Stan Ouchakov <stano@imaginesoftware.com <mailto:stano@imaginesoftware.com>> wrote:
Regarding netflow/sflow/ipfix monitoring, we had recently started using elastiflow by Robert Cowart. Scales very well with pretty visualizations. Cannot imagine what paid / supported version has to offer :)
https://github.com/robcowart/elastiflow
-----Original Message----- From: NANOG <nanog-bounces@nanog.org<mailto:nanog-bounces@nanog.org>> On Behalf Of Joe Loiacono Sent: Wednesday, August 15, 2018 8:31 PM To: William Herrin <bill@herrin.us<mailto:bill@herrin.us>> Cc: NANOG <nanog@nanog.org<mailto:nanog@nanog.org>> Subject: Re: What NMS do you use and why?
Consider also open-source FlowViewer for netflow capture and analysis. A lot of very useful netflow based analytical tools in an easy UI. Sits on top of a robust set of Carnegie-Mellon's high-capacity SiLK netflow tools.
https://sourceforge.net/projects/flowviewer/
Joe
----- Original Message ----- From: "William Herrin" <bill@herrin.us<mailto:bill@herrin.us>> To: "Colton Conor" <colton.conor@gmail.com<mailto:colton.conor@gmail.com>> Cc: "NANOG" <nanog@nanog.org<mailto:nanog@nanog.org>> Sent: Wednesday, August 15, 2018 3:25:48 PM Subject: Re: What NMS do you use and why?
On Wed, Aug 15, 2018 at 9:49 AM, Colton Conor <colton.conor@gmail.com <mailto:colton.conor@gmail.com>> wrote: We are looking for a new network monitoring system. Since there are so many operators on this list, I would like to know which NMS do you use and why? Is there one that you really like, and others that you hate?
I still use a tool I wrote in perl nearly 20 years ago called "MrPing." MrPing handles multi-dependency graphs.
Consider:
A is reachable via either B or C.
If A and B are down but C is up, A being down is a separate failure from B being down. I need to know about both.
If B and C are both down, A is unreachable. I don't want to receive alerts about A because they'll distract me from the root cause of the problem: that both B and C are down. The NMS should record that A is unreachable but it should also tell me that A being unreachable is a dependent failure that I can ignore until I fix the failures it depends on.
The NMSes I've paid attention to either don't support dependencies well at all or support only simple hierarchical dependencies. Resilient, professional networks simply aren't built that way.
Regards, Bill Herrin
-- William Herrin ................ herrin@dirtside.com<mailto: herrin@dirtside.com> bill@herrin.us<mailto:bill@herrin.us> Dirtside Systems ......... Web: <http://www.dirtside.com/>
------------------------------
Message: 5 Date: Thu, 16 Aug 2018 22:19:35 +0530 From: Kushal <kushal.r@h4g.co> To: Stan Ouchakov <stano@imaginesoftware.com>, Nick Peelman <npeelman@etc1.net> Cc: NANOG <nanog@nanog.org> Subject: Re: What NMS do you use and why? Message-ID: <etPan.5b75ab1f.dbb654b.3ad@h4g.co> Content-Type: text/plain; charset="utf-8"
Being a small business we like to use a mostly free and open source tools. Our networking monitoring stack presently looks like:
Simple Reachability Monitoring (Ping) - uptimerobot.com
Just $4.5 per month for 50 monitors with 1 minute intervals (free if you are find with 5 minutes monitoring intervals). This is connected to our slack channel and also sends SMS when something goes offline.
Traffic & Device Monitoring - LibreNMS
A fork of Observium but adds the much needed alerting feature that observing only offers with it's paid plans. We use it to monitor switch port traffic, BGP sessions, device health, etc.
Packet Inspection or Flow Monitoring we use FastNetMon ( https://fastnetmon.com/features/) the free edition is good for our needs.
On August 16, 2018 at 9:16:42 PM, Nick Peelman (npeelman@etc1.net) wrote:
seconded. the pains of maintaining ELK are made worthwhile by this alone.
-nick
— Nick Peelman Network Engineer | Enhanced Telecommunications Corp. 812-222-0169<tel:812-222-0169> | npeelman@etc1.net<mailto: npeelman@etc1.net> | www.etczone.com<http://www.etczone.com/>
Sent from my iPhone
On Aug 16, 2018, at 11:41, Stan Ouchakov <stano@imaginesoftware.com <mailto:stano@imaginesoftware.com>> wrote:
Regarding netflow/sflow/ipfix monitoring, we had recently started using elastiflow by Robert Cowart. Scales very well with pretty visualizations. Cannot imagine what paid / supported version has to offer :)
https://github.com/robcowart/elastiflow
-----Original Message----- From: NANOG <nanog-bounces@nanog.org<mailto:nanog-bounces@nanog.org>> On Behalf Of Joe Loiacono Sent: Wednesday, August 15, 2018 8:31 PM To: William Herrin <bill@herrin.us<mailto:bill@herrin.us>> Cc: NANOG <nanog@nanog.org<mailto:nanog@nanog.org>> Subject: Re: What NMS do you use and why?
Consider also open-source FlowViewer for netflow capture and analysis. A lot of very useful netflow based analytical tools in an easy UI. Sits on top of a robust set of Carnegie-Mellon's high-capacity SiLK netflow tools.
https://sourceforge.net/projects/flowviewer/
Joe
----- Original Message ----- From: "William Herrin" <bill@herrin.us<mailto:bill@herrin.us>> To: "Colton Conor" <colton.conor@gmail.com<mailto:colton.conor@gmail.com>>
Cc: "NANOG" <nanog@nanog.org<mailto:nanog@nanog.org>> Sent: Wednesday, August 15, 2018 3:25:48 PM Subject: Re: What NMS do you use and why?
On Wed, Aug 15, 2018 at 9:49 AM, Colton Conor <colton.conor@gmail.com <mailto:colton.conor@gmail.com>> wrote: We are looking for a new network monitoring system. Since there are so many operators on this list, I would like to know which NMS do you use and why? Is there one that you really like, and others that you hate?
I still use a tool I wrote in perl nearly 20 years ago called "MrPing." MrPing handles multi-dependency graphs.
Consider:
A is reachable via either B or C.
If A and B are down but C is up, A being down is a separate failure from B being down. I need to know about both.
If B and C are both down, A is unreachable. I don't want to receive alerts about A because they'll distract me from the root cause of the problem: that both B and C are down. The NMS should record that A is unreachable but it should also tell me that A being unreachable is a dependent failure that I can ignore until I fix the failures it depends on.
The NMSes I've paid attention to either don't support dependencies well at all or support only simple hierarchical dependencies. Resilient, professional networks simply aren't built that way.
Regards, Bill Herrin
-- William Herrin ................ herrin@dirtside.com<mailto: herrin@dirtside.com> bill@herrin.us<mailto:bill@herrin.us> Dirtside Systems ......... Web: <http://www.dirtside.com/>
participants (1)
-
Saymon Araújo