Proactieve Monitoring
Open ICT infrastructuur monitoring solutions
Gentbrugge, 22 october 2014
Jan Guldentops ( j@ba.be...
Who am I?
● Jan Guldentops (° 1973)
● Historian by education, ICT Infrastructure builder by vocation,
Security guy by a...
Brave new world
Why monitor ?
● Permanently keeping an eye on all aspects of your infrastructure
● network, storage, security, servers, ...
Lots of monitoring solutions
Open Source
Netsaint, Big Brother, OpenNms
Nagios / Icinga
Commercial Open Source
Zabbix...
Gartner
Funny but true
Why nagios ?
● OPEN !!!!!!!!
● Mature: almost 12 years of development went into it
● It has a big, living community and...
Problem with nagios ?
● Nagios is like linux -> Everybody can built his own version of it
● Core Nagios ( version 2.0 or...
BA Monitoring Distro
● BA decided to standardise to our own distro
● 100% open source
● Delivered as a physical or virt...
How does it work ?
Checks: Server-, storage
and virtual infrastructure
● SNMP ( e.g. for HP-servers )
● Agents :
● check_mk
● NRPE ( Nag...
Check_MK
Checks : Network
infrastructure
● ICMP / UDP
● Latency
● package loss
● bandwith
● Active monitoring by snmp
● Pull...
Checks : analysing central
logfiles
● Logging all system messages to a central
syslog
● Analyse the logfiles and creat...
Checks : virtual machines
● Compatible with most virtualisation products
● Can monitor the vms through
– hypervisor / v...
Checks: services
● Check if a service is still running
● Through check plugins
● There are quite a number of checks ava...
Checks: Infrastructure
● Power / UPS
● SNMP
● Serial cable
● custom software from supplier
● Environmental: Temperatu...
Checks: special projects
● Security: Hostbased IDS
● Scans of your network and the connected hosts
( NMAP / MACtable / ...
Visualisation
● DASHBOARD
● Techies and non-techies
● Webinterface
● Mobile
– Mobile HTML5
– Jnag mobile apps for An...
Cool nagvis examples
Cool Nagvis examples
Cool Nagvis Examples
Mobile App
Visualisation
Alarming
● Once something goes wrong you want to alert the right people
● Alertgroups
● Alertgroups can be combined wit...
Reporting
● Historical data of what happened
● Every checks has a status than can be kept
for later analysis
● Can be ...
Use it as a tool
● Modus operandi :
● Acknowledge problems
● Shedule downtime
● Put the right relations between monito...
Monitoring isn't always right
● Check is only so intelligent as you make it!
● False positives or negatives
● Problems ...
New possibilities
● SIEM – Security Incident and Event Management
● Aanval integration with Nagios is under development ...
Demotime!
Thank You
Contact us
http://be.linkedin.com/in/janguldentops/
Twitter: JanGuldentops
www.ba.be / Twitter: batweets
in...
Proactive monitoring tools or services - Open Source
of 33

Proactive monitoring tools or services - Open Source

Deel 1: (Open source) Monitoring tools in alle maten en gewichten [18:00 tot 19:30] In deze sessie probeert Jan Guldentops op basis van zijn 20 jaar ervaring uit te leggen wat een monitoring oplossing in theorie zou moeten kunnen, waar u het kan toepassen en waar u moet op letten bij de selectie van een monitoring oplossing. We overlopen de verschillende oplossingen op de markt ( open source, close source, hosted services, etc.) Daarna gaan we dieper in op de open source nagios oplossing en hoe wij bij BA deze geintegreerd hebben in ons eigen monitoringsysteem. Daarna geven we een korte demo van dit monitoringsysteem in een aantal verschillende omgevingen en hoe ver u kan gaan in het naar uw hand zetten van de oplossing.
Published on: Mar 3, 2016
Published in: Technology      
Source: www.slideshare.net


Transcripts - Proactive monitoring tools or services - Open Source

  • 1. Proactieve Monitoring Open ICT infrastructuur monitoring solutions Gentbrugge, 22 october 2014 Jan Guldentops ( j@ba.be ) BA N.V. ( http://www.ba.be )
  • 2. Who am I? ● Jan Guldentops (° 1973) ● Historian by education, ICT Infrastructure builder by vocation, Security guy by accident ● Open Source fundamentalist after houres (LPI, RHCE, RHCSA, VSP, VTSP, ...) ● Focus on planning, building, security and maintening network, storage,server and cloud infrastructures ● Hands on guy with 20 years of practical experience – Testlab – MacGuyver Projects ● Founding Partner of Better access (°1996) and BA (°2003)
  • 3. Brave new world
  • 4. Why monitor ? ● Permanently keeping an eye on all aspects of your infrastructure ● network, storage, security, servers, applications, power, etc. ● Seeing the status questionis in one blink of the eye ● being able to alert the right people in case of problems ● Work proactively ● Detecting problems before they become critical ● knowing somethings wrong before the phone rings... ● Historical reporting ● knowing when, where and what problems arrive can help you locate typical problems and resolve them ● Did we keep our SLA ? Did our supplier keep his SLA ? ● The numbers tell the tale ! ( Meten is weten / Le mètre à ruban )
  • 5. Lots of monitoring solutions Open Source Netsaint, Big Brother, OpenNms Nagios / Icinga Commercial Open Source Zabbix, Centreon, Groundworks Closed source solutions PRTG, Whatsupgold, Intermapper Scom ( Yes even Microsoft enters this space!) “Enterprise” HP, Tivoli, BMC, Netiq, etc. Cloud oplossingen aka Monitoring as a service Cloudprovider, Telco, etc.
  • 6. Gartner
  • 7. Funny but true
  • 8. Why nagios ? ● OPEN !!!!!!!! ● Mature: almost 12 years of development went into it ● It has a big, living community and ecosystem ● Nagiosexchange ● Nagios plugin community ● Easy to adapt to specialized needs and monitoring possibilities ● e.g. I have a customer who uses it to monitor all the aspects of his automated carwash setup. ● It scales to pretty big infrastructures ● Multi monitoring nodes ● Failover, etc. ● Last but not least: it works !
  • 9. Problem with nagios ? ● Nagios is like linux -> Everybody can built his own version of it ● Core Nagios ( version 2.0 or 3.0 ) ● Enterprise version : Nagios XI ● Open Monitoring Distribution / Check_mk ● Groundwork ● Op5 ● Centreon ● Forking: ICINGA ● Big collection of loose development / packages ● Steep learning curve
  • 10. BA Monitoring Distro ● BA decided to standardise to our own distro ● 100% open source ● Delivered as a physical or virtual appliance (Ready2run) ● Treasure chest of all the available tools, checks, templates, example configs ● Based on Check_MK / OMD ● Updatable / supportable
  • 11. How does it work ?
  • 12. Checks: Server-, storage and virtual infrastructure ● SNMP ( e.g. for HP-servers ) ● Agents : ● check_mk ● NRPE ( Nagios Remote Plugin Executor ) ● NCSA ● NSClient++ ● remote ssh commands ● specific custom built scripts ● Blacklisting check ● Backup check ● Etc.
  • 13. Check_MK
  • 14. Checks : Network infrastructure ● ICMP / UDP ● Latency ● package loss ● bandwith ● Active monitoring by snmp ● Pulls ● Traps ● RMON / Nflows / Rflows
  • 15. Checks : analysing central logfiles ● Logging all system messages to a central syslog ● Analyse the logfiles and create alerts ● custom scripts ● Look for anomalies ● Splunk... ● Check backuplogs ● Etc.
  • 16. Checks : virtual machines ● Compatible with most virtualisation products ● Can monitor the vms through – hypervisor / vcenter ● SNMP ● Same way as you check bare metal servers : – Check_mk – Nrpe / NCSA – Remote ssh
  • 17. Checks: services ● Check if a service is still running ● Through check plugins ● There are quite a number of checks available ● Use the community : http://nagiosplugins.org ● Write them yourself in perl, python or another interpreter language
  • 18. Checks: Infrastructure ● Power / UPS ● SNMP ● Serial cable ● custom software from supplier ● Environmental: Temperature / humidity-sensors ● Lots of check sensors available ● Work usually by SNMP ● Videosecurity ● Access control systems
  • 19. Checks: special projects ● Security: Hostbased IDS ● Scans of your network and the connected hosts ( NMAP / MACtable / etc. ) ● What's new in the network ? ● Spam blacklist check ● Check certificates ● Rogue snapshot check ● Licentiemanagement
  • 20. Visualisation ● DASHBOARD ● Techies and non-techies ● Webinterface ● Mobile – Mobile HTML5 – Jnag mobile apps for Android, Iphone, Ipad ● Nagvis – allows you to project status on custom images – Full customization possible!
  • 21. Cool nagvis examples
  • 22. Cool Nagvis examples
  • 23. Cool Nagvis Examples
  • 24. Mobile App
  • 25. Visualisation
  • 26. Alarming ● Once something goes wrong you want to alert the right people ● Alertgroups ● Alertgroups can be combined with the right timings ● Alerts can be given by : ● E-mail ● SMS ● Semadigit ● Social media ( twitter ) ● Jabber ( Instant Messaging ) ● RSS ● Special stuff : ● Integrate in ticketingsystem ● webservices ● hardware ( IO, lights, etc. ) ● Automated stuff ( run scripts )
  • 27. Reporting ● Historical data of what happened ● Every checks has a status than can be kept for later analysis ● Can be used for : ● SLA ● Resource planning ● Troubleshooting
  • 28. Use it as a tool ● Modus operandi : ● Acknowledge problems ● Shedule downtime ● Put the right relations between monitored entities ● Don't alert for everything and all the time ! ● Integrate with other tools : ● Ticketingsystem – OTRS, Omnitracker, Topdesk ( Work-in-progres) ● Dispatch ● Integrate documentation systems ● Inventory
  • 29. Monitoring isn't always right ● Check is only so intelligent as you make it! ● False positives or negatives ● Problems with : ● Network Latency ● Load on the monitoringserver ● Load on the monitored appliance ● Monitoring infrastructure is a great target for hackers!
  • 30. New possibilities ● SIEM – Security Incident and Event Management ● Aanval integration with Nagios is under development ● Devops ● DevOps is the practice of operations and development engineers participating together in the entire service lifecycle, from design through the development process to production support. ● DevOps is also characterized by operations staff making use many of the same techniques as developers for their systems work. ● Application Performance Monitoring ● Automonitoring ● Automagically privisioning monitoring in yiour systems
  • 31. Demotime!
  • 32. Thank You Contact us http://be.linkedin.com/in/janguldentops/ Twitter: JanGuldentops www.ba.be / Twitter: batweets info@ba.be 016/29.80.45 016/29.80.46 Remy Toren Vaartdijk 3/501 B-3018 Wijgmaal

Related Documents