View
418
Download
0
Category
Preview:
Citation preview
Fractal Nagios:Using Nagios XI, Core, Log Server,
Network Analyzer, Reactor, Fusion, and Incident Manager to monitor itself.
You can do it!!
Eric Loyd • eric@bitnetix.com@EricLoyd • @Bitnetix
Who is Eric? What is Bitnetix?• Eric is the Founder and CEO of Bitnetix Incorporated and SmartVox
– 2014 Nagios MVP award winner
– Runner-up of the 2015 Nagios Log Server dashboard contest
– Presenter at #NagiosCon12, 13, 14, and now #NagiosCon15
• IT/network consulting and VoIP services• Over 25 Years in IT and management at places like
– Rochester Institute of Technology
– Eastman Kodak
– Frontier Communications / Global Crossing
• Bitnetix started its tenth year in July of 2015• Have been using Nagios since 2004
What is “Fractal Nagios?”
Nagios Log
Server
Nagios XI
Fusion
Reactor
Network Analyzer
Incident Manager
Log Server
What do Each of these do?Nagios XI
• Monitors
• Alerts
• Escalates
• Monitors
• Alerts
• Escalates
Fusion
• Ties together multiple XI and Core instances
• Ties together multiple XI and Core instances
Network Analyzer
• Bandwidth
• Source
• Dest
• Ports
• Bandwidth
• Source
• Dest
• Ports
Reactor
• Like an event handler on steroids
• Like an event handler on steroids
Incident Manager
• Tickets
• Incidents
• Callbacks
• Escalations
• Tickets
• Incidents
• Callbacks
• Escalations
Log Server
• System logs
• Applications
• Security
• System logs
• Applications
• Security
There is some overlap, but we are going to look at an experiment:
Use all this stuff to monitor itself.
Nagios XI (or Core)
• Monitors hosts and services
– Active checks directly or via agents
– Passive checks sent by remote machines
• Alerts when something goes wrong/right
• Executes event handlers to try to fix things
• Escalates when nothing gets fixed
Nagios Reactor
• Advanced automation management
– Think “event handlers” on steroids
• Event chains, reusable blocks, etc.
• Can be used for systems administration, deployment, updates, etc.
• Notification and reporting tools
Nagios Log Server
• Accepts logs/events from systems
• Organizes them into searchable indexes
• Provides dashboards, reports, and alerts
• Easily integrates Unix or Windows event logs with application and server logs
Nagios Network Analyzer
• Accepts NetFlow/sFlow information from routers, switches, and servers
• Provides intrusion detection, network usage, bandwidth monitoring, and alerting
• Reporting capabilities
Nagios Incident Manager
• “Ticketing” system on steroids
• Provides semi-RESTful API to create, list, edit, and delete tickets and callbacks
• Reporting and trending capabilities
Nagios Fusion
• Sort of a dashboard for separate Nagios XI and Core instances
• Easily move through server heirarchy
• Create dashboards
– Show only what’s important
– Drill down to connect to specific servers
PIAT: Monitoring
Nagios XI/Core Monitors Everything
PIAT: Logging
PIAT: NetFlow
PIAT: Events
PIAT: Alerts
Fractal Nagios:
Questions?Comments?
http://bitnetix.com/NW2015
Eric Loyd • eric@bitnetix.com@EricLoyd • @Bitnetix
Recommended