Drill Down Facility in APAN

Stanley Hopcroft Stanley.Hopcroft at IPAustralia.Gov.AU
Fri Apr 25 05:55:43 CEST 2003


Dear Sir,

I am writing to thank you for your letter and suggest you have your
mailer wrap text at about 70 columns.

This makes it easier for those who choose to run the more efficient text
mode mailers (mutt etc).

I have manually reformatted your text so as to make it more readable for
me and maybe others.

On Thu, Apr 24, 2003 at 08:54:36PM -0500, Carroll, Jim P [Contractor] wrote:
> I spent some time (once again; definitely not my first time) browsing the various RRD solutions. 
> And yes, I agree that picking from one of the canned RRD solutions
> would save many gyrations attempting to make Nagios do this.
> 
> I ask that you consider the following and give me some idea of what I might be up against:
> 
> - as near as I can tell, just about all of the RRDworld solutions either look at the local host, or require that you use SNMP
> (cacti is possibly the one exception, allowing you to leverage
> scripts... however, it also requires MySQL)
> 

I beg to disagree. Those frontends that are network box oriented, yes.
AFAIK, others whose main purpose is graphing anything such as Orca (and
perhaps MRTG) can accept data from other inputs - usually the file
system with data in a specific format. 


> - all roads lead to SNMP
> 
> - Nagios already queries the various services on the various hosts; if an RRDworld type solution cannot leverage the data already
> collected by Nagios, that means either a) leveraging the Nagios
> plugins, b) writing a custom script, or c) leveraging SNMP
> 

What Nagios data do you have in mind that an RRD front-end could
leverage ?


RRDs are simply a good choice to store time series (ts)  in. If
you are collecting time series, storing it in RRDs will solve a few
problems for you (graphing, light-weight fixed size storage and
'adequate' data access).

Since Nag doesn't at the moment collect ts data, the challenges are
actually thinking about the role ts plays with Nag.

These may include, 

. considering having the plugins build with an option that causes them
to write performace data RRDs

. as you say, ad-hoc custom checks of ts data collected by something
else. Again, as you say, probably collected by an SNMP collector

. having RRD add-ons or front-ends submit passive service checks to Nag
 

> - all roads lead to SNMP
> 
> - one of my peers has expressed concern over the security (or lack thereof) in SNMP; I'd be curious how to
> 'lock down' SNMP; I'm already aware of the need to change the
> read-only
> community name, and I'd like to disable the read-write community
> altogether; I'd also like to be able to say, "unless the query is
> originating from an authorized IP (or subnet), drop the packet on the
> floor"; I'd be interested in hearing about any other ways to tighten
> things up more, without inadvertently causing myself a major headache
> 

I suggest that these problems are licked in SNMP v3, caveat lack of
commercial implementations. Until then, ad-hoc solutions such as ACLs;
don't run v2 or v1 in 'public' places'; be aware (and scared)  of the
gaping holes - eg public SNMP community string brute force breakers -
try them out on your boxes; keep up to date code etc etc.

I think Poul Henning-Kamp wrote some software (on the RRD page) that
securely gets data from a remote RRD.

> - all roads lead to SNMP, provided this hurdle can be overcome
> 
> Assuming I can meet the above objectives, my sense is that I'll have a fairly large project ahead of me (correct me if I'm wrong). 
> Target hosts include:  Solaris8, RH Linux and Win2k.
> 
> Another big question is, which RRDworld tool to implement?
> 
> Based on all the above, all should feel free to send me (on the list) your comments and recommendations.  :)
> 
> jc
> 
> 
>

Yours sincerely. 

-- 
------------------------------------------------------------------------
Stanley Hopcroft
------------------------------------------------------------------------

'...No man is an island, entire of itself; every man is a piece of the
continent, a part of the main. If a clod be washed away by the sea,
Europe is the less, as well as if a promontory were, as well as if a
manor of thy friend's or of thine own were. Any man's death diminishes
me, because I am involved in mankind; and therefore never send to know
for whom the bell tolls; it tolls for thee...'

from Meditation 17, J Donne.


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list