Nagios best practices?

Matthew Joyce MJoyce at ccia.unsw.edu.au
Tue Aug 14 06:08:01 CEST 2007


Good advice.


I'm happy to say we can tick most of those boxes.
For logs I've been using the free Splunk, quite handy for post incident
forensics.

I'd also add :
Pay attention to host parents and service dependencies.
Getting them right can be the difference between knowing what is going
on and a notification blizzard.

I'd also propose only monitoring what you need to, seems obvious but
it's easy to start monitoring because you can.

Matthew Joyce 
02 9382 0051 | IT Manager | Children's Cancer Institute Australia for
Medical Research 
 

> -----Original Message-----
> From: nagios-users-bounces at lists.sourceforge.net 
> [mailto:nagios-users-bounces at lists.sourceforge.net] On Behalf 
> Of Russell Adams
> Sent: Tuesday, 14 August 2007 10:17 AM
> To: nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] Nagios best practices?
> 
> My $0.02:
> 
>    Use a text editor and version control.
> 
>    Minimize and automate as much as practical.
> 
>    Try out NACE. Make a template, setup a query to find systems to
>    apply it to. Don't be the administrative bottleneck when systems
>    need to be added, or they won't be. Set standards and let
>    automation do the work for you.
> 
>    Make sure you have two methods for notification. Email is good,
>    backup IXO/TAP/SMS via modem on POTS is better (Sendpage).
> 
>    Have a dedicated UPS on your Nagios system. Power's out,
>    notifications continue.
> 
>    Use a trending (Torrus) and log monitoring (Syslog-ng & Logmuncher)
>    tool in conjunction with Nagios to ensure all your bases are
>    covered. Tie them in to use Nagios notification engine as needed.
> 
>    Consider using SNMP for common checks on platforms with decent
>    snmpd's (Linux, Windows 2000+, AIX 5.3, etc). This saves you from
>    deploying NRPE everywhere, minimizing the client side software.
>    (This'll start a flame war, so I'll point out you should only use
>    SNMP on an internal network and use host ACL's to confine SNMP to
>    read only queries from the Nagios server and one alternate for
>    upgrades. ) Check out Patrick Proy's snmp plugins,
>    http://nagios.manubulon.com/ .
> 
>    Choose what you monitor and how you notify carefully. Apathy caused
>    by too many off hours notifications is a real problem when that
>    important message goes out. I'd suggest email for all
>    notifications, but SMS only for critical services in a critical
>    state.
> 
> Good luck!
> 
> On Mon, Aug 13, 2007 at 09:30:19PM +0100, Jim Avery wrote:
> > On 13/08/07, Steve Huff <shuff at hmdc.harvard.edu> wrote:
> > > Hello folks!
> > >
> > > I'd like to roll out Nagios to replace our aging Mon 
> installation; 
> > > however, setting up Nagios has been more difficult than I had 
> > > expected, which makes me wonder if I'm going about it the 
> wrong way.
> > >
> > > Can you recommend a Nagios best practices document or howto?
> > 
> > The relevant page in the official Nagios documentation you need to 
> > look for is "Time-Saving Tricks For Object Definitions".  I 
> would give 
> > you the url, but for some reason I can't get to that page 
> just at the 
> > moment.
> > 
> > An excellent introduction to Nagios which goes through how to 
> > configure it is the book 'Nagios' by Wolfgang Barth published by 
> > NoStarch Press.  You can buy it online in .pdf form, 
> printed form or 
> > both.  It's getting slightly dated now, but IMO it's an easier read 
> > than some of the alternatives if you're just starting out.
> > 
> > Using hostgroups and templates judiciously you should be able to 
> > achieve what you want pretty easily.  My recommendation would be to 
> > start with a simple config and expand from there rather 
> than trying to 
> > do everything at once.
> > 
> > hth,
> > 
> > Jim
> > 
> > 
> ----------------------------------------------------------------------
> > --- This SF.net email is sponsored by: Splunk Inc.
> > Still grepping through log files to find problems?  Stop.
> > Now Search log events and configuration files using AJAX 
> and a browser.
> > Download your FREE copy of Splunk now >>  http://get.splunk.com/ 
> > _______________________________________________
> > Nagios-users mailing list
> > Nagios-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > ::: Please include Nagios version, plugin version (-v) and 
> OS when reporting any issue. 
> > ::: Messages without supporting info will risk being sent 
> to /dev/null
> ------------------------------------------------------------------
> Russell Adams                            RLAdams at AdamsInfoServ.com
> 
> PGP Key ID:     0x1160DCB3           http://www.adamsinfoserv.com/
> 
> Fingerprint:    1723 D8CA 4280 1EC9 557F  66E8 1154 E018 1160 DCB3
> 

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list