Book Image

Zenoss Core 3.x Network and System Monitoring

By : Michael Badger
Book Image

Zenoss Core 3.x Network and System Monitoring

By: Michael Badger

Overview of this book

For system administrators, network engineers, and security analysts, it is essential to keep a track of network traffic. Zenoss Core is an enterprise-level systems and network monitoring solution that can be as complex as you need it to be. And while just about anyone can install it, turn it on, and monitor "something", Zenoss Core has a complicated interface packed with features. The interface has been drastically improved over version 2, but it's still not the type of software you can use intuitively – in other words, a bit of guidance is in order. The role of this book is to serve as your Zenoss Core tour guide and save you hours, days, maybe weeks of time. This book will show you how to work with Zenoss and effectively adapt Zenoss for System and Network monitoring. Starting with the Zenoss basics, it requires no existing knowledge of systems management, and whether or not you can recite MIB trees and OIDs from memory is irrelevant. Advanced users will be able to identify ways in which they can customize the system to do more, while less advanced users will appreciate the ease of use Zenoss provides. The book contains step-by-step examples to demonstrate Zenoss Core's capabilities. The best approach to using this book is to sit down with Zenoss and apply the examples found in these pages to your system. The book covers the monitoring basics: adding devices, monitoring for availability and performance, processing events, and reviewing reports. It also dives into more advanced customizations, such as custom device reports, external event handling (for example, syslog server, zensendevent, and Windows Event Logs), custom monitoring templates using SNMP data sources, along with Nagios, and Cacti plugins. An example of a Nagios-style plugin is included and the book shows you where to get an example of a Cacti-compatible plugin for use as a command data source in monitoring templates. In Zenoss Core, ZenPacks are modules that add monitoring functionality. Using the Nagios plugin example, you will learn how to create, package, and distribute a ZenPack. You also learn how to explore Zenoss Core's data model using zendmd so that you can more effectively write event transformations and custom device reports.

Related Content you might be interested in

Current Title:

Small book image
Zenoss Core 3.x Network and System Monitoring
Michael Badger
Apr, 2011 | 312 pages
No titles found
Table of Contents (21 chapters)
Zenoss Core 3.x Network and System Monitoring
Zenoss Core 3.x Network and System Monitoring
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Network and System Monitoring with Zenoss Core
Network and System Monitoring with Zenoss Core
Device management
Availability and performance monitors
Event management
Plugin architecture
System reports
System architecture
User layer
Data layer
Collection layer
Summary
2
Discovering Devices
Discovering Devices
Zenoss Core installation
Preparing devices for monitoring
Opening monitoring-specific ports
Zenoss Core setup wizard
Adding a single device
Importing a list of devices with zenbatchload
Command line discovery with zendisc
Summary
3
Device Setup and Administration
Device Setup and Administration
Organizing devices in Zenoss Core
Modeling devices
Troubleshooting data collection
Device administration
zProperties defined
Summary
4
Monitor Status and Performance
Monitor Status and Performance
Collectors collect
Monitoring components
Performance Graphs
Summary
5
Custom Monitoring Templates
Custom Monitoring Templates
Monitoring Templates
Monitoring SNMP data sources
Monitoring with Nagios plugins
Monitoring with Cacti plugins
Summary
6
Core Event Management
Core Event Management
Event Console
Event Manager
Working with events
Event de-duplication
Summary
7
Collecting Events
Collecting Events
Routing syslog messages to Zenoss Core
Monitoring Windows event logs
Incorporating event reporting into third-party scripts via zensendevent
Creating events by e-mail
Configuring alerting rules
Event transformations
Programming in zendmd, an interactive shell
Summary
8
Settings and Administration
Settings and Administration
Managing Zenoss Core users
Creating custom User Commands
System settings
Configuring Zenoss Core's Monitoring Dashboard
Meet the Zenoss Daemons
Maintenance Windows
Adding MIBs
Backing up and restoring monitoring data
Updating Zenoss Core
Summary
9
Extending Zenoss Core with ZenPacks
Extending Zenoss Core with ZenPacks
Installing community ZenPacks
Creating a ZenPack
Developer resources
Summary
10
Reviewing Built-in Reports
Reviewing Built-in Reports
Report overview
Device Reports
Event Reports
Graph Reports
Multi-Graph Reports
Performance Reports
User Reports
Summary
11
Writing Custom Device Reports
Writing Custom Device Reports
Creating Custom Device Reports
Scheduling reports for e-mail delivery
Summary
Event Attributes
Event Attributes
Device Attributes
Device Attributes
Example snmpd.conf
Example snmpd.conf
Index
Index

Appendix C. Example snmpd.conf

In Chapter 2, Discovering Devices we configured the /etc/snmp/snmpd.conf file, which allows Zenoss Core to retrieve monitoring data from the server. A sample snmpd.conf file is listed here as a reference:

####################################################
# Access Control

####################################################


# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY

# KNOWN AT YOUR SITE.  YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO

# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.



# By far, the most common question I get about the agent is "why won't

# it work?", when really it should be "how do I configure the agent to

# allow me to access it?"

#

# By default, the agent responds to the "public" community for read

# only access, if run out of the box without any configuration file in 

# place.  The following examples show you other ways of configuring

# the agent so that you can change the community names, and give

# yourself write access as well.

#

# The following lines change the access permissions of the agent so

# that the COMMUNITY string provides read-only access to your entire

# NETWORK (EG: 10.10.10.0/24), and read/write access to only the

# localhost (127.0.0.1, not its real ipaddress).

#

# For more information, read the FAQ as well as the snmpd.conf(5)

# manual page.

# First, map the community name "public" into a "security name"



#       sec.name  source          community

com2sec notConfigUser  default       public



####

# Second, map the security name into a group name:

#       groupName      securityModel securityName

group   notConfigGroup v1           notConfigUser

group   notConfigGroup v2c           notConfigUser

####

# Third, create a view for us to let the group have rights to:

# Make at least  snmpwalk -v 1 localhost -c public system fast again.

#       name           incl/excl     subtree         mask(optional)

view    systemview    included   .1

####

# Finally, grant the group read-only access to the systemview view.

#       group          context sec.model sec.level prefix read   write  notif

access  notConfigGroup ""      any       noauth    exact  systemview none none

####################################################
# System contact information

#

# It is also possible to set the sysContact and sysLocation system

# variables through the snmpd.conf file:

syslocation Unknown (edit /etc/snmp/snmpd.conf)

syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)

# Added for support of bcm5820 cards.

pass .1 /usr/bin/ucd5820stat

####################################################
# Further Information

#

#  See the snmpd.conf manual page, and the output of "snmpd -H".

trapcommunity public

# trapsink default

trapsink 127.0.0.1 public 162
Previous Section
End of Chapter
Next Chapter