For system administrators, network engineers, and security analysts, it is essential to keep a track of network traffic.
Zenoss Core is an enterprise-level systems and network monitoring solution that can be as complex as you need it to be. While just about anyone can install it, turn it on, and monitor "something", Zenoss Core has a complicated interface packed with features. The interface has been drastically improved over version 2, but it's still not the type of software you can use intuitively—in other words, a bit of guidance is in order.
The role of this book is to serve as your Zenoss Core tour guide and save you hours, days, maybe weeks of time.
This book will show you how to work with Zenoss and effectively adapt Zenoss for System and Network monitoring. Starting with the Zenoss basics, it requires no existing knowledge of systems management, and whether or not you can recite MIB trees and OIDs from memory is irrelevant. Advanced users will be able to identify ways in which they can customize the system to do more, while less advanced users will appreciate the ease of use Zenoss provides. The book contains step-by-step examples to demonstrate Zenoss Core's capabilities. The best approach to using this book is to sit down with Zenoss and apply the examples found in these pages to your system.
The book covers the monitoring basics: adding devices, monitoring for availability and performance, processing events, and reviewing reports. It also dives into more advanced customizations, such as custom device reports, external event handling (for example, syslog server, zensendevent, and Windows Event Logs), custom monitoring templates using SNMP data sources, along with Nagios, and Cacti plugins. An example of a Nagios-style plugin is included and the book shows you where to get an example of a Cacti-compatible plugin for use as a command data source in monitoring templates.
In Zenoss Core, ZenPacks are modules that add monitoring functionality. Using the Nagios plugin example, you will learn how to create, package, and distribute a ZenPack. You also learn how to explore Zenoss Core's data model using zendmd so that you can more effectively write event transformations and custom device reports.
Implement Zenoss Core and fit it into your security management environment using this easy-to-understand tutorial guide.
Chapter 1, Network and System Monitoring with Zenoss Core, provides an overview of Zenoss Core's monitoring capabilities and system architecture.
In Chapter 2, Discovering Devices, we prepare our monitoring environment by configuring SNMP, WMI, SSH, and firewall ports. We'll add devices to Zenoss Core via the setup wizard, zenbatchload, and zendisc.
Chapter 3, Device Setup and Administration, configures devices so that we ensure we collect the proper monitoring information by organizing, configuring, and troubleshooting the monitoring properties.
Chapter 4, Monitor Status and Performance, monitors and graphs the performance of device components such as routes, windows services, IP services, processes, file systems, and network interfaces.
Chapter 5, Custom Monitoring Templates, explores custom monitoring templates by configuring various data sources, including SNMP, Nagios plugins, and Cacti plugins.
Chapter 6, Core Event Management, introduces us to processing events via the Event Console. We create custom event commands, learn how to create test events, and perform event mapping.
Chapter 7, Collecting Events, allows Zenoss Core to receive and process events from third-party sources, such as syslog, Windows Event Log, e-mail, and home-grown system administration scripts.
Chapter 8, Settings and Administration, covers common Zenoss Core administration tasks, such as managing users, the monitoring dashboard, backups, and updates.
Chapter 9, Extending Zenoss Core with ZenPacks, installs, creates, and packages add-on modules. ZenPacks extend the functionality of Zenoss Core.
Chapter 10, Reviewing Built-in Reports, reviews each of Zenoss Core's included reports to help us troubleshoot, analyze, and view our monitoring performance over time. It also creates custom graph and multi-graph reports.
Chapter 11, Writing Custom Device Reports, provides an in-depth look at Zenoss Core's custom device report functionality, including the use of zendmd to explore the Zenoss data model.
Appendix A, Event Attributes, lists the available event attributes in Zenoss Core.
Appendix B, Device Attribute, lists the attributes that we may use when working with our devices.
Appendix C, Example snmpd.conf, lists a sample snmpd.conf
file.
This book will work best if you have a working installation of Zenoss Core and some network servers, routers, switches, and other devices to monitor. Zenoss Core can be installed on Linux, Mac OS X, and Windows (via a virtual Zenoss Virtual Appliance and VMware).
This book is written primarily for network and systems administrators who are monitoring their IT assets with Zenoss Core or who plan to monitor them. In reality, this book will benefit anyone, regardless of job title, who recognizes the importance of proactively monitoring the servers, routers, computers, websites, and devices that connect companies to customers.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text are shown as follows: "Before you make any changes, back up the snmpd.conf
file".
A block of code is set as follows:
syslocation Unknown (edit /etc/snmp/snmpd.local.conf) syscontact Root <root@localhost> (configure /etc/snmp/snmpd.local.conf)
Any command-line input or output is written as follows:
python setup.py build python setup.py install
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "Select Simple Network Management Protocol and WMI".
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>
, and mention the book title via the subject of your message.
If there is a book that you need and would like to see us publish, please send us a note in the SUGGEST A TITLE form on www.packtpub.com or e-mail <[email protected]>
.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/support, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]>
with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]>
if you are having a problem with any aspect of the book, and we will do our best to address it.