Eric Loyd - Fractal Nagios
-
Upload
nagios -
Category
Presentations & Public Speaking
-
view
416 -
download
0
Transcript of Eric Loyd - Fractal Nagios
![Page 1: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/1.jpg)
Fractal Nagios:Using Nagios XI, Core, Log Server,
Network Analyzer, Reactor, Fusion, and Incident Manager to monitor itself.
You can do it!!
Eric Loyd • [email protected]@EricLoyd • @Bitnetix
![Page 2: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/2.jpg)
Who is Eric? What is Bitnetix?• Eric is the Founder and CEO of Bitnetix Incorporated and SmartVox
– 2014 Nagios MVP award winner
– Runner-up of the 2015 Nagios Log Server dashboard contest
– Presenter at #NagiosCon12, 13, 14, and now #NagiosCon15
• IT/network consulting and VoIP services• Over 25 Years in IT and management at places like
– Rochester Institute of Technology
– Eastman Kodak
– Frontier Communications / Global Crossing
• Bitnetix started its tenth year in July of 2015• Have been using Nagios since 2004
![Page 3: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/3.jpg)
What is “Fractal Nagios?”
Nagios Log
Server
Nagios XI
Fusion
Reactor
Network Analyzer
Incident Manager
Log Server
![Page 4: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/4.jpg)
What do Each of these do?Nagios XI
• Monitors
• Alerts
• Escalates
• Monitors
• Alerts
• Escalates
Fusion
• Ties together multiple XI and Core instances
• Ties together multiple XI and Core instances
Network Analyzer
• Bandwidth
• Source
• Dest
• Ports
• Bandwidth
• Source
• Dest
• Ports
Reactor
• Like an event handler on steroids
• Like an event handler on steroids
Incident Manager
• Tickets
• Incidents
• Callbacks
• Escalations
• Tickets
• Incidents
• Callbacks
• Escalations
Log Server
• System logs
• Applications
• Security
• System logs
• Applications
• Security
There is some overlap, but we are going to look at an experiment:
Use all this stuff to monitor itself.
![Page 5: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/5.jpg)
Nagios XI (or Core)
• Monitors hosts and services
– Active checks directly or via agents
– Passive checks sent by remote machines
• Alerts when something goes wrong/right
• Executes event handlers to try to fix things
• Escalates when nothing gets fixed
![Page 6: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/6.jpg)
Nagios Reactor
• Advanced automation management
– Think “event handlers” on steroids
• Event chains, reusable blocks, etc.
• Can be used for systems administration, deployment, updates, etc.
• Notification and reporting tools
![Page 7: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/7.jpg)
Nagios Log Server
• Accepts logs/events from systems
• Organizes them into searchable indexes
• Provides dashboards, reports, and alerts
• Easily integrates Unix or Windows event logs with application and server logs
![Page 8: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/8.jpg)
Nagios Network Analyzer
• Accepts NetFlow/sFlow information from routers, switches, and servers
• Provides intrusion detection, network usage, bandwidth monitoring, and alerting
• Reporting capabilities
![Page 9: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/9.jpg)
Nagios Incident Manager
• “Ticketing” system on steroids
• Provides semi-RESTful API to create, list, edit, and delete tickets and callbacks
• Reporting and trending capabilities
![Page 10: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/10.jpg)
Nagios Fusion
• Sort of a dashboard for separate Nagios XI and Core instances
• Easily move through server heirarchy
• Create dashboards
– Show only what’s important
– Drill down to connect to specific servers
![Page 11: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/11.jpg)
PIAT: Monitoring
Nagios XI/Core Monitors Everything
![Page 12: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/12.jpg)
PIAT: Logging
![Page 13: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/13.jpg)
PIAT: NetFlow
![Page 14: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/14.jpg)
PIAT: Events
![Page 15: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/15.jpg)
PIAT: Alerts
![Page 16: Eric Loyd - Fractal Nagios](https://reader030.fdocument.pub/reader030/viewer/2022032613/58d022ed1a28ab97708b60bf/html5/thumbnails/16.jpg)
Fractal Nagios:
Questions?Comments?
http://bitnetix.com/NW2015
Eric Loyd • [email protected]@EricLoyd • @Bitnetix