Diferencia entre revisiones de «Monitoreo»

De gacq wiki
Saltar a: navegación, buscar
(Analisis de trafico)
 
(No se muestran 17 ediciones intermedias de 3 usuarios)
Línea 1: Línea 1:
 +
=Definición=
 +
Monitoreo: Dícese del arte de torear monos.
 +
El arte de convertir monos en toros
 +
 +
=Tools=
 +
==Basic==
 +
*top / ps / sar
 +
*htop
 +
*vmstats
 +
*[[Munin]]
 +
*[[SmokePing]]
 +
*[[MRTG]]
 +
 +
*[[Análisis de tráfico]]
 +
 +
==Frameworks==
 +
*http://zenoss.com/
 +
*[[Nagios]]
 +
*[[Zabbix]]
 +
*Jffnms
 +
 +
==Tools lists==
 +
*http://www-spires.slac.stanford.edu/xorg/nmtf/nmtf-tools.html
 +
*http://2fwww.ees.net.nz/it/networking/network_tools.htm
 +
*http://www.networkuptime.com/tools/index.shtml
 +
*http://staff.science.uva.nl/~jblom/datatag/wp3_1/tools/
 +
*[http://people.ee.ethz.ch/~oetiker/webtools/smokeping/pub/contrib/EnterprisePACSMonitoringwithNagiosSmokepingandCacti.pdf Monitoring your Enterprise PACS with Nagios®, Cacti and Smokeping (PDF)]
 +
 
= Analisis =
 
= Analisis =
  
* [http://freshmeat.net/articles/view/1553/ Building a Network Management System]
+
*[http://freshmeat.net/articles/view/1553/ Building a Network Management System]
  
 
= Revisar =
 
= Revisar =
* http://www.freesoftwaremagazine.com/free_issues/issue_02/free_it_management_tools/
+
*http://www.freesoftwaremagazine.com/free_issues/issue_02/free_it_management_tools/
* http://www.easyrider.com/monitoring_services.htm
+
*http://www.easyrider.com/monitoring_services.htm
* http://www.itil.org.uk/
+
*http://www.itil.org.uk/
  
 
== con analisis positivos ==
 
== con analisis positivos ==
* http://hotsanic.sourceforge.net/
+
*http://hotsanic.sourceforge.net/
* http://pandoramon.sourceforge.net
+
*http://pandoramon.sourceforge.net
  
 
== Empresas ==
 
== Empresas ==
* http://www.itgroundwork.com/
+
*http://www.itgroundwork.com/
 
 
== Herramientas, comparativas ==
 
* http://www.networkuptime.com/tools/index.shtml
 
* http://staff.science.uva.nl/~jblom/datatag/wp3_1/tools/
 
* [http://people.ee.ethz.ch/~oetiker/webtools/smokeping/pub/contrib/EnterprisePACSMonitoringwithNagiosSmokepingandCacti.pdf Monitoring your Enterprise PACS with Nagios®, Cacti and Smokeping (PDF)]
 
  
 
= Herramientas =
 
= Herramientas =
 
 
== Sistemas de gran escala ==
 
== Sistemas de gran escala ==
* [http://ganglia.sourceforge.net/ Ganglia]
+
*[http://ganglia.sourceforge.net/ Ganglia]
 
   Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids
 
   Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids
  
 
Algunas de las herramientas disponibles, solo una seleccion de las mejores
 
Algunas de las herramientas disponibles, solo una seleccion de las mejores
  
----
 
 
== SmokePing ==
 
== SmokePing ==
 
 
La pagina de ejemplo la encontramos en:
 
La pagina de ejemplo la encontramos en:
 
  http://localhost/cgi-bin/smokeping.cgi
 
  http://localhost/cgi-bin/smokeping.cgi
Línea 43: Línea 63:
  
 
=== Como leer los graficos ===
 
=== Como leer los graficos ===
* The median value is expressed with a horizontal, coloured line piece at the time the packets were send.
+
*The median value is expressed with a horizontal, coloured line piece at the time the packets were send.
* The # packets lost are expressed with the colour of the line piece.
+
*The # packets lost are expressed with the colour of the line piece.
* The distribution of the Round-Trip-Times in the set of packets send are expressed with a vertical set of gray blocks, where the blackness of a block is an indication for the # packets in the sample bin, expressed  by the height of the block. The gray blocks are of course only drawn when the distribution of Round-Trip-Times is observable from within the resolution of the ping command and / or the vertical RTT scale.
+
*The distribution of the Round-Trip-Times in the set of packets send are expressed with a vertical set of gray blocks, where the blackness of a block is an indication for the # packets in the sample bin, expressed  by the height of the block. The gray blocks are of course only drawn when the distribution of Round-Trip-Times is observable from within the resolution of the ping command and / or the vertical RTT scale.
  
----
 
 
== Nagios ==
 
== Nagios ==
 
+
*[http://sourceforge.net/projects/nagmin NagMIN - Network Monitoring System (Para configurar el nagios)]
* [http://sourceforge.net/projects/nagmin NagMIN - Network Monitoring System (Para configurar el nagios)]
+
*[http://www.oreon.org - Oreon - Esta basado en Nagios 1.2]
* [http://www.oreon.org - Oreon - Esta basado en Nagios 1.2]
 
  
 
NAGIOS has a Windows client you can install and report on standard services such as Event Logs alerts, CPU/Mem/Disk Usage etc. And monitor standard TCP services. You can also run syslog-ng on Windows and send all event log info to your Linux syslog.
 
NAGIOS has a Windows client you can install and report on standard services such as Event Logs alerts, CPU/Mem/Disk Usage etc. And monitor standard TCP services. You can also run syslog-ng on Windows and send all event log info to your Linux syslog.
  
* [http://wiki.tryphon.org/How_to_install_Nagios_under_Debian How to install Nagios under Debian]
+
*[http://wiki.tryphon.org/How_to_install_Nagios_under_Debian How to install Nagios under Debian]
 
 
----
 
== Zabbix ==
 
 
 
http://www.zabbix.com
 
=== Procediemiento de instalacion ===
 
<nowiki>
 
apt-get install libc6-dev libmysqlclient6-dev libsnmp5 libsnmp5-dev php4-gd
 
</nowiki>
 
Seguir el procedimiento de instalacion segun manual
 
  
=== Errores que pueden aparecer ===
 
==== Falta instalar libc6-dev ====
 
<nowiki>
 
checking for C compiler default output file name... configure: error: C compiler cannot create executables
 
See `config.log' for more details.
 
</nowiki>
 
 
==== Falta instalar libmysqlclient6-dev ====
 
<nowiki>
 
configure: error: Invalid MySQL directory - unable to find mysql.h
 
</nowiki>
 
 
==== Falta libsnmp5 y libsnmp5-dev ====
 
<nowiki>
 
configure: error: Invalid NET-SNMP directory - unable to find net-snmp-includes.h
 
</nowiki>
 
 
----
 
 
== MRTG ==
 
== MRTG ==
  
Línea 92: Línea 82:
 
from http://www.farpost.com/windows_mrtg_setup.php#q7
 
from http://www.farpost.com/windows_mrtg_setup.php#q7
  
----
 
 
== Cacti ==
 
== Cacti ==
  
 
http://www.cacti.net/
 
http://www.cacti.net/
  
----
 
 
== Netmap ==
 
== Netmap ==
  
 
http://www.it.teithe.gr/~v13/
 
http://www.it.teithe.gr/~v13/
  
----
 
 
== Varios ==
 
== Varios ==
 
+
*http://www.jffnms.org/
* http://www.jffnms.org/
+
*[http://kodu.neti.ee/~risto/sec/ SEC - simple event correlator]
* [http://kodu.neti.ee/~risto/sec/ SEC - simple event correlator]
+
*[http://www.tildeslash.com/monit/ MONIT - UNIX System Management]
* [http://www.tildeslash.com/monit/ MONIT - UNIX System Management]
+
*[http://www.monitorix.org/ Monitorix Total Control]
* [http://www.monitorix.org/ Monitorix Total Control]
 
 
   
 
   
 
 
== SNMP ==
 
== SNMP ==
<nowiki>
 
apt-get install snmpd snmp
 
</nowiki>
 
editar /etc/snmp/snmpd.conf y modificar
 
<nowiki>
 
#com2sec paranoid  default        public
 
com2sec  readonly  127.0.0.1      public
 
#com2sec readwrite default        private
 
</nowiki>
 
y /etc/init.d/snmpd restart
 
  
 +
apt-get install snmpd snmp
  
=Analisis de trafico=
+
editar /etc/snmp/snmpd.conf y modificar
==NetFlow==
 
Informacion
 
*http://www.switch.ch/tf-tant/floma/software.html
 
  
==flowscan==
+
#com2sec paranoid  default        public
http://www.caida.org/tools/utilities/flowscan/
+
com2sec  readonly  127.0.0.1      public
Reportes de ejemplo:
+
#com2sec readwrite default        private
*http://mrtg.uv.es/flowscan/
 
*http://wwwstats.net.wisc.edu/
 
*http://flowscan.frgp.net/
 
  
===fprobe y flowscan===
+
y
Para el analisis de trafico hay que ver todo lo que pasa por la interface con: fprobe-ng
 
Esta información es capturada por: flow-tools
 
<pre><nowiki>
 
apt-get install fprobe-ng flow-tools
 
vi /etc/flow-tools/flow-capture.conf
 
</nowiki></pre>
 
  
==flow-tools vs cflowd==
+
/etc/init.d/snmpd restart
Why use flow-tools instead of cflowd?
 
*flow-capture preserves the sub-second portion of the NetFlow timestamps that cflowd discards
 
*flow-tools is easier to build because it is written in portable C. Problems with building cflowd may occur because it requires cutting edge C++ features
 
*flow-tools is actively maintained, and supports newer NetFlow versions, including those from the popular Cisco Cat6K series platforms
 
  
flow-tools only required a small change to FlowScan:
+
= Sensores del sistema =
 
 
 
 
== Otros ==
 
* potion
 
* [http://www.cyberciti.biz/tips/howto-performance-benchmarks-a-web-server.html Howto: Performance Benchmarks a Web server]
 
  
= Sensores del sistema =
 
== munin ==
 
=== ip_conntrack ===
 
* http://www.linpro.no/projects/munin/
 
{{{
 
chmod o+r /proc/net/ip_conntrack
 
}}}
 
=== mbmon ===
 
Monitorea temperatura y voltajes sin demasiadas dependencias
 
{{{
 
chmod +s /usr/bin/mbmon
 
}}}
 
=== apache ===
 
To enable the handler uncomment the following section in the file /etc/apache2/apache2.conf:
 
{{{
 
ExtendedStatus On
 
<Location /server-status>
 
    SetHandler server-status
 
    Order deny,allow
 
    Deny from all
 
    Allow from 127.0.0.1
 
</Location>
 
}}}
 
You will only need to ensure that you have the mod_info module loaded which you can do by running
 
{{{
 
a2enmod info
 
}}}
 
  
 
== lm-sensors ==
 
== lm-sensors ==
{{{
+
<pre><nowiki>
 
apt-get install lm-sensors
 
apt-get install lm-sensors
 
sensors-detect
 
sensors-detect
}}}
+
</nowiki></pre>
 
Seguir las instrucciones y copiar los modulos como dice
 
Seguir las instrucciones y copiar los modulos como dice
 
http://vctrsnts.dyndns.org/index.php?deb=articulos
 
http://vctrsnts.dyndns.org/index.php?deb=articulos
  
 
== Discos S.M.A.R.T. ==
 
== Discos S.M.A.R.T. ==
{{{
+
<pre><nowiki>
 
apt-get install smartmontools
 
apt-get install smartmontools
 
# habilitarlo en
 
# habilitarlo en
Línea 201: Línea 129:
 
# ver que descubrio
 
# ver que descubrio
 
tail -30 /var/log/syslog
 
tail -30 /var/log/syslog
}}}
+
</nowiki></pre>
 +
 
 
Por ahora no hay soporte a SATA
 
Por ahora no hay soporte a SATA
 
If you ever tried to use smartctl to read info from your SATA drive, it will fail because libata doesn't yet support the needed ATA-passthrough ioctl() calls. Jeff Garzik, the developer of libata, says it will support it in the future. In the meantime you can apply a patch, and use libata-dev. The libata patchset can be acquired from http://www.kernel.org/pub/linux/kernel/people/jgarzik/libata/ , and after you install it, you can use smartctl to read SMART info from SATA device. However you must specify, on the command line, option "-d ata"
 
If you ever tried to use smartctl to read info from your SATA drive, it will fail because libata doesn't yet support the needed ATA-passthrough ioctl() calls. Jeff Garzik, the developer of libata, says it will support it in the future. In the meantime you can apply a patch, and use libata-dev. The libata patchset can be acquired from http://www.kernel.org/pub/linux/kernel/people/jgarzik/libata/ , and after you install it, you can use smartctl to read SMART info from SATA device. However you must specify, on the command line, option "-d ata"

Revisión actual del 12:03 31 dic 2008

Definición

Monitoreo: Dícese del arte de torear monos. El arte de convertir monos en toros

Tools

Basic

Frameworks

Tools lists

Analisis

Revisar

con analisis positivos

Empresas

Herramientas

Sistemas de gran escala

 Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids

Algunas de las herramientas disponibles, solo una seleccion de las mejores

SmokePing

La pagina de ejemplo la encontramos en:

http://localhost/cgi-bin/smokeping.cgi

Para poder usar el probe de http hay que instalar a mano:

apt-get install echoping

Editar a mano

/etc/smokeping/config

segun

man smokeping_config

Como leer los graficos

  • The median value is expressed with a horizontal, coloured line piece at the time the packets were send.
  • The # packets lost are expressed with the colour of the line piece.
  • The distribution of the Round-Trip-Times in the set of packets send are expressed with a vertical set of gray blocks, where the blackness of a block is an indication for the # packets in the sample bin, expressed by the height of the block. The gray blocks are of course only drawn when the distribution of Round-Trip-Times is observable from within the resolution of the ping command and / or the vertical RTT scale.

Nagios

NAGIOS has a Windows client you can install and report on standard services such as Event Logs alerts, CPU/Mem/Disk Usage etc. And monitor standard TCP services. You can also run syslog-ng on Windows and send all event log info to your Linux syslog.

MRTG

http://people.ee.ethz.ch/~oetiker/webtools/mrtg

MRTG can be used not only for bandwidth metering. We can configure MRTG to monitor server/router CPU, memory, uptime, TCP connections and a lot of other parameters. On MS Windows MRTG can be configured to keep track on any of system counters (disk usage, memory usage. Please fill in online form if you are interested in additional information. from http://www.farpost.com/windows_mrtg_setup.php#q7

Cacti

http://www.cacti.net/

Netmap

http://www.it.teithe.gr/~v13/

Varios

SNMP

apt-get install snmpd snmp

editar /etc/snmp/snmpd.conf y modificar

#com2sec paranoid  default         public
com2sec  readonly  127.0.0.1       public
#com2sec readwrite default         private

y

/etc/init.d/snmpd restart

Sensores del sistema

lm-sensors

apt-get install lm-sensors
sensors-detect

Seguir las instrucciones y copiar los modulos como dice http://vctrsnts.dyndns.org/index.php?deb=articulos

Discos S.M.A.R.T.

apt-get install smartmontools
# habilitarlo en
vi /etc/default/smartmontools
/etc/init.d/smartmontools start
# ver que descubrio
tail -30 /var/log/syslog

Por ahora no hay soporte a SATA If you ever tried to use smartctl to read info from your SATA drive, it will fail because libata doesn't yet support the needed ATA-passthrough ioctl() calls. Jeff Garzik, the developer of libata, says it will support it in the future. In the meantime you can apply a patch, and use libata-dev. The libata patchset can be acquired from http://www.kernel.org/pub/linux/kernel/people/jgarzik/libata/ , and after you install it, you can use smartctl to read SMART info from SATA device. However you must specify, on the command line, option "-d ata"

Articulos varios