And Yet Another Weekend Post! (YAWP)
You are looking for a free and open source monitoring-solution? Then, this article is for you!
Let's jump in!
What is #Nagios?
Nagios is the industry standard in IT infrastructure monitoring.It is used for Continuous monitoring of systems, services, applications, and business processes etc in a DevOps culture. In the event of a failure, Nagios can alert technical staff of the problem, allowing them to begin remediation processes before outages affect business processes,customers or end-users,. With Nagios, you don’t have to explain why an unseen infrastructure outage affect your organization’s bottom line.
Nagios Core and its structure
The name Nagios can refer to different things, the whole product or just a subset. Nagios Core is the main part of Nagios which in reality is the framework which everything is based on.
The Nagios platform is based on the server-agent architecture. Take an example where Nagios is usually running over a host and plugins are designed to interact with the local network that should be monitored. Further, plug-ins send useful information to the scheduler that will be displayed over GUI.
The core will handle the configuration and scheduling of checks. The core itself is basically a collection of functions. Using just the core you can’t monitor anything for that you need plugins, such as check_ping to send icmp echos to your host. By configuring the core you setup which hosts to monitor. What services on those hosts. How to group your hosts and your services. What dependencies your services and hosts have to each other. Who Nagios should contact if a check fails and who to escalate to if the problem doesn’t get fixed.
You also need to understand the working of NRPE – Nagios Remote plug-in Executor. With the NRPE, the plug-ins are executed over local servers or Linux machines. The objective of NRPE is to closely monitor the local resources over a remote resource.
As you can observe in the rule, these resources should not be exposed to the external machines. It is the reason why NRPE is needed along with other important components. You can better understand the working of NRPE by looking at the diagram below :
The NRPE daemon runs over the remote machine or Linux server and further monitors the resources and services for local and other hosts.
Check_NRPE is a plugin that is available on local monitoring machine.
As you can see, there is one secure SSL connection between monitoring host and the remote/Linux host that is shown by the white arrow in the diagram.
There are thousands plugins for SNMP, plugins to monitor Windows servers as well as Linux servers. Just using the basic plugins will take care of most of your monitoring needs, in addition to those there are literally thousands of plugins developed by the community. There is a Nelmon collection of plugins out there on the internet and you can google it and download it. If you are missing a plugin it’s fairly easy to develop a plugin yourself. You can write them in any language you want. Most of the time you don’t have to write a thing, just search for what you want to do + nagios plugin.
The Nagios GUI gives you the opportunity to see what is happening in your network. Older versions had quit an ugly webdesign and there came along quite a few other skins. Some of them are just eye candy, which might or might not look better then the current design. Others like Thruk or Check_MK Multisite are more thought through and actually add value.
Once you’ve gotten to know the basics of Nagios there’s a lot of additional addons you might want to consider. Like Nagvis to show network status on maps. There’s Merlin for redundancy and high availability and a lot more.
If you’ve never used Nagios before there can be a bit of a learning curve. Part of the criticism directed to Nagios is that is is hard to use. This reputation isn’t entirely undeserved. However I think this is mainly due to the configuration. Today there exists a lot of GUI alternatives to handle your configuration. If you just want to get started using a GUI is probably a good idea. As you get more advanced I think you will be better off to handle the configuration automatically through Ansible or Puppet.
TRADEMARK LEGAL NOTICE
All product names, logos, and brands are the property of their respective owners in Austria or other countries. All company, product and service names used in this website are for identification purposes only. Pheniix is not affiliated with or an official partner of Cisco, CompTIA,Dimension Data, VMware, Amazon, Microsoft, Certified Ethical Hacker, (ISC)², Juniper, Wireshark, Offensive Security,Google, GNS3, F5, Python, Linux, Java, OpenStack, Vagrant, Ansible, Docker, GIT, , Blockchain or other companies. Use of these names, logos, and brands does not imply endorsement. The opinions expressed in Pheniix are personal perspectives and not those of Cisco, Dimension Data or any other company. Pheniix runs as an independent blog.
#IPSEC #SecurityCenter #InfoSec #ASASecurityDeviceManagerASDM #CCNASecurity #NationalCyberSecurityAwarenessMonth #Cybersecurity #CloudSecurity #Security #security #NationalSecurityAgencyNSA #IBMSecurity #CiscoSecurity #cybersecurity #securityflaw #CCNAWireless #CCNARoutingandSwitching #CCNAIndustrial #CCNACollaboration #CCNACloud #CCNA #CCNAServiceProvider #CCNADataCenter #monitor #MONITORING #Nagios #MikeGhahremani #Pheniix #Cisco #opensource