• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Nagios Conference 2013 - Sam Lansing - Getting Started With Incident Manager and Nagios Network Analyzer
 

Nagios Conference 2013 - Sam Lansing - Getting Started With Incident Manager and Nagios Network Analyzer

on

  • 771 views

Sam Lansing's presentation on Getting Started With Incident Manager and Nagios Network Analyzer. ...

Sam Lansing's presentation on Getting Started With Incident Manager and Nagios Network Analyzer.
The presentation was given during the Nagios World Conference North America held Sept 20-Oct 2nd, 2013 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

Statistics

Views

Total Views
771
Views on SlideShare
771
Embed Views
0

Actions

Likes
0
Downloads
21
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as OpenOffice

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Nagios Conference 2013 - Sam Lansing - Getting Started With Incident Manager and Nagios Network Analyzer Nagios Conference 2013 - Sam Lansing - Getting Started With Incident Manager and Nagios Network Analyzer Presentation Transcript

    • Getting Started With Nagios Incident Manager and Nagios Network Analyzer Presenter: Sam Lansing
    • Introduction ● Tech Support at Nagios Enterprises ● Member for 1 ½ years ● Testing, documentation, and a dash of development. ● Feel free to interrupt me for questions, though we will have time at the end.
    • The Nagios Family ● Originally sprung to life with Nagios Core ● Over the last 2-3 years 4 programs have joined Core ● Core, XI, Fusion, IM, NNA
    • Brief Overview ● Overview of Nagios IM and NNA ● Getting Off The Ground ● Basic Use Cases “IM” - No frills attached ticketing solution - Great addition to help desks - Easily handle problems in XI at the same time and automatic resolutions on both ends.
    • Brief Overview ● Basic use cases “NNA” - Point A to B traffic watching - Graphical displays of traffic routing - Everything from switches, to firewalls, and workstations to printers - Custom Queries to pull data relevant to you - Query your FQDN's and IP's from source to destination, packet to packet, flow to flow - Figure out what or who is sucking your bandwidth away
    • Nagios IM Nagios XI + Ticketing = Winning
    • Nagios IM cont. ● Recognized the need for a easy to set up and use ticketing system which would natively interact with Nagios XI and future products. ● Drew up plans, and 10 months of development later here we are.
    • Nagios IM cont. ● Nagios IM bridges the gap between Nagios admins and helpdesk / ticketing ● Allowing you to transition alerts from Nagios XI to a ticketing system and disseminate from there without your help desk needing access to Nagios XI. ● Deeper customization and control.
    • Nagios IM cont. ● Nagios XI Component ● API key generated in IM ● Pulls status information from the XI back end
    • XI Component Settings
    • XI Component Settings Cont.
    • Nagios IM Interface Incidents page: Allows you to see a paged list of current and past incidents as well as their Creation date, last update time, type, status and priority.
    • Overview of an Incident Using the ticket format you defined within the Nagios XI component, Nagios IM dynamically populates tickets with the incident's information.
    • Overview of an Incident Cont. Status Section: View ticket details as well as change it's current status, and attach a file such as a screen shot having to do with the current issue. History Section: Allows you to create messages on the ticket to keep others up to date.
    • Reports ● Find general stats about your incidents ● Calculate Mean time to Resolution ● See first response times ● View closed incidents
    • Reports Examples ● Mean Time to Resolution ● Calculate the time it took your team to resolve issues down to the second
    • Reports Examples Cont. ● First Response Times ● Track the time from when the incident was opened, to first response.
    • Reports Examples Cont. ● First Response Times ● Track the time from when the incident was opened, to first response.
    • Reports Examples Cont. ● View Closed Incidents ● See when incidents were opened, closed, and any notes placed on them during their lifetime.
    • API ● Back end API information, access to the core incident manipulation functionality of the application, including fetching, creating, and updating incidents ● Helps guide you through it's use
    • API Cont. ● Full access to incident information and calls ● View how IM manages, pushes, alerts, and changes incidents as they are created, deleted, or altered
    • Nagios IM Administration ● Create Users, form Teams, change how incidents are directed ● Access the Callback API, change mail and notification settings
    • Incident Manager Closing ● Free fully featured 60-day trial available at - http://www.nagios.com/ ● Try it in your Nagios environment, see how it effects your teams work flow and reactivity.
    • Nagios Network Analyzer What is it? ● Powerful network analysis software ● Allows users to identify possible network security threats, as well as data tracking and trending ● Ability to drill down to the packet with custom queries for granular network analysis ● Push SNMP notifications to monitoring and trap management systems
    • Nagios Network Analyzer What Is It? ● Tracks Netflow samples - Netflow: NetFlow is a network protocol developed by Enterasys Networks (formerly Cabletron) and Cisco Systems for collecting IP traffic information. ● Pull from Workstations, servers, and networking equipment
    • Nagios Network Analyzer Cont. ● Assess your network's strength by using NNA as a centralized view. -Src IP, Src Port, Dst IP, Dst Port and more ● Custom tailor reports for specific connections, packet flows, and aberrant behavior.
    • Network Analyzer Interface ● Home Dashboard
    • Network Analyzer Interface ● Sources
    • Network Analyzer Interface ● Sources Cont. ● View current Flow Type, performance data Disk Usage, past 30 minutes of traffic at a glance
    • Network Analyzer Video ● Basic Source Exploration Video
    • Custom Checks ● Use NNA to periodically check Sources and Source Groups against Warning / Critical thresholds ● By the: - Bytes - Bytes/Sec - Flows - Packets
    • Nagios XI/Core Checks ● Add your Core and XI server(s) as well as custom NNA Hosts/Services for monitoring ● Forward alerts via NRDP, SNMP Traps, and Email ● If you would like to use your own alerting tools, leverage the NNA API to grab the data
    • Queries ● Custom Queries allow you to: - Search for flows between specific IP's and ports, from destination to source - Select a specific timeframe to query within - Target, and drill down to the data the matters to you - More on queries will be talked about in Intro to Network Monitoring
    • Network Analyzer Help ● Fully featured Help section so you don't feel lost in the interface. ● User, and Administrator guides ● Links to our Support Wiki, Forum, and documentation Library
    • Configure ● User Management ● Create users: - Define Contact information - Select interface access levels - Allow or disallow API access ● Change licensing information
    • Network Analyzer Closing ● Thank you for joining me! ● You can also set up a free fully featured 60- day trial of NNA from: - http://www.nagios.com/ ● Access to the community forum for support: - http://support.nagios.com/
    • Questions?