SlideShare a Scribd company logo

Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use

Nagios
Nagios

Mike Weber's training class on choosing the right Nagios plugin for the job. The training session was held during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

Technology
1 of 40
Download to read offline
Choosing Plugins Mike Weber mweber@spidertools.com
Identifying Options Public Port Monitoring NRPE - Nagios Remote Plugin Executor SSH - Secure Shell NSClient++ NSCA - Nagios Service Check Acceptor NRDP - Nagios Remote Data Processor SNMP - Simple Network Monitoring Protocol 2011 2
Criteria for Selection Ease of Set Up How much time and effort to get it working? Network Topology Firewall – Is there a firewall between Nagios and Client? Internet – Does the check have to go over a public network? Internal Network/VPN – Is it on a secure network? Security Security for Nagios Security for Client Resource Usage Total RAM usage on client and server Total CPU usage on client and server Total Time usage on client and server 2011 3
Principles: Nagios Efficiencies in Scale Poor choices on implementing plugins cannot be compensated for by additional hardware. If possible, execute plugins on the client using either SSH, NRPE, NSCA, NRDP. Compiled plugins require 10 - 44 times LESS resources than scripts. (Plugin RAM + Nagios RAM) x Time = RAM per check Plugins hold resources for up to 10 seconds. 2011 4
Ease of Set Up
Ease of Set Up - Order Public Port Monitoring NRPE NSClient++ SSH NRDP NSCA SNMP 2011 6
Ease of Set Up – Public Ports Advantages Can be set up with no client modification. No firewall issues (the nature of public access). Disadvantages Limited external port information. Plain text transfer of usernames/passwords if monitoring accounts. Limited internal access information (processes, resources, etc.) 2011 7
Ease of Set Up – NRPE Advantages Complete access to internal and external aspects (plugins and scripts). Disadvantages Must set up an agent or daemon on the client. Data transferred plain text (typical installation). 2011 8
Ease of Set Up – NSClient++ Advantages Complete access to internal and external aspects (plugins and scripts). Use NRPE, check_nt or other options and programming languages. Password authentication available. Disadvantages Must set up an agent or daemon on the client. Password authentication method weak. Data transferred plain text (typical installation). 2011 9
Ease of Set Up – SSH Advantages Complete access to internal and external aspects (plugins and scripts). Secure connection and secure data transfer. Disadvantages Must set up keys for nagios user. Requires modification of firewall and/or tcp_wrappers. May require sudo permissions (set up with visudo). 2011 10
Ease of Set Up – NRDP Advantages Complete access to internal and external aspects (plugins and scripts). Password authentication. Uses port 80 or 443 so no firewall issues. No daemon to set up on Nagios. Disadvantages Requires the creation of a script on the client to send data. No encryption unless you use SSL. 2011 11
Ease of Set Up – NSCA Advantages Complete access to internal and external aspects (plugins and scripts). Password authentication and encryption. Disadvantages Requires the creation of a script on the client to send data. Requires the set up of the NSCA daemon on the Nagios server. Must configure firewall and tcp_wrappers on the Nagios server. 2011 12
Ease of Set Up – SNMP Advantages Flexible options for monitoring hardware. Disadvantages Requires knowledge of how SNMP works. Requires the set up of the SNMP daemon on the client or device. The snmpd.conf on the client requires at least 4 changes for accesss. 2011 13
Network Topology
Network Typology Internal Network or VPN Perimeter firewall or VPN protects all communication. Public Network or Internet Attempts to compromise the system exist. Some protocols may be less reliable (UDP). Firewalls or Gateways Firewalls/Gateways must be modified to allow access. Firewalls/Gateways cannot be modified to allow access. 2011 15
Network Typology – Internal Network ALL Options will work Public Ports NRPE NSClient++ SSH NRDP NSCA SNMP 2011 16
Network Typology – Public Network Secure Options Recommended Public Ports – no firewall configuration necessary SSH - SSH port can usually be opened or is open NSCA – passive scripts will work behind firewall NRDP – passive scripts will work behind firewall Extensive Security for Nagios Server Firewall limiting access to clients only. tcp_wrappers limiting access to clients only. Encrypted connections for administrators. ModSecurity to filter port 80/443 access (application firewall). 2011 17
Security
Security Factors Security on Nagios Factors that either elevate or degrade security on the Nagios server. Security on the Client Factors that either elevate or degrade security on the client. Security of Network Communication Is the data transfer encrypted? Is the transfer protected by a password or token? 2011 19
Security - SSH Advantages Data transfer is encrypted. Login is encrypted. Disadvantages Security complexity – users, keys, connections, rights Typically key uses empty password. ssh-keygen -b 1024 -f id_dsa -t dsa -N '' Use of visudo required to provide nagios user access to files and applications. nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service 2011 20
Security - NSCA Advantages Choice on encryption methods. Password authentication. Disadvantages Complexity of setup – daemon,two config files to edit, password,encryption,firewall, tcp_wrappers, edit nagios.cfg 2011 21
Security - NRDP Advantages Token used to secure connectivity. Uses port 80 so no new port must be opened. Could use port 443 so encrypted. Disadvantages Need to create script on client to collect data and send data to Nagios server. 2011 22
Security - NRDP 2011 23
Security – Web Interface 2011 24
Resource Usage
Resource Usage Resources Used on Nagios Total RAM usage on server. Total CPU usage on server. Total Time usage on server. Resources Used on the Client Total RAM usage on client. Total CPU usage on client. Total Time usage on client. 2011 26
Resource Usage 2011 27
Resource Usage: Script to Capture Data #!/bin/bash i=0 until [ $i -eq 300 ] do ps axo pid,ppid,pcpu,size,etime,priority,cmd | grep -v awk | grep -v bash |awk '/nagios/ {print}' >> nagios.txt ps axo pid,ppid,pcpu,size,etime,cmd | grep nagios |grep -v grep | grep -v nagios_total.sh |awk -f awk >> nagios.txt echo "# # # # # # # # #" >> nagios.txt sleep 1 i=$(( $i +1 )) done echo "##### Nagios Process Report #####" >> nagios_summary.txt echo "#################################" >> nagios_summary.txt echo "##### Total Memory Summary #####" >> nagios_summary.txt grep "Total Memory" nagios.txt | sort | uniq -c >> nagios_summary.txt echo "##### Average Memory Use MB #####" >> nagios_summary.txt awk '{ SUM += $4} END { print SUM/300/1024 }' nagios.txt >> nagios_summary.txt echo >> nagios_summary.txt echo "#################################" >> nagios_summary.txt echo "##### Total CPU Summary % #####" >> nagios_summary.txt grep "Total CPU" nagios.txt | sort -n | uniq -c >> nagios_summary.txt grep "Total CPU" nagios.txt |awk '{printf "%3.2fn", $3}'| sort -n > /tmp/nagios_summary echo "##### Average CPU Use #####" >> nagios_summary.txt awk '{ SUM += $1} END { print SUM/300 }' /tmp/nagios_summary >> nagios_summary.txt echo "##### Maximum CPU Use #####" >> nagios_summary.txt sort -n /tmp/nagios_summary |tail -n1 >> nagios_summary.txt 2011 28
Resource Usage - Compiled PID    PPID  CPU  RAM   Time   PR  Command 32135 32134  0.0   356       00:01  15 /usr/local/nagios/libexec/check_http ­H 192.168.5.1 ­u /blog/ ­s Nagios Test Page 32566 32564  0.0   356       00:01  21 /usr/local/nagios/libexec/check_http ­H 192.168.5.1 ­p 8080 ­w 3 ­c 7 32379 32378  0.0   340       00:02  25 /usr/local/nagios/libexec/check_ftp ­H 192.168.5.1 ­t 4 ­e vsFTPd 2.0.5 31819 31818  0.0   280       00:24  25 /usr/local/nagios/libexec/check_ping ­H 69.58.181.89 ­w 3000.0,80% ­c 5000.0,100% ­p 5 32365 32364  0.0   280       00:02  18 /usr/local/nagios/libexec/check_ping ­H 192.168.5.191 ­w 3000.0,80% ­c 5000.0,100% ­p 5 32535 32534  0.0  1004       00:01  18 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.191 ­c check_cpu_stats    1633  1632     0.0  1004       00:01  18 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.191 ­c check_yum  1386   1385    0.0   340       00:02  20 /usr/local/nagios/libexec/check_tcp ­H 192.168.5.1 ­p 22  3209     3208  0.0   340       00:00  21 /usr/local/nagios/libexec/check_tcp ­H 192.168.5.1 ­p 993  3387   3386  0.0   340       00:00  15 /usr/local/nagios/libexec/check_tcp ­H 192.168.5.1 ­p 3306 2011 29
Resource Usage – Compiled PID    PPID  CPU  RAM   Time   PR  Command 1944  1943     0.0   504       00:01  18 /usr/local/nagios/libexec/check_mysql ­H 192.168.5.1 ­u nagios ­d nagios ­­password XXXXXX 32558 32557   0.0   272       00:00  19 /usr/local/nagios/libexec/check_by_ssh ­H 192.168.5.190 ­i /usr/local/nagios/etc/.ssh/id_dsa ­C  /usr/local/nagios/libexec/check_load ­w 5.0,4.0,3.0 ­c 10.0,6.0,4.0  7979  7978     0.0    272      00:01  23 /usr/local/nagios/libexec/check_by_ssh ­H 192.168.5.190 ­i /usr/local/nagios/etc/.ssh/id_dsa ­C  /usr/local/nagios/libexec/check_net ­w  ­c   3117  3116     0.0   272       00:01  16 /usr/local/nagios/libexec/check_by_ssh ­H 192.168.5.190 ­i /usr/local/nagios/etc/.ssh/id_dsa ­C  /usr/local/nagios/libexec/check_multi ­f /usr/local/nagios/etc/check_multi/check_multi.cmd 32151 32150  0.0   256       00:01  15 /usr/local/nagios/libexec/check_snmp ­H 192.168.5.220 ­C public ­m DISMAN­EVENT­MIB ­o . 1.3.6.1.2.1.1.3.0 2011 30
Resource Usage - Perl PID    PPID  CPU  RAM   Time   PR  Command 31797 31796  1.0     5452       00:09  16 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_load.pl ­H 192.168.5.1 ­C public ­w 90% ­c 95% 32031 32030  1.1     5320       00:08  15 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_mem.pl ­H 192.168.5.14 ­C public ­w 85,10 ­c  95,20 32257 32254  4.0      5448       00:02  21 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_storage.pl ­H 192.168.5.1 ­C public ­m /home ­w  95 ­c 97 ­f  1558  1557 10.0      5984       00:01  21 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_int.pl ­H 192.168.5.1 ­C public ­n eth0 ­w 200,400  ­c 0,600  1330  1329  0.0       4864       00:00  17 perl /usr/local/nagios/libexec/check_imap_receive ­H 192.168.5.191 ­­username tom ­­password linux23 ­s  SUBJECT ­s New York ­­capture­max Sales ­­nodownload ­­nodelete ­­ssl 32390 32389  5.5      6236       00:02  25 /usr/bin/perl /usr/local/nagios/libexec/check_interface_table.pl ­H 192.168.5.220 ­C ­w ­C 32432 32431 10.0     5844       00:01  20 /usr/bin/perl ­w /usr/local/nagios/libexec/check_ifstatus ­H 192.168.5.230 ­C public ­x 1 2011 31
Resource Usage - NSClient++ PID    PPID  CPU  RAM   Time   PR  Command 32279 32278  0.0     280       00:00  15 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v CPULOAD ­l 5 80 90 32384 32383  0.0      280       00:01  25 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v CLIENTVERSION 32480 32479  0.0      280       00:01  15 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v UPTIME  1349  1348  0.0        280       00:00  18 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v SERVICESTATE ­d SHOWALL ­l SNMP  1619  1618  0.0       280       00:01  15 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v PROCSTATE ­d SHOWALL ­l  Explorer.exe  1832  1831  0.0       280       00:00  22 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v USEDDISKSPACE ­l c ­w 80 ­c 90  3106  3105  0.0       280       00:02  17 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v PROCSTATE ­d SHOWFAIL ­l  Explorer.exe&Notepad.exe 32561 32560  0.0     332       00:01  21 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_service  1958  1957  0.0       332       00:02  16 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_disk  3205  3204  0.0       332       00:00  20 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_cpu  7838  7837  0.0      332       00:00  19 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_multiple 2011 32
Resource Usage - SSH PID    PPID  CPU  RAM   Time   PR  Command 32562 32558  0.0     524       00:00  16 /usr/bin/ssh ­i /usr/local/nagios/etc/.ssh/id_dsa 192.168.5.190 /usr/local/nagios/libexec/check_load ­w  5.0,4.0,3.0 ­c 10.0,6.0,4.0  5865  5860  0.0       524       00:01  15 /usr/bin/ssh ­i /usr/local/nagios/etc/.ssh/id_dsa 192.168.5.190 /usr/local/nagios/libexec/check_dns ­H  nagios.org  3119  3117  0.0     524       00:01  15 /usr/bin/ssh ­i /usr/local/nagios/etc/.ssh/id_dsa 192.168.5.190 /usr/local/nagios/libexec/check_multi ­f  /usr/local/nagios/etc/check_multi/check_multi.cmd 2011 33
Principle #1: Poor choices on implementing plugins cannot be compensated for by additional hardware. Knowledge of Plugins Planning Saves Hardware Limits Avoid the Domino Effect 2011 34
Principle #2: If possible, execute plugins on the client using either SSH, NRPE, NSCA, NRDP. Typical Client Under Utilized check_multi Most Efficient Collect 10-30 checks per connection Used with NRPE, SSH, NRDP, NSCA 2011 35
Principle #3: Compiled plugins require 10 - 44 times LESS resources than scripts. 12 10 8 6 RAM 4 2 0 Compiled NSCA NSClient++ SSH Perl 2011 36
Principle #4: (Plugin RAM + Nagios RAM) x Time = RAM per check check_ping takes 280 RAM takes 10864 RAM from nagios process to execute plugin takes 3 seconds to execute (plugin RAM + nagios RAM) x time = RAM per check (280 +10864) X 3 = 32.64 MB RAM per check 2011 37
RAM Required per Check 2011 38
Principle #5: Plugins hold resources for up to 10 seconds. Example: check_ping PID PPID CPU RAM Time Command 12106 12105 0.0 280 00:01 25 /usr/local/nagios/libexec/check_ping -H 192.168.5.220 -w 3000.0,80% -c 5000.0,100% -p 5 12106 12105 0.0 280 00:02 25 /usr/local/nagios/libexec/check_ping -H 192.168.5.220 -w 3000.0,80% -c 5000.0,100% -p 5 12106 12105 0.0 280 00:03 25 /usr/local/nagios/libexec/check_ping -H 192.168.5.220 -w 3000.0,80% -c 5000.0,100% -p 5 2011 39
Principle #5: Example CPU   RAM        Time                         Plugin 13.0  7696       00:01  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   6.5  7696       00:02  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   4.3  7696       00:03  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   3.2  7696       00:04  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   2.6  7696       00:05  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   2.1  7696       00:06  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   1.8  7696       00:07  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl  1.6  7696       00:08  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   1.4  7696       00:09  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   1.3  7696       00:10  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl 2011 40

Recommended

Строим ханипот и выявляем DDoS-атаки
Строим ханипот и выявляем DDoS-атакиСтроим ханипот и выявляем DDoS-атаки
Строим ханипот и выявляем DDoS-атакиPositive Hack Days
 
Securing Asterisk: A practical approach
Securing Asterisk: A practical approachSecuring Asterisk: A practical approach
Securing Asterisk: A practical approachBangladesh Network Operators Group
 
Introduction to Snort Rule Writing
Introduction to Snort Rule WritingIntroduction to Snort Rule Writing
Introduction to Snort Rule WritingCisco DevNet
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
Preventing Traffic with Spoofed Source IP address
Preventing Traffic with Spoofed Source IP addressPreventing Traffic with Spoofed Source IP address
Preventing Traffic with Spoofed Source IP addressBangladesh Network Operators Group
 
25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloudshira koper
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Bangladesh Network Operators Group
 
Derevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameDerevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameJaime Sánchez
 

Recommended

Строим ханипот и выявляем DDoS-атаки
Строим ханипот и выявляем DDoS-атакиСтроим ханипот и выявляем DDoS-атаки
Строим ханипот и выявляем DDoS-атакиPositive Hack Days
 
Securing Asterisk: A practical approach
Securing Asterisk: A practical approachSecuring Asterisk: A practical approach
Securing Asterisk: A practical approachBangladesh Network Operators Group
 
Introduction to Snort Rule Writing
Introduction to Snort Rule WritingIntroduction to Snort Rule Writing
Introduction to Snort Rule WritingCisco DevNet
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
Preventing Traffic with Spoofed Source IP address
Preventing Traffic with Spoofed Source IP addressPreventing Traffic with Spoofed Source IP address
Preventing Traffic with Spoofed Source IP addressBangladesh Network Operators Group
 
25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloudshira koper
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Bangladesh Network Operators Group
 
Derevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameDerevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameJaime Sánchez
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksSecurity Session
 
Building Security Acсess to Remote Devices
Building Security Acсess to Remote DevicesBuilding Security Acсess to Remote Devices
Building Security Acсess to Remote DevicesGlobalLogic Ukraine
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
Make the internet safe with DNS Firewall
Make the internet safe with DNS FirewallMake the internet safe with DNS Firewall
Make the internet safe with DNS FirewallBangladesh Network Operators Group
 
NetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsNetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsMartin Schütte
 
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modemCyber Security Alliance
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricBangladesh Network Operators Group
 
p10
p10p10
p10tutorialsruby
 
Stealth servers need Stealth Packets - Derbycon 3.0
Stealth servers need Stealth Packets - Derbycon 3.0Stealth servers need Stealth Packets - Derbycon 3.0
Stealth servers need Stealth Packets - Derbycon 3.0Jaime Sánchez
 
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel ArchitectureDPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel ArchitectureJim St. Leger
 
Capturing Malicious Bots using a beneficial bot and wiki
Capturing Malicious Bots using a beneficial bot and wikiCapturing Malicious Bots using a beneficial bot and wiki
Capturing Malicious Bots using a beneficial bot and wikiTakashi Yamanoue
 
Asterisk: the future is at REST
Asterisk: the future is at RESTAsterisk: the future is at REST
Asterisk: the future is at RESTPaloSanto Solutions
 
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek JanikPLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek JanikPROIDEA
 
1 intro to_dpdk_and_hw
1 intro to_dpdk_and_hw1 intro to_dpdk_and_hw
1 intro to_dpdk_and_hwvideos
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Snort IDS
Snort IDSSnort IDS
Snort IDSprimeteacher32
 
DDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP InfrastructuresDDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP InfrastructuresPavel Odintsov
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsAhmed Habib
 
Silverlight Wireshark Analysis
Silverlight Wireshark AnalysisSilverlight Wireshark Analysis
Silverlight Wireshark AnalysisYoss Cohen
 
Java Abs Packet Sniffer Tool
Java Abs Packet Sniffer ToolJava Abs Packet Sniffer Tool
Java Abs Packet Sniffer Toolncct
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and TuningNGINX, Inc.
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rulesFreddy Buenaño
 

More Related Content

What's hot

Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksSecurity Session
 
Building Security Acсess to Remote Devices
Building Security Acсess to Remote DevicesBuilding Security Acсess to Remote Devices
Building Security Acсess to Remote DevicesGlobalLogic Ukraine
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
NetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsNetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsMartin Schütte
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricBangladesh Network Operators Group
 
Stealth servers need Stealth Packets - Derbycon 3.0
Stealth servers need Stealth Packets - Derbycon 3.0Stealth servers need Stealth Packets - Derbycon 3.0
Stealth servers need Stealth Packets - Derbycon 3.0Jaime Sánchez
 
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel ArchitectureDPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel ArchitectureJim St. Leger
 
Capturing Malicious Bots using a beneficial bot and wiki
Capturing Malicious Bots using a beneficial bot and wikiCapturing Malicious Bots using a beneficial bot and wiki
Capturing Malicious Bots using a beneficial bot and wikiTakashi Yamanoue
 
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek JanikPLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek JanikPROIDEA
 
1 intro to_dpdk_and_hw
1 intro to_dpdk_and_hw1 intro to_dpdk_and_hw
1 intro to_dpdk_and_hwvideos
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
DDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP InfrastructuresDDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP InfrastructuresPavel Odintsov
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsAhmed Habib
 
Silverlight Wireshark Analysis
Silverlight Wireshark AnalysisSilverlight Wireshark Analysis
Silverlight Wireshark AnalysisYoss Cohen
 
Java Abs Packet Sniffer Tool
Java Abs Packet Sniffer ToolJava Abs Packet Sniffer Tool
Java Abs Packet Sniffer Toolncct
 

What's hot (20)

Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
 
Building Security Acсess to Remote Devices
Building Security Acсess to Remote DevicesBuilding Security Acсess to Remote Devices
Building Security Acсess to Remote Devices
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
 
Make the internet safe with DNS Firewall
Make the internet safe with DNS FirewallMake the internet safe with DNS Firewall
Make the internet safe with DNS Firewall
 
NetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsNetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog Protocols
 
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
 
p10
p10p10
p10
 
Stealth servers need Stealth Packets - Derbycon 3.0
Stealth servers need Stealth Packets - Derbycon 3.0Stealth servers need Stealth Packets - Derbycon 3.0
Stealth servers need Stealth Packets - Derbycon 3.0
 
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel ArchitectureDPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
 
Capturing Malicious Bots using a beneficial bot and wiki
Capturing Malicious Bots using a beneficial bot and wikiCapturing Malicious Bots using a beneficial bot and wiki
Capturing Malicious Bots using a beneficial bot and wiki
 
Asterisk: the future is at REST
Asterisk: the future is at RESTAsterisk: the future is at REST
Asterisk: the future is at REST
 
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek JanikPLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek Janik
 
1 intro to_dpdk_and_hw
1 intro to_dpdk_and_hw1 intro to_dpdk_and_hw
1 intro to_dpdk_and_hw
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
 
Snort IDS
Snort IDSSnort IDS
Snort IDS
 
DDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP InfrastructuresDDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP Infrastructures
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentals
 
Silverlight Wireshark Analysis
Silverlight Wireshark AnalysisSilverlight Wireshark Analysis
Silverlight Wireshark Analysis
 
Java Abs Packet Sniffer Tool
Java Abs Packet Sniffer ToolJava Abs Packet Sniffer Tool
Java Abs Packet Sniffer Tool
 

Similar to Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use

NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and TuningNGINX, Inc.
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rulesFreddy Buenaño
 
Security Gateway CP R70
Security Gateway CP R70Security Gateway CP R70
Security Gateway CP R70dzihiro
 
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...Nagios
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaRaghunath G
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days
 
Known basic of NFV Features
Known basic of NFV FeaturesKnown basic of NFV Features
Known basic of NFV FeaturesRaul Leite
 
NCS: NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs NCS: NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs Cisco Canada
 
Nagios Conference 2014 - Leland Lammert - Distributed Heirarchical Nagios
Nagios Conference 2014 - Leland Lammert - Distributed Heirarchical NagiosNagios Conference 2014 - Leland Lammert - Distributed Heirarchical Nagios
Nagios Conference 2014 - Leland Lammert - Distributed Heirarchical NagiosNagios
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationOlehLevytskyi1
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
AFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and NetfilterAFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and Netfilterjvehent
 
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAn Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAbhishek Kumar
 
Check Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course OverviewCheck Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course Overviewdaisuke_tanabe
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX, Inc.
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudAlex Amies
 
Nagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza Databases
Nagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza DatabasesNagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza Databases
Nagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza DatabasesNagios
 

Similar to Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use (20)

NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and Tuning
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
Security Gateway CP R70
Security Gateway CP R70Security Gateway CP R70
Security Gateway CP R70
 
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beema
 
Netcat - 101 Swiss Army Knife
Netcat - 101 Swiss Army KnifeNetcat - 101 Swiss Army Knife
Netcat - 101 Swiss Army Knife
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
 
Known basic of NFV Features
Known basic of NFV FeaturesKnown basic of NFV Features
Known basic of NFV Features
 
NCS: NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs NCS: NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs
 
Nagios Conference 2014 - Leland Lammert - Distributed Heirarchical Nagios
Nagios Conference 2014 - Leland Lammert - Distributed Heirarchical NagiosNagios Conference 2014 - Leland Lammert - Distributed Heirarchical Nagios
Nagios Conference 2014 - Leland Lammert - Distributed Heirarchical Nagios
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
AFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and NetfilterAFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and Netfilter
 
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAn Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
 
Check Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course OverviewCheck Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course Overview
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
 
hakin9_6-2006_str22-33_snort_EN
hakin9_6-2006_str22-33_snort_ENhakin9_6-2006_str22-33_snort_EN
hakin9_6-2006_str22-33_snort_EN
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the Cloud
 
Nagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza Databases
Nagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza DatabasesNagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza Databases
Nagios Conference 2014 - Frank Pantaleo - Nagios Monitoring of Netezza Databases
 

More from Nagios

Nagios XI Best Practices
Nagios XI Best PracticesNagios XI Best Practices
Nagios XI Best PracticesNagios
 
Jesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewJesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewNagios
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodNagios
 
Sean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsSean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsNagios
 
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionMarcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionNagios
 
Janice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsJanice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsNagios
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceNagios
 
Mike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksMike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksNagios
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationNagios
 
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Nagios
 
Matt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosMatt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosNagios
 
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Nagios
 
Eric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosEric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosNagios
 
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Nagios
 
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Nagios
 
Nagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNagios
 
Nagios Log Server - Features
Nagios Log Server - FeaturesNagios Log Server - Features
Nagios Log Server - FeaturesNagios
 
Nagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios
 
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios
 

More from Nagios (20)

Nagios XI Best Practices
Nagios XI Best PracticesNagios XI Best Practices
Nagios XI Best Practices
 
Jesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewJesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture Overview
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
 
Sean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsSean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient Notifications
 
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionMarcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
 
Janice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsJanice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios Plugins
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical Experience
 
Mike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksMike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service Checks
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
 
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
 
Matt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosMatt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With Nagios
 
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
 
Eric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosEric Loyd - Fractal Nagios
Eric Loyd - Fractal Nagios
 
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
 
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
 
Nagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson Opening
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
 
Nagios Log Server - Features
Nagios Log Server - FeaturesNagios Log Server - Features
Nagios Log Server - Features
 
Nagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios Network Analyzer - Features
Nagios Network Analyzer - Features
 
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
 

Recently uploaded

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 

Recently uploaded (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 

Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use

  • 1. Choosing Plugins Mike Weber mweber@spidertools.com
  • 2. Identifying Options Public Port Monitoring NRPE - Nagios Remote Plugin Executor SSH - Secure Shell NSClient++ NSCA - Nagios Service Check Acceptor NRDP - Nagios Remote Data Processor SNMP - Simple Network Monitoring Protocol 2011 2
  • 3. Criteria for Selection Ease of Set Up How much time and effort to get it working? Network Topology Firewall – Is there a firewall between Nagios and Client? Internet – Does the check have to go over a public network? Internal Network/VPN – Is it on a secure network? Security Security for Nagios Security for Client Resource Usage Total RAM usage on client and server Total CPU usage on client and server Total Time usage on client and server 2011 3
  • 4. Principles: Nagios Efficiencies in Scale Poor choices on implementing plugins cannot be compensated for by additional hardware. If possible, execute plugins on the client using either SSH, NRPE, NSCA, NRDP. Compiled plugins require 10 - 44 times LESS resources than scripts. (Plugin RAM + Nagios RAM) x Time = RAM per check Plugins hold resources for up to 10 seconds. 2011 4
  • 6. Ease of Set Up - Order Public Port Monitoring NRPE NSClient++ SSH NRDP NSCA SNMP 2011 6
  • 7. Ease of Set Up – Public Ports Advantages Can be set up with no client modification. No firewall issues (the nature of public access). Disadvantages Limited external port information. Plain text transfer of usernames/passwords if monitoring accounts. Limited internal access information (processes, resources, etc.) 2011 7
  • 8. Ease of Set Up – NRPE Advantages Complete access to internal and external aspects (plugins and scripts). Disadvantages Must set up an agent or daemon on the client. Data transferred plain text (typical installation). 2011 8
  • 9. Ease of Set Up – NSClient++ Advantages Complete access to internal and external aspects (plugins and scripts). Use NRPE, check_nt or other options and programming languages. Password authentication available. Disadvantages Must set up an agent or daemon on the client. Password authentication method weak. Data transferred plain text (typical installation). 2011 9
  • 10. Ease of Set Up – SSH Advantages Complete access to internal and external aspects (plugins and scripts). Secure connection and secure data transfer. Disadvantages Must set up keys for nagios user. Requires modification of firewall and/or tcp_wrappers. May require sudo permissions (set up with visudo). 2011 10
  • 11. Ease of Set Up – NRDP Advantages Complete access to internal and external aspects (plugins and scripts). Password authentication. Uses port 80 or 443 so no firewall issues. No daemon to set up on Nagios. Disadvantages Requires the creation of a script on the client to send data. No encryption unless you use SSL. 2011 11
  • 12. Ease of Set Up – NSCA Advantages Complete access to internal and external aspects (plugins and scripts). Password authentication and encryption. Disadvantages Requires the creation of a script on the client to send data. Requires the set up of the NSCA daemon on the Nagios server. Must configure firewall and tcp_wrappers on the Nagios server. 2011 12
  • 13. Ease of Set Up – SNMP Advantages Flexible options for monitoring hardware. Disadvantages Requires knowledge of how SNMP works. Requires the set up of the SNMP daemon on the client or device. The snmpd.conf on the client requires at least 4 changes for accesss. 2011 13
  • 15. Network Typology Internal Network or VPN Perimeter firewall or VPN protects all communication. Public Network or Internet Attempts to compromise the system exist. Some protocols may be less reliable (UDP). Firewalls or Gateways Firewalls/Gateways must be modified to allow access. Firewalls/Gateways cannot be modified to allow access. 2011 15
  • 16. Network Typology – Internal Network ALL Options will work Public Ports NRPE NSClient++ SSH NRDP NSCA SNMP 2011 16
  • 17. Network Typology – Public Network Secure Options Recommended Public Ports – no firewall configuration necessary SSH - SSH port can usually be opened or is open NSCA – passive scripts will work behind firewall NRDP – passive scripts will work behind firewall Extensive Security for Nagios Server Firewall limiting access to clients only. tcp_wrappers limiting access to clients only. Encrypted connections for administrators. ModSecurity to filter port 80/443 access (application firewall). 2011 17
  • 19. Security Factors Security on Nagios Factors that either elevate or degrade security on the Nagios server. Security on the Client Factors that either elevate or degrade security on the client. Security of Network Communication Is the data transfer encrypted? Is the transfer protected by a password or token? 2011 19
  • 20. Security - SSH Advantages Data transfer is encrypted. Login is encrypted. Disadvantages Security complexity – users, keys, connections, rights Typically key uses empty password. ssh-keygen -b 1024 -f id_dsa -t dsa -N '' Use of visudo required to provide nagios user access to files and applications. nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service 2011 20
  • 21. Security - NSCA Advantages Choice on encryption methods. Password authentication. Disadvantages Complexity of setup – daemon,two config files to edit, password,encryption,firewall, tcp_wrappers, edit nagios.cfg 2011 21
  • 22. Security - NRDP Advantages Token used to secure connectivity. Uses port 80 so no new port must be opened. Could use port 443 so encrypted. Disadvantages Need to create script on client to collect data and send data to Nagios server. 2011 22
  • 23. Security - NRDP 2011 23
  • 24. Security – Web Interface 2011 24
  • 26. Resource Usage Resources Used on Nagios Total RAM usage on server. Total CPU usage on server. Total Time usage on server. Resources Used on the Client Total RAM usage on client. Total CPU usage on client. Total Time usage on client. 2011 26
  • 27. Resource Usage 2011 27
  • 28. Resource Usage: Script to Capture Data #!/bin/bash i=0 until [ $i -eq 300 ] do ps axo pid,ppid,pcpu,size,etime,priority,cmd | grep -v awk | grep -v bash |awk '/nagios/ {print}' >> nagios.txt ps axo pid,ppid,pcpu,size,etime,cmd | grep nagios |grep -v grep | grep -v nagios_total.sh |awk -f awk >> nagios.txt echo "# # # # # # # # #" >> nagios.txt sleep 1 i=$(( $i +1 )) done echo "##### Nagios Process Report #####" >> nagios_summary.txt echo "#################################" >> nagios_summary.txt echo "##### Total Memory Summary #####" >> nagios_summary.txt grep "Total Memory" nagios.txt | sort | uniq -c >> nagios_summary.txt echo "##### Average Memory Use MB #####" >> nagios_summary.txt awk '{ SUM += $4} END { print SUM/300/1024 }' nagios.txt >> nagios_summary.txt echo >> nagios_summary.txt echo "#################################" >> nagios_summary.txt echo "##### Total CPU Summary % #####" >> nagios_summary.txt grep "Total CPU" nagios.txt | sort -n | uniq -c >> nagios_summary.txt grep "Total CPU" nagios.txt |awk '{printf "%3.2fn", $3}'| sort -n > /tmp/nagios_summary echo "##### Average CPU Use #####" >> nagios_summary.txt awk '{ SUM += $1} END { print SUM/300 }' /tmp/nagios_summary >> nagios_summary.txt echo "##### Maximum CPU Use #####" >> nagios_summary.txt sort -n /tmp/nagios_summary |tail -n1 >> nagios_summary.txt 2011 28
  • 29. Resource Usage - Compiled PID    PPID  CPU  RAM   Time   PR  Command 32135 32134  0.0   356       00:01  15 /usr/local/nagios/libexec/check_http ­H 192.168.5.1 ­u /blog/ ­s Nagios Test Page 32566 32564  0.0   356       00:01  21 /usr/local/nagios/libexec/check_http ­H 192.168.5.1 ­p 8080 ­w 3 ­c 7 32379 32378  0.0   340       00:02  25 /usr/local/nagios/libexec/check_ftp ­H 192.168.5.1 ­t 4 ­e vsFTPd 2.0.5 31819 31818  0.0   280       00:24  25 /usr/local/nagios/libexec/check_ping ­H 69.58.181.89 ­w 3000.0,80% ­c 5000.0,100% ­p 5 32365 32364  0.0   280       00:02  18 /usr/local/nagios/libexec/check_ping ­H 192.168.5.191 ­w 3000.0,80% ­c 5000.0,100% ­p 5 32535 32534  0.0  1004       00:01  18 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.191 ­c check_cpu_stats    1633  1632     0.0  1004       00:01  18 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.191 ­c check_yum  1386   1385    0.0   340       00:02  20 /usr/local/nagios/libexec/check_tcp ­H 192.168.5.1 ­p 22  3209     3208  0.0   340       00:00  21 /usr/local/nagios/libexec/check_tcp ­H 192.168.5.1 ­p 993  3387   3386  0.0   340       00:00  15 /usr/local/nagios/libexec/check_tcp ­H 192.168.5.1 ­p 3306 2011 29
  • 30. Resource Usage – Compiled PID    PPID  CPU  RAM   Time   PR  Command 1944  1943     0.0   504       00:01  18 /usr/local/nagios/libexec/check_mysql ­H 192.168.5.1 ­u nagios ­d nagios ­­password XXXXXX 32558 32557   0.0   272       00:00  19 /usr/local/nagios/libexec/check_by_ssh ­H 192.168.5.190 ­i /usr/local/nagios/etc/.ssh/id_dsa ­C  /usr/local/nagios/libexec/check_load ­w 5.0,4.0,3.0 ­c 10.0,6.0,4.0  7979  7978     0.0    272      00:01  23 /usr/local/nagios/libexec/check_by_ssh ­H 192.168.5.190 ­i /usr/local/nagios/etc/.ssh/id_dsa ­C  /usr/local/nagios/libexec/check_net ­w  ­c   3117  3116     0.0   272       00:01  16 /usr/local/nagios/libexec/check_by_ssh ­H 192.168.5.190 ­i /usr/local/nagios/etc/.ssh/id_dsa ­C  /usr/local/nagios/libexec/check_multi ­f /usr/local/nagios/etc/check_multi/check_multi.cmd 32151 32150  0.0   256       00:01  15 /usr/local/nagios/libexec/check_snmp ­H 192.168.5.220 ­C public ­m DISMAN­EVENT­MIB ­o . 1.3.6.1.2.1.1.3.0 2011 30
  • 31. Resource Usage - Perl PID    PPID  CPU  RAM   Time   PR  Command 31797 31796  1.0     5452       00:09  16 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_load.pl ­H 192.168.5.1 ­C public ­w 90% ­c 95% 32031 32030  1.1     5320       00:08  15 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_mem.pl ­H 192.168.5.14 ­C public ­w 85,10 ­c  95,20 32257 32254  4.0      5448       00:02  21 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_storage.pl ­H 192.168.5.1 ­C public ­m /home ­w  95 ­c 97 ­f  1558  1557 10.0      5984       00:01  21 /usr/bin/perl ­w /usr/local/nagios/libexec/check_snmp_int.pl ­H 192.168.5.1 ­C public ­n eth0 ­w 200,400  ­c 0,600  1330  1329  0.0       4864       00:00  17 perl /usr/local/nagios/libexec/check_imap_receive ­H 192.168.5.191 ­­username tom ­­password linux23 ­s  SUBJECT ­s New York ­­capture­max Sales ­­nodownload ­­nodelete ­­ssl 32390 32389  5.5      6236       00:02  25 /usr/bin/perl /usr/local/nagios/libexec/check_interface_table.pl ­H 192.168.5.220 ­C ­w ­C 32432 32431 10.0     5844       00:01  20 /usr/bin/perl ­w /usr/local/nagios/libexec/check_ifstatus ­H 192.168.5.230 ­C public ­x 1 2011 31
  • 32. Resource Usage - NSClient++ PID    PPID  CPU  RAM   Time   PR  Command 32279 32278  0.0     280       00:00  15 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v CPULOAD ­l 5 80 90 32384 32383  0.0      280       00:01  25 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v CLIENTVERSION 32480 32479  0.0      280       00:01  15 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v UPTIME  1349  1348  0.0        280       00:00  18 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v SERVICESTATE ­d SHOWALL ­l SNMP  1619  1618  0.0       280       00:01  15 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v PROCSTATE ­d SHOWALL ­l  Explorer.exe  1832  1831  0.0       280       00:00  22 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v USEDDISKSPACE ­l c ­w 80 ­c 90  3106  3105  0.0       280       00:02  17 /usr/local/nagios/libexec/check_nt ­H 192.168.5.14 ­p 12489 ­v PROCSTATE ­d SHOWFAIL ­l  Explorer.exe&Notepad.exe 32561 32560  0.0     332       00:01  21 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_service  1958  1957  0.0       332       00:02  16 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_disk  3205  3204  0.0       332       00:00  20 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_cpu  7838  7837  0.0      332       00:00  19 /usr/local/nagios/libexec/check_nrpe ­H 192.168.5.14 ­c alias_multiple 2011 32
  • 33. Resource Usage - SSH PID    PPID  CPU  RAM   Time   PR  Command 32562 32558  0.0     524       00:00  16 /usr/bin/ssh ­i /usr/local/nagios/etc/.ssh/id_dsa 192.168.5.190 /usr/local/nagios/libexec/check_load ­w  5.0,4.0,3.0 ­c 10.0,6.0,4.0  5865  5860  0.0       524       00:01  15 /usr/bin/ssh ­i /usr/local/nagios/etc/.ssh/id_dsa 192.168.5.190 /usr/local/nagios/libexec/check_dns ­H  nagios.org  3119  3117  0.0     524       00:01  15 /usr/bin/ssh ­i /usr/local/nagios/etc/.ssh/id_dsa 192.168.5.190 /usr/local/nagios/libexec/check_multi ­f  /usr/local/nagios/etc/check_multi/check_multi.cmd 2011 33
  • 34. Principle #1: Poor choices on implementing plugins cannot be compensated for by additional hardware. Knowledge of Plugins Planning Saves Hardware Limits Avoid the Domino Effect 2011 34
  • 35. Principle #2: If possible, execute plugins on the client using either SSH, NRPE, NSCA, NRDP. Typical Client Under Utilized check_multi Most Efficient Collect 10-30 checks per connection Used with NRPE, SSH, NRDP, NSCA 2011 35
  • 36. Principle #3: Compiled plugins require 10 - 44 times LESS resources than scripts. 12 10 8 6 RAM 4 2 0 Compiled NSCA NSClient++ SSH Perl 2011 36
  • 37. Principle #4: (Plugin RAM + Nagios RAM) x Time = RAM per check check_ping takes 280 RAM takes 10864 RAM from nagios process to execute plugin takes 3 seconds to execute (plugin RAM + nagios RAM) x time = RAM per check (280 +10864) X 3 = 32.64 MB RAM per check 2011 37
  • 38. RAM Required per Check 2011 38
  • 39. Principle #5: Plugins hold resources for up to 10 seconds. Example: check_ping PID PPID CPU RAM Time Command 12106 12105 0.0 280 00:01 25 /usr/local/nagios/libexec/check_ping -H 192.168.5.220 -w 3000.0,80% -c 5000.0,100% -p 5 12106 12105 0.0 280 00:02 25 /usr/local/nagios/libexec/check_ping -H 192.168.5.220 -w 3000.0,80% -c 5000.0,100% -p 5 12106 12105 0.0 280 00:03 25 /usr/local/nagios/libexec/check_ping -H 192.168.5.220 -w 3000.0,80% -c 5000.0,100% -p 5 2011 39
  • 40. Principle #5: Example CPU   RAM        Time                         Plugin 13.0  7696       00:01  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   6.5  7696       00:02  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   4.3  7696       00:03  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   3.2  7696       00:04  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   2.6  7696       00:05  20 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   2.1  7696       00:06  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   1.8  7696       00:07  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl  1.6  7696       00:08  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   1.4  7696       00:09  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl   1.3  7696       00:10  15 /usr/bin/perl ­w? /usr/local/nagios/libexec/check_iftraffic3.pl 2011 40