SlideShare a Scribd company logo

Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Using Nagios Network Analyzer and NSTI

Download as ODP, PDF
Nagios
Nagios

Spenser Reinhardt's presentation on Intro to Network Monitoring Using Nagios Network Analyzer and NSTI. The presentation was given during the Nagios World Conference North America held Sept 20-Oct 2nd, 2013 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

Technology
1 of 23
Intro to Network Monitoring Using Nagios Network Analyzer and NSTI Spenser Reinhardt sreinhardt@nagios.com
2 General Overview SNMP Basics Nagios SNMP Trap Interface (NSTI) Nagios Network Analyzer (NNA) Integration
3 What Is SNMP? Simple Network Management Protocol SNMP is a application layer protocol for management and information gathering from network based devices. It works by querying an agent for a specific address(oid) that contains information specific to that device. In some cases modification of device settings and configuration is possible via SNMP.
4 Basic Terminology Manager – Generally the device requesting or setting data on a SNMP Agent. Can also receive traps. Agent – Local or remote client that receives and processes requests, and potentially generates traps to be sent to a manager. Versions SNMPv1 – Base standard for snmp SNMPv2c – BulkGetRequest, performance, and security improvements. SNMPv3 – Cryptographic, Authentication and Integrity
5 MIBs and OIDs, Oh my! Management Information Base (MIB) MIBs define what information is potentially available on a particular device. They also define the structure of addressing and data within the SNMP subsystem. Object Identifier (OID) OIDs are variables referenced by name or numeric address. They determine a specific aspect of the MIB to capture or modify information on the SNMP subsystem
6 Polling, Traps Vs Gets GetRequest: Manager to agent, request for data at a specified OID. Response: Returns the data requested as an acknowledgment to a GetRequest Trap: An asynchronous notification from agent to manager, generated by the agent upon system events.
7 Firewall Restrictions GetRequest Manager to Agent: Random src to 161 UDP v1 & v2c Manager to Agent: Random src to 10161 UDP v3 Response Agent to Manager: Random src to Port from GetRequest UDP Traps Agent to Manager: Random src to 162 UDP v1 & v2c Agent to Manager: Random src to 1062 UDP v3
8 Services Agents *nix – snmpd Windows – SNMP Service Managers Net-SNMP MRTG Traps snmptt snmptrapd
9 Configuration and Logging SNMPd Config - /etc/snmp/snmpd.conf Logging - /var/log/messages SNMPtt Config - /etc/snmp/snmptt.conf Config - /etc/snmp/snmptt.ini Logging - /var/log/snmptt/ SNMPtrapd Config - /etc/snmp/snmptrapd.conf Logging - /var/log/snmptt/
10 One More Important Location /usr/share/snmp/mibs Mibs are stored here Nagios, snmp and many other applications read from here Uploaded via nagiosxi web ui here Used for Gets and Traps Should be owned by root.nagios
11 This matters to me why? Basis for agentless remote monitoring on many devices. Often faster than wmi and agent based installs. Little to no delay when devices send traps until notification. Many Nagios plugins built around snmp.
12 Nagios SNMP Trap Interface (NSTI)
13 NSTI - Overview Created by Nick Scott And a lot of pushing by me! (Thanks Nick) Works with snmptt and snmptrapd to collect traps, and store them via mysql Provides a visual interface for viewing large amounts of traps Very light-weight and easy on resources
14 Important Files Logging /var/log/httpd/error_log /var/log/mysqld.log Snmptt logs Configuration /usr/local/{nagiosti,nsti} Depends on the version in use
15 Potential Woes SNMPTT not logging Permissions on /var/spool/snmptt/ Settings in /etc/snmp/snmptt.ini Mysql Issues /usr/local/nsti/etc/nsti.cfg /etc/snmp/snmptt.in Traps no longer sending to XI also Settings in /etc/snmp/snmptrapd.conf
16 So What Can I Actually Use This For? Correlating issues only available via traps Feeding traps to XI or core, and maintaining past events Windows event log monitoring via traps Network device status changes
17 Collecting Windows Logins
18 Windows Service Restarts
19 Nagios Network Analyzer
20 NNA - Overview Network flow collector Correlation of network traffic Statistical network information Advanced querying and reporting Compressed rrds and low cpu usage
21 Important Locations and Files /usr/local/nagiosna/ Main configs, binaries, and storage of rrds Nfcap Daemon to collect flows Needs to be started before sources can work
22 Demo! http://nagiosna.demos.nagios.com/nagiosna/index.php
23 Questions? Thank you!

Recommended

Snort
SnortSnort
SnortRahul Jain
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
Snort
SnortSnort
SnortFadwa Gmiden
 
Snort IPS
Snort IPSSnort IPS
Snort IPSSimone Tino
 
Snort
SnortSnort
SnortStickman Hai
 
Snort
SnortSnort
Snortnazzf
 
Snort
SnortSnort
SnortMichael Boman
 
Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introductionRaghava Sharma
 

Recommended

Snort
SnortSnort
SnortRahul Jain
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
Snort
SnortSnort
SnortFadwa Gmiden
 
Snort IPS
Snort IPSSnort IPS
Snort IPSSimone Tino
 
Snort
SnortSnort
SnortStickman Hai
 
Snort
SnortSnort
Snortnazzf
 
Snort
SnortSnort
SnortMichael Boman
 
Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introductionRaghava Sharma
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network DefenseSalvatore Lentini
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewallMhmud Khraibene
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesSalvatore Lentini
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configurationSoban Ahmad
 
Firewalls
FirewallsFirewalls
FirewallsKalluri Madhuri
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Introduction to Snort
Introduction to SnortIntroduction to Snort
Introduction to SnortHossein Yavari
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Snort IDS
Snort IDSSnort IDS
Snort IDSprimeteacher32
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment Systema3sec
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its ServicesNavdeep Dhingra
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with SnortNarudom Roongsiriwong, CISSP
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoringTapan Khilar
 
Firewalls
FirewallsFirewalls
FirewallsUniversity of Central Punjab
 
Firewall Basing
Firewall BasingFirewall Basing
Firewall BasingPina Parmar
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptxLilyMkayula
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptxTanzeelGill
 

More Related Content

What's hot

IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network DefenseSalvatore Lentini
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesSalvatore Lentini
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configurationSoban Ahmad
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment Systema3sec
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoringTapan Khilar
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 

What's hot (20)

IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network Defense
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N Nessus
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS Technologies
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configuration
 
Firewalls
FirewallsFirewalls
Firewalls
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
 
Introduction to Snort
Introduction to SnortIntroduction to Snort
Introduction to Snort
 
Firewall
FirewallFirewall
Firewall
 
Snort IDS
Snort IDSSnort IDS
Snort IDS
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment System
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its Services
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoring
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall Basing
Firewall BasingFirewall Basing
Firewall Basing
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
 
Port scanning
Port scanningPort scanning
Port scanning
 

Similar to Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Using Nagios Network Analyzer and NSTI

Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptxLilyMkayula
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7jignash
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
OSMC 2009 | net-snmp: The forgotten classic by Dr. Michael Schwartzkopff
OSMC 2009 | net-snmp: The forgotten classic by Dr. Michael SchwartzkopffOSMC 2009 | net-snmp: The forgotten classic by Dr. Michael Schwartzkopff
OSMC 2009 | net-snmp: The forgotten classic by Dr. Michael SchwartzkopffNETWAYS
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureMOHD ARISH
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Netgate
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days
 
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRENON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTREcscpconf
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management ProtocoleAmin Komeili
 
Simple network management protocol
Simple network management protocolSimple network management protocol
Simple network management protocolni35540
 
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdf
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdfQuestion No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdf
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdffashiionbeutycare
 
SNMP Network Tracker Project
SNMP Network Tracker ProjectSNMP Network Tracker Project
SNMP Network Tracker ProjectPraveen Mathews
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokAhmed Gad
 
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios
 
How To Install and Configure SNMP on RHEL 7 or CentOS 7
How To Install and Configure SNMP on RHEL 7 or CentOS 7How To Install and Configure SNMP on RHEL 7 or CentOS 7
How To Install and Configure SNMP on RHEL 7 or CentOS 7VCP Muthukrishna
 
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAn Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAbhishek Kumar
 

Similar to Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Using Nagios Network Analyzer and NSTI (20)

Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptx
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptx
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7
 
snmp
snmpsnmp
snmp
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management Protocol
 
OSMC 2009 | net-snmp: The forgotten classic by Dr. Michael Schwartzkopff
OSMC 2009 | net-snmp: The forgotten classic by Dr. Michael SchwartzkopffOSMC 2009 | net-snmp: The forgotten classic by Dr. Michael Schwartzkopff
OSMC 2009 | net-snmp: The forgotten classic by Dr. Michael Schwartzkopff
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructure
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
 
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRENON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management Protocole
 
Simple network management protocol
Simple network management protocolSimple network management protocol
Simple network management protocol
 
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdf
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdfQuestion No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdf
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdf
 
SNMP Network Tracker Project
SNMP Network Tracker ProjectSNMP Network Tracker Project
SNMP Network Tracker Project
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the Netwok
 
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
 
How To Install and Configure SNMP on RHEL 7 or CentOS 7
How To Install and Configure SNMP on RHEL 7 or CentOS 7How To Install and Configure SNMP on RHEL 7 or CentOS 7
How To Install and Configure SNMP on RHEL 7 or CentOS 7
 
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAn Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
 
001 implementation nms_software
001 implementation nms_software001 implementation nms_software
001 implementation nms_software
 

More from Nagios

Nagios XI Best Practices
Nagios XI Best PracticesNagios XI Best Practices
Nagios XI Best PracticesNagios
 
Jesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewJesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewNagios
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodNagios
 
Sean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsSean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsNagios
 
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionMarcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionNagios
 
Janice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsJanice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsNagios
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceNagios
 
Mike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksMike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksNagios
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationNagios
 
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Nagios
 
Matt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosMatt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosNagios
 
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Nagios
 
Eric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosEric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosNagios
 
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Nagios
 
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Nagios
 
Nagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNagios
 
Nagios Log Server - Features
Nagios Log Server - FeaturesNagios Log Server - Features
Nagios Log Server - FeaturesNagios
 
Nagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios
 
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios
 

More from Nagios (20)

Nagios XI Best Practices
Nagios XI Best PracticesNagios XI Best Practices
Nagios XI Best Practices
 
Jesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewJesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture Overview
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
 
Sean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsSean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient Notifications
 
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionMarcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
 
Janice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsJanice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios Plugins
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical Experience
 
Mike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksMike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service Checks
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
 
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
 
Matt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosMatt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With Nagios
 
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
 
Eric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosEric Loyd - Fractal Nagios
Eric Loyd - Fractal Nagios
 
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
 
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
 
Nagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson Opening
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
 
Nagios Log Server - Features
Nagios Log Server - FeaturesNagios Log Server - Features
Nagios Log Server - Features
 
Nagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios Network Analyzer - Features
Nagios Network Analyzer - Features
 
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
 

Recently uploaded

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 

Recently uploaded (20)

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 

Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Using Nagios Network Analyzer and NSTI

  • 1. Intro to Network Monitoring Using Nagios Network Analyzer and NSTI Spenser Reinhardt sreinhardt@nagios.com
  • 2. 2 General Overview SNMP Basics Nagios SNMP Trap Interface (NSTI) Nagios Network Analyzer (NNA) Integration
  • 3. 3 What Is SNMP? Simple Network Management Protocol SNMP is a application layer protocol for management and information gathering from network based devices. It works by querying an agent for a specific address(oid) that contains information specific to that device. In some cases modification of device settings and configuration is possible via SNMP.
  • 4. 4 Basic Terminology Manager – Generally the device requesting or setting data on a SNMP Agent. Can also receive traps. Agent – Local or remote client that receives and processes requests, and potentially generates traps to be sent to a manager. Versions SNMPv1 – Base standard for snmp SNMPv2c – BulkGetRequest, performance, and security improvements. SNMPv3 – Cryptographic, Authentication and Integrity
  • 5. 5 MIBs and OIDs, Oh my! Management Information Base (MIB) MIBs define what information is potentially available on a particular device. They also define the structure of addressing and data within the SNMP subsystem. Object Identifier (OID) OIDs are variables referenced by name or numeric address. They determine a specific aspect of the MIB to capture or modify information on the SNMP subsystem
  • 6. 6 Polling, Traps Vs Gets GetRequest: Manager to agent, request for data at a specified OID. Response: Returns the data requested as an acknowledgment to a GetRequest Trap: An asynchronous notification from agent to manager, generated by the agent upon system events.
  • 7. 7 Firewall Restrictions GetRequest Manager to Agent: Random src to 161 UDP v1 & v2c Manager to Agent: Random src to 10161 UDP v3 Response Agent to Manager: Random src to Port from GetRequest UDP Traps Agent to Manager: Random src to 162 UDP v1 & v2c Agent to Manager: Random src to 1062 UDP v3
  • 8. 8 Services Agents *nix – snmpd Windows – SNMP Service Managers Net-SNMP MRTG Traps snmptt snmptrapd
  • 9. 9 Configuration and Logging SNMPd Config - /etc/snmp/snmpd.conf Logging - /var/log/messages SNMPtt Config - /etc/snmp/snmptt.conf Config - /etc/snmp/snmptt.ini Logging - /var/log/snmptt/ SNMPtrapd Config - /etc/snmp/snmptrapd.conf Logging - /var/log/snmptt/
  • 10. 10 One More Important Location /usr/share/snmp/mibs Mibs are stored here Nagios, snmp and many other applications read from here Uploaded via nagiosxi web ui here Used for Gets and Traps Should be owned by root.nagios
  • 11. 11 This matters to me why? Basis for agentless remote monitoring on many devices. Often faster than wmi and agent based installs. Little to no delay when devices send traps until notification. Many Nagios plugins built around snmp.
  • 12. 12 Nagios SNMP Trap Interface (NSTI)
  • 13. 13 NSTI - Overview Created by Nick Scott And a lot of pushing by me! (Thanks Nick) Works with snmptt and snmptrapd to collect traps, and store them via mysql Provides a visual interface for viewing large amounts of traps Very light-weight and easy on resources
  • 15. 15 Potential Woes SNMPTT not logging Permissions on /var/spool/snmptt/ Settings in /etc/snmp/snmptt.ini Mysql Issues /usr/local/nsti/etc/nsti.cfg /etc/snmp/snmptt.in Traps no longer sending to XI also Settings in /etc/snmp/snmptrapd.conf
  • 16. 16 So What Can I Actually Use This For? Correlating issues only available via traps Feeding traps to XI or core, and maintaining past events Windows event log monitoring via traps Network device status changes
  • 20. 20 NNA - Overview Network flow collector Correlation of network traffic Statistical network information Advanced querying and reporting Compressed rrds and low cpu usage
  • 21. 21 Important Locations and Files /usr/local/nagiosna/ Main configs, binaries, and storage of rrds Nfcap Daemon to collect flows Needs to be started before sources can work