0%

Book Description

Overview of Zenoss Core 3.x Network and System Monitoring

  • Designed to quickly acquaint you with the core feature so you can customize Zenoss Core to your needs
  • Discover, manage, and monitor IT resources
  • Build custom event-processing and alerting rules
  • Write custom device reports to extract, display, and analyze monitoring data
  • A handy reference guide with loads of screenshots
  • An update of Zenoss Core Network and System Monitoring rewritten for Zenoss 3.x

In Detail

For system administrators, network engineers, and security analysts, it is essential to keep a track of network traffic.

Zenoss Core is an enterprise-level systems and network monitoring solution that can be as complex as you need it to be. And while just about anyone can install it, turn it on, and monitor "something", Zenoss Core has a complicated interface packed with features. The interface has been drastically improved over version 2, but it's still not the type of software you can use intuitively – in other words, a bit of guidance is in order.

The role of this book is to serve as your Zenoss Core tour guide and save you hours, days, maybe weeks of time.

This book will show you how to work with Zenoss and effectively adapt Zenoss for System and Network monitoring. Starting with the Zenoss basics, it requires no existing knowledge of systems management, and whether or not you can recite MIB trees and OIDs from memory is irrelevant. Advanced users will be able to identify ways in which they can customize the system to do more, while less advanced users will appreciate the ease of use Zenoss provides. The book contains step-by-step examples to demonstrate Zenoss Core's capabilities. The best approach to using this book is to sit down with Zenoss and apply the examples found in these pages to your system.

The book covers the monitoring basics: adding devices, monitoring for availability and performance, processing events, and reviewing reports. It also dives into more advanced customizations, such as custom device reports, external event handling (for example, syslog server, zensendevent, and Windows Event Logs), custom monitoring templates using SNMP data sources, along with Nagios, and Cacti plugins. An example of a Nagios-style plugin is included and the book shows you where to get an example of a Cacti-compatible plugin for use as a command data source in monitoring templates. In Zenoss Core, ZenPacks are modules that add monitoring functionality. Using the Nagios plugin example, you will learn how to create, package, and distribute a ZenPack. You also learn how to explore Zenoss Core's data model using zendmd so that you can more effectively write event transformations and custom device reports.

Implement Zenoss core and fit it into your security management environment using this easy-to-understand tutorial guide

Table of Contents

  1. Zenoss Core 3.x Network and System Monitoring
    1. Zenoss Core 3.x Network and System Monitoring
    2. Credits
    3. About the Author
    4. About the Reviewers
    5. www.PacktPub.com
      1. Support files, eBooks, discount offers and more
        1. Why Subscribe?
        2. Free Access for Packt account holders
    6. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Downloading the example code
        2. Errata
        3. Piracy
        4. Questions
    7. 1. Network and System Monitoring with Zenoss Core
      1. Device management
      2. Availability and performance monitors
      3. Event management
      4. Plugin architecture
      5. System reports
        1. Custom device reports
      6. System architecture
      7. User layer
      8. Data layer
      9. Collection layer
        1. Device management daemons
        2. Performance and availability daemons
        3. Event daemons
      10. Summary
    8. 2. Discovering Devices
      1. Zenoss Core installation
      2. Preparing devices for monitoring
        1. SNMP
          1. SNMP versions
          2. Configuring SNMP on Linux
          3. Configuring SNMP and WMI on Windows
        2. Zenoss Plugins
          1. Installing Zenoss Plugins
        3. Port scan
      3. Opening monitoring-specific ports
        1. Configuring Linux firewalls
        2. Configuring Windows firewall
      4. Zenoss Core setup wizard
        1. Step 1: Setting up users
        2. Step 2: Specify or discover devices to monitor
          1. Adding devices
          2. Manually find devices
          3. Autodiscover devices
        3. Our device inventory: A job well done
          1. Reviewing device creation job log
      5. Adding a single device
        1. Entering device attributes
      6. Importing a list of devices with zenbatchload
      7. Command line discovery with zendisc
      8. Summary
    9. 3. Device Setup and Administration
      1. Organizing devices in Zenoss Core
        1. Locations
        2. Systems and Groups
        3. Organizer details
          1. Editing organizers
          2. Moving organizers
        4. Classes
          1. Viewing a list of device classes
          2. Assigning devices to a class
      2. Modeling devices
        1. Modeler plugins gather device information
        2. Assigning modeler plugins
      3. Troubleshooting data collection
        1. Troubleshooting SNMP problems
          1. Running snmpwalk
          2. Is the SNMP daemon running on Linux servers?
          3. SNMP problems on Windows
        2. Troubleshooting WMI problems
          1. Zeneventlog—unable to connect to Windows
          2. Zenoss Core does not collect WMI data
        3. Troubleshooting Zenoss Plugins
          1. A class of its own
      4. Device administration
        1. Locking or unlocking a device
        2. Renaming a device
        3. Resetting the IP address
        4. Push changes
        5. Deleting devices
      5. zProperties defined
      6. Summary
    10. 4. Monitor Status and Performance
      1. Collectors collect
        1. Configuring the performance collector
      2. Monitoring components
        1. Interfaces
        2. OS Processes
          1. Add Process
          2. Viewing or editing the process details
          3. Configuration properties
          4. Monitoring OS Processes
        3. Services
          1. Enable monitoring for a service
          2. Configuration properties
          3. Monitoring exceptions for services
          4. Interactively monitor IP services
        4. File Systems
          1. Ignoring File Systems with zProperties
        5. Network Routes
          1. Networks
        6. Add Components
        7. Viewing and editing component details for a device
          1. Performance Graphs
          2. Interface template
      3. Performance Graphs
        1. Working with graphs
        2. Monitoring performance thresholds
      4. Summary
    11. 5. Custom Monitoring Templates
      1. Monitoring Templates
      2. Monitoring SNMP data sources
        1. Overriding templates
        2. Editing the /Server/Linux template
          1. Find OIDs for SNMP monitoring
      3. Monitoring with Nagios plugins
        1. Working with Nagios plugins
          1. Nagios return codes
          2. Nagios performance data
        2. Adding the Nagios plugin to Monitoring Templates
        3. Adding a Data Source
          1. Adding a Data Point
          2. RRDtool Data Point configurations
        4. Defining monitoring thresholds
        5. Graph definitions
          1. RRDtool Graph Point configurations
        6. Binding templates to the device class
        7. Adding a device to monitor using the Bogo template
      4. Monitoring with Cacti plugins
        1. Data Source parser
      5. Summary
    12. 6. Core Event Management
      1. Event Console
        1. Event severities defined
        2. Event statuses defined
          1. Acknowledging an event
        3. Viewing an event log
        4. Events consoles are everywhere
        5. Closing events
          1. Displaying historical events
      2. Event Manager
        1. Event Fields
        2. Event commands
          1. Creating a command
      3. Working with events
        1. Simulating an event
          1. Clearing the event
        2. Event mapping
          1. Event Classes
          2. Event class zProperties
          3. Mapping an event
          4. Event mapping sequence
      4. Event de-duplication
        1. Turning off event de-duplication
      5. Summary
    13. 7. Collecting Events
      1. Routing syslog messages to Zenoss Core
        1. Collecting Cisco router syslogs
        2. Testing syslog configuration with Logger
      2. Monitoring Windows event logs
        1. Windows event log severities
        2. Testing the event log configuration with Eventcreate
      3. Incorporating event reporting into third-party scripts via zensendevent
        1. Simple backup script with zensendevent
      4. Creating events by e-mail
        1. Zenmail
        2. Zenpop3
      5. Configuring alerting rules
        1. Alert filters
        2. Alert escalations
        3. Schedule
        4. Alert messages
      6. Event transformations
        1. Some event transformation examples
      7. Programming in zendmd, an interactive shell
      8. Summary
    14. 8. Settings and Administration
      1. Managing Zenoss Core users
        1. Administered Objects
        2. Event Views
        3. Groups
      2. Creating custom User Commands
        1. Adding a User Command
      3. System settings
      4. Configuring Zenoss Core's Monitoring Dashboard
        1. Locations portlet with Google Maps
        2. Device Issues portlet
        3. Zenoss Issues portlet
        4. Watch List portlet
        5. Root Organizers portlet
        6. Production States portlet
        7. Portlet permissions
      5. Meet the Zenoss Daemons
      6. Maintenance Windows
      7. Adding MIBs
      8. Backing up and restoring monitoring data
        1. Automating backups with zenbackup
        2. Restoring backups with zenrestore
      9. Updating Zenoss Core
      10. Summary
    15. 9. Extending Zenoss Core with ZenPacks
      1. Installing community ZenPacks
        1. Monitoring websites with HttpMonitor
          1. Viewing a list of installed ZenPack objects
          2. Configuring HttpMonitor
          3. Configuring HttpMonitor settings
      2. Creating a ZenPack
        1. Adding files and objects to the ZenPack
          1. Adding a new data source to the monitoring template
          2. Adding objects to a ZenPack
        2. Packaging the ZenPack
        3. ZenPack development mode
      3. Developer resources
      4. Summary
    16. 10. Reviewing Built-in Reports
      1. Report overview
      2. Device Reports
        1. New Devices
        2. Device Changes
        3. Model Collection Age
        4. Software Inventory
          1. Manufacturers and Products
        5. SNMP Status Issues
        6. Ping Status Issues
        7. All Devices
        8. All Monitored Components
      3. Event Reports
        1. All Event Classes
        2. All Event Mappings
        3. All Heartbeats
      4. Graph Reports
      5. Multi-Graph Reports
        1. Adding Collections
        2. Adding Graph Definitions
        3. Adding Graph Groups
      6. Performance Reports
        1. Aggregate Report
        2. Availability
        3. CPU Utilization
        4. Filesystem Utilization
        5. Interface Utilization
        6. Memory Utilization
        7. Threshold Summary
      7. User Reports
        1. Notification Schedules
      8. Summary
    17. 11. Writing Custom Device Reports
      1. Creating Custom Device Reports
        1. Custom Device Report fields
        2. Building Custom Device Report queries
          1. Using zendmd to test report queries
        3. Exploring data in Zope
        4. Using Python expressions in the columns
        5. Convenience functions
          1. convToUnits
      2. Scheduling reports for e-mail delivery
        1. Sending a CSV report
        2. Scheduling a cron job
      3. Summary
    18. A. Event Attributes
    19. B. Device Attributes
    20. C. Example snmpd.conf
35.168.113.248