For system administrators, network engineers, and security analysts, it is essential to keep a track of network traffic.
Zenoss Core is an enterprise-level systems and network monitoring solution that can be as complex as you need it to be. While just about anyone can install it, turn it on, and monitor "something", Zenoss Core has a complicated interface packed with features. The interface has been drastically improved over version 2, but it's still not the type of software you can use intuitively—in other words, a bit of guidance is in order.
The role of this book is to serve as your Zenoss Core tour guide and save you hours, days, maybe weeks of time.
This book will show you how to work with Zenoss and effectively adapt Zenoss for System and Network monitoring. Starting with the Zenoss basics, it requires no existing knowledge of systems management, and whether or not you can recite MIB trees and OIDs from memory is irrelevant. Advanced users will be able to identify ways in which they can customize the system to do more, while less advanced users will appreciate the ease of use Zenoss provides. The book contains step-by-step examples to demonstrate Zenoss Core's capabilities. The best approach to using this book is to sit down with Zenoss and apply the examples found in these pages to your system.
The book covers the monitoring basics: adding devices, monitoring for availability and performance, processing events, and reviewing reports. It also dives into more advanced customizations, such as custom device reports, external event handling (for example, syslog server, zensendevent, and Windows Event Logs), custom monitoring templates using SNMP data sources, along with Nagios, and Cacti plugins. An example of a Nagios-style plugin is included and the book shows you where to get an example of a Cacti-compatible plugin for use as a command data source in monitoring templates.
In Zenoss Core, ZenPacks are modules that add monitoring functionality. Using the Nagios plugin example, you will learn how to create, package, and distribute a ZenPack. You also learn how to explore Zenoss Core's data model using zendmd so that you can more effectively write event transformations and custom device reports.
Implement Zenoss Core and fit it into your security management environment using this easy-to-understand tutorial guide.
Chapter 1, Network and System Monitoring with Zenoss Core, provides an overview of Zenoss Core's monitoring capabilities and system architecture.
In Chapter 2 , Discovering Devices, we prepare our monitoring environment by configuring SNMP, WMI, SSH, and firewall ports. We'll add devices to Zenoss Core via the setup wizard, zenbatchload, and zendisc.
Chapter 3, Device Setup and Administration, configures devices so that we ensure we collect the proper monitoring information by organizing, configuring, and troubleshooting the monitoring properties.
Chapter 4, Monitor Status and Performance, monitors and graphs the performance of device components such as routes, windows services, IP services, processes, file systems, and network interfaces.
Chapter 5, Custom Monitoring Templates, explores custom monitoring templates by configuring various data sources, including SNMP, Nagios plugins, and Cacti plugins.
Chapter 6, Core Event Management, introduces us to processing events via the Event Console. We create custom event commands, learn how to create test events, and perform event mapping.
Chapter 7, Collecting Events, allows Zenoss Core to receive and process events from third-party sources, such as syslog, Windows Event Log, e-mail, and home-grown system administration scripts.
Chapter 8, Settings and Administration, covers common Zenoss Core administration tasks, such as managing users, the monitoring dashboard, backups, and updates.
Chapter 9, Extending Zenoss Core with ZenPacks, installs, creates, and packages add-on modules. ZenPacks extend the functionality of Zenoss Core.
Chapter 10, Reviewing Built-in Reports, reviews each of Zenoss Core's included reports to help us troubleshoot, analyze, and view our monitoring performance over time. It also creates custom graph and multi-graph reports.
Chapter 11, Writing Custom Device Reports, provides an in-depth look at Zenoss Core's custom device report functionality, including the use of zendmd to explore the Zenoss data model.
Appendix A, Event Attributes, lists the available event attributes in Zenoss Core.
Appendix B, Device Attribute, lists the attributes that we may use when working with our devices.
Appendix C, Example snmpd.conf, lists a sample snmpd.conf file.