Loading
Big Brother Network Monitoring System
Installing and hacking Big Brother, a web-based Unix network monitoring and notification system.
I was so impressed with Big Brother that I decided to use it. Sean has thoughtfully made its acquisition easy, but requests that you fill out an on-line registration form with your name and e-mail address. He also likes to know where you heard about Big Brother. I filled out his forms in early November 1996, and received an e-mail survey form in late December. To download Big Brother and to get technical information about how the system works and how to install and configure the package, go to http://www.iti.qc.ca/iti/users/sean/bb-dnld/bb-dnld.html.
When I clicked on the link to download Big Brother, I ended up with a file called bb-src.tgz. I impetuously gunzipped this to get bb-src.tar. I then thought better of the impending error of my ways and decided to download and print the installation instructions before going further. Installation procedures for Big Brother can be found at http://www.iti.qc.ca/iti/users/sean/bb-dnld/bb-install.html, as well as other information about how to set up the system. Just in case, I also grabbed and printed the debugging information (as it turned out, I did not need it) provided at http://www.iti.qc.ca/iti/users/sean/bb-dnld/bb-debug.html.
I had no problems following the installation instructions. I decided to make the $BBHOME directory /usr/src/bb. The automatic configuration routines are said to work for AIX, FreeBSD, HPUX 10, Irix, Linux, NetBSD, OSF, Red Hat Linux, SCO, SCO 3/5, Solaris, SunOS4.1 and UnixWare. I can vouch for Linux, Red Hat Linux, Solaris and SunOS 4.1. The C programs compiled without incident, and the installation went smoothly. As always, your mileage may vary. In less than an hour, I was looking at Big Brother's display of colored lights.
At this point, it's a good idea to re-examine the documentation and information files. Personalize your installation as desired, and above all, have fun.
I admit it. I am a closet hacker. I saw many things about the stock BB distribution that I wanted to improve. Big Brother's modular and elegantly simple construction makes it a joy to modify as desired. The shell scripts are portable, simple, well documented and easy to understand. The use of the modified hosts file to determine which hosts to monitor was gratifyingly familiar. The bbclient script made it extremely easy to move the required components to another similar Unix host. Sean has done a remarkable job in making this package easy to install.
I became obsessive-compulsive about hacking BB and modified it slightly, working from Sean MacGuire's v1.03 distribution as a base. I forwarded my changes to him for possible inclusion in a later distribution.
Features I added to BB proper include:
Links to the info files in the brief view (bb2.html), where I needed them most.
Links to html info files for each column heading and the column info files themselves. I placed these files in the html directory along with bb.html and bb2.html, and gave them boring names like conn.html, cpu.html, ... smtp.html.
Checks to determine if ftp servers, pop3 post offices and SMTP Mail Transfer Agents (MTAs) are accessible ($BBHOME/bin/bb-network.sh). These checks all use bbnet to telnet to the respective ports. I followed Sean's style of adding comments to the bb-hosts file as follows:
128.194.44.99 behemoth.tamu.edu # BBPAGER smtp ftp pop3 165.91.132.4 bryan-ctr.tamu.edu # pop3 smtp 128.194.147.128 csdl.tamu.edu # http://csdl.tamu.edu/ ftp smtp
Some environment variables to $BBHOME/etc/bbdef.sh for the added monitoring as follows:
#
# WARNING AND PANIC LEVELS FOR DIFFERENT
# THINGS. SEASON TO TASTE
#
DFPAGE=Y # PAGE ON DISK FULL (Y/N)
CPUPAGE=Y # PAGE FOR CPU Y/N
TELNETPAGE=Y # PAGE ON TELNET FAILURE?
HTTPPAGE=Y # PAGE ON HTTP FAILURE?
FTPPAGE=Y # PAGE ON FTPD FAILURE?
POP3PAGE=Y # PAGE ON POP3 PO FAILURE?
SMTPPAGE=Y # PAGE ON SMTP MTA FAILURE?
export DFPAGE CPUPAGE TELNETPAGE HTTPPAGE\
FTPPAGE POP3PAGE SMTPPAGE
Updated the bb-info.html and bb-help.html pages to reflect a version of 1.03a and a date of 10 February 1997. I also modified them to add brief mention of the new ftp, pop3 and smtp monitoring checks. Specifically, I changed the bb-help.html file to add new pager codes as follows:
100—Disk Error. Disk is over 95% full...
200—CPU Error. CPU load average is unacceptably high.
300—Process Error. An important process has died.
400—Message file contains a serious error.
500—Network error, can't connect to that IP address.
600—Web server HTTP error—server is down.
610—Ftp server error—server is down.
620—POP3 server error—PopMail Post Office is down.
630—SMTP MTA error—SMTP Mail Host is down.
911—User Page. Message is phone number to call back.
Added sections to the bb-info.html file to explain the ftp, pop3 and smtp monitoring.
Used a standard tag-line file on each html page that identifies the author and location of the page. Thus, mkbb.sh and mkbb2.sh now look for an optional tag-line file to incorporate into the html documents that they generate. The optional files are named mkbb.tag (for mkbb.sh) and mkbb2.tag (for mkbb2.sh). The shell scripts look for the optional tag-line files in the $BBHOME/web directory, which is also where the mkbb.sh and mkbb2.sh files reside.
Went through ALL of the html-generating scripts and html files to ensure that they actually had sections and properly placed double quotes around the various arguments.
Edited the files so that, for the most part, everything fits on an 80-column screen.
Modified $BBHOME/etc/bbsys.sh to make it easier to ignore certain disk volumes as follows:
# DISK INFORMATION
#
DFSORT="4" # % COLUMN - 1
DFUSE="^/dev" # PATTERN FOR LINES TO INCLUDE
DFEXCLUDE="-->E dos|cdrom"
# PATTERN FOR LINES TO EXCLUDE
I modified $BBHOME/etc/bbsys.linux, so that the ping program is properly found, as follows:
# bbsys.linux # # BIG BROTHER # OPERATING SYSTEM DEPENDENT THINGS # THAT ARE NEEDED # PING="/bin/ping" # LINUX CONNECTIVITY TEST PS="/bin/ps -ax" # LINUX DF="/bin/df -k" MSGFILE="/var/adm/messages" TOUCH="/bin/touch" # SPECIAL TO LINUX
Added the ability to dynamically traceroute and ping each system being monitored. I spoke with Sean about it, and, in keeping with the KISS (Keep It Simple, Stupid) principle, we thought these features were best added to the info files. The user portion is pretty obvious in the source of the info file. The cgi scripts are very simple shell scripts as shown in Listing 1.
______________________
White Paper
Fabric-Based Computing Enables Optimized Hyperscale Data Centers
Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- New Products
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Home, My Backup Data Center
- RSS Feeds
- New Products
- Trying to Tame the Tablet
- What's the tweeting protocol?
- Dart: a New Web Programming Experience
- Hey God - You may not be
56 min 52 sec ago - Reply to comment | Linux Journal
3 hours 29 min ago - Drupal is an Awesome CMS and a Crappy development framework
8 hours 8 min ago - IT industry leaders
10 hours 31 min ago - Reply to comment | Linux Journal
1 day 3 hours ago - Reply to comment | Linux Journal
1 day 5 hours ago - Reply to comment | Linux Journal
1 day 7 hours ago - great post
1 day 7 hours ago - Google Docs
1 day 8 hours ago - Reply to comment | Linux Journal
1 day 12 hours ago
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.
Comments
rtzrtzhrhfghfghh
rtzrtzhrhfghfghh