Network Monitoring with Linux

Are you having trouble keeping your network under control? This article introduced NOCOL: the freeware network monitoring system which will help you keep instability at bay.
Compilation and Installation

Predictably, the compilation process can be set in motion by typing:

make

On our systems, etherload (a tool to monitor Ethernet load) fails to compile. etherload is not covered here, we hope this problem will be rectified in a future release.

Now install the software:

make install

Use su to log in as root and type:

make root
Expect another failure due to etherload not compiling.

That completes the installation procedure. Now all that remains is getting NOCOL to do justice to your network.

Configuring the Monitors

Sample configuration files for the monitors are installed in /etc/samples under your proposed NOCOL tree. Take a look at these to become familiar with how it works.

One of the first things you may want to monitor is whether machines on your network are up and running. The traditional way to do this is to see whether they are responding to a ping request.

To deal with UNIX machines on your network (those running an RPC port mapper), create a file called rpcpingmon-confg in the /etc directory, typing something like this:

POLLINTERVAL    300
kenny           kenny.your-network.com
kyle            kyle.your-network.com
cartman         123.123.123.123

The POLLINTERVAL indicates how often NOCOL should “sweep” the network. In our example, it will sweep every 300 seconds (5 minutes). Following that is a list of the machines to monitor: the first column is the “friendly name” and the second column contains the TCP/IP host name or IP address.

For non-UNIX machines (routers, Windows boxes, etc.), you should create a separate file called ippingmon-confg. The format is the same.

NOCOL includes many other monitors (see The NOCOL Suite) which you should investigate and configure to suit your needs. The sample configuration files do a good job of explaining their actions and how to set them up.

The NOCOL Suite

Final Preparations

A few minor scripts must be tweaked before NOCOL can start analyzing your network. Again, these are all located under the directory where you installed NOCOL.

The Perl script bin/keepalive_monitors handles the auto-starting of the monitors. Around line 32, you will find the following two lines (ignore wrapping):

PROGRAMS="noclogd etherload ippingmon rpcpingmon nsmon ntpmon
portmon"
PROGRAMS="$PROGRAMS radiusmon hostmon tpmon"

Alter these lines to include only the monitors you have actually configured. To match the two discussed here, you could condense them to one line:

PROGRAMS="ippingmon rpcpingmon"
The script bin/notifier deals with sending warning e-mails to the addresses specified during configuration. By default, it will send a single e-mail when a site has been marked “critical” for more than two hours. If you are feeling confident with Perl, you can specify additional addresses to contact after even more time has elapsed. Specify these addresses in the AFTERx lines:
AFTER2="
AFTER3="
AFTER5="emergency-team@your-network.com"
NOCOL comes with a custom crontab file which will automatically carry out any housekeeping required, such as ensuring all the monitors are running and rotating logs. To install it, enter the /bin directory in your NOCOL tree and type:
su nocol
crontab crontab.nocol

Starting the Sweep

To finally get NOCOL going, run the keepalive_monitors script located in the bin directory. Provided everything has gone well, the monitors will get to work.

If this fails, type ps aux | grep nocol (to see if the monitors are running), go back and check that you followed the instructions correctly.

Chances are, you will want to see what NOCOL is reporting. The simplest tool is netconsole which can be run either at the console or via a TELNET session. Run it and enter your terminal type when prompted (vt220, for example). The console screen will appear and will most likely be empty. The default is to show only CRITICAL events.

Pressing the l key lets you change the viewing mode. Set it to level 4 (INFO), and you will see all the information your configured monitors have gathered. See Listing 1 for an example. Play around with the levels until you find the one that most suits your needs. The h key will display a comprehensive help screen.

Listing 1

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: Network Monitoring with Linux

Anonymous's picture

iam facing problem in starting snmp agent pls guide me running snmp

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState