Network Monitoring with Linux

Are you having trouble keeping your network under control? This article introduced NOCOL: the freeware network monitoring system which will help you keep instability at bay.

NOCOL, Network Operation Center On-Line, enables a designated machine to host a collection of network monitoring agents. These agents can perform a variety of tasks, from checking that a machine is “up” using the ICMP ping method to ensuring that a remote web server is operating as it should by requesting a test page. This allows problems on a network to be diagnosed and reported in a variety of ways, be it by e-mail, web page or dedicated terminal.

The alerting system works via escalation. Normally, any data reported is classed as INFO. However, if a service starts misbehaving, it can be flagged as either WARNING, ERROR or CRITICAL. If a problem is not dealt with, it will escalate (WARNING will move up to ERROR, ERROR will move up to CRITICAL). For example, you may have a machine which has to reboot itself periodically. You would therefore expect NOCOL to complain that the machine stops responding now and then. In this situation, you would class such an event as a WARNING. You will then be kept aware when reboots occur: if the event escalates up to ERROR or beyond, you'll know something has gone seriously wrong.

Most routers and similar equipment today are SNMP (simple network monitoring protocol) compatible, and several of the NOCOL agents have the ability to interrogate such devices.

Security Considerations

NOCOL does not need to run as root. The few binaries that do need to be privileged are set SUID root during the installation process. It is recommended that you create a user called “nocol” on your system for all NOCOL-related activities, including using it during installation.

Preparing for Make

NOCOL is available from At the time of this writing, the latest stable version was nocol-4.2.tar.gz, which will be used for the purposes of this article.

NOCOL makes extensive use of Perl, so ensure that Perl is installed before continuing. In the unlikely event your Linux system does not already have Perl, obtain it from

Once you have the NOCOL archive safely sitting on your proposed monitoring server (a 486/66DX machine with 32MB of memory sufficed for us), perform the magic:

gzip -dc nocol-4.2.tar.gz | tar xvf-

We installed NOCOL on a Red Hat 5.2 system, upgraded to allow use of the Linux 2.2.1 kernel. Enter the freshly generated nocol-4.2 directory, and then type:

You will then be asked a few simple questions regarding your system:
  • Enter top-level directory: The NOCOL tree defaults to being located at /usr/local/nocol, but you may adjust it to suit. Make sure the “nocol” user has permission to write to any directory you specify.

  • Enter location of man pages: These reside under the main tree by default, but you may prefer them in the more “traditional” location on your system.

  • Enter extension for man pages: I stuck with the default of n for this option.

  • Enter FULLY QUALIFIED name of your log host: The server I set up for the main NOCOL monitors was also used for logging purposes, and this option does default to the host name of the installation machine. For simplicity, accept the default.

  • Where is your MAIL program located? For NOCOL's e-mail alerting system to function, it needs access to the mail binary. The default of /bin/mail should work with most Linux installations.

  • Where should the operational e-mail go? This e-mail address is for general NOCOL messages. Set it as appropriate.

  • Where should urgent/critical e-mail go? Similarly, this e-mail address is for the urgent stuff (e.g., “The web server has exploded!”).

  • Which compiler would you like to use? Parts of the NOCOL system have been coded in C. The default choice of cc should suffice.

  • Which compiler options do you want (-DDEBUG)? This is actually for developers, so accepting the default of -O will be fine.

  • Where is Perl located on your system? Enter the path to your Perl binary here, accepting the default of /usr/bin/perl if that is correct.

Once this is done, you are ready to compile the software.



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: Network Monitoring with Linux

Anonymous's picture

iam facing problem in starting snmp agent pls guide me running snmp

One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix