Zenoss Core Network and System Monitoring

By Michael Badger
  • Instant online access to over 7,500+ books and videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies

About this book

For system administrators, network engineers, and security analysts, it is essential to keep a track of network traffic. At some point it will be necessary to read the network traffic directly instead of monitoring application level details. Network security audits, debug network configurations, and usage patterns analyzing can all require network traffic monitoring. This task can be achieved by using network monitoring software, or network sniffers, that sniff the traffic and display it on your computer on the network.

Zenoss is an enterprise network and systems management application written in Python/Zope that provides an integrated product for monitoring availability, performance, events and configuration across layers and across platforms. Zenoss provides an AJAX-enabled web interface that allows system administrators to monitor availability, inventory/configuration, performance, and events. Whether you monitor five devices or a thousand devices, Zenoss provides a scalable solution for you.

This book will show you how to work with Zenoss and effectively adapt Zenoss for a System and Network monitoring.  Starting with the Zenoss basics, it requires no existing systems management knowledge, and whether or not you can recite MIB trees and OIDs from memory is irrelevant. Advanced users will be able to identify ways in which they can customize the system to do more, while less advanced users will appreciate the ease of use Zenoss provides.

The book contains step-by-step examples to demonstrate Zenoss Core’s capabilities. The best approach to using this book is to sit down with Zenoss and apply the examples found in these pages to your system.

Publication date:
June 2008
Publisher
Packt
Pages
280
ISBN
9781847194282

 

Chapter 1. Introduction

If you have ever arrived at work to answer voice mails and emails about a down web server, print server, or mail server, then you must be familiar with the customer-driven monitoring solution. It's cheap to implement but unreliable, and sometimes the monitor gets an attitude and for good reason. Our customers should not bear the responsibility of monitoring our networks for problems. Unfortunately, commercial monitoring tools lie beyond the budget of many organizations, and the available open-source tools require several packages to be "glued" together by users to get a complete solution.

Zenoss Core replaces prohibitive costs and incomplete solutions with a capable, feature-rich network and systems monitoring package.

What is Zenoss?

Zenoss Core challenges the systems-monitoring landscape with an open-source enterprise management solution that provides a single, web-based point of access to configure, manage, monitor, and report on our IT assets. We get a "single pane of glass" view of our IT assets including routers, servers, and environment. With Zenoss, the question changes from, "Should I monitor my IT resources?" to "How can I afford not to monitor my network?"

Zenoss Core is a web-based application which installs to a central server on the network and uses the Zope application server. It is written in Python. It's a Linux-based application, but we do not need to be Linux administrators to install and use Zenoss Core. Zenoss Inc. releases a virtual appliance that requires no Linux knowledge or setup and enables Mac, Windows, and Linux users to install Zenoss Core inside VMware Player or VMware Server.

The Zenoss Core native Linux installers continue to improve and support a broader range of distributions, which means the Linux skills required to install Zenoss Core natively continue to decrease. Starting with the Zenoss Core 2.2 release, we will have the option of using point and click installers built on BitRock installers; but don't worry, we can still install from source if we so choose. Chapter 3 outlines several installation options.

Administrators access Zenoss Core via a web interface that allows us to do:

  • Device Management

  • Availability and Performance Monitoring

  • Event Management

  • System Reports Generation

  • User and Alert Management

We can do all this from a web portal, which we will look at first.

Web Portal

The web portal is the face of the Zenoss system and is the place where we spend most of our time. It's an AJAX enabled interface that provides a single access point to the monitoring system and requires no operating-system-specific knowledge to use. The web interface features drag-and-drop dashboard portlets that display a customized view of our network's health at any given time. The following screen capture shows the web portal.

Device Management

At the heart of the device management, Zenoss places a configuration management database (CMDB), which stores a model of the IT environment and its change history. Zenoss supports adding devices to the CMDB one at a time or by auto-discovering active devices by walking the routing tables. Devices are then modeled via simple network management protocol (SNMP), SSH, or port scans.

Zenoss allows us to organize devices by user-defined locations, groups, and systems. One of the Zenoss's most powerful organizational concepts is classes, which allow us to define monitoring characteristics based on a hierarchical classification of devices. The following screen capture provides a look at a device status page.

Availability and Performance Monitors

By using ICMP and SNMP monitoring, Zenoss reports on the availability of the following:

  • Network devices

  • TCP/IP services and ports

  • URL availability

  • Windows services and processes

  • Linux/UNIX processes

Zenoss monitors are Level-3 network topology aware, which reduces the amount of alert chatter by creating an event about the problem device only and not about the devices that depend on the down device.

Zenoss Core 2.1 introduces a Flash-based map of the network topology that displays a view of the network on a single page, which can be seen in the following screen capture.

Zenoss integrates Google Maps to provide a high level geographic status of the user-defined network locations at the city, state/province, or country level. The following screen capture shows a view of the Google Maps integration.

Performance monitors collect time series data and provide us with a graphical analysis of the following components:

  • File system statistics

  • CPU and memory usage

  • JMX monitoring for J2EE servers

  • Nagios and Cacti plug-in support

If a monitored device crosses a defined threshold, Zenoss generates an event.

Event Management

Zenoss monitors a variety of sources for signs of trouble, including syslogs, availability and performance monitors, SNMP traps, and Windows event logs. Core features of the event management system include:

  • Custom events

  • Automatic prioritization

  • Event deduplication

  • Up/down event correlation

Zenoss processes events based on a customizable set of rules. In response to events, Zenoss can send email or pager alerts, run a script, or do nothing. We can configure how Zenoss responds to an event by defining alerting rules for users and groups.

System Reports

Zenoss packages a set of standard reports that allow us to view what is happening right now, as well as what has happened. The reports integrate with the device management, performance monitors, events and user functionalities of Zenoss. Advanced users can create custom reports as needed.

 

What is Zenoss?


Zenoss Core challenges the systems-monitoring landscape with an open-source enterprise management solution that provides a single, web-based point of access to configure, manage, monitor, and report on our IT assets. We get a "single pane of glass" view of our IT assets including routers, servers, and environment. With Zenoss, the question changes from, "Should I monitor my IT resources?" to "How can I afford not to monitor my network?"

Zenoss Core is a web-based application which installs to a central server on the network and uses the Zope application server. It is written in Python. It's a Linux-based application, but we do not need to be Linux administrators to install and use Zenoss Core. Zenoss Inc. releases a virtual appliance that requires no Linux knowledge or setup and enables Mac, Windows, and Linux users to install Zenoss Core inside VMware Player or VMware Server.

The Zenoss Core native Linux installers continue to improve and support a broader range of distributions, which means the Linux skills required to install Zenoss Core natively continue to decrease. Starting with the Zenoss Core 2.2 release, we will have the option of using point and click installers built on BitRock installers; but don't worry, we can still install from source if we so choose. Chapter 3 outlines several installation options.

Administrators access Zenoss Core via a web interface that allows us to do:

  • Device Management

  • Availability and Performance Monitoring

  • Event Management

  • System Reports Generation

  • User and Alert Management

We can do all this from a web portal, which we will look at first.

Web Portal

The web portal is the face of the Zenoss system and is the place where we spend most of our time. It's an AJAX enabled interface that provides a single access point to the monitoring system and requires no operating-system-specific knowledge to use. The web interface features drag-and-drop dashboard portlets that display a customized view of our network's health at any given time. The following screen capture shows the web portal.

Device Management

At the heart of the device management, Zenoss places a configuration management database (CMDB), which stores a model of the IT environment and its change history. Zenoss supports adding devices to the CMDB one at a time or by auto-discovering active devices by walking the routing tables. Devices are then modeled via simple network management protocol (SNMP), SSH, or port scans.

Zenoss allows us to organize devices by user-defined locations, groups, and systems. One of the Zenoss's most powerful organizational concepts is classes, which allow us to define monitoring characteristics based on a hierarchical classification of devices. The following screen capture provides a look at a device status page.

Availability and Performance Monitors

By using ICMP and SNMP monitoring, Zenoss reports on the availability of the following:

  • Network devices

  • TCP/IP services and ports

  • URL availability

  • Windows services and processes

  • Linux/UNIX processes

Zenoss monitors are Level-3 network topology aware, which reduces the amount of alert chatter by creating an event about the problem device only and not about the devices that depend on the down device.

Zenoss Core 2.1 introduces a Flash-based map of the network topology that displays a view of the network on a single page, which can be seen in the following screen capture.

Zenoss integrates Google Maps to provide a high level geographic status of the user-defined network locations at the city, state/province, or country level. The following screen capture shows a view of the Google Maps integration.

Performance monitors collect time series data and provide us with a graphical analysis of the following components:

  • File system statistics

  • CPU and memory usage

  • JMX monitoring for J2EE servers

  • Nagios and Cacti plug-in support

If a monitored device crosses a defined threshold, Zenoss generates an event.

Event Management

Zenoss monitors a variety of sources for signs of trouble, including syslogs, availability and performance monitors, SNMP traps, and Windows event logs. Core features of the event management system include:

  • Custom events

  • Automatic prioritization

  • Event deduplication

  • Up/down event correlation

Zenoss processes events based on a customizable set of rules. In response to events, Zenoss can send email or pager alerts, run a script, or do nothing. We can configure how Zenoss responds to an event by defining alerting rules for users and groups.

System Reports

Zenoss packages a set of standard reports that allow us to view what is happening right now, as well as what has happened. The reports integrate with the device management, performance monitors, events and user functionalities of Zenoss. Advanced users can create custom reports as needed.

 

Zenoss Inc.


Zenoss Core is backed by the commercial company, Zenoss Inc., which was co-founded by Erik Dahl and Bill Karpovich in 2006. Prior to founding Zenoss Inc., Dahl began development of Zenoss in 2002 to address a need he saw in the enterprise-systems monitoring market. He did this by setting out to develop an affordable, functional, and easy to use solution for organizations of all sizes.

In addition to sponsoring the development of Zenoss Core, Zenoss Inc. provides consulting, training, paid support, and an enterprise edition of Zenoss. Zenoss Enterprise extends the functionality of Zenoss Core by offering an extended report library, synthetic web transactions, certified monitors (ZenPacks), and a global dashboard for multiple Zenoss installations.

Today, Zenoss Inc. makes systems and network monitoring available to everyone under the GPL v2 license.

 

Summary


Now that we have an overview of Zenoss Core's network and systems management capabilities, we will examine the technical structure. Chapter 2 discusses the system architecture of Zenoss Core and introduces the major components that make the application work.

About the Author

  • Michael Badger

    Michael Badgeris a writer and technical communicator who has worked in a range of technical roles, including support, automated software testing, and project management. He has authored several books for Packt Publishing, including Scratch 1.4 Beginner's Guide. He also authors a regular Scratch column for Raspberry Pi Geek Magazine, which focuses on Scratch 1.4.

    Browse publications by this author
Book Title
Access this book, plus 7,500 other titles for FREE
Access now