I Want My NMS

Network Monitoring has always been something that is either very expensive and OK, or free and hit or miss depending on what you use.  I’ve never found a single tool that does it all and have taken a best of breed approach to applying NMS practices.  Internally, we have been working on redoing our NMS applications and have been working on integrating several tools so we can get visibility on both a push and pull level, i.e. we go and grab device or application information and we also have log and alert information sent to us.

Today I’ll be discussing and talking about pull alerting – SNMP and WMI.

One tools that has been interesting is an Open Source product called Observium.  They have a paid subscription version which gives you alerting and accounting.  For us it discovers and adds most devices we need on the SNMP level and other than a few gripes – like ICMP being required instead of a TCP ping for latency, or alerting going to a single e-mail, for example – it does a fairly good job.  We can add a device’s DNS hostname and SNMP (v2 or v3 information) and a few minutes later, it’s auto-discovered the device with all the discovered MIB related data.  UPS’s, environmental, switches, routers it supports quite a few and will generate easy to understand metrics via a nice RRD based graph for you.  And it’s drill-down ability is very good.

One note is that one of its limitations is email alerting.  You will need to forward your email to a single email and have your email destination parse and forward based on your alert you receive.

You can also extend the product and they have some good articles on how to do this.  Their online guide was accurate and the router configuration integration with RANCID is working quite well. Lastly, if you want to add new or currently non-supported data types or extend Observium, there are some instructions on that as well.

Over the next couple of months, I’ll be adding details on how to get some of the additional add-in along with some tips and tutorials from what is currently being developed – more specifically the WMI data and what you can do with it.

Obligatory

Pesky Legacy Windows App? UAC SMASH!

Everyone is probably well aware now that disabling UAC via msconfig in Windows 8 or Server 2012 onward doesn’t quite “disable” UAC completely and some legacy applications will still not work quite right.  To get around this, you can set the local (or group policy settings) under either Window’s Group Policy Management Console or if just setting on a local machine, go to start –> mmc –> ctrl-m –> group policy object editor –> add local computer and then:

Computer Configuration –> Policies –> Windows Settings –> Security Settings –> Local Policies/Security Options.

The ones we are looking for are listed below.  This disables UAC so that if the application runs under Windows 7, it should also now run under Windows 8.  While disabling UAC is not recommended, it may be required if you are still running “that old app” and don’t want to spend the time to spin up an entire VM just to run it.GPO - Disable UAC