Hi Guys,
Sounds like a job for ipaudit.
http://ipaudit.sourceforge.net/ipaudit-web/
I didn't like ipaudit-web so I just used ipaudit it has a rather neat
direct dump into mysql.
well worth considering.
Wayne
James M. Cook wrote:
On Thursday 22 December 2005 8:41 am, Ow Mun Heng wrote:
Hi All,
Just want to see if anyone has any good info to share.
What I want: (not necessary host availability/polling)
Network monitoring/network traffic analyser which is something like ntop
which shows IP traffic in (from where) and out (to where) as well as top
talkers, top ports etc. This is basically to determine whats happening
with my network and who's been hogging the bandwidth etc. (time for some
wrist slapping!!)
And preferably it logs into a Mysql/Postgressql database which can be
later dissected for analysis.
I've looked at opennms - http://bugs.gentoo.org/show_bug.cgi?id=51441
which seems to be able to do it.
I've also looked at jffnms, (which used to be in portage? searched
through the archives and it seems it was previously) but it seems to
only be able to look at host/server availability.
Looked at argus, it seems to have the features for Traffic Flow Analysis
but it does not support (AFAICT) for logging into a DB.(The FAQ states
answer is coming)
Zabbix is another package but seems like it too provides for
client/server availability etc. Doesn't do much for my needs.
I initially looked at ntop, then found out that it no longer uses a SQL
database for it's backend data collection, it now uses rrdtool. I've got
some stupid question, I understand that RRDtool is a good thing since
it's like a never growing DB, but frankly, just how many days/years of
data can it hold? What's the limit etc? I don't seem to be able to
locate a FAQ about that one particular point.
Appreciate some comments.
Thanks
I've evaluated all the packages you've listed but had completely forgotten
about ntop (which I'm playing with now, fantastic). I'm not sure any of them
are going to give you what you want.
I didn't see any information about Traffic Flow Analysis on argus' website, do
you have that URL?
Here's what I found for each:
opennms - nice, but uses tomcat since it's java based. Seemed to generate the
heaviest load on the server. Not knowing a whole lot about tomcat and using
tomcat4, which is not available in portage, made setup a little tricky for
me. Didn't see any graphing capabilities either.
jffnms - this was my choice for a while. Then I tried to add a new OID and
couldn't figure it out. I found the montoring interface was good but you
cannot reliably use the back button. The admin interface is a little
confusing. Documentation is sparse in many areas and development appears to
have stopped.
argus - this is my new choice. I like the simple web interface and the
configuration is pretty straightforward. I'm actually creating a script to
convert my old monitoring sw config to argus. Working at an ASP requires
monitoring website performance which appears to be the most straightforward
with argus. The graphs aren't as good as some other packages.
zabbix - I liked the newer version of this software looks (I think 1.1b2 was
the version) with it's revamped web frontend. I didn't care for installing
remote agents on all my servers and administration seemed confusing to me.
I've also tried midas (which appears to be dead and similar to zabbix) and
cacti with the threshold plugin. I really like cacti but didn't care for the
threshold plugin. It felt like NMS functionality was being bolted on top of
cacti. It works but not for my purposes.
It seems to me that none of these packages are perfect fits. For me argus
seems have come the closest. My main issue is there is not web interface to
update the config which is available in most of the others. This should only
become an issue when I start to have others maintain the system. :)
In the end I'll probably end up using a few pieces of software to address my
monitoring needs.
James
--
[email protected] mailing list
