> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Michael > Schwartzkopff > Sent: Wednesday, July 02, 2008 12:04 PM > To: General Linux-HA mailing list > Subject: Re: [Linux-HA] Strange HB Status displayed for > rootvs.unprivilegedusers; bug or feature? > > > Am Mittwoch, 2. Juli 2008 11:54 schrieb [EMAIL PROTECTED]: > > > -----Original Message----- > (...) > > > Am Mittwoch, 2. Juli 2008 07:51 schrieb > [EMAIL PROTECTED]: > > > (...) [Long discussion, shortened to save bandwidth] > > > > > > Why do you folks do not use plain SNMP? heartbeat has a > > > wonderful subagent! > > > SNMP is internet standard (RFC), everywhere implemented > and platform > > > independend! Contrary to your own nagios installation. > > > > The catch here is that this HB cluster offers webservices to the WWW > > and thus resides in our perimeter DMZ. > > I really can't imagine that our firewall folks would > hapilly open ports for > > SNMP to pass to my monitoring manager, especially as SNMP > (despite how > > unfounded this prejudice may be for V3) has a pretty bad > repution among fw > > admins. > > > > Also, even if I could persuade them I would be required to > rig up an snmpd > > agent to pass caught traps to my Nagios server (though this > might not be > > too dificult if I used the free and well documented > net-snmp suite, but in > > any way would mean more extra work than a wee quickly > written custom Nagios > > plugin for this simple purpose) > > I am a firewall admin and have no problems with SNMP, even > SNMPv1. net-snmp > has a nice ACL model. So can let only the manager (nagios) > queuery the > machine. then you still can use "public" as the community string. >
Unfortunately, I am not a firewall admin and have only experience in this area from my own tinkering with Linux iptables. Since our FW admins use different products I really cannot tell how much work and complaisance on their behalf this would mean. I only had made the sad experience in the past that they are utterly reluctant to make any deviating concessions from their usual pattern. But probably this is a prerequisite of their trade, who knows? A pitty that our FW admins don't seem to share your spirit. > nagios has the native plugin check_snmp. So your nagios can > check your cluster > for the health every 5 mins. No traps needed. > Of course do I know check_snmp, but for said reasons only am using it to query check results from our data center environmental sensors (e.g. temps, humidity thresholds etc.) > Setup time for nagios/SNMP: About 10 mins. And it's really > working afterwards. > How much work is writing and testing your own nagios agent? Ok, this may be true for mere active checks (when using vanilla check_snmp). But even if your in posession of a valid MIB for your devices it usually takes a wee longer to retreive the correct OIDs etc. from what you need to query (except if you are doing this several times a week unlike twice a year or so like me, i.e. the SNMP stuff) Then I usually also fiddle up some custom Perl plugin (for things check_snmp doesn't cover) If you want to catch and forward traps to be digested by Nagios, at least for me this would take longer for the 1st setup than the taken approach. > > -- > Dr. Michael Schwartzkopff > MultiNET Services GmbH > Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany > Tel: +49 - 89 - 45 69 11 0 > Fax: +49 - 89 - 45 69 11 21 > mob: +49 - 174 - 343 28 75 > > mail: [EMAIL PROTECTED] > web: www.multinet.de > > Sitz der Gesellschaft: 85630 Grasbrunn > Registergericht: Amtsgericht München HRB 114375 > Geschäftsführer: Günter Jurgeneit, Hubert Martens > > --- > > PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B > Skype: misch42 > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems > _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
