$3Curity B3ast

Network Monitor/management System Introduction

The term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator (via email, SMS or other alarms) in case of outages. It is a subset of the functions involved in network management.

A network management system (NMS) is a combination of hardware and software used to monitor and administer a computer network or networks.

Available tools For monitoring

1.FAN(Fully automated nagios)2.Gnomenetworkmanager (Works for Linux only)3.zenoss (Paid and more complicated)4.opennms(Paid and more complicated)5.Shinken (complicated)

Why FAN (Fully automated nagios)

1.Totally free2.Monitor all os and almost all type of devices.3. easy to understand and configure4.Lots of plugin available

FAN(Fully automated Nagios)

$3Curity B3ast

The purpose of FAN is to provide a quick and easy installation which includes the most-used tools in the Nagios community. The FAN CD-ROM is ISO-certified, it is thus very easy to install. A large number of tools are also being distributed, which makes the implementation of an efficient monitoring platform much easier.

Linux-based operating systemFAN is based on CentOS. All CentOS packages remain available, so that you can

keep all the advantages of CentOS while having the Nagios tools already

installed and configured for you.

Integrated tools :

● Nagios : core monitoring application;

● Nagios plug-ins : plug-ins to monitor different equipments;

● Centreon : Web interface for Nagios (Centreon is one of the best for this

purpose!);

● NagVis : advanced mapping (geographical, functional, by services…);

● NDOUtils : stores the Nagios data into a MySQL database;

● NRPE : makes it possible to monitor the Windows servers (the NRPE

daemon is not provided);

Installation

$3Curity B3astSystem requirementsMinimum system requirements

● 4 GB free disk space

● 1 GB of RAM.

● 1 processor core

Recommended system requirements

● 20 GB plus the required disk space recommended essentially for /var. Disk

space needed by mysql and rrd files

● 2 processors core or hyper-thread for each virtualized CPU.

● 2 GB of RAM.

InstallationInstalling FAN is similar to installing a standard CentOS. It is quick and intuitive. No

installation help is necessary.

Press <ENTER> to install FAN in standalone mode.

The standalone mode provides : nagios, centreon, mysql server, nagios plugins…

See the post to configure the distributed monitoring

During the installation, you need to configure some parameters :

● Language

● Type of keyboard

● Partitioning

● Timezone

● Root password

$3Curity B3astStep OneBefore using FAN, you’ll need to know the fundamentals of Nagios and Linux commands. I recommend you read the Nagios Core documentation available here.

First you need install FAN, 2 installations are possibles :ping ● The standalone version (recommanded)● the distributed monitoring (use this architecture for big monitoring ~ 10K

services)

Step TwoAfter installation, you will notice that FAN is a minimalist system that does not have a graphical interface. The main tasks will be remotely with a browser.

Connect to applications

● Use root and your password to connect FAN by ssh or TTY● Use nagiosadmin / nagiosadmin for web application (centreon, nagios,

nagvis)

Application access

● Nagios : http://@_IP_FAN_SERVER/nagios/● Centreon : http://@_IP_FAN_SERVER/centreon/● Nagvis : http://@_IP_FAN_SERVER/nagvis/

Configure the monitoring

there are 2 ways :1. Manually, you can edit nagios config files. Not recommended because you

need to use an editor in text mode (vi, nano…) and will not have all the

$3Curity B3astFAN features (reporting, graphs)

2. Use Centreon, it’s the web tool to configure and manage nagios.

Centreon is a powerfull tool, the principals features :● Real time system monitoring, it’s a view who can replace Nagios cgi● System Management : you can add/edit hosts and services nagios object● Dashboards : you can display graph and reporting by time range

Step ThreeHow to monitore remote device or services ? Several way are possibles according to the host type’s.

● Linux host (debian like, Centos…) : install SNMP agent or NRPE● Windows Host : install snmp or nsclient++● Network Host (switch, router, firewall) : enable SNMP● Network services (http, ftp, smtp, pop…) : Many plugins are availables

in /usr/lib/nagios/plugins

----------------------------------------------------------------------------------------------------

$3Curity B3astUSER Guide

HostsHosts are basically devices that you monitor. Most of the time they are just servers, routers, switches, firewalls etc... Anything that own an IP address and that can communicate with the Centreon server can be monitored.

Field Names Description

Host Name Name used for identifying the host.

Alias Description of the host.

$3Curity B3astIP Address / DNS IP address that will be used by most

check plugins.

Host Templates Templates are used for quick deployment. You can leave the parameters empty if you wish to use the ones that are set on the template. You can also set multiple templates.

Check Period Time Period within which checks will be actively made.

Check Command Check command that will be used for checking the status of the host. It is usually a ping check plugin that is behind a host check command.

Args $ARGn$ arguments that will be used with the check command.

Max Check Attempts Number of checks necessary to make sure that a Host is really DOWN (HARD state).

Normal Check Interval The check frequency. e.g: Centreon-Server will be checked every 5 minutes.

Retry Check Interval The check frequency that will be used when a Host goes DOWN.

Notification Enabled Whether or not notification is enabled for this Host.

Linked Contacts Contacts that will be notified when the Host is subject to a status change.

Notification Interval Notification frequency. e.g: admin user will be notified only once.

Notification Period Period within which, notification will be sent out regarding the Host.

Notification Options Statuses for which notification will be sent out. e.g: notifications will be sent out only if Centreon-Server goesDOWn

Services

$3Curity B3ast

Field Names Description

Description Description of the service.

Service Template Templates are used for quick

$3Curity B3astdeployment. You can leave the parameters empty if you wish to use the ones that are set on the template.

Check Period Time Period within which checks will be actively made.

Check Command Check command that will be used for checking the status of the service. It is usually a ping check plugin that is behind a service check command.

Args $ARGn$ arguments that will be used with the check command.

Max Check Attempts Number of checks necessary to make sure that the Service is really non OK (HARD state).

Normal Check Interval The check frequency. e.g: The traffic service will be checked every 5 minutes.

Retry Check Interval The check frequency that will be used when the Service goes to an non OK status.

Notification Enabled Whether or not notification is enabled for this Service.

Linked Contacts Contacts that will be notified when the Service is subject to a status change.

Notification Interval Notification frequency. e.g: adminuser will be notified every 5 minutes

Notification Period Period within which, notification will be sent out regarding the Service.

Notification Options Statuses for which notification will be sent out. e.g: notifications will be sent out only if Centreon-Server goes WARNING or CRITICAL.

$3Curity B3astCommands

1.Check CommandsCheck commands are used for checking hardware and/or application statuses of your Hosts/Services.

Field name Description

Command Name Name which will be used for identifying the command

Command Type Select the Check type

Command Line This will be executed by the scheduler, note that this line contains macros that will be replaced before execution. Always possible macros when possible. e.g: $USER1$/check_centreon_dummy

Enable shell If your command requires shell features like pipes, redirections, globbing etc. check this box. If you are using Monitoring Engine this option cannot be disabled. Note that commands that require shell are slowing down the poller server

Argument example This will provide argument example to the end users. The example apply to $ARGn$ macros only and the expression is separated by the ! character. In our case, Hello world will match $ARG1$ and 0 will match $ARG2$

Argument Descriptions The argument description provided here will be displayed instead of the technical names like $ARGn$

Comment Comments regarding the command

$3Curity B3astContacts

Contacts are used for two main purposes:● for logging in Centreon user interface

● for notifications

Field name Description

Full Name Usually the first name and the last name of the user

Alias / Login Used for logging in

Email E-mail address of the user, used for notification purpose

Enable Notifications Choose whether or not the user will receive notifications

----------------------------------------------THE END------------------------------------------

#####################################################Command for Installing NRPE ON CENTOSrpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm