Managing Networks and S Stems with Zenoss

on Open SuSE 10.3 SuSE Open on wa 2.3.2 Core Zenoss paper, this of purposes the For www.skills-1st.co.uk Managing networks and and networks Managing systems with Zenoss with systems [email protected] www.skills-1st.co.uk Skills 1st Ltd1st Skills Jane CurryJane

s used, running running used, s

Zenoss satisfies all the in-scope requirements in-scope the all satisfies Zenoss www.skills-1st.co.uk Out of scope of Out In scopeIn capacity managementcapacity management backup deskhelp distributionsoftware Performance Problem Availability & inventory configuration Discovery, Defining managementDefining

www.skills-1st.co.uk Reports MapNetwork ConsoleEvents Dashboard Zenoss at a glance a at Zenoss Configurable per-user for which portlets are availa are portlets which for per-user Configurable for: Portlets portlet the of * the using configured be can portlets the of Each locations Zenoss display to used be can maps Google configurable is dashboard of Layout www.skills-1st.co.uk classes configur in events for monitors List Watch Object daemons withZenoss showproblems Issues Zenoss Groups or Systems loc Classes, showDevice can LevelOrganizers Top Decommissioned Maintenance, Test, P / Production in devices showing states Production background map google on Locations Zenoss showing Maps Google Device issues includes events of severity Critica of events includes issues Device Colours of locations and links reflect health of de of health reflect links and locations of Colours Zenoss DashboardZenoss ble icon at the top right right top the at icon vices l and Error and l ed device device ed re-Production, re-Production, ations, ations, Authorised users can Acknowledge and / or Close eve Close or / and Acknowledge can users Authorised MySQLdatabase a in held are events Zenoss View Event History link (top right) to swap to cl swapto to right) (top link History ViewEvent header column on byevents clicking Sort controlled be can fields Displayed right on icon availablefrom detail Event applied; such as bybyby device, eventtype, devic as such applied; withaut Zenoss of parts many from events to Access seen, by device, device class, event, Location, Sy Location, event, class, bydevice device, seen, user specific for eventconsoles configure also Can by severity: colour-coded are Events www.skills-1st.co.uk history table for closed events closed for table history events active for table status la re 0 2 1 Green Blue Grey 3 4 5 Orange Yellow Clear Red Debug Info Warning Error Critical Zenoss Event Console Event Zenoss osed events osed stem, Group, .... Group, stem, e type, bytype, System e s limiting what is whatis limiting s omatic filters filters omatic nts been constructed correctly constructed been underlying providingthe networks withmeshed Copes twitchy little a factor Repulsion lines avoidscrossed algorithm Layout device a from hops 4 to Limited plugin Flash Uses www.skills-1st.co.uk Zenoss Network Map Network Zenoss topology has has topology add new onesadd an collection data existing change to scope of Lots deviall across reporting for menu Reports Separate data and disk memory, for targets on installed subagent MI Informant SNMP require templates server Windows devices deviindividual for either modified, be all can and Lots of data collection available out-of-the-box (O availableout-of-the-box collection data of Lots (eg. /Server/Solaris, /Server/Windows, /Network/Swi /Server/Windows, /Server/Solaris, (eg. deviceclass the Data collection controlled by controlled collection Data Data collection collection Data MIB Resources Host and MIB-2 SNMP on based cla /Device/Server to applied collection data Basic OOTB active, collection data Onlyinterface www.skills-1st.co.uk Inventory breached Thresholds utilisation Interface / Filesystem Memory/ / CPU Availability Interface traffic Interface utilisation Filesystem Memoryutilisation utilisation CPU Zenoss Performance & Reports & Performance Zenoss data sources, thresholds sources, data templates that are assigned based on on based assigned are that and and graphs ces or for classes of of classes for or ces OTB) sses of devices of sses d graphs and to to and graphs d CPU utilisation utilisation CPU ces: tch ) tch are all providedall are B and and B zendmd Command line access into the Zenoss Pythonenvironm Zenoss the into access line Command database ZEO Zope's in held data configuration All plugins Nagios telnet, ssh. for support has Also v3v1,v2c and -supports Protocol Management Network Simple is protocol Base Download code from from code Download Performance data held in Round Robin Database (RRD) Database Robin Round in held data Performance MySQL installed and configured for events databaseevents for configured and MySQLinstalled www.skills-1st.co.uk VMware appliances for Linux and WindowsLinux and for VMwareappliances Source tarballs for FreeBSD. Gentoo, Solaris 10, Ge 10, Solaris Gentoo, FreeBSD. for tarballs Source 5 CentOS and 5 / 4 Hat Red for packages Native Availablefor: executable. simply dependencies all include installers Stack Mac OS X OS Mac Ubuntu Debian Source Open and commercial SuSE Source Open and commercial RedHat Easy server installation server Easy technologyAgentless dataperformance for files (RRD) Database Robin Round eventsfor database MySQL based Python are Zenoss and Zope configuration and inventory for database (ZEO) Objects Enterprise Zope the Uses server application source open Zope using Built Zenoss fundamentalsZenoss http://www.zenoss.com/download/links?nt run the the run neric Linux neric (SNMP) (SNMP) ent using using ent archives

All configuration data is object-oriented, arranged object-oriented, is data configuration All instances, if required. if instances, for changed be can zProperties on. so and further, will refine /Device/Server/Windows others; add and s change may zProperties everything;/Device/Server levela /Device the at specified parameters common hi object Device down the inherited are zProperties collect. to data whatperformance and collect) routing of number exclude, to (interfaces modelled whatsh parameters); login Windows parameters, ssh (S performed is how availability monitoring control - drop-downmenu the from (found zProperties Device zProperties. has ...) event, (device, object Each classes withseve have relationships can devices Individual www.skills-1st.co.uk .... productHardware System Operating Groups Systems Location class Device

Linux Network

Windows Devices Server Zenoss in classes Object Cmd Ping Scan

Printer Networks Solaris

AD App Archive Exchange Events Win Netbios Status

Shell Systems Heartbeat Userenv Archive in in NMP parameters, parameters, NMP ral different object object different ral table entries to to entries table erarchy so so erarchy

specific device specific Perf the properties properties the classes re inherited by inherited re Locations ome properties properties ome > More option) option) More > ould be be ould CedarChase VM-land ...... environment reflec to used be can Groups and Systems Locations, hierarchy object Products the alreadypopulate manufacture software / hardware of collection Large class. device on based assigned automatically col Active these. to add can commands WMI, SNMP, of out available plugins collector modeller of Lots by defaultevery hours, 12 performed compl a daemon zenmodeler by the run is Modelling the Zenoss topology will not be accurate or complet or accurate be will topologynot Zenoss the o available not is information this if SNMP using bytopology gett network a builds process Discovery If the topology the If problematical more networks of Discovery known points-of-failure thus giving root-cause anal givingroot-cause thus points-of-failure known command or can use data files to batch-import devic batch-import to files data use can or command using GUI, Zenoss the through run be can Discovery relations and allowsdiscoveryattributes many GUI www.skills-1st.co.uk Devices go into the / Discovered device class on ne on deviceclass Discovered / the into go Devices routers only find to specify you can zendisc, Using networks for ranges exclusion way specify No to Group(s) / System(s) / Location Hardware manufacturer / product, OS manufacturer / / manufacturer OS product, / manufacturer Hardware comment Number, Serial Slot, Rack Tag, port / community SNMP class Device discovered already devices to applied Modelling Discover using command zendisc command using Discover Discover using the Zenoss GUI Zenoss the using Discover installation on discovered gets Nothing builds relationships in ZEOdatabase in relationships builds pluginscommand / SNMP WMI / using information more gets tables / don't run plugins / skip SNMP poll / ... / SNMPpoll skip / plugins run don't / tables walk routing / routers just control more lots Discover all devices on a given (sub)network given a on devices all Discover with attributes device a add Manually Discovery and modelling and Discovery is good then Zenoss will suppress events beyond events willsuppress Zenoss then good the box based on on box based the r is incorrect, then then incorrect, is r ysis to be specified: be to e ing routing tables tables routing ing rs and products products and rs es the zendisc zendisc the t local local t ete re-model is is re-model ete twork discoverytwork lector plugins plugins lector product is not easy Zenoss Enterprise offers this offers Enterprise Zenoss easy not is different for intervals polling having different so mo configure to non-trivial is it Core, Zenoss With classes devi specific for enabled be can monitoring service and monitoring process monitoring, service UDP / TCP active) none out-of- configured services UDP / TCP of number Huge active) none out-of-t configured services Windows of number Huge up until suspended is availability monitoring process doesn't agent SNMP the If MIB. Resources Host the inf process for poll to SNMP uses daemon zenprocess successful is test ping until suspended av other all then fails, it and active test ping If firewall ICMP-blocking for disabled be can but default the is Ping-polling www.skills-1st.co.uk processes (Task Manager) (every 3 mins) 3 (every Manager) (Task processes / Windows processes Unix for Poll Poll for TCP / UDP services (every 1 min) 1 (every services / UDP TCP for Poll Windows event log entries (every 1 min) 1 (every entries log event Windows and services Windows for polling WMI SNMP polling (every 5 mins) 5 (every polling SNMP Default availability is ping (every 1 min) 1 (every ping is availability Default run by zenprocess daemon by zenprocess run run by zenstatus daemonby zenstatus run run by zenwin and zeneventlog daemons zeneventlog and by zenwin run run by zenperfsnmp daemonby zenperfsnmp run run by zenping daemon by zenping run Availability monitoring Availability ailability monitoring is is monitoring ailability collections of systems systems of collections devices behind an an behind devices re than one collector collector one than re SNMP agent back back agent SNMP ces or device or ces respond then then respond he-box (but he-box(but ormation using using ormation windows the-box (but (but the-box have different schedules for when their alerting ru alerting when their for schedules havedifferent widevarietyfilter a of include They can paging. or basi per-user a on configured be can rules Alerting to. eventbelongs the sending device the that grou location, class,, device state, production the eventde of use make also can transforms and Rules itself to similar events news bad to addition in news good a that events other zEventClearClasses or table history the to clear database, events the event(leavein withthe do whatto - zEventAction zEventSeve define to zProperties has eventclass An particular events. particular automate to any shellscript run can commands Event native event into some of the fields of a Zenoss ev Zenoss a of fields the of some eventinto native in to parsed are Zenoss to external generated Events of: consist can mapping eventclass An events particular for taken be to actions specific hi eventclass the event- incoming the to is class ass to process eventmapping an through go Theythen www.skills-1st.co.uk attributes of both the incoming event and the devic the eventand incoming the both of attributes m whichcan Python, in written section, transform A event the for summary expression regular Python uses that Regexsection A incoming event and attributes of the device that se that device the of attributes eventand incoming fields test to statements) (Python section Rule A Zenoss receives & processes external events: external processes & receives Zenoss itself Zenoss by generated Events Alerting and event command automations command event and Alerting events news / bad news good of Correlation detection duplication event Automatic extend to easy predefined events of Lots classes event of hierarchy Object-oriented field of the event, optionally creating user-defin creating optionally event, the of field events external for process mapping Comprehensive daemon) (zensyslog syslogs daemon) (zeneventlog Logs Event Windows daemon) SNMP TRAPs (zentrap Events processingEvents drop entirely), and and entirely), drop p(s) and system(s) system(s) and p(s) erarchy allows more more allows erarchy les are active. are les s and each user can can user each and s the status table of of table status the ent s typically email typically email s of both the the both of rity, rity, nt the event the nt terpret the the terpret e that sent it sent that e vice context - - vicecontext responses to to responses event will clear eventwillclear anipulate many anipulate ign an event an ign s to parse the the parse to s ed fields fields ed 3-day Zenoss Event Management workshop from Skills Skills from workshop Management Event 3-dayZenoss only) Ze availablefrom course Administration 2-dayZenoss look at MRTG, Cacti and the Dude - - Dude the and Cacti MRTG, at look w Zenoss and OpenNMS Nagios, compared 2008 September pub paper Options Management Source Open Original http://www.skills-1st.co.uk/papers/jcurry.html http://www.skills-1st.co.uk/papers/jane/open_source slightly ahead (partly because Zenoss is is Zenoss because (partly ahead slightly bu offerings management systems and network source, ful both are Zenoss and OpenNMS wasthat Conclusion documentation is improving but still needs more wor more needs still but improving is documentation better; much feels stability code By February 2009, documentation. qu and stability werecode Zenoss on points Negative preference!) personal is OpenNMS Zenoss community website is hard to navigate to find to navigate to hard is website community Zenoss No good documentation on more detailed, technical a technical detailed, more on documentation good No techniques administration basic get Badg by Michael book and Guide Administration Zenoss that! just for good is guide Started Getting Detailed papers written by Jane Curry - - Curry by written Jane papers Detailed www.skills-1st.co.uk Zenoss Discovery and Classification and Discovery Zenoss Crafting Zenoss Core users for events and zProperti and events for users Core Zenoss Crafting examples transform of lots screenshots, diagrams. arch with paper page 80 - Management Event Zenoss More technical papers from from papers technical More PACKTfrom Badger Michael by Monitoring System and Network Core Zenoss HowTos FAQs, http://www.skills-1st.co.uk/papers/jcurry.html http://forums.zenoss.com/ http://www.zenoss.com/community/docs http://www.zenoss.com/community/ APIdocumentation GuideDeveloper's GuideAdministration Guide Started & Getting guides Installation Documentation not written in Java and Javaand in written :

2.3 versions of the the of versions 2.3 _mgmt_options.pdf k technical help technical ality of alityof spects noss (currently US US (currently noss t Zenoss was Zenoss t es l-function, open open l-function, 1st Ltd 1st lished lished er are good to to good are er for Wiki, Wiki, for itecture itecture ith a quick quick a ith

Comparison of 3 offerings at at offerings 3 of Comparison Download Zenoss Core from from Core Zenoss Download at Zenoss Find Enterprise Zenoss http://www.zenoss.com/product/network-monitoring-so 2008 newin Professional Zenoss at website community Zenoss Licens Public General GNU under licensed Core Zenoss founders one Dahl, by Erik project earlier an on based Zenoss 2008: of end the for Zenoss from Statistics www.skills-1st.co.uk 3 hours deployment planning consultancy & 2 seats o seats 2 & consultancy planning deployment hours 3 plansservice platinum and Gold high-availability architecture Distributed, dashboard global monitors, Evenmore Starting point is 250 monitored devices at $150 / d / $150 at devices monitored 250 is point Starting course Administration Zenoss on seat free 1 consultancy planning deployment hours 2 plansservice gold Silver and control access based Role capability monitoring Extended Consistently rated in top ten most active projects projects active most ten top in rated Consistently Starting point is minimum 100 monitored devices at at devices monitored 100 minimum is point Starting Passed 875,000 total downloads; over 350,000 in 200 in over350,000 downloads; total 875,000 Passed 2007 on 382% up 2008 for Revenue 2008 in customers new Enterprise 110 Zenoss company & community & company Zenoss Chargeable Zenoss offerings Zenoss Chargeable Zenoss Core is Open Source (GNU GPL) (GNU Source is Open Core Zenoss 2006 arrived company and product Zenoss extra functionality extra functionality training & consultancy start-up some support, include Enterprise / Professional has very active user forums and wikiand forums user active very has configure and extend to ability the has needs organisation medium-sized a things most has http://www.zenoss.com http://www.zenoss.com/download/links?nt http://www.zenoss.com/community/

on SourceForge on of the Zenoss co- Zenoss the of evice ftware#subscriptions $100 / device / $100 n course n e 8

www.skills-1st.co.uk Huge community behind it behind community Huge growing but US, outside exposure much Still not months6 in lot a improved stability Code scalabilitygreater and with support offerings chargeable Enterprise & Professional free; is offering Core management systems and network source open for choice good a is Zenoss Conclusions