Event Management for Zenoss Core 4

Total Page:16

File Type:pdf, Size:1020Kb

Event Management for Zenoss Core 4 Event Management for Zenoss Core 4 January 2013 Jane Curry Skills 1st Ltd www.skills-1st.co.uk Jane Curry Skills 1st Ltd 2 Cedar Chase Taplow Maidenhead SL6 0EU 01628 782565 [email protected] www.skills-1st.co.uk Synopsis This paper is intended as an intermediate-level discussion of the Zenoss event system in Zenoss Core 4. The event architecture has changed dramatically in Zenoss 4 from previous versions. It is assumed that the reader is already familiar with the Zenoss Event Console and with basic navigation around the Zenoss Graphical User Interface (GUI). It looks in some detail at the architecture behind the Zenoss event system ± the daemons and how they are inter-related ± and it looks at the structure of a Zenoss event and the event life cycle. Zenoss can receive events from many sources in addition to Zenoss itself. Events from Windows, Unix syslogs and Simple Networks Management Protocol (SNMP) TRAPs are all examined in detail. The process by which an incoming event is converted into a particular Zenoss event is known as event mapping and there are a number of different possible techniques for performing that conversion. These will all be explored along with the creation of new event classes. Once an event has been received, classified and stored by Zenoss, automation may be required. Alerting to users by email and page is discussed, as are background actions to run commands or generate TRAPs. Logging and debugging techniques are discussed in some details as is the JSON API for extracting data out of Zenoss. This paper was written using Zenoss Core 4.2.3 The paper is a companion text to the Zenoss 4 Event Management Workshop. Notations Throughout this paper, text to by typed, file names and menu options to be selected, are highlighted by italics; important points to take note of are shown in bold. Points of particular note are highlighted by an icon. 2 Event Management for Zenoss Core 4 © Skills 1st Ltd 1 February 2013 Table of Contents 1 Introduction..........................................................................................................................6 2 Zenoss event architecture....................................................................................................6 2.1 Event Console...............................................................................................................6 2.2 Event Manager settings.............................................................................................10 2.3 Event database tables ...............................................................................................11 2.3.1 Zenoss 2.x and 3.x...............................................................................................11 2.3.2 Zenoss 4................................................................................................................14 2.4 New event daemons....................................................................................................20 2.4.1 RabbitMQ.............................................................................................................20 2.4.2 zeneventserver.....................................................................................................22 2.4.3 zeneventd.............................................................................................................22 2.4.4 zenactiond ...........................................................................................................23 2.4.5 memcached...........................................................................................................23 2.5 Other database-related changes in Zenoss 4............................................................24 2.6 Event life cycle............................................................................................................25 2.6.1 Event generation.................................................................................................27 2.6.2 Application of device context..............................................................................29 2.6.3 Event class mapping...........................................................................................29 2.6.4 Application of event context...............................................................................30 2.6.5 Event transforms.................................................................................................30 2.6.6 Database insertions and de-duplication............................................................31 2.6.7 Resolution............................................................................................................32 2.6.8 Ageing and archiving..........................................................................................34 3 Events generated by Zenoss..............................................................................................34 3.1 zenping........................................................................................................................35 3.2 zenstatus.....................................................................................................................36 3.3 zenprocess...................................................................................................................36 3.4 zenwin.........................................................................................................................37 3.5 zenwinperf...................................................................................................................37 3.6 zenperfsnmp................................................................................................................37 3.7 zencommand...............................................................................................................38 4 Syslog events......................................................................................................................38 4.1 Configuring syslog.conf .............................................................................................39 4.2 Zenoss processing of syslog messages.......................................................................40 5 Zenoss processing of Windows event logs.........................................................................48 5.1 Management using the WMI protocol.......................................................................48 5.2 Management of Windows systems using syslog.......................................................51 6 Event Mapping...................................................................................................................51 6.1 Working with event classes and event mappings....................................................52 6.1.1 Generating test events........................................................................................54 6.2 Regex in event mappings...........................................................................................55 1 February 2013 Event Management for Zenoss Core 4 © Skills 1st Ltd 3 6.3 Rules in event mappings............................................................................................57 6.4 Other elements of event mappings ...........................................................................58 7 Event transforms...............................................................................................................58 7.1 Different ways to apply transforms...........................................................................59 7.2 Understanding fields available for event processing...............................................60 7.2.1 Event Proxies.......................................................................................................63 7.2.2 Event Details.......................................................................................................66 7.3 Transform examples...................................................................................................68 7.3.1 Combining user defined fields from Regex with transform.............................68 7.3.2 Applying event and device context in relation to transforms..........................69 8 Testing and debugging aids..............................................................................................71 8.1 Log files.......................................................................................................................71 8.1.1 zeneventd.log.......................................................................................................71 8.1.2 zeneventserver.log...............................................................................................72 8.1.3 Other log files......................................................................................................75 8.2 Using zendmd to run Python commands..................................................................75 8.2.1 Referencing an existing Zenoss event for use in zendmd.................................75 8.2.2 Using zendmd to understand attributes for an EventSummaryProxy...........79 8.3 Using the Python debugger in transforms................................................................83 9 Zenoss and SNMP..............................................................................................................87 9.1 SNMP introduction.....................................................................................................87 9.2 SNMP on Linux systems............................................................................................88
Recommended publications
  • Zenoss Core Release Notes
    Zenoss Core Release Notes Release 5.2.0 Zenoss, Inc. www.zenoss.com Zenoss Core Release Notes Copyright © 2016 Zenoss, Inc. All rights reserved. Zenoss and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1001.16.335.1 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 About this document About this document Zenoss Core Release Notes contains important information about minor and micro releases of Zenoss Core.
    [Show full text]
  • Zenoss Core Release Notes
    Zenoss Core Release Notes Release 5.2.2 Zenoss, Inc. www.zenoss.com Zenoss Core Release Notes Copyright © 2017 Zenoss, Inc. All rights reserved. Zenoss and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1001.17.074 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 About this document About this document Zenoss Core Release Notes contains important information about minor and micro releases of Zenoss Core.
    [Show full text]
  • Zenoss Core Release Notes
    Zenoss Core Release Notes Release 5.3.2 Zenoss, Inc. www.zenoss.com Zenoss Core Release Notes Copyright © 2017 Zenoss, Inc. All rights reserved. Zenoss, Own IT, and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1001.17.268 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 About this document About this document Zenoss Core Release Notes contains important information about minor and micro releases of Zenoss Core.
    [Show full text]
  • Zenoss Core Administration Guide
    Zenoss Core Administration Guide Release 5.1.x Zenoss, Inc. www.zenoss.com Zenoss Core Administration Guide Copyright © 2016 Zenoss, Inc. All rights reserved. Zenoss and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1011.16.319 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 Contents About this guide.................................................................................................................
    [Show full text]
  • Cloud Management with Open Source Tools Manish S
    Volume 4, No. 6, May 2013 (Special Issue) International Journal of Advanced Research in Computer Science REVIEW ARTICAL Available Online at www.ijarcs.info Cloud Management with Open Source Tools Manish S. Thakare*, Akash T. Kuratkar Dept.of computer sci. & engineering, jawaharlal darda insti.of engineering & tech. yavatmal-445001,India [email protected]*, [email protected] Abstract -Cloud computing has gained a lot of hype in the current world of I.T. Cloud computing is said to be the next big thing in the computer world after the internet. Cloud computing is the use of the Internet for the tasks performed on the computer and it is visualized as the next- generation architecture of IT Enterprise. The ‘Cloud’ represents the internet. Cloud computing is related to several technologies and the convergence of various technologies has emerged to be called cloud computing.Open source systems refer to software systems whose source code is available, allowing for immediate incorporation of improvements and adaptations of the system by its users. This seminar reports on an evaluation of open source management tools for cloud computing. Cloud computing is not a magical solution, planning and management of resources and the cloud in itself is pivotal. In this report, we compare and evaluate a number of open source tools used in the industry to manage and automate the cloud. We evaluate provisioning tools, orchestration tools, configuration tools and monitoring tools. Keyword: management of cloud with open source tools. I. INTRODUCTION Internet protocols, and it typically involves provisioning of dynamically scalable and often virtualized resources. It is a Cloud computing is the delivery of computing as a byproduct and consequence of the ease-of-access to remote service rather than a product, whereby shared resources, computing sites provided by the Internet.
    [Show full text]
  • Zenoss Core Upgrade Guide
    Zenoss Core Upgrade Guide Release 5.2.4 Zenoss, Inc. www.zenoss.com Zenoss Core Upgrade Guide Copyright © 2017 Zenoss, Inc. All rights reserved. Zenoss and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1091.17.122 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 Contents About this guide.......................................................................................................................4
    [Show full text]
  • Zenoss Developer's Guide Copyright © 2010 Zenoss, Inc., 275 West St
    Zenoss Developer's Guide Copyright © 2010 Zenoss, Inc., 275 West St. Suite 204, Annapolis, MD 21401, U.S.A. All rights reserved. This work is licensed under a Creative Commons Attribution Share Alike 3.0 License. To view a copy of this license, visit http:// creativecommons.org/licenses/by-sa/3.0/; or send a letter to Creative Commons, 171 2nd Street, Suite 300, San Francisco, California, 94105, USA. The Zenoss logo is a registered trademark of Zenoss, Inc. Zenoss and Open Enterprise Management are trademarks of Zenoss, Inc. in the U.S. and other countries. Flash is a registered trademark of Adobe Systems Incorporated. Java is a registered trademark of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Linux is a registered trademark of Linus Torvalds. Oracle and the Oracle logo are registered trademarks of the Oracle Corporation. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 08-102010-3.0-v01 1. Introduction ............................................................................................................................................. 1 1.1. Overview .....................................................................................................................................
    [Show full text]
  • Zenoss Core Installation Guide
    Zenoss Core Installation Guide Release 5.1.5 Zenoss, Inc. www.zenoss.com Zenoss Core Installation Guide Copyright © 2016 Zenoss, Inc. All rights reserved. Zenoss and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of VMware, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1051.16.207 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 Contents About this guide.................................................................................................................
    [Show full text]
  • Zenoss Community Edition (Core) Upgrade Guide
    Zenoss Community Edition (Core) Upgrade Guide Release 6.2.0 Zenoss, Inc. www.zenoss.com Zenoss Community Edition (Core) Upgrade Guide Copyright © 2018 Zenoss, Inc. All rights reserved. Zenoss, Own IT, and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1691.18.162.37 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 Contents About this
    [Show full text]
  • Zenoss Installation for Core Version
    Zenoss, Inc. www.zenoss.com Zenoss Installation for Core 2.4 Copyright © 2009 Zenoss, Inc., 275 West St. Suite 204, Annapolis, MD 21401, U.S.A. All rights reserved. This work is licensed under a Creative Commons Attribution Share Alike 3.0 License. To view a copy of this license, visit http:// creativecommons.org/licenses/by-sa/3.0/; or send a letter to Creative Commons, 171 2nd Street, Suite 300, San Francisco, California, 94105, USA. The Zenoss logo is a registered trademark of Zenoss, Inc. Zenoss and Open Enterprise Management are trademarks of Zenoss, Inc. in the U.S. and other countries. Flash is a registered trademark of Adobe Systems Incorporated. Java is a registered trademark of Sun Microsystems, Inc. Linux is a registered trademark of Linus Torvalds. Oracle and the Oracle logo are registered trademarks of the Oracle Corporation. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. 1. Installing Zenoss for RHEL 5 or CentOS 5 .......................................................................................... 1 1.1. Prerequisite Tasks ................................................................................................................... 1 1.2. Install the Zenoss Software .....................................................................................................
    [Show full text]
  • Zenoss Community Edition (Core) Administration Guide
    Zenoss Community Edition (Core) Administration Guide Release 6.2.0 Zenoss, Inc. www.zenoss.com Zenoss Community Edition (Core) Administration Guide Copyright © 2018 Zenoss, Inc. All rights reserved. Zenoss, Own IT, and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1611.18.162.37 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 Contents
    [Show full text]
  • Zenoss Core Upgrade Guide
    Zenoss Core Upgrade Guide Release 5.2.1 Zenoss, Inc. www.zenoss.com Zenoss Core Upgrade Guide Copyright © 2017 Zenoss, Inc. All rights reserved. Zenoss and the Zenoss logo are trademarks or registered trademarks of Zenoss, Inc., in the United States and other countries. All other trademarks, logos, and service marks are the property of Zenoss or other third parties. Use of these marks is prohibited without the express written consent of Zenoss, Inc., or the third-party owner. Amazon Web Services, AWS, and EC2 are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Flash is a registered trademark of Adobe Systems Incorporated. Oracle, the Oracle logo, Java, and MySQL are registered trademarks of the Oracle Corporation and/or its affiliates. Linux is a registered trademark of Linus Torvalds. RabbitMQ is a trademark of Pivotal Software, Inc. SNMP Informant is a trademark of Garth K. Williams (Informant Systems, Inc.). Sybase is a registered trademark of Sybase, Inc. Tomcat is a trademark of the Apache Software Foundation. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other companies and products mentioned are trademarks and property of their respective owners. Part Number: 1091.17.044 Zenoss, Inc. 11305 Four Points Drive Bldg 1 - Suite 300 Austin, Texas 78726 2 Contents About this guide.......................................................................................................................4
    [Show full text]