Networking

System monitoring with Zenoss takes complexity out of configuration

While Nagios is a powerful and stable system monitor, it can be very complex to configure. Vincent Danen offers you another option with a slick UI, nice graphs, and easy-to-read host data.

If you are a systems or network administrator that deals with more than a handful of servers, chances are pretty good that you are familiar with the Nagios program. Nagios is used to monitor servers and services, alerting administrators when there are problems connecting or services are no longer available. It does its job and does it well; once configured, it is reliable and stable.

Add-ons and plugins for Nagios extend its functionality as well, making it able to monitor a variety of services. However, the biggest problem with it is that configuring it can be time-consuming and clumsy due to its extensive use of plaintext and potentially confusing configuration files. Nagios is powerful, but it comes at the cost of complexity.

Another system monitoring package for your consideration is Zenoss. Zenoss is quite similar to Nagios, but reduces a lot of the configuration complexity. The unfortunate thing about Zenoss is that the Web interface can be quite intimidating, despite it dispensing with a lot of complexity in how monitored hosts are configured.

Zenoss uses SNMP to "auto-configure" hosts, so having it readily available on the hosts you want to monitor will ease configuration quite a bit. Fully configuring SNMP on the client systems is beyond the scope of this article, but if you want to get up and running quickly to see what Zenoss can do, install the SNMP server on your system and create a very simple SNMP configuration:

# cd /etc/snmp
# mv snmpd.conf snmpd.conf.bak
# echo "rocommunity public 192.168.1.100" >snmpd.conf
# /etc/init.d/snmpd start

This will start the SNMP daemon with a very permissive configuration. Essentially, the IP address 192.168.1.100 can obtain any information from SNMP that it wants to get, but other hosts will not be able to. The 192.168.1.100 IP should correspond with that of your Zenoss server.

Zenoss is available for a number of operating systems. You can install packages built for most flavours of Linux, Mac OS X, or build it from source on any other system where there are no packages pre-built. Also available are virtual appliances for VMware. If you're just looking to evaluate Zenoss, using a virtual appliance is great. Details of installation are available on the Zenoss Web site, and are quite straightforward and simple.

Once Zenoss is installed, use your browser to connect to http://192.168.1.100:8080 (replace the IP with that of the Zenoss server, of course). There is a quick setup wizard that will ask you for an administrator password as well as to create a user account. Next, you can have Zenoss auto-discover devices or you can manually set up systems you want to monitor.

Each has its advantages. The auto-discovery will pick up all available systems, but will not classify them. This can be a bit of a pain later when trying to re-configure devices to classify them correctly. Zenoss uses classifications of systems in order to determine what kind of SNMP information to look for: a "/Network/Router" device is very different from a "/Server/Linux" device. If you are in a network with a lot of workstations that you do not want to monitor, using auto-discovery will add a lot of noise to the Web interface, and a lot of devices to remove later. In this case it would be better to manually set up each device. This is easier than it sounds: you can get away with just supplying the IP address or hostname of the device and the Device Class Path (i.e. "/Server/Linux"). If SNMP is running on the host, Zenoss takes care of almost everything; what's left is minor "accounting" information such as operating system information, hardware information (model, serial number, etc.), and useful information such as which rack slot the machine is in.

Then, from the Web interface dashboard, you can select the Device List from the menu and see all the configured devices. Select the host you just set up, and it will show the device status: uptime as gleaned from SNMP, when data was last collected, the monitoring status, and other identification information.

Selecting the OS tab lets you see all the goodies provided by SNMP: network interfaces, file system status, and network routes. The Perf tab shows nice graphs of useful information like CPU utilization, load average, memory utilization, and disk I/O. When first set up, these graphs may not be available until Zenoss has had a chance to collect some information.

Unlike Nagios, which does not by default provide nice graphs or host information like this, Zenoss offers all of this very easily, provided SNMP is running on the host to monitor. And, like Nagios, Zenoss can be extended with plugins written by Zenoss Inc. and by Zenoss users. There are ZenPacks that allow you to monitor specific services like DNS, LDAP, MySQL, HTTP, FTP, SSL certificate expiration, Apache, IIS, Squid, and more. Zenoss works well monitoring systems running Linux, OS X, Windows, and Solaris. It also monitors printers, routers, firewalls, and other devices.

If you are looking for a good system monitoring platform, Zenoss may be what you are looking for. It will take some time to navigate around and figure out what everything in the UI is, and tweaking the configuration may take some time as well but unlike Nagios, everything is configurable via the web UI.

It's very capable, looks slick, and you can have the basic SNMP-based monitoring up and running within minutes.

Get the PDF version of this tip here.

About

Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.

Editor's Picks