1

I have a big distributed system I need to monitor.

Background:

My system is comprised of two servers, concentrating and controlling the system. Each server is connected to a set of devices (some custom kind of RF controllers, doesnt matter to my question), each device connects to a network switch, and eventually all devices talk to the servers, the protocol between the servers and the devices is UDP, usually the packets are very small, but there are really a LOT of packets. the network is also somewhat complex, and is deployed on a large area physically. i'll have 150-300 of these devices, each generating up to 100+ packets per second, and several network switches, perhaps on 2 different subnets.

Question

I'm looking for some solution that will allow me to monitor all this mess, how many packets are sent, where, how do they move through the network, bandwidth utilization, throughput, stuff like that. what would you recommend to achieve this?

BTW Playing nice with windows is a requirement.

Hellfrost
  • 203
  • 1
  • 2
  • 7

8 Answers8

1

Take a look at SolarWinds http://www.solarwinds.com/

Frands Hansen
  • 4,657
  • 1
  • 17
  • 29
  • I usually recommend Zenoss, but your post indicated that you're mostly monitoring networking devices (access points, switches, routers), and that you need it to play nice with Windows. So I'll recommend SolarWinds, and if that's too expensive look at OpManager. – SpacemanSpiff Feb 13 '11 at 15:24
  • their stuff cost in the $1K-$2K. too expensive for me, especially if there are GPLed products out there... – Hellfrost Feb 14 '11 at 06:53
  • I didn't realize free was a requirement, Zenoss, Zabbix, will do it for you. – SpacemanSpiff Feb 16 '11 at 15:45
0

I recommend Zabbix. It will help to monitors your servers and applications.

Valery Viktorovsky
  • 899
  • 8
  • 13
0

Maybe Ganglia

Why -> scalable and high performance

profy
  • 1,146
  • 9
  • 20
0

Many monitoring solutions such as the ones already mentioned would probably do this for you, but if you want something different consider using ntop. http://www.ntop.org The advantage to this is that is should be easier to setup rather than a full blown monitoring system, and it will be agentless. It however does have a few prerequisites.

On your network switch enable port mirroring for the devices you want to monitor. http://en.wikipedia.org/wiki/Port_mirroring. Obviously you would need a switch to support this.

You will also need a linux box running ntop, which is very easy to install and runs out of the box. The linux box will need to have 2 network cards, one for network access and one for the monitoring traffic.

Configure the linux box as normal and install ntop and configure it to use your secondary network card. Plug your secondary card into the port mirror on the network switch.

With that in place you now have a website that can show you all the information you have listed regardless of host/device type. It is a very good way to see what is going on in your local network.

Here is a short step by step for ntop. http://www.howtoforge.com/network_monitoring_with_ntop

While maybe this isn't what you are after exactly, I use this tool a lot and it differs from the other answers.

pablo
  • 3,040
  • 1
  • 19
  • 23
0

I second the Zabbix suggestion. You just said it had to play nice with Windows, not run on Windows. The Zabbix server runs on a *nix server, most often Linux. It's capability for monitoring and graphing is quite powerful. Using the right SNMP items you can easily monitor your switches, and hosts should you wish to with a Zabbix agent.

If you are wanting to gather flow data, such as where packets are flowing on a network then tools like Zabbix will fall down pretty quickly. One of the best Open Source tools in this area is NTop. NTop will receive sFlow and rMon data from switches and then generate some dynamic reports about data flows. NTop however is not a systems monitoring tool, it can however derive bandwidth through flow data, but it can't give it to you on a per port basis on a switch, Zabbix can do that.

Red Tux
  • 2,074
  • 13
  • 14
0

Do your switches support the sFlow protocol? A quick way to find out is to check the Network Equipment list on sFlow.org. You can also use sFlow to monitor the performance of your Windows servers, just install the Host sFlow agent. The advantage of using sFlow is that it pulls together the "mess" of network and system monitoring tasks into an integrated system.

sFlowTrend is a free sFlow analyzer that should give you the visibility you want. Alternatively, a number of tools already mentioned on this thread support sFlow (ntop, Ganglia, Solarwinds). See the sFlow Collectors list on sFlow.org for a full list of options.

Peter
  • 1
0

Lots of options out there. Have used Zabbix, ZenOSS, Nagios and more. When combined with SNMP there's an enormous amount of information that can be gathered and used to keep track of your network beyond that which you are asking.

dtbnguyen
  • 322
  • 1
  • 6
0

I am using Zabbix with any kind of agents (Zabbix Agent, SNMP (Trap), SSH, Simple Check) to monitor any kind of device (windows, linux, routers, firewalls, switches), Collects data and creates alarm at any time with any complex condition. Very successful, very stable and good looking especially with pgsql.

edib
  • 213
  • 3
  • 13