A program for monitoring network activity. Network monitoring using TCPView and netstat utilities

Our programs for system administrators will help you keep abreast of everything that happens in the computer park and enterprise network, respond in a timely manner to equipment failures and software problems, and minimize costs and downtime. This page presents programs for monitoring the network, servers and hosts, for PC inventory, accounting for installed programs and licenses, creating reports on computer hardware, for accounting traffic on the network, for studying the network topology and creating graphical diagrams of local networks.

A network administrator may also find useful programs for searching files on local networks and auditing user access to file resources of servers over the network. All these programs will help the system administrator improve the performance of network devices and servers and ensure the proper level of security in the enterprise network.

10-Strike programs are included in the unified register of Russian computer programs of the Ministry of Communications and can participate in government procurement.

Programs for network administrator, network utilities

A program for inventory and accounting of installed software and hardware on computers on local networks. "Computer Inventory" allows system administrators to keep track of computers on the enterprise network and view configurations remote computers and lists of installed programs over the network, track configuration and software changes. The program contains a powerful report generator. For example, you can create reports on the presence of certain programs on computers and their quantity. At planning upgrades can be created report containing computers with insufficient disk space or random access memory . Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

- program for monitoring servers and computers on the network, allowing you to visually observe the current state of your network at any time. LANState monitors hosts on the network, tracks connections to network resources, monitors traffic, and signals various events. LANState contains many functions useful for network administrators: sending messages, shutting down remote computers, scanning hosts and ports, receiving various information from remote computers (access to the registry, event log, etc.). Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

- program for monitoring servers and other network devices, monitors the performance of the network and notifies the administrator of problems. Find out in time about a failure that has occurred (connection loss, server disk space running out, service stop, etc.) and fix the problem with minimal loss of time. The program signals problems using sound, on-screen messages, by e-mail, and can launch external programs and services, as well as reboot computers and services. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

- program for searching files on computers local network (via NetBios and FTP protocols). Enter a phrase or file masks and search necessary information. When viewing search results, found files can be immediately opened, saved to disk, or generated a report. The search uses multi-threaded technology, which significantly speeds up the work. You can set filters by file size and modification date. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

- program for monitoring network connections of users over the network to shared folder and files, allows you to find out in time about connections of network users to your computer. The program beeps, displays alerts on the screen, and keeps a detailed log of connections, which records information about who connected to the network and when. network folders computer, what files were opened, etc. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

3.0 FREE!

- scanner for local networks, IP addresses and hosts. This free program allows you to scan your local network and detect active hosts, computers and servers. Supports scanning of IP address ranges and many protocols for detecting network devices (ICMP ping, searching for open TCP ports, NetBios, SNMP, UPnP, ...). If you have administrator rights with Windows computers can be considered a set useful information. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Sets of network programs for system administrators

Software suites for system administrators allow you to save money when purchasing several of our network programs or all at once. Get three programs for the price of two and so on. For example, when purchasing Full set of administrator programs in option " for the organization"(without restrictions on the number of workstations), consisting of our seven programs for network administrators, you can save up to 85,000 rubles or 30%!

Other utilities

- CD cataloger (CD, DVD). With its help you will quickly find necessary files on CD and DVD discs your collection. SearchMyDiscs helps you organize your CD collections and DVD discs, allowing you to find required disk in a few seconds. If you are tired of searching for the right disk for a long time every time, this program is for you! Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

- Apache web server Raw log file analyzer. Creates various reports and histograms. The program has many settings and filters that will allow you to get accurate information about your site, downloaded files, and who is coming to you and from where. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Payment and delivery

When ordering programs legal entities payment accepted by bank transfer. Invoices are issued in in electronic format, a contract is concluded. Electronic delivery: the distribution kit is downloaded from our website, registration keys are sent after payment by e-mail. After payment, the original contract and documents for accounting are sent to the buyer by mail.

Issue an invoice (specify necessary programs and types of licenses, your details and the name of the director for the agreement)

All our programs are also presented in the Softkey and AllSoft online stores (follow the “buy” links from our website).

Our clients: small and medium business, government and budgetary institutions, hospitals, schools, colleges and institutes, banks, oil industry, telecoms.

You most likely know that it has a built-in firewall. You may also know how to allow and block access of individual programs to the network in order to control incoming and outgoing traffic. But did you know that the Windows firewall can be used to log all connections passing through it?

Windows Firewall logs can be useful in solving specific problems:

• The program you are using cannot connect to the Internet, although other applications do not experience this problem. In this case, to troubleshoot the problem, you should check whether the system firewall is blocking the connection requests of this program.
• You suspect that your computer is being used to transmit data by malware and want to monitor outgoing traffic for suspicious connection requests.
• You have created new rules for allowing and blocking access and want to ensure that the firewall correctly processes the given instructions.

Regardless of the reason for use, enabling event logging can be challenging as it requires a lot of fiddling with the settings. We will give a clear algorithm of actions on how to activate the registration of network activity in the Windows firewall.

Access to firewall settings

First, you need to go to the advanced settings of Windows Firewall. Open the control panel (click right click mouse on the Start menu, “Control Panel” option), then click the “Windows Firewall” link if the view mode is small/large icons, or select the “System and Security” section, and then “Windows Firewall” if the view mode is category .

In the firewall window, select the option in the left navigation menu “Advanced settings”.

You will see the following settings screen:

This is the internal technical side of the Windows Firewall. This interface allows you to allow or block program access to the Internet, configure incoming and outgoing traffic. In addition, this is where you can activate the event logging feature - although it is not immediately clear where this can be done.

Accessing log settings

First, select the “Windows Firewall with Advanced Security (Local Computer)” option.

Right-click on it and select the “Properties” option.

A window will open that may confuse the user. When you select three tabs (Domain Profile, Private Profile, Public Profile), you will notice that their content is identical, but relates to three different profiles, the name of which is indicated in the tab title. Each profile tab contains a button to configure logging. Each log will correspond to a different profile, but which profile are you using?

Let's look at what each profile means:

• A domain profile is used to connect to wireless network Wi-Fi when the domain is set by a domain controller. If you're not sure what this means, don't use it. this profile.
• The private profile is used to connect to private networks, including home or personal networks- this is the profile you will most likely use.
• The public profile is used to connect to public networks, including restaurants, airports, libraries and other institutions.

If you are using a computer in home network, go to the “Private Profile” tab. If used public network, go to the “General Profile” tab. Click the “Configure” button in the “Logging” section on the correct tab.

Activating the event log

In the window that opens, you can configure the location and maximum size magazine. You can set an easy-to-remember location for the log, but the actual location of the log file doesn't really matter. If you want to start event logging, set both the “Log missed packets” and “Log successful connections” drop-down menus to “Yes” and click the “OK” button. Running this feature all the time can cause performance issues, so only enable it when you really need to monitor connections. To disable the logging feature, set the value to “No (default)” in both drop-down menus.

Studying logs

Now the computer will record network activity controlled by the firewall. To view the logs, go to the “Advanced Settings” window, select the “Monitoring” option in the left list, and then in the “Logging Options” section click the “File Name” link.

The network activity log will then open. The contents of the log may be confusing to an inexperienced user. Let's look at the main contents of the log entries:

1. Date and time of connection.
2. What happened to the connection? The status “ALLOW” means that the firewall allowed the connection, and the status “DROP” indicates that the connection was blocked by the firewall. If you encounter problems connecting to the network of a particular program, you can definitely determine that the cause of the problem is related to the firewall policy.
3. Connection type - TCP or UDP.
4. In order: IP address of the connection source (computer), destination IP address (for example, a web page), and the network port used on the computer. This entry allows you to identify ports that require opening for the software to work. Also watch out for suspicious connections - they could be made by malware.
5. Whether the data packet was successfully sent or received.

The information in the log will help determine the cause of connection problems. The logs can record other activity, such as the target port or TCP acknowledgment number. If you need more details, check out the “#Fields” line at the top of the log to identify the meaning of each metric.

Don't forget to turn off the logging feature when you're done.

Advanced network diagnostics

By using Windows Firewall logging, you can analyze the types of data being processed on your computer. In addition, you can determine the causes of network problems related to the firewall or other objects disrupting connections. The activity log allows you to familiarize yourself with the work of the firewall and get a clear picture of what is happening on the network.

Found a typo? Highlight and press Ctrl + Enter

The previous article compiled a list of 80 monitoring tools Linux systems. It also made sense to make a selection of tools for the Windows system. Below is a list that serves only Starting point, there is no rating here.

1.Task Manager

Well-known dispatcher Windows tasks- utility for displaying a list running processes and the resources they consume. But do you know how to use its full potential? As a rule, it is used to monitor the state of the processor and memory, but you can go much further. This app is pre-made for everyone operating systems ah Microsoft.

2. Resource Monitor

A great tool to estimate CPU, RAM, network and disk usage in Windows. It allows you to quickly obtain all the necessary information about the status of critical servers.

3.Performance Monitor

The main tool for managing performance counters in Windows. Performance Monitor, in earlier Windows versions known to us as System Monitor. The utility has several display modes, displays performance counters in real time, and saves data to log files for later study.

4.Reliability Monitor

Reliability Monitor - System stability monitor, allows you to monitor any changes in computer performance, you can find the stability monitor in Windows 7, in Windows 8: Control Panel > System and Security > Action Center. Using Reliability Monitor, you can keep track of changes and failures on your computer, the data will be displayed in a convenient graphically, which will allow you to track which application and when caused an error or froze, and track the occurrence of a blue screen death of Windows, the reason for its appearance (the next Windows update or program installation).

5.Microsoft SysInternals

SysInternals is full set programs for administering and monitoring computers running Windows OS. You can download them for yourself for free on the Microsoft website. Sysinternals utilities help manage, troubleshoot, and diagnose Windows applications and operating systems.

6. SCOM (part of Microsoft System Center)

System Center is a complete set of tools for managing IT infrastructure, with which you can manage, deploy, monitor, configure Microsoft software (Windows, IIS, SQLServer, Exchange, and so on). Unfortunately, MSC is not free. SCOM is used for proactive monitoring of key IT infrastructure objects.

Monitoring Windows servers using the Nagios family

7. Nagios

Nagios has been the most popular infrastructure monitoring tool for several years (for Linux and Windows). If you are considering Nagios for Windows, then install and configure the agent on Windows server. NSClient++ monitors the system in real time and provides outputs from a remote monitoring server and more.

8. Cacti

Typically used in conjunction with Nagios, it provides the user with a convenient web interface to the RRDTool utility, designed to work with Round Robin Databases, which are used to store information about changes in one or more quantities over a certain period of time. Statistics in network devices are presented in the form of a tree, the structure of which is specified by the user himself; you can build a graph of channel usage, usage HDD partitions, display resource latency, etc.

9. Shinken

Flexible, scalable monitoring system with open source code, based on the Nagios core written in Python. It is 5 times faster than Nagios. Shinken is compatible with Nagios, you can use its plugins and configurations without making adjustments or additional configuration.

10. Icinga

Another popular one open system monitoring, which checks hosts and services and reports their status to the administrator. As a fork of Nagios, Icinga is compatible with it and they have a lot in common.

11. OpsView

OpsView was originally free. Now, unfortunately, users of this monitoring system have to shell out money.

Op5 is another open source monitoring system. Plotting, storing and collecting data.

Alternatives to Nagios

Open software for monitoring and tracking the status of various services computer network, servers and network equipment, is used to obtain data about CPU load, network usage, disk space and the like.

14. Munin

A good monitoring system that collects data from several servers simultaneously and displays everything in the form of graphs, with which you can track all past events on the server.

15.Zenoss

Written in Python using the Zope application server, data is stored in MySQL. With Zenoss you can
monitor network services, system resources, device performance, Zenoss kernel analyzes the environment. This makes it possible to quickly deal with big amount specific devices.

16. Observium

A monitoring and surveillance system for network devices and servers, although the list of supported devices is huge and is not limited to network devices; the device must support SNMP.

17. Centreon

A comprehensive monitoring system allows you to monitor the entire infrastructure and applications containing system information. Free alternative to Nagios.

18. Ganglia

Ganglia - scalable distributed system monitoring, used in high-performance computing systems ah, such as clusters and grids. Monitors statistics and computation history in real time for each of the monitored nodes.

19. Pandora FMS

Monitoring system, good productivity and scalability, one monitoring server can monitor the work of several thousand hosts.

20. NetXMS

Software with open source for monitoring computer systems and networks.

21.OpenNMS

OpenNMS monitoring platform. Unlike Nagios, it supports SNMP, WMI and JMX.

22. HypericHQ

Component VMware package vRealize Operations, used to monitor OS, middleware and applications in physical, virtual and cloud environments. Displays availability, performance, usage, events, logs, and changes at every level of the virtualization stack (from the vSphere hypervisor to guest OSes).

23. Bosun

Open source monitoring and alert system from StackExchange. Bosun has a well-thought-out data design, as well as a powerful language for processing it.

24. Sensu

Sensu is an open source alert system similar to Nagios. There is a simple dashboard, you can see a list of clients, checks and triggered alerts. The framework provides the mechanisms needed to collect and accumulate server operation statistics. Each server runs a Sensu agent (client), which uses a set of scripts to check the functionality of services, their status and collect any other information.

25. CollectM

CollectM collects statistics about system resource usage every 10 seconds. It can collect statistics for several hosts and send it to the server, the information is displayed using graphs.

28. Performance Analysis of Logs (PAL) Tool

34. Total Network Monitor

This is a program for constantly monitoring the operation of a local network of individual computers, network and system services. Total Network Monitor generates a report and notifies you about errors that have occurred. You can check any aspect of the operation of a service, server or file system: FTP, POP/SMTP, HTTP, IMAP, Registry, Event Log, Service State and others.

35. PRTG

38.Idera

Supports multiple operating systems and virtualization technologies. There are many free tools that you can use to monitor your system.

39. PowerAdmin

PowerAdmin is a commercial monitoring solution.

40. ELM Enterprise Manager

ELM Enterprise Manager - complete monitoring from “what happened” to “what is happening” in real time. Monitoring tools in ELM include - Event Collector, Performance Monitor, Service Monitor, Process Monitor, File Monitor, PING Monitor.

41.EventsEntry

42. Veeam ONE

A powerful solution for monitoring, reporting, and scheduling resources across VMware, Hyper-V, and Veeam Backup & Replication infrastructure, monitors the health of your IT infrastructure and diagnoses problems before they impact your user experience.

43. CA Unified Infrastructure Management (formerly CA Nimsoft Monitor, Unicenter)

Monitors the performance and availability of Windows server resources.

44. HP Operations Manager

This infrastructure monitoring software performs proactive root cause analysis, reducing recovery time and reducing operations management costs. The solution is ideal for automated monitoring.

45.Dell OpenManage

OpenManage (now Dell Enterprise Systems Management) is an all-in-one monitoring product.

46. ​​Halcyon Windows Server Manager

Management and monitoring of networks, applications and infrastructure.

Below is a list of (most popular) network monitoring tools

55.NeDi

Nedi is an open source network monitoring tool.

54. The Dude

The Dude monitoring system, although free, is in no way inferior, according to experts commercial products, monitors individual servers, networks and network services.

55.BandwidthD

Open source program.

56. NagVis

An extension for Nagios that allows you to create infrastructure maps and display their status. NagVis supports a large number of various widgets, icon sets.

57. Proc Net Monitor

A free monitoring application that allows you to track all active processes and, if necessary, quickly stop them to reduce the load on the processor.

58. PingPlotter

Used to diagnose IP networks, it allows you to determine where losses and delays of network packets occur.

Small but useful tools

60. Glint Computer Activity Monitor

61.RealTemp

Temperature monitoring utility Intel processors, it does not require installation, monitors the current, minimum and maximum temperature values ​​for each core and the start of throttling.

62. SpeedFan

A utility that allows you to control the temperature and fan speeds in the system, monitors sensor readings motherboard, video cards and hard drives.

63.OpenHardwareMonitor

We've put together another list of great free server and network monitoring tools. They are very important for any business operating through a website or network. Server and network monitoring allows you to be aware of all issues as they arise; and this, in turn, allows you to take the right actions.

Ganglia- variable system monitoring for high-performance computing systems such as clusters and cells. It is built hierarchically and is aimed at combining clusters.

The mantra of the real estate world is Location, Location, Location. For the world of systems administration, this sacred text should read like this: Visibility, Visibility and Visibility. If you don't know exactly what your network and servers are doing every second of the day, you're like a pilot flying blind. A disaster inevitably awaits you. Luckily for you, there are many available on the market now. good programs, both commercial and open source, capable of setting up your network monitoring.

Because good and free is always more tempting than good and expensive, here's a list of open source software that proves its worth every day on networks of all sizes. From device discovery, monitoring network equipment and servers, to identifying network trends, graphical presentation of monitoring results, and even backing up switch and router configurations, these seven free utilities are likely to surprise you.

Cacti

First there was MRTG (Multi Router Traffic Grapher) - a program for organizing a network monitoring service and measuring data over time. Back in the 1990s, its author Tobias Oetiker saw fit to write a simple charting tool using the ring database originally used for displaying bandwidth router on the local network. So MRTG gave birth to RRDTool, a set of utilities for working with RRD (Round-robin Database, ring database), allowing you to store, process and graphically display dynamic information such as network traffic, processor load, temperature, and so on. RRDTool is now used in a huge number of open source tools. Cacti is the current flagship open source network graphics software and takes MRTG principles to a whole new level.

From disk usage to fan speed in the power supply, if the indicator can be monitored,Cacti will be able to display it and make this data easily accessible.

Cacti is a free program included in the LAMP suite of server software that provides a standardized software platform for creating graphs based on almost any statistical data. If any device or service returns numeric data, then it can most likely be integrated into Cacti. There are templates for monitoring a wide range of equipment - from Linux and Windows servers to Cisco routers and switches - basically anything that communicates using SNMP (Simple Network Management Protocol). network management). There are also collections of third-party templates that further expand the already huge list of Cacti-compatible hardware and software.

Although standard method Cacti data collection is based on the SNMP protocol; Perl or PHP scripts can also be used for this. The software system's framework cleverly separates data collection and graphical display into discrete instances, making it easy to reprocess and reorganize existing data for different visual representations. In addition, you can select specific time frames and individual parts of the charts simply by clicking on them and dragging.

So, for example, you can quickly look at data from several past years to understand whether the current behavior of network equipment or a server is anomalous, or whether similar indicators occur regularly. And using Network Weathermap, a PHP plugin for Cacti, you can easily create real-time maps of your network, showing the congestion of communication channels between network devices, implemented using graphs that appear when you hover your mouse over the image of a network channel. Many organizations using Cacti display these maps 24/7 on wall-mounted 42-inch LCD monitors, allowing IT teams to instantly monitor network congestion and link health information.

In summary, Cacti is a powerful toolkit for graphically displaying and trending network performance that can be used to monitor virtually any monitored metric represented in a graph. This decision also supports virtually limitless customization options, which can make it overly complex for certain applications.

Nagios

Nagios is an established network monitoring software system that has been in active development for many years. Written in C, it does almost everything that system and network administrators would need from a monitoring application package. The web interface of this program is fast and intuitive, while its server part- extremely reliable.

Nagios can be a challenge for beginners, but the fairly complex configuration is also an advantage of this tool, as it can be adapted to almost any monitoring task.

Like Cacti, Nagios has a very active community behind it, so various plugins exist for a huge range of hardware and software. From simple ping checks to integration with complex software solutions, such as, for example, WebInject, a free software toolkit written in Perl for testing web applications and web services. Nagios allows you to continuously monitor the status of servers, services, network channels and everything else that the IP network layer protocol understands. For example, you can monitor the use of disk space on the server, RAM and CPU load, the use of the FLEXlm license, the air temperature at the server outlet, delays in the WAN and Internet channel, and much more.

Obviously, any server and network monitoring system will not be complete without notifications. Nagios does this well: the software platform offers a customizable mechanism for notifications via email, SMS and instant messages of most popular Internet instant messengers, as well as an escalation scheme that can be used to make smart decisions about who, how and when under what circumstances must notice be given that correct setting will help you provide many hours of restful sleep. And the web interface can be used to temporarily pause receiving notifications or confirm a problem has occurred, as well as for administrators to make notes.

In addition, the mapping feature shows all monitored devices in a logical, color-coded representation of where they are on the network, allowing problems to be shown as they occur.

The downside to Nagios is the configuration, as it is best done through the command line, making it much more difficult for newbies to learn. Although people familiar with standard Linux/Unix configuration files should not experience any special problems.

The capabilities of Nagios are enormous, but the effort to use some of them may not always be worth the effort. But don't let the complexity intimidate you: the early warning benefits this tool provides for so many aspects of the network can't be overstated.

Icinga

Icinga began as a fork of the Nagios monitoring system, but has recently been rewritten into a standalone solution known as Icinga 2. this moment Both versions of the program are in active development and are available for use, while Icinga 1.x is compatible with a large number of plugins and Nagios configuration. Icinga 2 was designed to be less clunky, more performance oriented, and easier to use. It offers a modular architecture and multi-threaded design that neither Nagios nor Icinga 1 offers.

Icinga offers a complete monitoring and alerting software platform that is designed to be as open and extensible asNagios, but with some differences in the web interface.

Like Nagios, Icinga can be used to monitor anything that speaks IP, as deep as you can using SNMP, as well as custom plugins and add-ons.

There are several variations of the web interface for Icinga, but the main difference between this one is software solution Nagios monitoring is a configuration that can be done through the web interface rather than through configuration files. For those who prefer to manage their configuration externally command line, this functionality will be a real gift.

Icinga integrates with a variety of monitoring and graphing software packages such as PNP4Nagios, inGraph and Graphite, providing robust visualization of your network. In addition, Icinga has advanced reporting capabilities.

NeDi

If you've ever had to Telnet into switches and search by MAC address to find devices on your network, or you just want to be able to determine the physical location of certain equipment (or perhaps even more where it was previously located is important), then you might be interested in taking a look at NeDi.

NeDi constantly scans the network infrastructure and catalogs devices, tracking everything it discovers.

NeDi is free LAMP-related software that regularly scans the MAC addresses and ARP tables on the switches on your network, cataloging each detected device in a local database. This project is not as well known as some others, but it could become very convenient tool when working with corporate networks where devices are constantly changing and moving.

You can run a search through the NeDi web interface to identify a switch, switch port, access point, or any other device by MAC address, IP address, or DNS name. NeDi collects all the information it can from every network device it encounters, pulling from them serial numbers, firmware and software versions, current timings, module configurations, etc. You can even use NeDi to mark the MAC addresses of devices that have been lost or stolen. If they reappear online, NeDi will notify you.

Discovery is run by a cron process at specified intervals. The configuration is simple, with only one configuration file, which allows you to significantly increase the number of settings, including the ability to skip devices based on regular expressions or specified network boundaries. NeDi typically uses the Cisco Discovery Protocol or Link Layer Discovery Protocol to discover new switches and routers and then connects to them to collect their information. Once the initial configuration is established, device discovery will occur quite quickly.

NeDi can integrate with Cacti to a certain level, so it is possible to link device discovery to the corresponding Cacti graphs.

Ntop

The Ntop project—now better known as Ntopng to the “new generation”—has come a long way over the past decade. But call it what you want - Ntop or Ntopng - the result is a top-notch network traffic monitoring tool paired with a fast and simple web interface. It is written in C and is completely self-contained. You are running a single process configured to do a specific thing network interface, and that's all he needs.

Ntop is a web-based packet analysis tool that shows real-time data about network traffic. Information about the data flow through the host and the connection to the host is also available in real time.

Ntop provides easy-to-digest graphs and tables showing current and historical network traffic, including the protocol, source, destination, and history of specific transactions, as well as the hosts on both ends. Additionally, you'll find an impressive array of real-time network utilization graphs, charts, and maps, as well as a modular architecture for a huge number of add-ons, such as adding NetFlow and sFlow monitors. Here you can even find Nbox, a hardware monitor that is built into Ntop.

In addition, Ntop includes an API for the Lua scripting programming language, which can be used to support extensions. Ntop can also store host data in RRD files to enable continuous data collection.

One of the most useful uses of Ntopng is to control traffic at a specific location. For example, when some network channels are highlighted in red on your network map, but you don’t know why, you can use Ntopng to get a minute-by-minute report on the problematic network segment and immediately find out which hosts are responsible for the problem.

The benefits of such network visibility are difficult to overestimate, and it is very easy to obtain. Essentially, you can run Ntopng on any interface that has been configured at the switch level to monitor a different port or VLAN. That's all.

Zabbix

Zabbix is ​​a full-blown network and system monitoring tool that integrates multiple functions into a single web console. It can be configured to monitor and collect data from the most different servers and network devices, providing maintenance and monitoring the performance of each object.

Zabbix allows you to monitor servers and networks using a wide range of tools, including monitoring virtualization hypervisors and web application stacks.

Basically, Zabbix works with software agents running on controlled systems. But this solution can also work without agents, using the SNMP protocol or other monitoring capabilities. Zabbix supports VMware and other virtualization hypervisors, providing detailed data on hypervisor performance and activity. Particular attention is also paid to monitoring Java application servers, web services and databases.

Hosts can be added manually or through an automatic discovery process. A wide range of default templates apply to the most common use cases such as Linux, FreeBSD and Windows servers; Widely used services such as SMTP and HTTP, as well as ICMP and IPMI for detailed monitoring of network hardware. In addition, custom checks written in Perl, Python or almost any other language can be integrated into Zabbix.

Zabbix allows you to customize your dashboards and web interface to focus on what matters most. important components networks. Notifications and issue escalations can be based on custom actions that are applied to hosts or groups of hosts. Actions can even be configured to run remote commands, so your script can run on a monitored host if certain event criteria are observed.

The program displays performance data such as network bandwidth and CPU load in graphs and aggregates it for custom display systems. In addition, Zabbix supports customizable maps, screens, and even slideshows that display the current status of monitored devices.

Zabbix can be difficult to implement on initial stage, but judicious use of automatic discovery and various templates can alleviate some of the integration difficulties. In addition to the installable package, Zabbix is ​​available as virtual device for several popular hypervisors.

Observium

Observium is a program for monitoring network equipment and servers, which has a huge list of supported devices that use the SNMP protocol. As LAMP software, Observium is relatively easy to install and configure, requiring the usual Apache installations, PHP and MySQL, database creation, Apache configuration and the like. It installs as its own server with a dedicated URL.

Observium combines system and network monitoring with performance trend analysis. It can be configured to track almost any metrics.

You can login GUI and begin adding hosts and networks, as well as defining auto-discovery ranges and SNMP data, so that Observium can explore the networks around it and collect data on each system it discovers. Observium can also discover network devices via CDP, LLDP or FDP protocols, and remote host agents can be deployed on Linux systems to assist in data collection.

All this collected information is available through an easy to use user interface, which provides advanced capabilities for displaying data statistically, as well as in charts and graphs. You can get anything from ping and SNMP response times to graphs of throughput, fragmentation, number of IP packets, etc. Depending on the device, this data may be available for every detected port.

As for servers, Observium can display status information for them central processor, RAM, data storage, swap, temperature, etc. from the event log. You can also enable data collection and graphical display of performance for various services, including Apache, MySQL, BIND, Memcached, Postfix and others.

Observium works great as virtual machine, so it can quickly become the main tool for obtaining information about the state of servers and networks. This is a great way to add automatic detection and graphical representation to a network of any size.

Too often, IT administrators feel limited in what they can do. Regardless of whether we are dealing with custom software application or an “unsupported” piece of hardware, many of us believe that if the monitoring system cannot immediately cope with it, then it is impossible to obtain the necessary data in this situation. This is, of course, not true. With a little effort, you can make almost anything more visible, accounted for, and controlled.

An example is custom application with a database on the server side, for example, an online store. Your management wants to see beautiful graphs and diagrams, designed in one form or another. If you're already using, say, Cacti, you have several options to output the collected data in the required format. You can, for example, write a simple Perl or PHP script to run queries on the database and pass those calculations to Cacti, or you can make an SNMP call to the database server using a private MIB (Management Information Base). One way or another, the task can be completed, and done easily, if you have the necessary tools for this.

Most of the free network equipment monitoring utilities listed in this article shouldn't be difficult to access. They have packaged versions available for download for the most popular ones Linux distributions, unless they are initially included in it. In some cases they may be pre-configured as virtual server. Depending on the size of your infrastructure, these tools can take quite a bit of time to configure and configure, but once they're up and running, they'll be a solid foundation for you. At the very least, it's worth at least testing them.

No matter which of these above systems you use to keep an eye on your infrastructure and equipment, it will provide you with at least the functionality of one more system administrator. Although it cannot fix anything, it will monitor literally everything on your network around the clock, seven days a week. The time spent up front on installation and configuration will pay off in spades. Also, be sure to run a small set of standalone monitoring tools on another server to monitor the main monitoring tool. This is a case where it is always better to watch the observer.

Always in touch, Igor Panov.

See also: