Groundwork Monitor Open Source Virtual Appliance
Wednesday, July 25, 2007
As an IT consultant, I'm always looking for ways to simplify my job while adding value to my clients. Groundwork Monitor Open Source offers network availability monitoring product that when wrapped into a pre-built virtual appliance, creates an easy to use, robust, network monitoring solution that can be up and working in less than an hour.
What can it do?
Most of the product is built around Nagios, which if you are unfamiliar with is an open source service and network monitoring application. So here are some of the features that Nagios itself has:
-
Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
- Monitoring of host resources (processor load, disk and memory usage, running processes, log files, etc.)
- Ability to define network host hierarchy, allowing detection of and distinction between hosts that are down and those that are unreachable
- Contact notifications when service or host problems occur and get resolved (via email, pager, or other user-defined method)
- Optional escalation of host and service notifications to different contact groups
- Scheduled downtime for suppressing host and service notifications during periods of planned outages
Ground Work Open Source has streamlined Nagios and integrated other popular open source projects like NMap to scan a network and find hosts, Sendpage to, like the name says, send a page to a pager, and a combination of the classic Linux Apache MySQL and PHP [LAMP] to provide the frame.
The way that I've implemented this technology is by installing the virtual appliance locally at the site being monitored to track individual hosts and services [SMTP, HTTP,etc] and then a remote monitoring machine at my house to keep track of basic connectivity of my client sites. [See diagram]
I've configured rules to alert me depending on the criticality of an event. For instance, when there is a failure connecting to a site, implying that their network connection has dropped, I receive a text message to my phone. If it is a non-critical service like a PC rebooting, I receive an email.
Where can I get it?
The GroundWork Open Source web site has some of its products available for download. You can get the virtual appliance that I have been using, or if you are more adventurous, it is available as a tar ball for install on any linux box.
How can I set it up?
Setup is as easy as installing VMware Server [or Player if you have to], downloading the virtual machine, unpacking the files, and running YAST on the linux box to customize the configuration of the machine to fit the environment you're installing it in. From there you can log into the web interface and start configuring away.
The "getting started.txt" that comes with the file you download from GroundWork goes into enough detail for almost anyone to set it up. Here it is:
After you get it up and running, you're ready to explore the features like Nagios and NMap. One note about using NMap is first of all, running an nmap scan on a network without permission is illegal and may set off security alerts. Secondly, inorder for NMap to have any value in GroundWork Open Source, you have have reverse DNS configured in the environment.
Escelation Trees - If you are part of a service organization or you work with different skilled administrators for a site, you're going to want to set up escelation trees depending on the problem. An Escelation Tree is the flow of how administrators are notified.
For instance, if you have 2 system administrators for the site in Buffalo, NY and then high end IT staff at the corporate headquarters in Washington, DC, you could set up an escelation tree that would notify the local administrators in Buffalo first and then after two hours without a resolution, notify the IT staff in Washington.
Alternatively for a consulting company that provide different levels of support ranging from the basic help desk to network engineer, you could have an escelation tree that would work its way up over a time period until the issue is resolved. Documenting involving this escelation is standard in most service level agreements between a service providor and a client.
Configuring Postfix to use your ISP's SMTP server:
If you're like me, you don't have a business class service where you can do just about anything on the line. In fact, my ISP has port 25 filtered so that no outgoing SMTP traffic can go to another mail server without first relaying through its own SMTP server. If you have this configuration, you'll need to configure Postfix by adding the following lines to the /etc/postfix/main.cf file:
Type in "postfix reload" after you make the changes and you should be on your way.
You can test your configure by sending yourself an email like this:
Your should receive a message that looks like it came from whatever your ISP is.
How does the licensing work?
The entire product is licensed under the GNU Public License [GPL] and therefore is free to use for whatever purpose you'd like. You even have the freedom to edit the source code and make any adjustments that would make the product better fit for you or your company. Probably the most common idea would be to re-brand it to fit the look of your site's web page or at least include a logo. You can find the images used for the site under /usr/local/groundwork/guava/monitor/images.
Conclusions
I've walked into a bunch of sites that have a full time system administrator that is working his or her butt off. They are running around fixing computer issues and have no idea what they'll walk into the next day. They are almost afraid to pick up the phone because they have no idea what it's going to be about.
For any type of IT administration, active monitoring is a must. It draws the line between the "computer guy" that will fix a computer after it breaks and an IT professional that is concerned for the well-being of the services he or she supports. But to be honest, the best part is that you know before the client knows that something is down. By the time you get a phone call from a client or supervisor saying "The Internet is down!" you are already working on a fix or talking to the ISP. That's good for you and good for your users.
External Links
GroundWork Open Source - The company that provices the GroundWork Open Source other products
GroundWork Downloads - WMI Plugin - This is a link to the GroundWork download page including the WMI plugin that allows you to connect to a windows machine to query WMI information.
NRPE_NT - nrpe_nt is a windows version of the nrpe (Nagios Remote Plugin Executor) daemon for unix-like operation systems. It provides methods to execute Nagios service checks on a windows host and report the results back to your Nagios host.
Labels: active monitoring, Groundwork Monitor, smtp, virtual appliance
As an IT consultant, I'm always looking for ways to simplify my job while adding value to my clients. Groundwork Monitor Open Source offers network availability monitoring product that when wrapped into a pre-built virtual appliance, creates an easy to use, robust, network monitoring solution that can be up and working in less than an hour.
What can it do?
Most of the product is built around Nagios, which if you are unfamiliar with is an open source service and network monitoring application. So here are some of the features that Nagios itself has:
- Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
- Monitoring of host resources (processor load, disk and memory usage, running processes, log files, etc.)
- Ability to define network host hierarchy, allowing detection of and distinction between hosts that are down and those that are unreachable
- Contact notifications when service or host problems occur and get resolved (via email, pager, or other user-defined method)
- Optional escalation of host and service notifications to different contact groups
- Scheduled downtime for suppressing host and service notifications during periods of planned outages
Ground Work Open Source has streamlined Nagios and integrated other popular open source projects like NMap to scan a network and find hosts, Sendpage to, like the name says, send a page to a pager, and a combination of the classic Linux Apache MySQL and PHP [LAMP] to provide the frame.
The way that I've implemented this technology is by installing the virtual appliance locally at the site being monitored to track individual hosts and services [SMTP, HTTP,etc] and then a remote monitoring machine at my house to keep track of basic connectivity of my client sites. [See diagram]
I've configured rules to alert me depending on the criticality of an event. For instance, when there is a failure connecting to a site, implying that their network connection has dropped, I receive a text message to my phone. If it is a non-critical service like a PC rebooting, I receive an email.
Where can I get it?
The GroundWork Open Source web site has some of its products available for download. You can get the virtual appliance that I have been using, or if you are more adventurous, it is available as a tar ball for install on any linux box.
How can I set it up?
Setup is as easy as installing VMware Server [or Player if you have to], downloading the virtual machine, unpacking the files, and running YAST on the linux box to customize the configuration of the machine to fit the environment you're installing it in. From there you can log into the web interface and start configuring away.
The "getting started.txt" that comes with the file you download from GroundWork goes into enough detail for almost anyone to set it up. Here it is:
After you get it up and running, you're ready to explore the features like Nagios and NMap. One note about using NMap is first of all, running an nmap scan on a network without permission is illegal and may set off security alerts. Secondly, inorder for NMap to have any value in GroundWork Open Source, you have have reverse DNS configured in the environment.
Escelation Trees - If you are part of a service organization or you work with different skilled administrators for a site, you're going to want to set up escelation trees depending on the problem. An Escelation Tree is the flow of how administrators are notified.
For instance, if you have 2 system administrators for the site in Buffalo, NY and then high end IT staff at the corporate headquarters in Washington, DC, you could set up an escelation tree that would notify the local administrators in Buffalo first and then after two hours without a resolution, notify the IT staff in Washington.
Alternatively for a consulting company that provide different levels of support ranging from the basic help desk to network engineer, you could have an escelation tree that would work its way up over a time period until the issue is resolved. Documenting involving this escelation is standard in most service level agreements between a service providor and a client.
Configuring Postfix to use your ISP's SMTP server:
If you're like me, you don't have a business class service where you can do just about anything on the line. In fact, my ISP has port 25 filtered so that no outgoing SMTP traffic can go to another mail server without first relaying through its own SMTP server. If you have this configuration, you'll need to configure Postfix by adding the following lines to the /etc/postfix/main.cf file:
Type in "postfix reload" after you make the changes and you should be on your way.
You can test your configure by sending yourself an email like this:
Your should receive a message that looks like it came from whatever your ISP is.
How does the licensing work?
The entire product is licensed under the GNU Public License [GPL] and therefore is free to use for whatever purpose you'd like. You even have the freedom to edit the source code and make any adjustments that would make the product better fit for you or your company. Probably the most common idea would be to re-brand it to fit the look of your site's web page or at least include a logo. You can find the images used for the site under /usr/local/groundwork/guava/monitor/images.
Conclusions
I've walked into a bunch of sites that have a full time system administrator that is working his or her butt off. They are running around fixing computer issues and have no idea what they'll walk into the next day. They are almost afraid to pick up the phone because they have no idea what it's going to be about.
For any type of IT administration, active monitoring is a must. It draws the line between the "computer guy" that will fix a computer after it breaks and an IT professional that is concerned for the well-being of the services he or she supports. But to be honest, the best part is that you know before the client knows that something is down. By the time you get a phone call from a client or supervisor saying "The Internet is down!" you are already working on a fix or talking to the ISP. That's good for you and good for your users.
External Links
GroundWork Open Source - The company that provices the GroundWork Open Source other products
GroundWork Downloads - WMI Plugin - This is a link to the GroundWork download page including the WMI plugin that allows you to connect to a windows machine to query WMI information.
NRPE_NT - nrpe_nt is a windows version of the nrpe (Nagios Remote Plugin Executor) daemon for unix-like operation systems. It provides methods to execute Nagios service checks on a windows host and report the results back to your Nagios host.
Labels: active monitoring, Groundwork Monitor, smtp, virtual appliance
<< Home