• An EduGeek Roundup of Free Network Monitoring Tools

    Conclusion
    Writing this article has been quite a tough journey over the past few weeks with my having to dig out some long unused skills, particularly when it came to Linux, and some things have become apparent. Mainly that there are now two kinds of free network monitoring tools which have come about over the past few years:


    1. ‘Traditional’ Linux based versions which have a long history, but are stuck with a lot of legacy baggage in the way that they are configured and operated. Whilst many of these are exactly as they proclaim themselves to be; reliable, scalable and with the capability to monitoring masses of information they are now becoming unwieldy, time consuming and awkward to manage and for these packages to move on a complete re-write would probably be required which would alienate much of their existing customer base. In short, they are stuck between a rock and a hard place.
    2. Newer systems which often have Windows versions and are infinitely easier to setup and configure but lack the kind of in depth monitoring features of their more mature counterparts, but if all you want is a system that will tell you if a device is alive and reporting on basic services then often this is all that you would require.


    In the end though, it all comes down to what it is you want to monitor. Nagios and Zabbix are great for keeping an eye on servers (particularly Linux/*nix), their processes and services, but are let down by the quite high levels of knowledge they required to get setup and running beyond the basic levels. If all you want to do is keep any eye on what is on your network and monitor SNMP functions then The Dude is ideal. If you want to manage those devices (serial numbers, asset tags and other data that need to record) then Spiceworks would be an excellent choice, but, if you want more features, better design, support and ease of use then I highly recommend you begin to look at commercial offerings which seem to have addressed many of the shortcomings of the free products and ensured that, for the most part, those problems are no longer an issue.
    To finish, I suggest you take note of the following factors in making your choice when it comes to the setup and operation of a monitoring package:


    1. Knowledge – Do you have the skills to setup and configure a particular package, and especially, does anyone else around you have these skills should you not be around for them?
    2. Time – Do you have the time (often quite a considerable amount of hourly investment is required) to set it up and configure/maintain it? Remember, it should be there for you, not you for it.
    3. Purpose – What is it you actually want it to do? You could spend several weeks installing a pretty system with lots of nice graphs that you don’t actually need or will ever look at again when all you wanted it to do was alert you when a computer/device stops responding.
    4. Features – As with some of the points above, do you really need it to tell you what processor cores are being loaded the heaviest, or the size of a swap file? You may find you can create a mass of work for yourself for no reason. Stick to a package with the features you will actually use rather than something that looks really shiny (yes, it’s hard, I know).
    5. Ease of use. If you install a system that then has you spending a considerable amount of time just figuring out how to do something, or has so many dependencies’ that require constant tweaking and maintenance then look elsewhere. Network management tools are supposed to save you time. Not swallow it up.


    I also noted that almost all of the systems I tested displayed 'error' messages on some network devices/computers by default even though I had not yet configured them. You can see these reported errors on several of the screen grabs I have included. This I think is an unnecessary 'feature' and can consume quite a bit of time when digging down to find out what the supposed problem is (often nothing at all), especially if you have setup the system to email you of any issues and suddenly find your inbox flooded, so please be aware of this and ensure that any error reporting options are configured correctly when you setup each network host to be monitored.


    We at Edugeek hope you have enjoyed this article and found it useful. If you think we have missed out a system, or have been a bit unfair to a particular package, please feel free to post it up. When posting however please at least tell us where you think we went wrong and what steps in a package need to be taken to achieve something. Simply saying ‘You’re wrong’ does not help anybody, which, in the end, is what we are all here for.
    Comments 17 Comments
    1. pete's Avatar
      pete -
      ....at the risk of the comments thread turning into a "Oi, what about......?"

      You missed out OSSIM: (Snort, Ntop, OpenVAS, P0f, Pads, Arpwatch, OSSEC, Osiris, Nagios and OCS rolled into one).

      OSSIM, the Open Source SIEM
      OSSIM, the Open Source SIEM

      Which, if you're thinking of an all-in-one setup, is pretty handy because it handles intrusion detection and auditing too.
    1. mattx's Avatar
      mattx -
      Spooky........ I was just re-configuring The Dude on an old laptop.....
    1. Dos_Box's Avatar
      Dos_Box -
      Quote Originally Posted by pete View Post
      ....at the risk of the comments thread turning into a "Oi, what about......?"

      You missed out OSSIM: (Snort, Ntop, OpenVAS, P0f, Pads, Arpwatch, OSSEC, Osiris, Nagios and OCS rolled into one).

      OSSIM, the Open Source SIEM
      OSSIM, the Open Source SIEM

      Which, if you're thinking of an all-in-one setup, is pretty handy because it handles intrusion detection and auditing too.
      I'm sure you will be the first of many to suggest tools I have missed out, but OSSIM is promoted primarily as a security tool rather than a monitoring tool. I shall keep it in mind though as a network security tools article could be interesting.
    1. glennda's Avatar
      glennda -
      For Free tools Zabbix is brilliant. For paid software's I have used GFI Max and more recently N-Able's NCentral but this is more geared towards MSP's market.
    1. pete's Avatar
      pete -
      Quote Originally Posted by Dos_Box View Post
      I'm sure you will be the first of many to suggest tools I have missed out, but OSSIM is promoted primarily as a security tool rather than a monitoring tool. I shall keep it in mind though as a network security tools article could be interesting.
      If you want a review of Ossec, we've been using it for a few years now.
    1. DMcCoy's Avatar
      DMcCoy -
      Bonus points for any that can report status back to a server via http proxy....
    1. glennda's Avatar
      glennda -
      Quote Originally Posted by DMcCoy View Post
      Bonus points for any that can report status back to a server via http proxy....
      N-central can I presume Zabbix can as I believe it uses the linux system proxy but don't use it anymore.

      EDIT: N-Central isnt free
    1. Jamo's Avatar
      Jamo -
      For completeness have you had a look at cacti?

      For long term network monitoring and base-lining I don't think it can be beat! Its also much kinder on resources than the larger solutions like spiceworks which really hammer the server its running on!
    1. matt40k's Avatar
      matt40k -
      Do not run the monitor solution on your virtual platform. How will it be able to alert you to a problem with the virtual infrastructure if it's running on it!
    1. localzuk's Avatar
      localzuk -
      One thing I'd say - if you want to use Nagios, take a look at NConf. Web based setup for it, makes life very easy!
    1. browolf's Avatar
      browolf -
      Quote Originally Posted by pete View Post
      ....at the risk of the comments thread turning into a "Oi, what about......?"

      You missed out
      I also vote
      Cacti - Cacti® - The Complete RRDTool-based Graphing Solution
      kind of like nagios but a 1000 times easier.
    1. soapyfish's Avatar
      soapyfish -
      I am torn between MRTG and Cacti for monitoring network traffic per port on my switches. I prefer to use Nagios3 for everything else, when combined with NRPE. so I can monitor internal systems processes on windows servers as well as external services. I get alerts when things are down and warnings in advance of failure for most things. I am also able to monitor printers and get advance warnings of low toner and drum problems so I can ensure that I have parts in stock. Nagios is abit tricky to configure but its easily worth it. I have used the historical record it provides to illustrate to SLT that there is a need to replace hardware. There is also alot of free plugins for nagios. I especially like the "Check_Procurve_loop" plugin so that I can quickly and easily locate network loops when the students decide to swap network cables around... The other bit of software not mentioned so far is "Smokeping" which gives really nice latency graphs between the server and any other device. I use this to monitor the quality of the schools internet connection as well as the performance of the internal LAN.
    1. oalcock's Avatar
      oalcock -
      I apologise in advance if this is very thick of me, but I am struggling to find the download link??? Can anybody assist? Thanks.
    1. oalcock's Avatar
      oalcock -
      I apologise in advance if this is very thick of me, but I am struggling to find the download link??? Can anybody assist? Thanks.
      This was very thick of me, just read the title of this feed again and realised this isn't anything specific, I can see download links in other fellow edugeeker's comments.
    1. Steve21's Avatar
      Steve21 -
      Quote Originally Posted by oalcock View Post
      I apologise in advance if this is very thick of me, but I am struggling to find the download link??? Can anybody assist? Thanks.
      For which one?

      Steve
    1. Fazza's Avatar
      Fazza -
      I just installed The Dude the other day on what is now our System Monitoring PC and within a few minutes I was monitoring our 50+ servers! Very quick and easy to install and setup with no messing about.
    1. junaid's Avatar
      junaid -
      Unauthorised advertising.