Integral to optimizing your network performance is having the right monitoring tools, which will help you to resolve internal network problems that may occur during day-to-day operations. Currently, there are several open source monitoring tools available to install on your network, but deciding on the right one for your needs is vital to your systems performance.
What to look for in a Network Monitoring tool
Network monitoring usually centers key features, such as bandwidth usage, application performance and server performance. Also vital to the strength and reliability of the network is that ability to manage the flow of traffic. When deciding on what network monitoring tool to deploy on you platform, there are several capabilities your software should be able to perform, such as:
- highlight potential cost savings
- efficiency methods
- determine employee productivity
- reduce network crashes
- identify weakness in the network
- measure latency or delayed transfer of data
- potential to detect threats in the internal traffic flow
Over the course of this post we will take a more in-depth look at seven different open source monitoring tools to better help you decide what features and functionality best suites your network.
OpenNMS is open source monitoring platform that offers a distributed, scalable management application platform and can serve as a central repository for network event streams.
- Automated and Directed Discovery: OpenNMS has a provisioning system for adding new devices that can be administered automatically, manually or a hybrid of the two. The provisioning system also contains adapters, which allow for integration with other process. It is asynchronous for scalability, and it is configured using XML, which allows users the option to script their own configuration files.
- Event and Notification Management: OpenNMS can generates its own events or receive events from outside sources such as SNMP, Traps, syslog or TL/1. It was designed to serve as the central repository for a network, with its event stream that can handle thousands of events per second. It can also automatically clear events, translate one even into another, reduce duplicates and so on. Notifications and trouble tickets are also generated by the system once any issues have been identified in the event stream.
- Service Assurance: OpenNMS comes with a number of service that perform actions ranging from simple ICMP requests or port checks, to complex website monitoring and round trip email testing.
- Performance Measurement: The application supports several data collectors including SNMP and JMX protocols, and also can integrate with an HTTP collector. All stored data can be tested against threshold measures, with performance graph reports available.
Cacti was designed as a frontend RRDTool, which means it stores data and uses that to create graphs in a MySQL database. It is completely PHP driven, with support for SNMP.
- Data Sources: With Cacti, you can create data sources for a variety of information to test your system, and view the tests on corresponding graphs. Cacti also handles all data gathering, all you need to do is define the pathway and necessary commands, and Cacti will run the rest. It is also customizable so after defining the RRDtool, you can define other additional information, such as how and where to store the data.
- Graphs: Once the data sources are defined, a graph can be created to track the progress with a variety of designations, colors and other specifications allowed, making your analysis more viewer friendly.
- User Management: Cacti comes with a built in user management tool to help direct users to certain areas of the system, which is helpful to limit confusion given the variety of functions it performs.
- Templating: Cacti is also able to scale a large number of data sources and graphs through the use of templates. You can create templates that can then be used to uniformly compare data as new hosts are added across your growing network.
Ganglia is a scalable open source monitoring system, best utilized on high-performance computing systems such as clusters or grids.
- Hierarchical architecture: It is designed to support clusters, using technology such as XML for data representation, XDR for compact, portable data transport, and RRDtool for data storage and visualization.
- Ganglia Monitoring Daemon: Gmond is a multi-threaded daemon, which runs on each cluster node you want to monitor. It has a simple installation that does not require a NFS filesystem, any backend database, or special configuration files. It performs basic responsibilities such as monitoring changes in host state, notifying users of changes, listening to the state of all other nodes, and answering requests for an XML description of the cluster state.
- Ganglia Meta Daemon: This daemon connects the cluster nodes using a tree of point-to point connections. At each node, the Meta Daemon (gmetad), polls a collection of data sources, parses the XML, save metrics to round-robin databases and so on.
- Ganglia PHP Web Frontend: As a frontend application, Ganglia provides a view of gathered information in real time with multiple displays. It caters to system administrators and users, offering graphs for CPU utilization, memory usage, disk usage, network statistics, number of running processes etc.
Nagios was initially released in 1999 and is considered the traditional, standard for open source monitoring tools.
- Comprehensive Monitoring: Nagios is capable of monitoring applications, services, operating system, system log, disk usage, several network protocols (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH), system metrics and infrastructure components. Powerful script APIs allow easy monitoring of in-house and custom application, services and systems. It is also compatible on a variety of operating systems, including Windows.
- Problem Remediation: Nagios has alert acknowledgements that provide communication on known issues with problem response capabilities. It also supports event handlers, which allow for automatic restart of failed applications and services.
- Extendable Architecture: Nagios has multiple APIs, which allows for easy Integration of applications. It also supports hundreds of community-developed add-ons, extending out the core functionality.
- Reporting: Available reports ensure SLAs are being met. Historical reposts provide record of alerts, notifications, outages and alert response.
- Visibility and Awareness: Nagios offers a centralized view of all the features being monitored, including IT Infrastructure, with detailed status information, fast detection of outages, alerts delivered to staff and escalation capabilities to make sure the notifications are received and dealt with.
- Multi-Tenant Capabilities: Multi-user access to web interface allows stakeholders to view infrastructure status. User specific views ensure clients see only their infrastructure components.
Icinga is a branch off monitoring tool that formed as an offshoot of Nagios, developing its own features that emphasize simplicity of functionality.
- Object-Based Configuration: Icinga has a object-based, rule-driven configuration format, which departs from Nagios’ multiple configuration formats, which may cause confusion.
- Apply and Assign Attributes: Icinga allows you to keep configuration to a minimum by defining templates to “apply” to configuration objects. This feature helps to reduce the layers of complexity with a more user friendly approach.
- Commands and Runtime Macros: Icinga offers three distinct command types: check, notification and event commands. These can be given default values, custom attributes, runtime macros or conditional behaviors.
- Logical Dependencies: Dependencies in Icinga are straightforward and can be defined as host-host, service-service or mixed, depending on your needs. They all still function in the same manner as other systems, just with a simplified form.
- Dynamic Notifications: Due to the changes in configuration, users can adjust notification setting at runtimes. This new format allows notifications to be defined more precisely and intuitively.
Zabbix offers enterprise-level software designed for monitoring availability and performance enhancement of key IT infrastructure components.
- Monitoring: Zabbix offers performance monitoring of CPU, memory, network, disk space and processes. It is available on Linux, Unix and Windows. It also does agentless monitoring, so you can check availability and responsiveness of a service without installing software on monitored devices. It also does VMware monitoring, monitors databases, hardware, web services and more.
- Scalability: Zabbix was designed to scale from small enterprises to large environments with thousands of devices. It uses intelligent and efficient algorithms, which take advantage of modern hardware and software modularity break up the bandwidth of running components, resulting in superior performance.
- Distributed Monitoring: When it comes to branch offices in wide are networks, data centers or client sites, Zabbix can monitor them all while keeping connection and open port count as low as possible. They also offers Zabbix proxies that make the set up much easier and lowers the amount of maintenance across the network as a whole.
Observium is a lesser-known monitoring tool that works by collecting data from devices using SNMP and presents it via web interface. It’s based on PHP programming and relies heavily on RRDtool package.
- Simplicity: At its core, Observium is designed for simplicity with minimum integration, maximum automation and maximum accessibility of information. It’s unconventional because it has no individually customizable settings, and almost everything that is monitored is done so automatically.
- Supplement: Observium is often paired with other projects such as Nagios or Cacti to provide alerting or customized graphing of arbitrary metrics.
- Support: Observium supports a number of vendors and platform specific features such as Dell OMSA on Linux, Net-SNMP statistics, as well as a number of Cisco-specific features. Specialized support is available for IPv6 address tracking, VRF and Pseudowire tracking, VLAN tracking, BGP session tracking and device inventory tracking.
- Open Source: Observium is available as an open source add-on, or as a paid subscription version with rolling releases every six months.