Loading ...
Sorry, an error occurred while loading the content.

19364Re: [ttlug] Its alive.

Expand Messages
  • Falina Baksh
    Jun 5, 2013
    • 0 Attachment
      I saw Kiwi installed on one of the windows servers here, not in use though, I'm guessing a previous admin had this setup at one point.

      My syslog-ng host was already setup at that point though, will take a gander at it at some point.

      I'm installing zabbix on a vm to test this week to see how well it would work for us.

      Thanks,
      Falina

      Sent from my iPhone

      On Jun 5, 2013, at 3:59 PM, Stephen Sankarsingh <stephentnt@...> wrote:

      > I only ever read the first line of an email but I went back and read the
      > other lines after my last response and realized that I missed most of your
      > concerns. See rest of replies below please.
      >
      >
      > On Wed, Jun 5, 2013 at 3:46 PM, Falina Baksh <bakshfalina@...> wrote:
      >
      >> **
      >>
      >>
      >> Spunk is actually sounding quite decent for log analysis.
      >>
      >> Currently I have my Cisco devices reporting to a syslog server and I was
      >> considering writing some reporting scripts for email alerts, however if i
      >> can have something to do this out if box that would be more sustainable in
      >> my absence.
      >>
      >> The syslog server would eventually be responsible for logging from all of
      >> the servers in the infrastructure.
      >>
      >> Correction: The Splunk server would eventually be responsible for logging
      > from all of the servers in the infrastructure.
      >
      >
      >> All of the existing servers that I met here are windows based, I only
      >> brought up a second Linux server this week so it will be a high learning
      >> curve for the other staff.
      >>
      >> There's a syslog server for windows, never used it for anything but if you
      > have Windows servers you can:
      > http://www.kiwisyslog.com/products/kiwi-syslog-server/product-overview.aspx
      > Alternatively, Splunk can handle EventViewer logs, not sure how it does it
      > since I never had to deal with that problem.
      > http://docs.splunk.com/Documentation/Splunk/5.0.2/Data/MonitorWindowsdata
      >
      >
      >
      >> My backup plan if I fail to find an existing "wheel" for easy
      >> administration is to write a php frontend along the lines of webmin for
      >> easy configuration of any scripts and config files that need to work with,
      >> not really looking forward to that though.
      >>
      > Above my head, I'm no programmer and am limited to simple scripting.
      >
      >
      >> I really hate implementing things that don't get used or fall off the
      >> wagon once I step away from a project, I'm trying to avoid that as much as
      >> possible.
      >>
      > I used to have time for that before :(
      >
      >
      >> Sent from my iPhone
      >>
      >>
      >> On Jun 5, 2013, at 3:12 PM, Stephen Sankarsingh <stephentnt@...>
      >> wrote:
      >>
      >>> Cacti is easier to configure than MRTG, though I still wouldn't consider
      >> it
      >>> n00b friendly. It's rock solid though and I had a server running it for
      >>> many years without any issues. The main thing it's missing is alerts, I
      >>> have a feeling that integrated with Zabbix you wouldn't have that
      >> problem.
      >>> If you're familiar with Nagios and are looking for cacti-like
      >> functionality
      >>> then Zabbix is looking good. If you're looking for management friendly
      >>> reports then Splunk does that. I have never had to draw graphs or pie
      >>> charts etc with Splunk but I know the functionality is there. With the
      >>> commercial version you can define roles and allow only certain people to
      >>> view, create or edit searches/reports/alerts etc. With the free version
      >> any
      >>> reports/searches/alerts you create will be viewable and editable etc by
      >>> anyone who has access to Splunk's interface.
      >>>
      >>> Splunk is like google for text files, you can create searches that look
      >> for
      >>> key words or even entire transactions and make alerts/reports out of
      >> those.
      >>> It's agnostic too and doesn't really care where the log comes from. You
      >> can
      >>> "teach" it to understand new log formats so that it understands the logs
      >> in
      >>> your custom application whereas most others can only understand logs
      >>> created by a known application such as syslog or secure or messages or
      >>> eventlog etc.
      >>>
      >>> A lot of the stuff Splunk does you can probably do with some combination
      >> of
      >>> awk, grep and sed but your n00bs wouldn't know how to do that right? If
      >> you
      >>> had to teach a new person about all the scripts you wrote to do what
      >> Splunk
      >>> does in a search bar you would be wasting a lot of time and effort. If
      >> you
      >>> had to go back and make changes to your scripts so that it does something
      >>> slightly different you would also be wasting time.
      >>>
      >>> Splunk is sexy. If I wore panties, I would throw them at Splunk!
      >>>
      >>>
      >>>
      >>>
      >>> On Wed, Jun 5, 2013 at 2:38 PM, Falina Baksh <bakshfalina@...>
      >> wrote:
      >>>
      >>>> **
      >>
      >>>>
      >>>>
      >>>> I used nagios in the past for host and service monitoring and it works
      >>>> quite well, but I would like to setup something that's easy for anti-cli
      >>>> n00b co-workers to configure and add devices to use when I'm not around
      >> and
      >>>> not have to hear the "I don't really know how to use that / it's not
      >>>> working" excuses and a little less hair pulling for extracting reports
      >> in a
      >>>> management friendly format.
      >>>>
      >>>> Mrtg worked perfectly as well for bandwidth graphing but again
      >>>> configuration isn't n00b friendly.
      >>>>
      >>>> Ideally I'm looking for something that could be easily administered,
      >> cacti
      >>>> is looking good but I've been hearing a lot about zabbix as well.
      >>>>
      >>>> Thanks,
      >>>>
      >>>> Falina
      >>>>
      >>>> Sent from my iPhone
      >>>>
      >>>> On Jun 5, 2013, at 11:32 AM, Stephen Sankarsingh <stephentnt@...>
      >>>> wrote:
      >>>>
      >>>>> What kind of monitoring?
      >>>>>
      >>>>> You have Nagios for services, people tend to like it but I don't.
      >> Splunk
      >>>>> for any type of text log file and Cacti for bandwidth. Splunk is best
      >> of
      >>>>> class imo, and they have a free version if you don't mind not being
      >> able
      >>>> to
      >>>>> set a password and being limited to 500MB uncompressed data. Splunk is
      >> so
      >>>>> awesome that it makes logging/alerting fun. You can create your own
      >>>> custom
      >>>>> logs out of the real logs with a script then feed that into Splunk so
      >>>> that
      >>>>> you stay within the 500MB limit. I have over 40 devices sending logs in
      >>>> one
      >>>>> form or another to Splunk on a server which is under specced for the
      >> role
      >>>>> and am not close to the 500MB/day limit. If someone logs into my
      >>>> firewall,
      >>>>> or one of my databases experiences an error level event or a new file
      >>>>> appears on my sftp server or a file system somewhere is above a
      >>>> particular
      >>>>> threshold I will know in under 2 minutes. Splunk makes logging and
      >>>> alerting
      >>>>> proactive instead of reactive. All sysadmins should be using it.
      >>>>>
      >>>>>
      >>>>> On Wed, Jun 5, 2013 at 11:13 AM, Falina Baksh <bakshfalina@...>
      >>>> wrote:
      >>>>>
      >>>>>> **
      >>>>
      >>>>>>
      >>>>>>
      >>>>>> Fabric sounds interesting, will check it out.
      >>>>>>
      >>>>>> What do you guys favor for monitoring?
      >>>>>>
      >>>>>> I'm feeling like stepping away from nagios and trying some of the
      >> other
      >>>>>> tools e.g zabbix claims to do give you nagios+mrtg in one package.
      >>>>>>
      >>>>>> Rgds,
      >>>>>> Falina
      >>>>>>
      >>>>>> Sent from my iPhone
      >>>>>>
      >>>>>> On Jun 4, 2013, at 12:29 PM, Stephen Sankarsingh <
      >> stephentnt@...>
      >>>>>> wrote:
      >>>>>>
      >>>>>>> Sucks when all you guys talk about is Linux desktops and the desktop
      >>>>>> sucks
      >>>>>>> so hard. Any interesting applications? Recently, I've been using
      >>>>>> something
      >>>>>>> called Fabric. Fabric + ssh-keys allows you to run commands on remote
      >>>>>>> servers from your local machine. I've used it to start consolidating
      >> my
      >>>>>>> sysadmin and (sql) reporting scripts. This way all my scripts and
      >> crons
      >>>>>> are
      >>>>>>> on a single server instead of spread out across 2-3 dozen servers.
      >>>> Makes
      >>>>>>> for some kickass automation options leaving you with more time to do
      >>>>>>> nothing :)
      >>>>>>>
      >>>>>>> Doing nothing should be every sysadmin's goal.
      >>>>>>>
      >>>>>>> /Stephen
      >>>>>>>
      >>>>>>> On Tue, Jun 4, 2013 at 12:19 PM, Lawrence, Rellon
      >>>>>>> <rellonlawrence@...>wrote:
      >>>>>>>
      >>>>>>>> Mint might not be the best now.
      >>>>>>>> Ubuntu has only 8MTS life except for LTS and mint has no upgrade
      >> path.
      >>>>>>>> Fresh system every 8 mts
      >>>>>>>>
      >>>>>>>> On Tuesday, June 4, 2013, Richard Jobity wrote:
      >>>>>>>>
      >>>>>>>>> **
      >>>>>>>>>
      >>>>>>>>>
      >>>>>>>>> MINT!
      >>>>>>>>>
      >>>>>>>>> MINT~!
      >>>>>>>>>
      >>>>>>>>> -----Original Message-----
      >>>>>>>>> From: TTLUG@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>>>> 'TTLUG%40yahoogroups.com');> [mailto:TTLUG@yahoogroups.com
      >>>>>> <javascript:_e({},
      >>>>>>>> 'cvml', 'TTLUG%40yahoogroups.com');>]
      >>>>>>>>> On Behalf Of Wendell Clarke
      >>>>>>>>> Sent: Tuesday, 04 June 2013 09:08 AM
      >>>>>>>>> To: TTLUG@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>>>> 'TTLUG%40yahoogroups.com');>
      >>>>>>>>> Subject: Re: [ttlug] Its alive.
      >>>>>>>>>
      >>>>>>>>> I updating with every chance I get. Still stuck with one problem
      >> and
      >>>>>>>>> hoping an update fixes it soon.
      >>>>>>>>> On Jun 4, 2013 8:58 AM, "browwwsers1996" <allan@...
      >>>>>> <javascript:_e({},
      >>>>>>>> 'cvml', 'allan%40browwwsers.com');>>
      >>>>>>>>> wrote:
      >>>>>>>>>
      >>>>>>>>>> **
      >>>>>>>>>>
      >>>>>>>>>>
      >>>>>>>>>> Hello all,
      >>>>>>>>>>
      >>>>>>>>>> Have not been here for a while.
      >>>>>>>>>>
      >>>>>>>>>> Hope you are all busy updating 13.04 like I am.
      >>>>>>>>>>
      >>>>>>>>>> Allan
      >>>>>>>>>>
      >>>>>>>>>>
      >>>>>>>>>>
      >>>>>>>>>
      >>>>>>>>> [Non-text portions of this message have been removed]
      >>>>>>>>>
      >>>>>>>>> ------------------------------------
      >>>>>>>>>
      >>>>>>>>> Help build TTLUG by forwarding this to anyone who is interested in
      >>>>>> the
      >>>>>>>>> subject matter or would otherwise benefit from joining the mailing
      >>>>>> list.
      >>>>>>>>>
      >>>>>>>>> Trinidad and Tobago Linux Users Group
      >>>>>>>> http://groups.yahoo.com/group/ttlug
      >>>>>>>>> To subscribe, send an email to_______
      >>>>>> TTLUG-subscribe@yahoogroups.com<javascript:_e({},
      >>>>>>>> 'cvml', 'TTLUG-subscribe%40yahoogroups.com');>To unsubscribe, send
      >> an
      >>>>>>>> email to_____
      >>>>>>>>> TTLUG-unsubscribe@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>>>> 'TTLUG-unsubscribe%40yahoogroups.com');> List owner/moderator
      >>>>>> Richard
      >>>>>>>>> Jobity__ TTLUG-owner@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>>>> 'TTLUG-owner%40yahoogroups.com');> Yahoo! Groups Links
      >>>>>>>>>
      >>>>>>>>>
      >>>>>>>>>
      >>>>>>>>
      >>>>>>>>
      >>>>>>>> [Non-text portions of this message have been removed]
      >>>>>>>>
      >>>>>>>>
      >>>>>>>>
      >>>>>>>> ------------------------------------
      >>>>>>>>
      >>>>>>>> Help build TTLUG by forwarding this to anyone who is interested in
      >> the
      >>>>>>>> subject matter or would otherwise benefit from joining the mailing
      >>>>>> list.
      >>>>>>>>
      >>>>>>>> Trinidad and Tobago Linux Users Group
      >>>>>> http://groups.yahoo.com/group/ttlug
      >>>>>>>> To subscribe, send an email to_______
      >> TTLUG-subscribe@yahoogroups.com
      >>>>>>>> To unsubscribe, send an email to_____
      >>>>>> TTLUG-unsubscribe@yahoogroups.com
      >>>>>>>> List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      >>>>>>>> Yahoo! Groups Links
      >>>>>>>>
      >>>>>>>>
      >>>>>>>>
      >>>>>>>>
      >>>>>>>
      >>>>>>> [Non-text portions of this message have been removed]
      >>>>>>>
      >>>>>>>
      >>>>>>
      >>>>>> [Non-text portions of this message have been removed]
      >>>>>>
      >>>>>>
      >>>>>>
      >>>>>
      >>>>>
      >>>>> [Non-text portions of this message have been removed]
      >>>>>
      >>>>>
      >>>>>
      >>>>> ------------------------------------
      >>>>>
      >>>>> Help build TTLUG by forwarding this to anyone who is interested in the
      >>>>> subject matter or would otherwise benefit from joining the mailing
      >> list.
      >>>>>
      >>>>> Trinidad and Tobago Linux Users Group
      >>>> http://groups.yahoo.com/group/ttlug
      >>>>> To subscribe, send an email to_______ TTLUG-subscribe@yahoogroups.com
      >>>>> To unsubscribe, send an email to_____
      >> TTLUG-unsubscribe@yahoogroups.com
      >>>>> List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      >>>>> Yahoo! Groups Links
      >>>>>
      >>>>>
      >>>>>
      >>>>
      >>>>
      >>>>
      >>>
      >>>
      >>> [Non-text portions of this message have been removed]
      >>>
      >>>
      >>>
      >>> ------------------------------------
      >>>
      >>> Help build TTLUG by forwarding this to anyone who is interested in the
      >>> subject matter or would otherwise benefit from joining the mailing list.
      >>>
      >>> Trinidad and Tobago Linux Users Group
      >> http://groups.yahoo.com/group/ttlug
      >>> To subscribe, send an email to_______ TTLUG-subscribe@yahoogroups.com
      >>> To unsubscribe, send an email to_____ TTLUG-unsubscribe@yahoogroups.com
      >>> List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      >>> Yahoo! Groups Links
      >>>
      >>>
      >>>
      >>
      >>
      >>
      >
      >
      > [Non-text portions of this message have been removed]
      >
      >
      >
      > ------------------------------------
      >
      > Help build TTLUG by forwarding this to anyone who is interested in the
      > subject matter or would otherwise benefit from joining the mailing list.
      >
      > Trinidad and Tobago Linux Users Group http://groups.yahoo.com/group/ttlug
      > To subscribe, send an email to_______ TTLUG-subscribe@yahoogroups.com
      > To unsubscribe, send an email to_____ TTLUG-unsubscribe@yahoogroups.com
      > List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      > Yahoo! Groups Links
      >
      >
      >
    • Show all 20 messages in this topic