Problem solve Get help with specific problems with your technologies, process and projects.

Using Nagios network monitoring to stay on top of network problems

Contributor Scott Sidel discusses Nagios, an open source security tool designed for system and network monitoring through a variety of checks and status alerts.

Nagios is an open source tool for system and network monitoring that allows system administrators to define warning...

and critical conditions. The status of a system's condition can be monitored from a Web page showing green, yellow or red status messages. Administrators can also be notified of status changes and alerts via email, SMS or instant message. With administrator-definable conditions, Nagios can quickly zero in on elements within the network that require attention.

Nagios provides two types of checks: host checks and service checks. Host checks test that the system is reachable, typically via an ICMP ping. Service checks analyze individual network services, such as SMTP, HTTP or DNS, but also check the state of processes such as available memory, disk space, logging or CPU utilization. Service checks can be quite sophisticated, checking not only that a given port is open, but also testing that a connection returns specific information, such as a response to an SQL query.

Nagios is highly modular, using plugins to perform service and host checks. Pre-packaged plugins can save administrators a tremendous amount of work. Additional custom plugins can be created with a little scripting know-how, though you can probably find what you need just by searching the vast store of user-created plugins available on the internet at the Nagios Exchange.

Being open source, Nagios is licensed under the terms of the General Public License (GNU). Nagios has been designed to run on Linux, but its browser-based interface allows it to be operationally controlled from any platform. Downloading Nagios nets a TAR file needed for the main monitoring daemon, the CGIs and HTML interface. Installation is moderately difficult, but running Nagios is straightforward. Status messages are color coded and alert information is easy to understand. Configuring files provide templates for the types of checks to perform and how often to check, retry or provide alert notifications, along with which individual groups to notify. State changes can trigger polling interval changes or alerts, and Nagios has enough logic not to slam you with individual warnings once it detects a system wide problem.

My one gripe with using configuration files is that although they are straightforward, many of these scripts can be given graphical front-ends. However, with Nagios' configurability, strong reporting and extensibility; if I were allowed only one open source network monitoring tool, this would be it.

About the author:
Scott Sidel is an ISSO with Lockheed Martin.

This was last published in December 2007

Dig Deeper on Open source security tools and software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.