Monitoring the network with Zenoss
Installing Zenoss
To set up Zenoss, use either a stack installer or distribution-specific packages. In addition, Zenoss is available in source code, and a virtual appliance is available for VMware.
The stack installer includes dependencies such as MySQL, and it comes with a nice GUI installer that prompts you for the necessary information; however, the stack installer doesn't provide some of the benefits of working through a package management system.
Most of the Zenoss community installs occur on Red Hat Enterprise Linux 5 or CentOS 5 systems. The preferred means of setting up Zenoss on a Red Hat-based system is with the RPM packages.
The Zenoss website [1] has the latest version for download. After you obtain the RPM, execute the following command as root:
yum localinstall --nogpgcheck ./zenoss-<version>.rpm
Once Zenoss and its dependencies are installed, you need to enable and start MySQL:
/sbin/service mysqld start /sbin/chkconfig mysqld on
Because Zenoss must communicate with other servers, you need the following ports:
- 8080 TCP – web interface
- 162 UDP – SNMP trap
- 514 UDP – Syslog
Start Up
Starting Zenoss will initialize the database. One word of caution: Zenoss assumes that the MySQL root user password is blank and that the database server is running on the same machine. If this isn't the case, you need to edit the /opt/zenoss/bin/zenoss_init_pre file. Having the database on the same machine as the monitoring system is a bit controversial.
Experts often recommend running the database server on a dedicated host. However, with a monitoring system that stores events in the database, putting the database on a separate system introduces an additional point of failure.
To initialize the database and start Zenoss, enter the following command:
/sbin/service zenoss start
To connect to the web interface, point your browser to http://<ipaddress-ordnsname>:8080. The default username is admin and the password is zenoss.
Monitoring with Zenoss
Before you can start monitoring with Zenoss, you need to make sure net-snmp is installed on the system:
yum -y install net-snmp
To set up a minimal configuration file, type the following as root:
echo 'rocommunity zenoss <ipaddress>' > /etc/snmp/snmpd
This line permits the IP address of the Zenoss box to connect to the SNMP daemon running on the Linux server, defining the read-only community name zenoss.
Next, you must open port 161 UDP on the machine you want to monitor. Finally, you need to start the SNMP daemon and set it to start on boot with:
/sbin/service snmpd start /sbin/chkconfig snmpd on
Within the web interface of Zenoss, click on Add Device in the lower left-hand corner (Figure 3) and enter at least the following:
- The IP address or hostname of the unit you want to monitor.
- The class of machine you are monitoring (/Server/Linux in this case).
- The SNMP community name (zenoss, in this case).
Click on the Add Device button to start collecting data. Although SNMP is the preferred monitoring protocol for Zenoss, you can change it on the Add Devices page. Note that defining the device class is crucial. Zenoss changes what it monitors on the basis of the device class.
Some monitoring events might already be defined in the Event Console – for instance, to alert you about misconfigurations. To see the event list, click on the Event Console link in the upper-left corner. To add alerts for additional events, click on the Settings link under Management on the left hand menu, then choose the Users tab. Select a user, then click on the Alerting Rules tab (Figure 4). In the Alerting Rules menu, choose Add Rule and provide a name for the rule. After clicking OK, click on the rule that specifies where and how messages are sent, if delayed, and finally, what criteria are used for determining which messages are sent. A single rule can handle a wide swath of alerts, whereas more finely grained alerts might require multiple rules.
Monitoring a Windows Client
Monitoring a Windows machine also requires preparation on the client side. To begin, you need to install the SNMP service by selecting Start | Control Panel | Add/Remove software | Windows Components | Select SNMP.
Unfortunately, Windows SNMP is severely limited. Zenoss recommends use of the free SNMP Informant add-on instead.
Also, you need to configure the SNMP daemon. To do so, right-click on My Computer and select Manage. Then choose Services, select SNMP Service, right-click, choose Properties, choose the Security tab, add your selected community name, and define it as read-only.
To configure which service accepts SNMP packets from specific hosts, add an entry for your Zenoss server. Now start the service and ensure that it is configured to start automatically on boot. In addition, you'll need to open UDP port 161 so that Zenoss can connect with the Zenoss daemon.
Within the Zenoss web interface, click on Add Device, enter the IP address or hostname, choose the class /Server/Windows, and specify the proper SNMP community string. Data collection begins when you click Add Device.
Because Zenoss also is capable of monitoring via WMI, you should provide Windows credentials to permit collection: Click on Devices/Servers/Windows, choose the zProperties tab, and enter the data in the zWinuser and zWinpassword fields. Remember to prepend the domain if you are passing domain credentials. Entering the domain at the Windows server level means that each Windows machine will use these credentials. If you need a "one-off" configuration for a single machine, you can click on that device's zProperties tab to change the configuration.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs