Merry Christmas and a Happy New Year!

Posted by on Dec 21, 2012 in EriZone & OTRS, NetEye, ntop | 0 comments

With the end of the year we hope we were able to assist you as loyal and trustworthy partner, able to best support your business needs.

In the name of our whole team we would like to thank you for your cooperation and we whole-heartedly wish you and your family a serene Christmas time and a successful 2013!

At the turn of the year we would like to take the opportunity to remember people, who are in need. Therefore we will support San Possidonio, in the northern Italian province of Modena, to start with their educational project after the earthquake in 2012.

Read More

NSClient++ 0.4.1 released!

Posted by on Dec 21, 2012 in Nagios, NetEye | 0 comments

NSClient++ founder Michael Medin

NSClient++ has for many years been the de facto way to monitor Windows machines from Nagios derived monitoring solutions such as Neteye, which over the past years has integrated various additional functionalities in its offer. With the new version (0.4.1) we are now moving steadily from “just a windows agent” to become versatile tool to help you simplify your monitoring by adding protocol independence platform independence as well as modern monitoring paradigms such as state full scripting and real-time monitoring. This post will go through many of the major changes from the previous stable version (0.3.9) and while it is not intended as a hands on tutorial or an upgrade guide it will hopefully give you a good idea about the new features introduced. A tutorial for how to upgrade will be posted soon so please stay tuned for that.

The core
The main change in 0.4.1 (and 0.4.0 as well) is that much of the  internals have been replaced with standard libraries meanings things  should work much better. It also means things are a lot more extensible  and customizable meaning this is the most power-full NSClient++ yet.  Another new change is the configuration which introduces a new  hierarchal ini-format as registry support. To help with managing the  configuration the new version has extensive command line support for  validating, generating, migrating and documenting the configuration.
Lastly the new version boost a much improved command line syntax making  it a joy to work with NSClient++ from the command line as well as Linux  support.
All in all 0.4.0 was the biggest change ever in the history of  NSClient++.

An interesting side effect of the new core is platform independence  meaning you can now use NSClient++ on Linux (and while not all modules  are supported more are added in each new version) I also start to  incorporate real-time checks starting with event log monitoring.  Last but not least over 10.000 unit test was added to help improve code  quality and reduce the number of regression issues.  Just a final reminder the configuration file format has changed but the  old (nsc.ini) is still supported and more importantly you can easily  migrate to the new (nsclient.ini) format. Please note that while you can  use both and migrate between them they are not compatible as both keys  and section names have changed their names.

Checks
In the check department we have a lot of new features. in general the  shift towards real-time monitoring is continuing as well as the focus to  modernize and provide plattform independence for checks. The first brand  new platform independent module is ChecklogFile which provides similar  features as CheckEventLog for checking text (log) files. This module has  a new improved syntax over CheckEventlog which will be added to  CheckEventlog (and many other modiules as well) if deemed a good  interface.  To seamlessly integrate real-time monitoring in “active” (aka NRPE)  style setups we have provided another new module called SimpleCache  which can be used to stor real-time results for checking via for  instance NRPE.
The combination with the cache and the two log file checks provides a  way to efficiently process massive file with millions of lines without  impacting system performance.  In addition to this we also introduce the SimpleFileWriter module whch  can direkt the results to a file similar to what NSCA server does on  Linux. This means in theory NSCLient++ could now replace NSCA server  component.  In addition to this there is there usual myrriad of bug fixes and  enhancments.  The most notable enchantment is the performance counters which are now
working (again) on various localized windows.  Also don’t forget to lookinto the varoous commad line helpers such as  “nscp sys” and “nscp eventlog” and “nscp wmi” for helping you diagnose  and configure checks as well as even provide unit testing for your  monitoring enviornment.

Extensibility
One of the major features in this category is the new Python script  support as well as Lua support. The scripts are running inside  NSClient++ which means you have access to all parts of NSClient++ as  well as full support for state. In addition to this we have full dot-net  support as well as a new sample plugin.

Protocols
A lot of new protocols were added bringin the supported list to NRPE,  NSCA, NRDP, NSClient (check_nt), SysLog, SMTP, Graphite, check_mk. In  addition to this another big focus was improving quality as well as add  real security in the form of FULL ssl support including certificate  based authentication.  Other notable fixes and enchantments include full ipv6 support as well  as retry handling to better cater for network issues as well as prop-per  timeout handling.

Command line syntax
This has been a big focus are and the new command line syntax  improvments makes this the first time I can say that it is a joy to work  with the command line I have almost entirely tarted to use the command  line for configuration changes for instance. We have also introdiuced a  myrriad of wys to work with your settings file including vlidating,  generating and even removing all default values (good to cleanout your  config file). hopefully this will help resolve your configuration  issues.  The most important thing to understand avout the new configuration  syntax is the use of the double dash (–) which can be a bit confusing  to the cashual observer but in essence it is pretty straight forward  everthing after the double dashes are sent to the module anything before  “will be interceptetd if understood by NSClient++”. est way to  illustrate this is comparing “nscp nrpe –help” with “nscp nrpe —
–help” where the first will give you information about how to  configutre logging and loading settings file and what not where as the  latter gives you the NRPE options such as host port command and arguments.

Bulding and writing plugins
Building NSClient++ is now a breeze on both Linux and Windows due to  some nifty helper scripts (I am looking at you fetchdeps.py) and there  is a fully fledged (not really) sample plugin if you want to try out writing custom plugins. I have also fixed almost all -Wall warning on gcc so should look nice when you compile now. I also have for internal use setup on-commit builds in Ubuntu, debian and centos so seems we are well underway to have a stable Linux enviornment. I am still lookig for insight into how better turn NSCLient++ into a nice option on the Linux side as well.

Read More

Real User Experience Monitoring with NetEye

Posted by on Dec 20, 2012 in NetEye, ntop, Real User Experience Monitoring | 0 comments

In order to analyze the quality level of the delivered IT services the traditional monitoring systems used to focus exclusively on the control of hardware and software components and the network, neglecting the measurement of the performance experienced by the end user.
Until now it was not always possible, in fact, to give a precise answer to the following questions:

  • How is it possible to promptly identify if the slow downs are caused by the systems, by the network, by the applications or by the Cloud?
  • What is the impact and how new software releases are influencing the performances?
  • How is it possible to prioritize the incidents by identifying the number of impacted users?
  • How can we obtain objective values and alarms in case of problems of performances?
  • Is it possible to plan the throughput to subscribe a Cloud contract, avoiding to purchase unnecessary services?

Our approach of Real User Experience Monitoring tries to address these requirements by providing objective measurements on the performances experienced by the users.

The integration of the Real User Monitoring into a monitoring system offers an overview of the data able to identify the quality of the delivered IT services. Thanks to the analysis of the network communication flows, the Real User Experience Monitoring is able to measure the response time of each single user transaction and to archive the Key Performance Indicators, such as the application latency, the network latency, the client latency, the load time, the throughput, the number of impacted users or the retransmitted http packets.

The integration of NetEye with ntop

The Real User Experience Monitoring allows, for instance, to evaluate the delivery of the IT services of a public or private Cloud provider.

Our solution consists of the integration between the network traffic analyzer nBox with NetEye. nBox is located in the network infrastructure and passively registers all the network flows, NetEye archives and analyzes the data as well as it provides statistics and alarms.

The nBox appliance is a probe that passively analyzes the network flows without influencing the existing infrastructure. To identify possible performance problems a periodic monitoring is performed on the network, client, server and application for every single user’s request. The slowdowns in fact are identified by defining minimum thresholds updated automatically at regular intervals. In case there are deviations from these values , alarms are generated and it will be possible to determine whether the cause is attributable to the network, server, client or application.

Use cases of Real User Experience Monitoring

Here are some examples of how our Real User Experience Monitoring solution has been adopted by our customers and what are the benefits they have experienced with its use.

Read More

New PNP templates to view max values in the graphs

Posted by on Dec 10, 2012 in Nagios, NetEye | 0 comments

I have implemented new PNP templates for NetEye to display in the graphs not only the average information but also the maximum values.

As displayed in the two examples below,  the network traffic graph shows in green color the inbound (Light green) and outbound  traffic (dark green), that are calculated as average values.  The newly introduced feature consists of the visualization of the maximum values for the inbound and outbound traffic that are displayed in grey color.

This feature is particularly relevant in case of historical data, for instance on a monthly or weekly report is clearly possible to identify the real usage of the traffic thanks to the peaks visualization. In fact if you consider only the average values, it could seem that the bandwidth is not completely used, but in the reality with the maximum values it is possible to easily identify that (as shown in the example) the real used bandwidth is almost 1 Mega.

Daily Network Traffic Graph

Monthly Network Traffic Graph

 

Read More