John's System and Network Monitoring Page

This is the start of a modest collection of references to system and network monitoring software. Please let me know what I've missed.

Note Well

"It isn't a service if it isn't monitored. If there is no monitoring then you're just running software."
-- Tom Limoncelli

Very, Very, Very Old List and Page

This list and page is very, very, very old. Perhaps think of it as a look back in time, to the mid-2000's.

Monitoring Tutorials at USENIX and LISA

I teach tutorials on monitoring at the USENIX and LISA conferences, including USENIX '06 in Boston in June. If you can't come to USENIX or LISA, get in touch and I can come to you.

Freely Available Software

MRTG

Multi-Router Traffic Grapher - graphs almost anything http://ee-staff.ethz.ch/~oetiker/webtools/mrtg/

Cricket

A follow-on to MRTG - faster and more "interesting" configuration http://cricket.sourceforge.net/

Big Brother

Widely used by lots of people - the original web-based monitoring tool. http://www.bb4.org/

Big Sister

``Big Sister is a clone of Sean MacGuire's Big Brother'', compatible with Big Brother, written primarily in Perl. http://bigsister.graeff.com/

JFFNMS

"JFFNMS is a Network Management and Monitoring System designed to monitor a IP SNMP / Syslog / Tacacs+ Network. It can be used to monitor any standards compilant SNMP device, Server, Router, TCP port or anything you want, if you write a custom poller, we also provide some Cisco focused features."
Under active development. By Javier Szyszlican.
http://www.jffnms.org/

SNIPS

Next generation of the long established Nocol http://www.netplex-tech.com/software/snips/

orca

"Orca is a tool useful for plotting arbitrary data from text files onto a directory on a Web server." http://www.orcaware.com/orca/ and comes with a very nice interface to the SE Toolkit (that site is now dead I believe) for Solaris, which is now available at http://www.sunfreeware.com/setoolkit.html

syssumm

System summary - mostly a computer system attribute inventory mechanism, rather than real time monitoring. http://syssumm.sourceforge.net/

Munin

Munin is a tool for graphing all sorts of information about one or more servers and displaying it in a web interface. Master/node architecture, lots of graphs, not a lot of effort required on your part - pretty cool. http://munin.sf.net/

NetSaint Network Monitor

NetSaint has been replaced by and renamed to Nagios -- same author, same ideas, more up to date.

Nagios Network Monitor

Under active development, web interface, good status display, very active user community. Said to be named for "Nagios Ain't Gonna Insist On Sainthood", and I'm told that agios is Greek for "holy", "saint", and net starts with N. http://www.nagios.org/

Snmppd is an SNMP proxy daemon that works especially well with Nagios, and significantly lowers the load on the monitoring server, by Vladislav Bogdanov. http://slava.local.nsys.by/projects/snmppd/

mon -- Service Monitoring Daemon

"mon is a general-purpose scheduler and alert management tool used for monitoring service availability and triggering alerts upon failure detection." Well thought of, stable, reasonably active. (I haven't yet looked very closely at it.) By Jim Trocki. http://www.kernel.org/software/mon/ (old dead link)

or https://github.com/bougyman/mon/tree/master/mon or https://sourceforge.net/projects/mon/ or http://www.softpanorama.org/Admin/Monitoring/mon.shtml

sysmon

From the website: Sysmon is a network monitoring tool designed to provide high performance and accurate network monitoring. Currently supported protocols include SMTP, IMAP, HTTP, TCP, UDP, NNTP, and PING tests.
By Jared Mauch http://sysmon.org/

Argus - Real Time Flow Monitor

The network Audit Record Generation and Utilization System. I've used it at a web hosting company to collect bandwidth stats for billing, in ways that couldn't be accomplished with simple SNMP. Great tool.
From the website: Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information.
http://www.qosient.com/argus/

Argus - The All Seeing

Not to be confused with the Argus Real Time Flow Monitor above. From the website: A system and network monitoring application. It will monitor nearly anything you ask it to monitor (TCP + UDP applications, IP connectivity, SNMP OIDS, etc). It presents a nice clean, easy to view web interface that will keep both the managers happy ("Red Bad. Green Good.") and the techs happy ("Ah! that's what the problem is"). It can send alerts numerous ways (such as via pager) and can automatically escalate if the techs fall asleep.
By Jeff Weisberg http://argus.tcp4me.com

Commercial Software