Some time ago I came across NagMap addon for Nagios and found it pretty helpful for monitoring multiple hosts around the world. For example, there are some production servers in Europe, US and others in India and New Zealand and it’s much better see their… Read More »Geolocation for Nagios
Linux system monitoring is one of the most important tasks for every sysadmin: it is crucial to know everything about system including CPU load, network traffic statistics, memory consumption, logged in users, availability of disk free space or service. And it’s inevitable that something breaks… Read More »Top 5 Linux Monitoring Tools. Web Based.
As any other monitoring system Nagios can produce false alarms. Usually it happens when Nagios fails to get the reply from the host being monitored during some pre-defined timeout. In order to mark service as down Nagios does three checks and if all of them… Read More »Fix socket timeouts in Nagios
Nfsen is open source sensor: it accepts netflow data from multiple netflow probes (servers, routers, vpn concentrators etc) and then visualizes it into human readable form. So using Nfsen you can see traffic statistics of every network device in your network in one place (actually Nfsen provides much more features).
By default Nfsen makes it possible to see only inbound and outbound traffic statistics but no protocol breakdown or any traffic classification. In the meantime it’s always useful to know what network applications are eating the bandwidth to understand if that fits baseline or not and take necessary actions. For example, if you’re monitoring Linux server which primary task is to host some website but in Nfsen you see that it generates 90% of SSH traffic and only 10% of web traffic then it would be reasonable idea to check if somebody is trying to brute force SSH password and stop that activity. In other words it’s better to have traffic statistics classified. In this article I’ll tell you how to enable traffic classification in Nfsen.