|Requires:||Perl 5 and the GD library.|
|License:||GNU General Public License|
which is available for
MRTG expects to be run every five minutes to collect data, which it compiles in log files; it may be run by any user. It automatically consolidates its log files so that older data is kept for only as long as necessary to produce the graphs.
The application compiles without complaints under Linux. Note that the GD package required by MRTG is available both as source, which you can get by following the link from the MRTG home page, and also as Red Hat packages (both i386 and source) from their contrib directory.
http://www.cb.hva.nl/PyNG/download/PyIV.py (an auxiliary utility)
|Requires:||the Python language.|
This is a remote management utility which uses the Python SNMPY package (see the Query Tools). It is designed to be run periodically (say, every five minutes) on each host, for which it will generate a Web page giving network interface and server statistics over time intervals ranging from days to a year or more. At HvA (where it was developed) they use a clickable map to navigate among the hosts on which PyNG is set up. The latest version of PyNG was released in May 1996.
|License:||GNU General Public License.|
|Requires:||Perl and one or two Perl modules from the CPAN archive. A full installation of all of mon's monitors requires a Linux-patched SATAN installation; see mon's README for details.|
This flexible monitoring tool is a collection of Perl scripts. Like NOCOL it allows you to add to its collection of monitors that each test the availability of a different network service, but it has alarm and paging features similar to those of Spong and Big Brother.
But mon goes beyond these other tools by also providing more that one interface through which the network status may be obtained. They include a command-line client, a utility that displays nicely-formatted columnar output, a SkyTel 2-Way password-protected paging interface, an operational status web page, and an interactive web interface that lets you not only view information but modify mon's behavior while it is running.
mon is currently in development, with new versions appearing every month or so.
|Source code:||User registration requested for download; see http://www.iti.qc.ca/iti/users/sean/bb-dnld/new-dnld.html.|
Big Brother monitors the status of remote devices and generates a web page reporting its findings, much like Spong. The page it generates is a table with one row for each device and one column for each service. A green dot in a table cell indicates that the service is up and running; a more severe color such as yellow or flashing red indicates a problem. The severity computations are user-configurable. For each device you can specify which tests it should be subjected to. Finally, BB allows you to specify conditions under which it should dial your pager.
BB includes several external tests, such as connectivity (via ping) and whether certain services are running on other machines. It also comes with a small daemon that you can run on Unix machines to monitor the cpu load and disk utilization, and determine whether specific system processes are running.
Big Brother uses port 1984.
|Requires:||Recent version of Perl.|
|License:||Artistic License or GNU General Public License.|
Spong is similar to Big Brother, with more features but not as much attitude. Both are designed to be simple and reliable, and both programs can email or page when problems arise. Differences include:
NOCOL is designed to monitor network devices. It consists of a collection of stand-alone monitors, which gather status information and store it in a common format, and a curses-based display agent which administrators can use to view this data. It is designed to be flexible and includes a Perl interface to its monitor data format to make it easier to develop new monitors. More than a dozen monitors come with the package (covering more capabilities than those offered by the above two programs). In particular it includes an SNMP monitor (a modified version of the CMU SNMP package).
The user can customize the alarm computations performed when he runs the display program, including the specification of threshold values. The display program is written so that multiple users may run it at the same time.
Reader Frank Keeney reports that NOCOL compiles and runs very well under Linux; you can email him about his experience at firstname.lastname@example.org.
|Copyright:||Permits noncommercial use, duplication, modification, and distribution.|
From its own README file: ``Argus is a generic IP network transaction auditing tool that has has been used by thousands of sites to perform a number of powerful network management tasks that are currently not possible using commercial network management tools.
``Argus runs as an application level daemon, promiscuously reading network datagrams from a specified interface, and generates network traffic audit records for the network activity that it encounters. It is the way that Argus categorizes and reports on network activity that makes this tool unique and powerful.''
|Requires:||The libpcap library, whose source is at ftp://ftp.ee.lbl.gov/libpcap.tar.Z and which is also available as libpcap-0.4a4-2.i386.rpm, libpcap-devel-0.4a4-2.i386.rpm, and libpcap-static-0.4a4-2.i386.rpm. It also requires CMU SNMP, version 1.7 later.|
|Copyright:||Freely redistributable and modifiable.|
SnmpSniff is a promiscuous SNMP PDU sniffer. Because it is dedicated to the SNMP protocol, it offers exhaustive analysis of its packets. I recommend it for anyone analyzing SNMP transactions, and for anyone involved in teaching or instruction about network management. Version 0.5 was released in May, but I have not been able to run the RPM version on my machine due to an error it produces about a badly formed MIB.
This sniffer program is more specialized than the general tcpdump program that comes with Linux. While the latter is designed to decode all types of packets that might come in on your user interface, sniffit is meant to monitor the actual content of (primarily) TCP-based connections. So instead of just seeing the packets go by you can view the content of the stream of data they represent. This program uses an ncurses-based user interface that permits interactive selection of which data streams to view.