The log files of web servers and cloud services reveal a lot about the users that access them. They contain information about which browser or operating system is being used, which search terms have been entered and how many different pages a user has accessed, for example. Since manually analyzing these extensive text files is nigh on impossible, you can use log file analysis programs such as...How log file analysis works with GoAccess
What is Nagios?
In 1996 the American, Ethan Galstad developed an application for MS-DOS, which made it possible to check the accessibility of Novell NetWare servers using third party programs. Based on this simple construction, he released the open source project, NetSaint, three years later, which is the predecessor of what’s known today as the monitoring software Nagios. Galstad founded the company Nagios Enterprises in 2007, responsible for the development and distribution of the open source variant Nagios Core as well as different fee-based editions.
Nagios is licensed under the GNU-GPL license and runs natively on various Unix-like systems. But with the help of virtual machine software it can also be used on Windows operating systems. To install and operate the monitoring tool, you require a web server with a PHP module: Apache is recommended by the manufacturer. In addition to the program core, you also need to download the official Nagios plugin. These modules are responsible for the implementation and analysis of various monitoring requests from networks, hosts, and services, and are therefore indispensable for the IT software’s functionality.
How Nagios enables the monitoring of networks
It doesn’t matter if you want to monitor an individual computer system, a database, or a server: you don’t install the software on the respective devices, but rather on a separate Nagios server. From here, you configure (in an object-orientated way) which systems and processed are to be observed. Everything revolves around these four components or object types:
- Hosts: as a host, you define all devices, servers, databases, etc. belonging to the network that you want to monitor. The most important indicator of a host is the respective IP address.
- Services: with services, you define which host features Nagios should check. These features may be services that run on the host (i.e. HTTP, FTP, etc.), internal attributes such as available disk space, or physical characteristics such as the temperature value of the hardware.
- Commands: with commands, you control the sequence of monitoring. You can configure how the host and service monitoring is designed and when Nagios should notify you if something happens.
- Contacts: due to the defined contacts, Nagios knows who to notify should an event occur. The software sends an e-mail, a text message, or a voice message depending on what you’ve specified.
Although Nagios itself isn’t installed on different hosts, plugins (which check internal data) run directly on the hosts. Remote access can be used to solve this, but it’s rarely used as it’s with more effort and disproportionate system use (with a secure connection). The easier alternative is to install specific programs on the hosts. These perform only from the pre-configured system queries and send the results via network ports to the Nagios server. The Nagios Remote Plugin Executor (NRPE) is used by default here and with its support, Nagios can also monitor Windows systems.
An additional possibility for using Nagios for checking respective data is by carrying out a passive check. In this case, no information is requested from the monitoring software, but rather from another program such as Nagios Service Check Acceptor (NSCA). The monitoring server is only notified of the result after it’s been processed. Regardless of the type of monitoring, the Nagios server always transmits one of the following status values:
- 0 (OK): no problems were found during the review.
- 1 (WARNING): the review resulted in a warning message.
- 2 (CRITICAL): a critical problem arose during the review.
- 3 (UNKNOWN): the status of the host or service could not be determined.
In addition, the monitoring program also receives a time stamp, an internal command as well as an optional text that can be issued during the review.
Pros and cons of Nagios
Nagios is in demand as a monitoring solution due to its huge range of functions. The free source code means that the software can be customized and extended exactly how you want it. More than 1,000 plugins have been developed as well as various front ends, which are mostly provided for free. Even inexperienced administrators can build a feature set that meets the needs of their network without having to program their own interfaces themselves.
The only major drawback of Nagios is the complex configuration of different types of servers and objects. For this reason, you’re advised to read the tool’s instructions and watch tutorials on the official Nagios website.
What are the alternatives to Nagios?
Nagios has become the norm of IT monitoring, but other alternatives also exist when it comes to network monitoring. There are several similar, but less complex tools which are also recommended. Also belonging to the open source sector is the enterprise solution, Zabbix. Proprietary solutions such as CA deal with more than just monitoring; they also manage the complete network management and are – as long as the budget covers it – good alternatives to Nagios for large businesses.