Network monitoring tool! Don't miss these 7 free open source tools

Editor's note: In the real estate market, the final word is location, but in the field of network and server management, visibility is everything. If you don't understand what your network and servers are "plotting" every day, sooner or later you will encounter a disaster.

Fortunately, there are a plethora of tools on the market (both paid and open source) that can light up our online environment and protect us from the darkness.

For ordinary users, free is always better than paid, so today the editor decided to share the open source tools that he has kept in his box, hoping that they can protect your network. These 7 free tools can meet the various needs of users from network to server monitoring, and even include backup of switches and routers.

[[202257]]

Cacti

Previously, if you want to monitor the traffic load of a network link, you would generally use the tool MRTG. In the 1990s, Tobi Oetiker seized the opportunity to write a simple graphing tool based on a polling database. This tool was very useful for monitoring router traffic. It was MRTG. After a period of development, Cacti appeared, carrying the banner of MRTG and raising traffic monitoring capabilities to a new level.

Cacti is a LAMP application that can draw a complete graphical framework for various types of data. In the latest version, Cacti's ability to collect data is almost unmatched, from data center cooling unit return temperature to filter volume to FLEXlm license applications. If a device or service can return numerical data, it can be integrated with Cacti. Cacti already has templates for how to monitor devices using the SNMP protocol (Linux and Windows servers, routers, switches, etc.), and templates for other hardware and software are constantly being improved.

Although Cacti focuses on SNMP protocol devices by default, local Perl or PHP scripts can still be used. Cacti's graphics framework can skillfully separate the collected data and draw it into discrete instance graphs, making it easy to reorganize existing data and feed it back to the monitor. In addition, you can observe specific time points and areas in the graph by clicking and dragging.

Cacti can track any data that can be monitored.

As long as you use the PHP Network Weathermap plug-in, you can create your own real-time network map and grasp the link utilization of network devices in real time. When you hover your mouse over the description of the network link, a complete image will appear. I heard that Cacti can be used in many places, for example, a 42-inch LCD monitor can be hung on the wall so that employees can see the network utilization and connection status at a glance.

Cacti is definitely a powerful and versatile graphing and trending tool. In addition to being able to track everything, it also has nearly infinite customizability, so it's up to you to figure out how to use Cacti to its full potential.

Nagios

Nagios is a mature network monitoring tool that has been around for many years and is under constant development. Written in C, Nagios can meet the needs of most network and system monitors when used with a monitoring suite. Nagios has a solid backend and a smooth and intuitive web graphical user interface.

Like Cacti, Nagios has an active community behind it and a rich set of plugins available. Used with WebInject, you can monitor servers, network services, and connections in real time. I use Nagios to monitor server disk space, RAM, CPU, and FLEXlm license utilization, server temperature, WAN and network connection latency, etc. It also ensures that the web server can not only answer HTTP queries, but also respond to the expected page.

Network and server monitoring is undoubtedly incomplete without notification reminders. Nagios has an email/SMS notification engine, and can also be upgraded to obtain intelligent notification capabilities (notifying the right people at the right time), which is absolutely a super killer if used properly. In addition, the author has integrated Nagios with Jabber (instant messaging server), with instant messaging, email and SMS solutions, so you don’t have to worry about missing notifications. With the smooth web graphical user interface, users can also quickly pause notifications or find problems, and it can also record notes left by administrators.

Nagios is a bit difficult for beginners, but its complex configuration is also its strength

If all of this isn't enough for you, Nagios also has a mapping feature that logically displays monitored devices on the monitor by their location on the network, while color-coding any problems.

However, Nagios also has its disadvantages. It is too complicated to configure, at least for beginners, it is quite time-consuming. However, if you master the standard Linux/Unix configuration documents, you will find everything quite simple. Like other tools, Nagios has many functions, but you must have corresponding abilities to use these functions well.

What I want to say here is that don't be discouraged by the complexity of Nagios. The time you can save after playing with it is simply limitless. In addition, the early warning system on Nagios is definitely worth using, so take some time to learn it well.

Icinga

Icinga was originally a fork of Nagios, but was recently rewritten as Icinga 2. Both versions are still under development, and Icinga 1.x is directly backwards compatible with Nagios plugins and configurations. Icinga 2 is a subtraction, and it also provides distributed monitoring and a multithreaded framework, which is not available in Nagios or Icinga 1. You can migrate from Nagios to Icinga 1, and then migrate to Icinga 2.

Like Nagios, Icinga can handle almost any device, and works best with SNMP, custom plugins, and extensions.

Icinga provides a global monitoring and alerting framework, but it differs from Nagios in terms of the Web UI.

Icinga has multiple Web UIs, and the main difference between it and Nagios is configuration, which users can do through the Web UI, eliminating the troublesome configuration documents. For those who manage configuration outside the command line, this is a major benefit.

Icinga integrates with several graphing and monitoring suites (such as PNP4Nagios, inGraph, and Graphite) for absolutely reliable visualization, and it also has extensive reporting capabilities.

NeDi

If you need to remotely log in to a switch and perform a MAC address query when searching for devices on the network, or if you want to know where a certain device is, then NeDi is definitely a good choice.

NeDi is a LAMP application that sifts through the MAC addresses and APR mapping tables on network switches, cataloging each device it finds in a local database. Although this tool is less well-known, it is very handy for corporate networks where devices are always on the move.

You can log in directly to NeDi's web GUI and search for switches, switch ports, or wireless APs of any device by MAC address, IP address, or DNS domain name. NeDi will collect as much information as possible from the network devices it encounters, and record serial numbers, hardware and software version numbers, current temperature, module configuration, etc. You can even use NeDi to mark the MAC addresses of stolen or lost devices. If these devices reappear on the network, NeDi will automatically notify the user.

NeDi will continue to roam the network and catalog devices

Device discovery is a scheduled task, but configuration is more straightforward, with a configuration document that can be customized to your needs, including skipping devices using regular expressions or network boundary definitions. If you are using an MPLS network or a network separated by a pre-existing boundary, you can even insert a seed list of devices to query. NeDi typically uses the CDP protocol or link layer discovery protocol, and it will discover new switches and routers as it travels through the network, and then connect to these devices to collect information. Once you get the initial setup, running discovery tasks becomes quite fast.

In fact, NeDi and Cacti have achieved a certain degree of integration. If you provide Cacti with an available speed increaser, you can also directly call Cacti's graphics framework.

Ntop

The Ntop project, also known as Ntopng, has been under development for ten years. It is a top network traffic monitoring tool with a simple and smooth web graphical user interface. It is written in C and is completely independent. You only need to run the configuration to monitor a single process on a specific network interface. It's that simple.

Ntop provides easy-to-understand graphs and tables showing current and past network traffic, including protocol, source, destination, and history of specific transactions, and even the hosts at both ends. In addition, you'll find extensive network utilization charts, real-time maps and trends, and a plug-in framework for various add-ons such as NetFlow and sFlow. There's even a hardware monitor called Nbox that plugs into Ntop.

Ntop even uses a lightweight Lua API framework to support extensions through scripting languages. Ntop can also store host data in RRD files to support persistent data collection.

Ntop is a packet sniffing tool

The most convenient use of Ntop is to check the traffic on the spot. When you find that one of your Cacti PHP Weathermaps suddenly shows a set of red network links, it means that the utilization of these links exceeds 85%, but the reason is unknown. Just switch to the Ntopng program to monitor the network segment, you can view the report of the highest traffic consumers every minute, and immediately know which host is taking up the traffic.

This kind of visibility is priceless and readily available. Essentially, you can run Ntopng on any port that is configured at the switch level to monitor any port or VLAN.

Zabbix

Zabbix is ​​a comprehensive network and system monitoring tool that integrates multiple functions into a web-based console. It can be configured to monitor and collect data from various servers and network devices, providing service and performance monitoring for each target.

Zabbix works with agents running on the monitoring system, or it can use SNMP or other monitoring methods (such as remote inspection of open services SMTP and HTTP) to run without agents. It supports VMware and other virtualization hypervisors and can generate in-depth data on hypervisor performance and activity. In addition, Zabbix can monitor Java application servers, Web services, databases, etc.

Users can add hosts manually or through an automatic discovery process. An extensive set of default templates is suitable for the most common use cases, such as Linux, FreeBSD, and Windows servers. Detailed hardware monitoring is also available for some well-known services (such as SMTP and HTTP), as well as ICMP and IPMI devices. In addition, custom checks written in Perl, Python, or almost any language can also be integrated into Zabbix.

Zabbix uses a huge toolset when monitoring servers and networks.

Zabbix also provides customizable dashboards and web GUIs to highlight the most critical components. Notifications and upgrades can be added as custom actions to hosts or host groups. You can also configure actions to trigger remote commands, automatically running scripts on monitored hosts when an event is observed that meets certain criteria.

Zabbix displays performance data in graphical form, such as network data throughput and CPU usage, and users can also collect them in customized displays. In addition, Zabbix supports customized maps, screens, and slides to display the current status of monitored devices.

Zabbix can be complex to use at first, but careful use of templates and autodiscovery can ease integration pains. In addition to installable toolkits, Zabbix can also act as a virtual appliance for several popular hypervisors.

Observium

Observium is a network and host monitor that can scan a range of locations for systems and monitor them using common SNMP login credentials. As a LAMP application, Observium is easy to set up and configure, requiring only the usual installation of Apache, PHP, MySQL, database creation, and Apache configuration. Once installed, it becomes its own server with its own dedicated URL, rather than being part of a larger web tree.

You can then log into the GUI and start adding hosts and networks, auto-discovery ranges, SNMP data, etc. The next step is to have Observium walk through the network and collect data from each system. Observium can also discover network devices via CDP, LLDP, or FDP, and host agents can be deployed to Linux systems to help with data collection.

Observium combines system network monitoring with performance trend analysis

All this data is presented in an easy-to-use user interface that provides a wide range of statistics, charts and graphs, including ping and SNMP response times, as well as IP output, fragmentation, packet counts, etc. Depending on the device, this data is available for each port, including modular devices.

For servers, Observium displays CPU, RAM, storage, swap, temperature, and event log status. You can also integrate data collection and performance charts for services including Apache, MySQL, BIND, Memcached, and Postfix.

Observium is a great VM tool, so it will quickly become a common tool for monitoring server and network status information. The tool can bring automatic discovery and charting capabilities to networks of all sizes.

DIY

Often, IT administrators think they can't cross the line, whether we're dealing with custom applications or "unsupported" hardware, many of us assume that if the monitoring tool can't handle it right away, it can't handle it. But that's not the case, with a little more effort, there's nothing that can't be monitored, registered, and made more visible.

A classic example is a custom application with a database backend, such as a web store or an internal company financial application. Management wants nice graphs and charts to describe how the data is being used. For example, if you are already using Cacti, there are several ways to build such charts, such as building a simple Perl or PHP script to run queries on the database and transmit the data to Cacti, or using a private MIB (Management Information Base) to call an SNMP database server. It can be done and it can be done easily.

If it's unsupported hardware, as long as it uses SNMP, it's easy to get the data you need, but it may take some effort. As long as you have the right MIB to query, you can then use this information to write or modify plugins to collect this data. In many cases, you can even integrate your cloud services into this monitoring using standard SNMP, or of course through the APIs provided by the cloud provider. Just because you have cloud services doesn't mean you should hand over all your monitoring to the cloud provider. Because they may not understand your application and service stack as well as you do.

It is not difficult for the average technician to get these tools running, as they are usually available as Linux-specific packages for download. In some cases, they can also be pre-configured as virtual servers. It may take some time to configure and adjust these tools, but it is not difficult at first. Regardless, these tools are definitely worth trying.

Whichever tool you end up using, at least you'll have a good tool for 24/7 monitoring. Some tools can be a little difficult to use, but trust me, the time invested upfront is well worth it. Also, remember to run a small set of monitoring tools on another server to keep an eye on the main monitoring server.