Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

nagiosxi query

https://support.nagios.com/forum/viewtopic.php?t=9910

Page 1 of 1

nagiosxi query

Posted: Thu Mar 28, 2013 6:08 am
by rajthegladiator
Hi,


How can i monitor the below query ?


In Firewall
i)     DOS attack detection: how can i detect DOS attack , is there any plugin?
ii) TCP / UDP Port based based traffic monitoring

2) System hardware failure alarms
i want to identifiy whether its a hard reboot or soft reboot.
eg: if a Switch is reboot by the the administrator bu the command then its a soft reboot
and if it switch is rebooted by the current failure. can can i know the difference of that.

3) Backup
    - Manual Backup
    - Scheduled Backup
i want to take a configuration backup of my switches , routers, OLT.
how can i take a backup and also the scheduled backup of it.
is There any script to be written?



4) VLAN Monitoring
How can i monitor a bandwidth usage from my VLAN to some some devices connected to it.
eg : i have a VLAN in which port 3,5 and 7 are active and port 3 is connected to my customer site , port 5 is connected to management site and
port 7 is connected to some other management site.

Basically i want to monitor bandwidth utilization between port 3 and customer site
how can i monitor that?


Thanks,

Re: nagiosxi query

Posted: Thu Mar 28, 2013 10:51 am
by slansing
Firewall: One way you could monitor for a DOS attack would be through individual port monitoring, or high traffic / open / frequently used ports. You could monitor the amount of connections running to each port, and have Nagios alert you if it exceeds the number you designated.

2) A option for switch/network equipment failure monitoring is if the device has hardware logs, you could devise a way to send them off of the device, to a log server, or the Nagios server, and then have Nagios parse that log for a string indicating a failure. The second part would be assuming that the message the switch drops in it's log when it is shutting down, would most likely be immediately followed by a reboot message, the log file check could pair those two strings and Nagios could be set to not alert you based on that.

3) Questions about backing up of configuration files on systems other than Nagios Xi itself would need to be asked of the device's specific support services, you could integrate a plugin with Nagios which would proactively go out and run a backup script on a remote system but I do not believe this is something feasible for network equipment. You would have to ask the device's company for information on that since Nagios Xi is not a backup scheduler..

4) You should be able to integrate SNMP with the VLAN or use some of the plugins already available for VLAN's:

http://exchange.nagios.org/index.php?op ... hword=VLAN

As noted above you can integrate SNMP with the system and be able to query any SNMP OID/MIB on the devices.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited