Re: [leaf-devel] SNMP and RRD
Mike Noyes wrote: On Thu, 2004-10-21 at 13:51, Charles Steinkuehler wrote: Mike Noyes wrote: On Thu, 2004-10-21 at 11:25, Charles Steinkuehler wrote: Mike Noyes wrote: Can RDD work through a secure serial line? Define secure serial line. A machine isolated from the network through a serial line connection for logging purposes. Since you can't run arbitrary commands or communicate via networking, if you want to monitor the 'health' of the LEAF box (without adding a seperate, network connected monitoring box, which is what I'd probably do) Charles, Point taken. I apologize for the misguided question. Now you're confusing me...your question wasn't misguided at all. The main reason I'd put monitoring on a more connected box is because I'd probably want to access it from my desktop web-browser, or via the internet when I'm traveling, and the primary reason to setup logging over a serial link is to have a completely disconnected machine that (presumably) can't be compromised by an attacker keeping accurate logs. Also, in several instances, I'm running the monitoring programs on machines very remote to the actual firewalls (try running a serial line from California, Colorado, or Kansas to Texas!). If you're happy using the logging machine's console (and pretty much only that console) to monitor the status of your LEAF box, there's no reason you can't (or shouldn't) do so...provided you can get all the info you want to monitor headed to the log file (and find/create appropriate log analysis tools). -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [leaf-devel] SNMP and RRD
On Fri, 2004-10-22 at 09:54, Charles Steinkuehler wrote: Mike Noyes wrote: Point taken. I apologize for the misguided question. Now you're confusing me...your question wasn't misguided at all. Charles, I apologize. I thought I had missed something basic. I don't catch things as fast as I did before. :-( The main reason I'd put monitoring on a more connected box is because I'd probably want to access it from my desktop web-browser, or via the internet when I'm traveling, and the primary reason to setup logging over a serial link is to have a completely disconnected machine that (presumably) can't be compromised by an attacker keeping accurate logs. Correct, but I was starting to think, from our conversation, RRD didn't supply information that would be useful in case of a compromise. Also, in several instances, I'm running the monitoring programs on machines very remote to the actual firewalls (try running a serial line from California, Colorado, or Kansas to Texas!). Understood. If you're happy using the logging machine's console (and pretty much only that console) to monitor the status of your LEAF box, there's no reason you can't (or shouldn't) do so...provided you can get all the info you want to monitor headed to the log file (and find/create appropriate log analysis tools). ok. Thanks for the information. I appreciate it. :-) -- Mike Noyes mhnoyes at users.sourceforge.net http://sourceforge.net/users/mhnoyes/ SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[leaf-devel] SNMP and RRD
Eric de Thouars, Can RDD work through a secure serial line? Chapter 13. Using SNMP and RRD to monitor your LEAF system http://leaf-project.org/doc/guide/bk05ch13.html -- Mike Noyes mhnoyes at users.sourceforge.net http://sourceforge.net/users/mhnoyes/ SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [leaf-devel] SNMP and RRD
Mike Noyes wrote: Eric de Thouars, Can RDD work through a secure serial line? Define secure serial line. AFAIK, RRD can monitor just about anything you can collect data from, including SNMP (for both local and remote systems), as well as the output from local commands (to monitor anything from free memory and HDD space to the performance statistics of your mail or database server). If your secure serial line is capable of running IP or executing commands on the LEAF box, you should be able to monitor via RRD and SNMP (or some other data gathering back-end). -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [leaf-devel] SNMP and RRD
On Thu, 2004-10-21 at 11:25, Charles Steinkuehler wrote: Mike Noyes wrote: Eric de Thouars, Can RDD work through a secure serial line? Define secure serial line. A machine isolated from the network through a serial line connection for logging purposes. http://www.mail-archive.com/[EMAIL PROTECTED]/msg02404.html Issue 74: Secure Logging Over a Network http://www.linuxjournal.com/article.php?sid=3913 AFAIK, RRD can monitor just about anything you can collect data from, including SNMP (for both local and remote systems), as well as the output from local commands (to monitor anything from free memory and HDD space to the performance statistics of your mail or database server). If your secure serial line is capable of running IP or executing commands on the LEAF box, you should be able to monitor via RRD and SNMP (or some other data gathering back-end). Thanks. :-) -- Mike Noyes mhnoyes at users.sourceforge.net http://sourceforge.net/users/mhnoyes/ SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [leaf-devel] SNMP and RRD
Mike Noyes wrote: On Thu, 2004-10-21 at 11:25, Charles Steinkuehler wrote: Mike Noyes wrote: Eric de Thouars, Can RDD work through a secure serial line? Define secure serial line. A machine isolated from the network through a serial line connection for logging purposes. http://www.mail-archive.com/[EMAIL PROTECTED]/msg02404.html Issue 74: Secure Logging Over a Network http://www.linuxjournal.com/article.php?sid=3913 OK, I'm going to make some assumptions about this sort of setup, mainly that you've configured the LEAF box to spit out logging data on the serial line, and you've got an otherwise unconnected box at the far end of the serial link that's just collecting and logging the data. I'm also assuming you want to run RRD on the logging box, not on the LEAF box. In this sort of setup, there's mainly one-way connectivity (the LEAF box spitting serial log messages to the logging box), which is what you want. Since you can't run arbitrary commands or communicate via networking, if you want to monitor the 'health' of the LEAF box (without adding a seperate, network connected monitoring box, which is what I'd probably do), you first need to setup something on the leaf box that dumps the desired information into the log file, which could be as simple as a crontab entry, ie: */5 * * * * root logger -t mydata `uptime` would spit out uptime and load average every 5 minutes. On the logging system, you'll need to setup something to extract the desired data from the logs and feed it to RRD, MRTG, or whatever other analysis tool you want to use (this excercise is left for the reader :-). -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
