Slashdot Mirror
Monitoring Your Unix Boxen?
"I know a few people who 'tail -f' the main log files, or who run 'top' every so-often. These require constant monitoring though, and you could miss essential error messages if you step away for too long. Are there any projects that do this successfully? I've seen a couple out there that started to do this, but appear to be abandoned.
Ideally, I would like some type of all-in-one, that possibly generates a daily (email/web) report of network statistics, user logins, and (web)server traffic/hits, as well as anything 'suspicious' that might be happening, perhaps what apps have been taking most of the processor time, or if any of the daemons have been busier than they normally would be. I know there probably isn't one single app out there that does all of this, so what's the best configuration , for keeping tabs on multiple machines, something I can skim for a minute or two each day, to make sure things are the way they should be? I want to know what works best, and just as importantly, what *doesn't* work (I do realize that relying on a single solution would be bad here too, so if you have more than one suggestion, that would be appreciated)."
I am currently using MRTG but have been reading up on Cricket. Do you, or anyone else, have any opinions on Cricket?
I rolled my own, mostly in Ruby (and ran it in parallel with the previous solution for several months). The main reason? I wanted to know about the things I wanted to know about, and not have to dig the information out of a lot of other cruft. So I do a lot of filtering to supress details that fall within what I define as "normal" for my setup, and only report the exceptions.
The main benifit of this turned out to be that I learned a lot about a configuration that I thought I knew inside and out. Yes, it was more work than dropping in a ready made package, but in retrospect it was well worth it.
-- MarkusQ