Snort mailing list archives
Re: Performance Monitor Graphing Tool
From: Paul Halliday <paul.halliday () gmail com>
Date: Fri, 3 Sep 2010 16:00:37 -0300
On Fri, Sep 3, 2010 at 10:54 AM, Mike Lococo <mikelococo () gmail com> wrote:
On 09/02/2010 02:46 PM, Greg Lane wrote:Does anybody had a good location to obtain a good perfmonitor graph tool for snort? Every link that I have tried doesn’t seem to work and nothing is available.
With my Zabbix setup, I have a single screen that shows the following data for all my snort sensors: * Bandwidth at my taps (snmp) * Bandwidth to my snort processses (agent custom item) * Received/dropped packets for snort (agent custom item) * stream/frag stats (agent custom item) * CPU usage of various types (agent build-in item) * RAM usage of various types (agent build-in item) * Disk I/O activity in bytes and in iops (agent build-in item) * Free disk space (agent build-in item) * A list of the top-5 process-names that are using CPU-time (I can't wait for iotop to work on RHEL so I can get this list for io-consumers as well, this is an agent custom item). * Other stuff I can't remember
I second Zabbix :) I use a map to relay information about the sensors though: http://www.pintumbler.org/onestop.png All of the links you see in the picture are tied to numerous event triggers. DB connectivity and stats, snort and sguil processes, perfmon, CPU, MEM, I/O, BW and even latency make up the event triggers. All of this summarized with: "OK" or "Problem". I don't start looking at graphs until there is a problem :). The perfmon stuff is useful but it is only a small part of a much larger picture. ------------------------------------------------------------------------------ This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Performance Monitor Graphing Tool, (continued)
- Re: Performance Monitor Graphing Tool Eoin Miller (Sep 02)
- Re: Performance Monitor Graphing Tool JJ Cummings (Sep 02)
- Re: Performance Monitor Graphing Tool Joel Esler (Sep 02)
- Re: Performance Monitor Graphing Tool JJC (Sep 02)
- Re: Performance Monitor Graphing Tool Jason Brvenik (Sep 02)
- Re: Performance Monitor Graphing Tool Nerijus Krukauskas (Sep 02)
- Re: Performance Monitor Graphing Tool Edward Fjellskål (Sep 02)
- Re: Performance Monitor Graphing Tool Mike Lococo (Sep 03)
- Re: Performance Monitor Graphing Tool Edward Fjellskål (Sep 03)
- Re: Performance Monitor Graphing Tool Jason Wallace (Sep 03)
- Re: Performance Monitor Graphing Tool Paul Halliday (Sep 03)