Re: Alerting tool

["Crim, David" <dvcrim () TAYLOR EDU>]

There is a threshold (thold) plugin for Cacti that will do exactly that.
It simply monitors the value of something your graphing, and sends you
an e-mail alert if it goes above or falls below thresholds.  You have to
install the cacti PA, "Plugin Arcitecture".  You can find it all at:
http://cactiusers.org/index.php

David Crim
Security Analyst
Information Technology
236 West Reade Avenue
Upland, Indiana 46989-0001
Office: 765-998-5167     Cell: 765-251-3370
Fax: 765-998-4640



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Peter Charbonneau
Sent: Thursday, October 22, 2009 11:32 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Alerting tool

We have a few tools that page us on "down" events.  All of these down  
events are hardware or service related (ping of the device, loss of  
HTTPD service).

I just ran into a case where our ISP stopped advertising our BGP  
routes.  I would like to know if there is a tool out there that can  
page/alert on loss of data; and not just on total loss of data.  My  
BGP advertisements were going out, and I was getting acknowledgments  
for that service.


I would like to be able to alert on:

SNMP read interface OID string to get bytes in.  In one (two, five)  
minutes read the counter again, if the difference between the two  
reads is less than value x, but more than value y, page as "down".


I would prefer and open source tool.  I am using Cisco routers.

What's up Gold doesn't seem to be able to do this.  Is there,  
potentially an addon for Cacti that can do it?  Using Nagios for this  
seems to be like swatting a fly with a sledge hammer, but ...

Anyone out there doing anything like this?



PeteC


Peter Charbonneau
Sr. Network and Systems Administrator
Williams College
(413) 597-3408 (office)
(413) 822-2922 (cell)
OIT will NEVER ask for your password!