Posted on 18-08-2015
Filed Under (General information) by Arun Bagul


Cloud computing has been evolving into different technology areas such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). These technology areas are finding increasing adoption in the marketplace.

A recent report published by International Data Corporation (IDC) has indicated that the Cloud Computing market is expected to cross $70 billion in 2015. Ref-

The economic drivers for adoption of Cloud Technologies have been well understood in the market.

Lower Investments: Cloud offerings typically have very low upfront costs. All SaaS product offerings are charged on a pay per use monthly subscription basis, which implies lower cost of ownership.
No Infrastructure Costs: Cloud service offerings use cloud based infrastructures such as Amazon or Rackspace or a private cloud. Hence the customer does not have to bear the cost of the infrastructure setup with cloud services.
Outsourced Technology Expertise: With cloud offerings, customers get a ready to use product that can be immediately consumed by the end user. Customer does not need to invest in an in-house IT team having that particular technology expertise.
Simplified Management: With offerings in the cloud, the service provider deals with on-going management, maintenance and upgrades of technology. The customer can focus on his core business needs.

So Why I’m telling this story to you? As infrastructure engineer I believe that this is going to change how we do things in Traditional vs Could Infrastructure. Let us take example of “Monitoring”. Here in this blog, I’m going to talk about monitoring of Infrastructure and applications in Traditional vs Cloud. Adoption of “Cloud computing” is going to change they way we do monitoring of our servers and applications.

Monitoring as a Service (MaaS) in the Cloud! –

What does Monitoring-as-a-Service (MaaS) mean?
Monitoring-as-a-service (MaaS) is one of many cloud delivery models under anything as a service (XaaS). It is a framework that facilitates the deployment of monitoring functionalities for various other services and applications within the cloud. The most common application for MaaS is online state monitoring, which continuously tracks certain states of applications, networks, systems, instances or any element that may be deployable within the cloud. MaaS offerings consist of multiple tools and applications meant to monitor a certain aspect of an application, server, system or any other IT component. There is a need for proper data collection, especially of the performance and real-time statistics of IT components, in order to make proper and informed management possible.

IT infrastructure monitoring should an essential part of the IT Management Policy for an organization that is reliant on IT infrastructure. Proactive monitoring provides business continuity, quicker disaster recovery and easier capacity planning for all mission critical applications.

Monitoring as a Service (MaaS) in the Cloud is a concept that combines the benefits of cloud computing technology and traditional on-premise IT infrastructure monitoring solutions. MaaS is a new delivery model that is suited for organizations looking to adopt a monitoring framework quickly with minimal investments.

Traditional On-Premise Monitoring Framework-

On premise monitoring is the traditional deployment model for monitoring private networks (internal IT infrastructure). This has been a very effective model over the years and works well for organization that can afford to implement this monitoring framework. On-premise monitoring involves purchase of software tools and investing in monitoring infrastructure and skilled IT personnel.

On-Premise monitoring provides the following benefits:

In-House Monitoring Infrastructure:Customers can own the in-house infrastructure for monitoring. This implies more control over the infrastructure with regards to upgrades, maintenance and management
Higher Levels of Security:Since the monitoring infrastructure is located in-house, customer gets better security where the monitoring tool does not need to cross firewall domains and connect over the open internet.
Inherent Connectivity to Internal Assets:Monitoring infrastructure is already a part of the internal network (LAN and MPLS). Hence connecting to all the infrastructure assets is easy.
Real Time Monitoring Data:On-premise monitoring provides real-time data where alerts are generated and shown to the customer immediately. The monitoring dashboard and email servers are all within the customer premise and hence there are no delays.
Customization and Extensions:On-premise monitoring solutions can be heavily customized to meet the exact needs of a specific customer environment. This could be in the form of monitoring of custom applications or personalized dashboards and escalation matrices.
The Adoption of Cloud and Software as a Service Delivery Models

Monitoring as a Service Offering –

The monitoring as a service (MaaS) offering provides a monitoring solution based on a monitoring infrastructure in the cloud. The MaaS vendor invests in the monitoring framework including the hardware, monitoring software and specialized IT personnel on behalf of the customer. The customer just needs to pay for the service he wants to use – on a subscription model similar to any SaaS product offering.

Benefits of Monitoring as a Service (MaaS)

The following are the benefits of a monitoring as a service (MaaS) product:

    Ready to Use Monitoring Tool Login: The vendor takes care of setting up the hardware infrastructure, monitoring tool, configuration and alert settings on behalf of the customer. The customer gets a ready to use login to the monitoring dashboard that is accessible using an internet browser. A mobile client is also available for the MaaS dashboard for IT administrators.
    Inherently Available 24x7x365: Since MaaS is deployed in the cloud, the monitoring dashboard itself is available 24x7x365 that can be accessed anytime from anywhere. There are no downtimes associated with the monitoring tool.
Easy Integration with Business Processes: MaaS can generate alert based on specific business conditions. MaaS also supports multiple levels of escalation so that different user groups can get different levels of alerts.
Cloud Aware and Cloud Ready: Since MaaS is already in the cloud, MaaS works well with other cloud based products such as PaaS and SaaS. MaaS can monitor Amazon and Rackspace cloud infrastructure. MaaS can monitor any private cloud deployments that a customer might have.
Zero Maintenance Overheads: As a MaaS, customer, you don’t need to invest in a network operations centre. Neither do you need to invest an in-house team of qualified IT engineers to run the monitoring desk since the MaaS vendor is doing that on behalf of the customer.
    Price Sensitive Customers: For small and medium enterprises, MaaS provides cost effective pay per use pricing model. Customers don’t need to make any heavy investments neither in capital expenditures (capex) nor in operating expenditures (opex).

Monitoring as a service (MaaS) is an attractive choice for the following scenarios:

Cloud Based SaaS and PaaS offering Add-On: MaaS provides a better technology fit for monitoring cloud based SaaS and PaaS offerings. MaaS can be provided as an add-on product offering along with SaaS and PaaS.
Distributed Infrastructure Assets: In scenarios where the IT infrastructure assets are distributed across different locations and branch offices, MaaS is a good option since the monitoring infrastructure is centralized in the cloud and can easily monitor all distributed infrastructure assets.
Mixture of Cloud and On-Premise Infrastructure: MaaS is already in the cloud. Hence in deployments where customer has a mix of on-premise and cloud infrastructure, MaaS provides good monitoring options for the hybrid environment.
Multitenant Monitoring Requirements: For vendors offering multi-tenant functionality on their hosted services, MaaS provides a strong backend framework for monitoring the multi-tenant services and their availability.

Thank you,

Arun Bagul

(0) Comments   
Posted on 15-01-2012
Filed Under (Nagios Monitoring) by Arun Bagul

Introduction –
Check_MK is one of the best Nagios monitoring system plugin that allows creating rule-based configuration using Python and offloading work from the Nagios core to make it scale better, allowing more systems to be monitored from a single Nagios server.  It comes with a set of system checks and web based UI and a module that allows fast access to the multiple Nagios servers
To see Top 5 monitoring tools comparison here –

** What is Check_MK ?
Check_MK is Nagios plugin to monitor remote host,services and Nagios Multisite GUI to monitor multiple nagios from single web based UI.

** What are features of Check_MK?

Check_MK is the best nagios plugin for monitoring remote host. Beauty of this plugin is that most of the commons services are checked in only one connection to remote hosts and results are submitted as passive results to nagios.  This improves performance, less network traffic and of course no load or burden on remote host (which we are monitoring).
For Check_MK, we have to installed check_mk agent ie check_mk_agent simple shell script and bind this script to  6556 tcp port using xinetd daemon.

* Check_MK also provides following features.
– Check_MK support dynamic nagios configuration generation, inventory of checks.
Livestatus – a beautiful plugin to communicate with nagios (unix socket)
Nagios Multisite GUI – monitor multiple nagios from single web based interface
– SNMP supports and automatic service detections for many cisco switches, routers and NetApp filers as well.
– whatever Nagios supports

* Nagios Multisite GUI ~ Another beauty of Check_MK nagios plugin is monitoring multiple nagios using only one web based interface.
This web based interface uses Check_MK Livestatus plugin to get nagios data.
– Livestatus nagios plugin to communicate with nagios using SQL like language (unix socket)

** How to configure Check_MK Agent on Linux/Unix ?

Go to site “” and download check_mk_agent rpm or deb package and install agent.

* xinetd setting –
[root@arunb ~]# cat /etc/xinetd.d/check_mk
service check_mk
type           = UNLISTED
port           = 6556
socket_type    = stream
protocol       = tcp
wait           = no
user           = root
server         = /usr/bin/check_mk_agent
#only_from      =
disable        = no
[root@arunb ~]#

* How to start check_mk_agent

[root@arunb ~]#  /etc/init.d/xinetd start

* How to add custom checks in Check_MK agent –
Check_MK agent support two type of custom checks …
  a) MRPE – Check_MK Remote Plugin Executor (same as NRPE) – Create “/etc/check_mk/mrpe.cfg” file if doesn’t exist.
[root@arunb ~]# cat /etc/check_mk/mrpe.cfg
#check_mk Remote Plugin Executor config file
# Service_Name         CommandLine
MySQL_Server    /home/check_mk/nagios_scripts/check_mysql
MySQL_Slave     /home/check_mk/nagios_scripts/
[root@arunb ~]#
* plugins script as same as nrpe

  b) Local Checks – go to local directory as shown below and put your script which will be executed by check_mk_agent shell script.

[root@arunb ~]# ls /usr/lib/check_mk_agent/
local  plugins
[root@arunb ~]# cat /usr/lib/check_mk_agent/local/
#nagips plugin dir path
str=”/var/spool/mqueue is empty Total requests: 0″
count=$( mailq | grep ‘Total requests:’ | awk -F’Total requests: ‘ ‘{print $2}’)
#echo “‘$count'”
if [ $count  -lt 5 ];then
echo “$status  mailq count=$count  OK – Total mails in queue: $count”
elif [ $count -ge 5 ] &&  [ $count -lt 20 ];then
echo “$status  mailq count=$count  WARNING – Total mails in queue: $count”
elif [ $count -ge 20 ];then
echo “$status  mailq  count=$count  CRITICAL – Total mails in queue: $count”
[root@arunb ~]#

** Check_MK Nagios configuration –

Go to site “” and download check_mk rpm or deb package or source with livestatus install check_mk nagios plugin

** config file –

[root@arunb ~]# cat /etc/check_mk/
# Put your host names here
# all_hosts = [ ‘localhost’ ]
all_hosts = [

– here LOC and http_port and WINDOWS are called as “Tag” which will be used in check_mk config file for writing rules.

* I have added extra config in following file –

[root@arunb ~]# cat /etc/check_mk/conf.d/

define_hostgroups     = True
define_servicegroups  = True
# tcp timeout
tcp_connect_timeout = 25.0

define_hostgroups = {
“LOC”       : “My Network”,
“WINDOWS”   : “Windows Servers”,

define_servicegroups = {
“MySQL”      : “MySQL DB”,
“ORACLE”     : “Oracle DB”,
“HTTPD”      : “Web Server”,
“WINDOWS”    : “Windows Checks”,
host_groups = [

( ‘LOC’,  [‘LOC’], ALL_HOSTS ),
( ‘WINDOWS’, [‘Windows’], ALL_HOSTS ),

service_groups = [
( “MySQL”, ALL_HOSTS, [“MySQL_S*”]),
( “MAIL”, ALL_HOSTS, [“proc_SMTP*”]),
( “NAGIOS”, ALL_HOSTS, [“proc_nagios*”]),
( “HTTPD”, ALL_HOSTS, [“proc_Apache2”]),

host_contactgroups = [
( ‘admin,admin-sms’, [‘LOC’], ALL_HOSTS ),
( ‘winadmin,winadmin-sms’, [‘Windows’], ALL_HOSTS ),

service_contactgroups = [
# Notification for all services to admin group
( ‘admin’, ALL_HOSTS,[“.*”]),
( ‘dbadmin,db-admin-sms’, ALL_HOSTS, [“MySQL_S*”] ),

# Inventory

filesystem_default_levels[“levels”] = ( 80, 90 )
ntp_default_levels = (20, 1000.0, 5000.0)
if_default_error_levels = (0.2, 0.5)

ignored_services = [
( [“Windows”], ALL_HOSTS, [ “LOG Application”,”LOG Security”, “LOG System”,”LOG DNS Server”,”DHCP Stats”] ),

inventory_processes = [
( “SSH”, “/usr/sbin/sshd”, ANY_USER, 1, 1, 10, 15),
( “Apache2”, “/usr/sbin/httpd”, “apache”, 1, 1, 90, 100 ),
( “FTP_Server”, “~/usr/sbin/vsftpd.*”, “root”, 1, 1, 40, 50),
( “DNS”, “~/usr/sbin/named.*”, “named”, 1, 1, 5, 10),
( “nagios”, “~/omd/sites/.*/bin/nagios.*-ud.*/omd/sites/.*/tmp/nagios/nagios.cfg*”, ANY_USER, 1, 1, 100, 200),

#Classical Nagios Services
legacy_checks = [
((“check_http_arg!/”, “http_port”, False), [“http_port”], ALL_HOSTS ),
extra_nagios_conf += r”””
# check_http command
define command{
command_name    check_http_arg
command_line    $USER1$/check_http -H $HOSTADDRESS$ -w 30 -c 40 -t 60 -u $ARG1$
[root@arunb ~]#

** How to Take Host inventory –  

Taking host inventory is first step after configuring or adding hosts in file as shown above.
Defining extra rules like “” file can be  done as per your requirement.

– for all host
[root@arunb ~]# check_mk -v -u -I

– for one host
[root@arunb ~]# check_mk -v -u -I tcp host1

– verify inventory
[root@arunb ~]# check_mk -v -D host1   OR
[root@arunb ~]# check_mk -v -d host1

** Generate Nagios Config –
Generating nagios config after taking hosts inventory is final check_mk step.

[root@arunb ~]# check_mk -v -U

* Verify Nagios setting using nagios -v command

[root@arunb ~]#  /usr/sbin/nagios3 -v /etc/nagios3/nagios.cfg

* Start/Restart Nagios

[root@arunb ~]# /etc/init.d/nagios start  OR

[root@arunb ~]# check_mk -v -R

Check_MK web interface – http://localhost/check_mk/ or http://your_nagios_server_ipaddr/check_mk/

** How to set Nagios/ Check_MK Multisite –

– First step is to configure livestatus on remote nagios and add following configuration on Multisite nagios check_mk “” config file

* xinetd config for livestatus –

[root@remote ~]#  cat /etc/xinetd.d/livestatus
# Nagios – check_mk Livestatus multisites
service livestatus
type        = UNLISTED
port        = 6557
socket_type    = stream
protocol    = tcp
wait        = no
cps             = 100 3
flags           = NODELAY
user   =  nagios
server        = /usr/bin/unixcat
server_args  =  /opt/nagios/var/rw/live
disable        = no
[root@remote ~]#

– restart xinetd to start livestatus over tcp port 6557

[root@remote ~]#  /etc/init.d/xinetd start

** Add remote nagios site in “” config  file as shown below –

[root@arunb ~]# cat  /etc/check_mk/
admin_users = [ “omdadmin”, “admin” ]
sites = {
# local nagios
“local” : {
“alias” : “LOC”
# Remote site
“alias”:          “Remote Nagios Site”,
“socket”:         “tcp:”,
“nagios_url”:     “/nagios”,
“nagios_cgi_url”: “/nagios/cgi-bin”,
“pnp_url”:        “/pnp4nagios/”,

[root@arunb ~]#

That’s it! Enjoy Nagios and Check_MK!

Thank you,
Arun Bagul

(1) Comment   
Posted on 12-08-2011
Filed Under (Nagios Monitoring, UNIX/Linux) by Arun Bagul

Introduction – We wrote perl script for Nagios daily and weekly Reporting. This script is parsing nagios.log for all alerts notification and generating nagios report in CSV format…

** How to use?

arunb@arunb:~$ perl /home/arunb/
* Usage: /home/arunb/ { <nagios_log file>  [ –summary ] }

** To Generate Daily Nagios Report –
arunb@arunb:~$ perl /home/arunb/  /usr/local/nagios/var/nagios.log
arunb@arunb:~$ perl /home/arunb/  /usr/local/nagios/var/nagios.log  –summary

arunb@arunb:~$ perl /home/arunb/  /usr/local/nagios/var/nagios.log  –summary  > /tmp/NAGIOS-daily.csv

** To Generate Weekly Nagios Report –

Add all weeks nagios.log files absolute path (per line) in file say “/tmp/nagios-logfile”

arunb@arunb:~$  for i in `cat /tmp/nagios-logfile`; do  perl /home/arunb/  $i; done | grep -v ^$ > /tmp/NAGIOS-weekly.csv

* Want to see the script ?

arunb@arunb:~$ cat /home/arunb/


my $file = $ARGV[0];
my $stime = 0;
my $htime = 0;
my ($s_alert,$h_alert ) = (undef,undef);

my %ALERT;


if ($ARGV[0]) {
#my $file = "/usr/local/nagios/var/nagios.log";

open (MYFILE, "<$file" ) or die "Can;t open nagios file";
while(<MYFILE>) {
my $line = $_;
##print "\n".$line;
#if ($line =~ m/[(.*)].*;(.*);(.*);(.*);.*/) {
#if ($line =~ m/\[(.*)\]\s+(HOST|SERVICE)\sNOTIFICATION:\s\w+;(.*);.*/) {
if ($line =~ m/\[(.*)\]\s+SERVICE\sNOTIFICATION:\s\w+;(.*);.*/) {
my $time = $1;
my $mydate = scalar(localtime($time));
my ($host,$service,$alert)  = split(';',$2);
#print "\nARUN=>$1 = $host,$service,$alert";
if ($s_alert eq $service) {
my $time_diff = $time - $stime;
if ($time_diff > 600 ) {
if ($alert ne "OK") {
if (exists $ALERT{"$service"}) { $ALERT{"$service"} = $ALERT{"$service"} + 1;}
else { $ALERT{"$service"} = 1 ; }
$STATE_COUNTER{"$alert"} = $STATE_COUNTER{"$alert"} + 1;
print "\n$mydate [$time],$host,$service,$alert";
} else {
if ($alert ne "OK") {
if (exists $ALERT{"$service"}) { $ALERT{"$service"} = $ALERT{"$service"} + 1;}
else { $ALERT{"$service"} = 1 ; }
$STATE_COUNTER{"$alert"} = $STATE_COUNTER{"$alert"} + 1;
print "\n$mydate [$time],$host,$service,$alert";
$stime = $time;
$s_alert = $service;

} elsif ($line =~ m/\[(.*)\]\s+HOST\sNOTIFICATION:\s\w+;(.*);.*/) {
my $time = $1;
my $mydate = scalar(localtime($time));
my ($host,$hdown,$alert)  = split(';',$2);
#print "\nARUN=>$1 = $host,$hdown";
if ($hdown eq "DOWN") {
if ($h_alert eq $host) {
my $time_diff = $time - $htime;
if ($time_diff > 600 ) {
$STATE_COUNTER{"$hdown"} = $STATE_COUNTER{"$hdown"} + 1;
print "\n$mydate [$time],$host,$hdown";
} else {
$STATE_COUNTER{"$hdown"} = $STATE_COUNTER{"$hdown"} + 1;
print "\n$mydate [$time],$host,$hdown";
$htime = $time;
$h_alert = $host;
## summary
my $total_counter = 0;
my $total_service = keys(%ALERT);
if ($ARGV[1] eq "--summary") {
print "\n\n"."-" x 20;
print "\nSummary Report\n";
print "-" x 20 . "\n";
print "\nAlert_Type,Total_Count";
while (my ($key,$value)=  each(%STATE_COUNTER)) {  print "\n$key,$value"; }
print "\n\nService_Name,Total_Count";
while (my ($key,$value)=  each(%ALERT)) { print "\n$key,$value"; $total_counter = $total_counter + $value; }
print "\n\nTotal Alerts = $total_counter";
print "\nTotal Service Failed = $total_service";

} else { print " * Usage: $0 { <nagios_log file>  [ --summary ] }";}

print "\n";

** To download the script “

Thank You,
Arun Bagul

(1) Comment   

Introduction – Monitoring your network and various applications is most important part of your business. So choosing monitoring tools is critical and most important task, because you will fully rely on this tool to notify whenever something goes wrong!

1) Nagios – is a popular open source computer system monitor, network monitoring and infrastructure monitoring software application. Nagios offers complete monitoring and alerting for servers, switches, applications, and services and is considered as the defacto industry standard. Nagios supports two type of monitoringActive and Passive. In case of Active monitoring nagios schedules or actively checks mentioned  services; while in case of Passive checks, external application can be used to submit service check results.
– For Passive checks NSCA (Nagios Service Check Acceptor) daemon should run on nagios server to accept passive checks over network, which will   submit passive check to nagios via unix socket.
– For Acitive checks NRPE (Nagios Remote Plugin Executor) daemon will has to run on remote machine to monitor services. However you can use SSH as  well.


To monitor remote hosts and services nagios community provide you few plugins as shown below…
* NRPE – NRPE daemon will run on remote hosts and nagios will checks services on remote hosts via check_nrpe plugin (command) from nagios hosts.
* Check_MK – The best nagios plugin for monitoring remote host. Beauty of this plugin is that most of the commons services are checked in one  connection to remote hosts and results are submitted as passive results to nagios. This improves performance, less network traffic and of course  no load or burden on remote host (which we are monitoring). For Check_MK, we have to installed check_mk agent ie check_mk_agent simple shell script and bind this script to  6556 tcp port using xinetd daemon. Check_MK also provides following features.
– Check_MK support dynamic nagios configuration generation, inventory of checks.
Livestatus – a beautiful plugin to communicate with nagios (unix socket)
Nagios Multisite GUI – monitor multiple nagios from single web based interface
SNMP supports and automatic service detections for many cisco switches, routers and NetApp filers as well.
Nagios Multisite GUI – Another beauty of Check_MK nagios plugin is montoring multiple nagios using only one web based interface. This webbased interface usese Check_MK Livestatus plugin to get nagios data.
Check_MK –
Author – Ethan Galstad

2) Ganglia – is a scalable distributed system monitor tool for high-performance computing systems such as clusters and grids.  It allows the user to remotely view live or historical statistics (such as CPU load averages or network utilization)  for all machines that are being  monitored. Ganglia is very helpful to find out application or team wise resource utilization even in clustered  environment. We have to installed gmond (ganglia monitor daemon) on each machine (in group or cluster) which collects all stats.

gmetad (ganglia metadata daemon) need to installed on one machined in group or cluster which will collect data from specified gmond servers.


3) Cacti – is an open source, web-based graphing tool (frontend to RRDtool ). Cacti allows a user to poll services at predetermined intervals and  graph the resulting data. It is generally used to graph time-series data of metrics such as CPU load and network bandwidth utilization.  Cacti is better to  monitor hardware devices like switches,routers via SNMP.



4) Zabbix – It is designed to monitor and track the status of various network services, servers, and other network hardware.
It uses MySQL, PostgreSQL, SQLite, Oracle or IBM DB2 to store data. Its backend is written in C and the web frontend is written in PHP.
Zabbix offers several monitoring options.  A Zabbix agent can also be installed on UNIX and Windows hosts to monitor statistics such as  CPU load, network utilization, disk space, etc.  As an alternative to installing an agent on hosts, Zabbix includes support for monitoring via SNMP, TCP and ICMP checks, as well as over  IPMI, SSH, telnet and using custom parameters.
Zabbix supports a variety of real-time notification mechanisms. Beauty of Zabbix is  XMPP notifications!
Author – Alexei Vladishev

5) Zenoss – Zenoss (Zenoss Core) is an open-source application, server, and network management platform based on the Zope application server.

NOTE – This list is based on personal experience and choice of many IndianGNU community members.

Thank you,
Arun Bagul

(0) Comments    Read More
arunbagul's photos More of arunbagul's photos
Get Adobe Flash player