Introduction

Today, managing hetereogeneous systems its a hard task if you haven’t the right tool. There are some solutions on the market (IT OpenView, Patrol) but this solutions are expensive, hard to learn, requires a big machine and, at last, the 90 % of the times you only use the event monitor (this funny screen that shows you the events). Fortunately, some free tools has been developed, like Big Brother, Over-CR, RADAR, etc.

Today, managing hetereogeneous systems its a hard task if you haven't the right tool. There are some solutions on the market (IT OpenView, Patrol) but this solutions are expensive, hard to learn, requires a big machine and, at last, the 90 % of the times you only use the event monitor (this funny screen that shows you the events). Fortunately, some free tools has been developed, like Big Brother, Over-CR, RADAR, etc. Event monitor provides a module-based, extensible framework to monitor systems. Event Monitor is written using C, shell script, and Tcl/Tk.

Tech Info

I think that monitoring tools must be very portable, easy to use and configure, and must use a wide and easy way of communication, so why not use TCP/IP ?. Some tools used SNMP for this, but I think that SNMP is big, slow and complex (it has some highlights, but I think that its like firing flies whith a 100 mm gun.

Another thing is the distribution. The clients (systems that are being monitored) only has the agents (a special process or script that talks to the server if it found some thing that its wrong) So we have a server on one machine, and agents on the monitored systems. This is not 100% true, see below.

So we have a monitoring tool, but how it can save the day ? A monitoring tool is only useful if you are 24 hours sitting in watching the tool. So we need some proactivity. By this you need some server (another process) running on managed nodes. With this you can launch actions on managed nodes automatically, so human presence its not required. See the basic model below.

Features

• Support for unlimited number of agents
• Configurable almost anything: refresh rates, warning levels, etc. etc.
• Proactive managing: send actions, perform automatically tasks. populate
• Actions when some messages are received ...
• Support for clusters (groups of machines, process, etc)
• Heterogeneous network, operating system and archiquecture.
• Notification via email
• Multiple console monitors running simultaneously
• Historical track of messages
• Multiple ack of messages
• Multiple level of warning
• API provided
• Portability granted
• Low load rate on monitored and console machine
• Runs on user space -- no root privileges required execpt for emsrvcmd
• Configuration by files or shell variables
• Fully customizable
• Security access for console
• Security checks in emsrvcmd (to prevent unauthorized use)
• Graphics, User Friendly environment
• TCP/IP message-passing system
• Buffering security on emputmsg to prevent network failures. This allows manage network breakdowns
• Message counter notificator
• User profiles
• User access security
• Status line

Requeriments

• Tck/tk 8 for emconsole only
• TiX for emconsole only
• C compiler (like gcc) for al the binaries and tools
• GNU make to compile the makefiles
• 2 Mb of free space for the configuration files, binaries, doc, etc.
• 30 Mb or so for server instalation (this a safe value). This is for production environment, buy I have it running monitoring 12 HPuX machines and it has 5 Mb of disk., less if you don’t save historical logs.
• A unix box The software is developed on a linux box, a solaris box and a HP box
• A few time to configure the system
• More few time to send your suggests, bugs and improvements