Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1594
  • Last Modified:

What monitoring software for ESX, sflow, SNMP, syslog, and WMI?

Can anyone recommend a netmork monitoring software that can effectively manage syslog, SNMP, WMI (optional if syslog + snare can be used), sflow and VMware host logs?  I *think* Splunk can handle it, but I'm brand new to this arena.

Lancope also looks like an option, but their marketing is so thick (or my vocabulary so small) that I can't penetrate it.

I prefer it runs on Windows, but I'm not afraid of Linux if the results are worth it.
0
sbumpas
Asked:
sbumpas
  • 3
  • 2
2 Solutions
 
Ernie BeekExpertCommented:
0
 
sbumpasAuthor Commented:
What does Nagios offer that splunk doesn't already have?  Nagios does analysis, while splunk does reporting?
0
 
Ernie BeekExpertCommented:
I don't mean one or the other. I mean to say they are a complement to each other. Nagios for the monitoring and alerting, splunk for analyzing and reporting.

We're using Nagios allready, it's great for (as I said) monitoring and alerting. But now we're looking at splunk. If something happens, we want to know exactly what happens so we can prevent future incidents. And later on we want to be able to report back all the improvements.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
sbumpasAuthor Commented:
So splunk only does analyzing and reporting, it's not capable of monitoring and/or alerting?
0
 
Ernie BeekExpertCommented:
No it is capable. But we think spunk's strong points are analyzing and reporting and nagios' strong points are monitoring and alerting.
So trying to get the best of both worlds here.
0
 
madunixChief Information Security Officer Commented:
I prefer to work with Open-source... so my recommendation would be  nagios (I use it in my env.), awarded Platform ..winner of numerous awards and highly recognized, Nagios is the leader in Open Source IT infrastructure monitoring....but you can find other multiple monitoring tools:
http://www.groundworkopensource.com GroundWork Monitor Enterprise
http://www.hyperic.com Hyperic HQ
http://www.icinga.org Icinga
http://oss.oetiker.ch/mrtg/  mrtg
http://www.nagios.com Nagios
http://www.n-able.com N-central
http://www.op5.com op5 Monitor
http://www.open-itcockpit.com openITCockpit
http://www.opennms.org OpenNMS
http://www.hp.com/de/bto HP OpenView
http://www.bmc.com BMC PATROL ProactiveNet Performance Management
http://www.shinken-monitoring.org Shinken
http://www.ibm.com/software/de/tivoli IBM Tivoli
http://www.ca.com/de CA Unicenter
http://www.whatsupgold.com WhatsUp Gold
http://www.zabbix.com Zabbix
http://www.zenoss.com Zenoss Enterprise

My recommendation for a useful solution for syslog  and data correlation solutions:
Splunk http://www.splunk.com/ 
Cisco CS-MARS http://www.cisco.com/en/US/products/ps6241/index.html
Sawmill:  http://www.sawmill.net
Paglo:  http://paglo.com
Q1 Labs (offers free VM version):  http://www.q1labs.com/qradar-slim-fe
Manage Engine with OpManager:  http://www.manageengine.com

Also OpenNMS does a good job with making both SNMP Traps and syslog messages. Zenoss has syslog and snmp traps, but If you are looking for something more standalone, Splunk (i use it) is good as mentioned above by erniebeek look @ http://www.linuxjournal.com/article/5476 and
http://blogs.splunk.com/2008/11/13/syslog-syslog-ng-and-splunk-forwarders/

0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now