• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1647
  • Last Modified:

What monitoring software for ESX, sflow, SNMP, syslog, and WMI?

Can anyone recommend a netmork monitoring software that can effectively manage syslog, SNMP, WMI (optional if syslog + snare can be used), sflow and VMware host logs?  I *think* Splunk can handle it, but I'm brand new to this arena.

Lancope also looks like an option, but their marketing is so thick (or my vocabulary so small) that I can't penetrate it.

I prefer it runs on Windows, but I'm not afraid of Linux if the results are worth it.
0
sbumpas
Asked:
sbumpas
  • 3
  • 2
2 Solutions
 
Ernie BeekExpertCommented:
0
 
sbumpasAuthor Commented:
What does Nagios offer that splunk doesn't already have?  Nagios does analysis, while splunk does reporting?
0
 
Ernie BeekExpertCommented:
I don't mean one or the other. I mean to say they are a complement to each other. Nagios for the monitoring and alerting, splunk for analyzing and reporting.

We're using Nagios allready, it's great for (as I said) monitoring and alerting. But now we're looking at splunk. If something happens, we want to know exactly what happens so we can prevent future incidents. And later on we want to be able to report back all the improvements.
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
sbumpasAuthor Commented:
So splunk only does analyzing and reporting, it's not capable of monitoring and/or alerting?
0
 
Ernie BeekExpertCommented:
No it is capable. But we think spunk's strong points are analyzing and reporting and nagios' strong points are monitoring and alerting.
So trying to get the best of both worlds here.
0
 
madunixCommented:
I prefer to work with Open-source... so my recommendation would be  nagios (I use it in my env.), awarded Platform ..winner of numerous awards and highly recognized, Nagios is the leader in Open Source IT infrastructure monitoring....but you can find other multiple monitoring tools:
http://www.groundworkopensource.com GroundWork Monitor Enterprise
http://www.hyperic.com Hyperic HQ
http://www.icinga.org Icinga
http://oss.oetiker.ch/mrtg/  mrtg
http://www.nagios.com Nagios
http://www.n-able.com N-central
http://www.op5.com op5 Monitor
http://www.open-itcockpit.com openITCockpit
http://www.opennms.org OpenNMS
http://www.hp.com/de/bto HP OpenView
http://www.bmc.com BMC PATROL ProactiveNet Performance Management
http://www.shinken-monitoring.org Shinken
http://www.ibm.com/software/de/tivoli IBM Tivoli
http://www.ca.com/de CA Unicenter
http://www.whatsupgold.com WhatsUp Gold
http://www.zabbix.com Zabbix
http://www.zenoss.com Zenoss Enterprise

My recommendation for a useful solution for syslog  and data correlation solutions:
Splunk http://www.splunk.com/ 
Cisco CS-MARS http://www.cisco.com/en/US/products/ps6241/index.html
Sawmill:  http://www.sawmill.net
Paglo:  http://paglo.com
Q1 Labs (offers free VM version):  http://www.q1labs.com/qradar-slim-fe
Manage Engine with OpManager:  http://www.manageengine.com

Also OpenNMS does a good job with making both SNMP Traps and syslog messages. Zenoss has syslog and snmp traps, but If you are looking for something more standalone, Splunk (i use it) is good as mentioned above by erniebeek look @ http://www.linuxjournal.com/article/5476 and
http://blogs.splunk.com/2008/11/13/syslog-syslog-ng-and-splunk-forwarders/

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now