Reducing Noisy Nagios Alerts

Reducing Noisy Alerts from Nagios

Monitoring Casual Talk #1

Takumi SAKAMOTO@takus

12年6月15日金曜日

Self Introduction

• Takumi SAKAMOTO

• @takus

• DeNA Co., Ltd. (2012.4 ~)

• Operation Engineer ?

Before Joining DeNA

My365A Photo Sharing SNS

< 20 Servers

After Joining DeNA

Mobage

> 1000 Servers

What’s the Difference?

Someone Said That ...

• What happens once in every million times happens 3500 times per day

http://blog.nomadscafe.jp/2011/05/post-12.html

In the Context of Nagios ...

(Photo : Postal Loathing by justin)http://www.flickr.com/photos/justin/2412778/

Too Many Alert Mails

• Problems

• continue to call our mobile phone

• sometimes hide more important alerts

• burden mail systems

How to Reduce Unnecessary Alerts

#1: Defining Service Dependencies

• Approach

• whatever you use for monitoring remote host status, the status depend on what you use for monitoring

• e.g. SNMP, NRPE, SSH ...

• define service dependencies between parent service and child services

Consider Simple Case 1

• Your nagios monitors remote hosts via SNMP

• CPU, DISK, NTP, MEMORY

• all services are OK

Nagios

Remote Host

SNMPDISK

MEMORY

• Nagios sometimes fails to check status by SNMP because of high server load

• In this case, nagios evaluates all service status are UNKNOWN and sends us 4 alert mails

Nagios

SNMPDISK

MEMORY

Remote Host

• If many servers become over-loaded once, nagios sends us a lot of noisy alert mails

• because it is obvious that SNMP doesn’t work well

• Nagios stop to send alert mail if SNMP returns UNKNOWN

• you will receive only a SNMP CRITICAL alerts

Defining SNMP Service Dependencies

define servicedependency { dependent_host_name host1 dependent_service_description CPU,DISK,MEMORY,NTP host_name host1 service_description SNMP notification_failure_criteria u}

#2: Summarizing Similar Alerts

テキストSummarizer テキストSend Summary Alert

fluentdでNagiosアラートの集約

http://6pongi.wordpress.com/2012/06/08/fluentdnagios/

What is your solution?

Reducing Noisy Nagios Alerts

Technology

Charla Nagios

Nagios Pres.pdf

Nagios Portuguese

Evaluacion Nagios

Nagios Report

Nagios Spanish

SERVIDOR NAGIOS

Submodule B What can users expect from EMS v1 - IZM · • Email alerts about new activations for the Authorized User • GeoRSSfeeds for activations alerts and Map Delivery alerts

Perl nagios

Monitoring sieci Nagios - Maciej Kalkowskikalkowski.name/dydaktyka/2011-2012-L/ASL/referaty/nagios/nagios.pdf · Monitoring sieci Nagios Wstęp HomePage : Nagios – program do monitorowania

Google Noticias y Google Alerts

Ins Nagios

Nagios Conference 2012 - Mike Guthrie - Nagios Fusion 2012

Noisy Video Super-Resolution

Nagios 3 J. Gabès Nagios 3 - jecogite.free.frjecogite.free.fr/acces/INFO/nagios/nagios 3.pdf · Nagios 3 pour la supervision et la métrologie Déploiement, conﬁ guration et optimisation

Doc. Nagios

Pre alerts

Alerts+ +Eng

Security with Noisy Data

Nagios : logiciel de supervision · Objectifs • Installer nagios • Configurer nagios • Surveiller les machines Microsoft • Surveiller les machines Linux • Surveiller les