Owl Monitoring System -- IIP-local Setup

From DNSSEC-Tools
Jump to: navigation, search
{{#if:| {{#if:| {{#if:| {{#if:| {{#if:| {{#if:|
DNSSEC-Tools Component
Owl Monitoring System
This describes Owl Monitoring System, which in the Network-Monitoring Tools category within the DNSSEC-Tools Components framework of tools.
Tool Name: Owl Monitoring System
Tool Type: Network-Monitoring Tools
Manual: Monitoring System.html Manual

}}

Example: Monitoring System-example.txt Example

}}

CLI: Monitoring System-help.txt Help

}}

Tutorial: Tutorial

}}

How To: Monitoring System-dnssec-howto.txt How To

}}

Download: Owl Monitoring System

}}

Page Under Development

About

The Owl Monitoring System provides a means of tracking the response time of DNS queries. It uses a set of Owl sensor hosts that collect response-time data and an Owl manager host which manages the data.

IIP Local Setup

The Owl Manager has been installed on piper.netsec.tislabs.com and is managing a small number of Owl sensors. If you have set up a sensor on one of your machines or VMs, you may add it to piper's collection of sensors.

On piper, the Owl functionality has been split between two users:

  • owl-sensor: The Owl sensors use this user to transfer files to the manager.
  • owl-manager: The Owl manager software and Nagios run with this user.

Everything that makes up the Owl environment -- data files, Nagios environment, etc. -- is in /owl. This is actually a symlink to /uem/owl.

(Not *quite* everything is in /owl. The owl-* programs are in ~owl-manager/bin. These could easily be moved to /owl if we wanted to.)

Here are the files and directories you'll probably need to know about.

/owl/   Where everything is.
/owl/bin/   Location of Owl's version of Nagios.
/owl/data/   Location of sensor data.
This is where you'll be adding the sensor's data directory with owl-initsensor.
/owl/etc/nagios.cfg   The base Nagios configuration file.
/owl/etc/objects/   Nagios objects for sensors are here.
The sensor's objects file (created by owl-newsensor) will live here.
/owl/nagiosgraph/var/rrd/   RRD databases for nagiosgraph.
You shouldn't have to do anything here;
the sensor's directory and file should be created for you.
/owl/sbin/drraw.conf   RRD databases for nagiosgraph.
/owl/var   Nagios logs and such live here.
~owl-manager/bin   Owl's manager-specific commands live in this directory.
~owl-sensor/.ssh/authorized_keys   Add an entry for your sensor to this file.

/owl/sbin/nagios-init is a useful script for starting, stopping, and restarting Nagios. This script came in an old version of Nagios, but it seems to have been dropped in recent versions. I've kept copying it forward as I've put new versions in place because it is very helpful.

When running programs for Owl from the Nagios and Co. packages, you must use the versions in /owl. There are Owl-specific paths and users compiled in them; using the UEM or DNSSEC-Tools versions of Nagios for the Owl installation would not be a good thing. The one exception to this is rrdtool; there is one version running system-wide.

The Owl manager's Nagios interface is available here: http://piper.netsec.tislabs.com/owl-nagios/

Third-Party Software

The following third-party software packages are used by the Owl manager:

  • Nagios is a general-purpose network monitoring tool. Nagios runs on a monitoring host and collects data from remote hosts (or even its local self) to be displayed. Nagios is essentially an event dispatcher and display manager. It schedules events to collect monitoring data, and then it displays those data. Using other utilities, Nagios also has the facility to generate time-based graphs from the data it stores.
  • nagiosgraph stores Owl sensor data in round-robin databases. It uses rrdtool to perform the actual database manipulation.
  • rrdtool manages round-robin databases, especially time-series data. This is used to store Owl sensor data for display in graphs.
  • drraw is a front-end for rrdtool. It is used by Owl's Nagios environment to build and display graphs of the Owl sensor data.
  • rrsync puts sensor data into a particular sensor's data directory. It restricts rsync to the sensor's data directory, and its use is set up on a per-sensor basis in ~owl-sensor/.ssh/authorized_keys.

In addition, both the Owl manager and the Owl sensor use several third-party Perl modules.