[c-nsp] OT Solarwinds Alternatives

David Hubbard dhubbard at dino.hostasaurus.com
Thu Jul 27 15:36:02 EDT 2017


Been dramatically happier with Zabbix + ntop after moving off Solarwinds for both NMS and flow data analysis (NTA).  Zabbix picked up all the monitoring pieces and felt way more polished than Nagios.  We’re not only using zabbix for typical things like snmp and agent-based data collection / alerting from servers and devices, but have it hooked into vmware clusters via VMBIX, hooked into DNS servers monitoring qps, and a multitude of other things where scripts running on various servers trigger Zabbix alerts when conditions are met, whether that be helpdesk tickets aging out, all the way to developers missing milestones in Jira.  You can even push the alerts into different things; we populate channels of a corporate group chat app with alerts relevant to the various channel members to get them in front of the right faces instantly.

Ntop has proven to be much more useful to me than Solarwinds’ NTA (netflow) product because of their lack of interest in furthering the development of sflow analysis.  Specifically, sflow data containing remote BGP ASN’s was, as of early 2016, still being ignored by NTA, making it useless in watching your top BGP sources and destinations in case you want to make peering decisions based on that.  This was what used to be on their site but now seems to be removed:

"Explanation:  SFlow packet format is completely different from NetFlow (both v5 and v9). In SFlow, BGP/AS information is provided in a special/extended header that NTA does not parse (since there has been no previous need to do so).

Resolution:  If possible, use NetFlow v5 or v9 (with appropriate v5 compliance) if you need to collect and process BGP/AS traffic information. If neither NetFlow v5 or v9 is supported by your devices, file an enhancement request with SolarWinds Support.”

 
I filed enhancement requests annually from 2008 to 2015, all were ignored.  They will spam the hell out of you endlessly if you drop them though, so I even kept telling the sales folks what it was missing and it still hadn’t been added.  Maybe their deletion of that article means it’s in there now; not sure.  And when I mean endlessly, I mean endlessly; it takes a great deal of work to get them to stop emailing you, and it’s always some new name / new title / whatever and you have to get fairly nasty to make them stop.

It running on Windows was of course a huge negative too; it would go into typical for Windows unexplained non-functioning from time to time if left up too long, so reboots every few months were the norm.



On 7/27/17, 3:09 PM, "cisco-nsp on behalf of Scott Granados" <cisco-nsp-bounces at puck.nether.net on behalf of scott at granados-llc.net> wrote:

    Hi Nick,
    
    In my opinion anything is better than Solar Winds but that’s me.  I don’t understand how any serious network monitoring company only offers their products for the windows environment and has no Unix variants.  That’s just goofy to me but that aside here are some alternatives I have had good success with.
    
    Open NMs http://www.opennms.org is a comprehensive open source network management toolkit.
    Open groundwork http://www.opengroundwork.com Can be pricing depending on licensing but easy to set up and pretty feature packed, based on NAGIOS if memory serves.
    NagIOS, the gold standard, Nagios is a good framework with lots of plug in functionality and ability to customize / expand.  It’s a very complex but powerful tool.  In many environment it requires a full-time admin but it doesn’t have to.
    If you’re looking for netflow capture and analysis I’m a pretty big fan of nfdump and nfcapd.  Easy to get up and running and can generate powerful reports, also includes plugin add ons like mapping functions and anomaly detection.
    Cacti, good prober for port stats and has the ability to take rapid probes in for looking at bursty traffic.
    RANCID, great network archiving tool for version control and archival of network device configs.  Written in expect / TCL so can be modified to suit your needs.
    
    THere’s a few for starters.
    
    Thanks
    
    
    On Jul 27, 2017, at 2:56 PM, Nick Griffin <nick.jon.griffin at gmail.com<mailto:nick.jon.griffin at gmail.com>> wrote:
    
    Sorry for the off-topic post. I'm looking for input on network management
    solutions other than solarwinds, unbiased opinions. We will need all things
    network related, monitoring, alerts, reporting, configuration management,
    and other tools that might be handy for a NOC. If this takes multiple tools
    then that is fine. Just looking for some ideas from the guys in the
    trenches. Thanks!
    _______________________________________________
    cisco-nsp mailing list  cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
    https://puck.nether.net/mailman/listinfo/cisco-nsp
    archive at http://puck.nether.net/pipermail/cisco-nsp/
    
    _______________________________________________
    cisco-nsp mailing list  cisco-nsp at puck.nether.net
    https://puck.nether.net/mailman/listinfo/cisco-nsp
    archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list