[sysmon-help] Best way to structure sysmon config
cwik at chriswik.com
Mon Aug 13 05:03:37 EDT 2007
I have just installed sysmon over the weekend and really love it, it
suits my needs perfectly. Simple and effective. I love the spawn
feature. Combined with key-based SSH authentication this means I can
automatically restart a failed service directly from sysmon, brilliant!
My question is, I've got 40-odd physical devices to monitor, 150+
virtual machines, and each virtual machine runs 3-4 services on average.
Does anyone have suggestions on the best way to organise my config
files? I started by creating individual files for routers, switches and
physical servers. Then I started creating config files for each client,
listing their virtual machines and the services running on them in one
file. In this lists collective experience, is this a good way to go, or
am I better off creating one config file for each service, for example
SMTP, and listing every SMTP server on our network in that file?
I know there is not a single way which is best, I'm just looking for any
tips on the most effective way to manage this type of configuration, as
I am sure others have done the same sort of thing with sysmon.
ANU Internet Services Ltd
E: chris at anu.net
T: +44 (0)117 9118820
More information about the Sysmon-help