On Thu, 2005-06-09 at 07:18 -0500, Daniel J McDonald wrote:
On Thu, 2005-06-09 at 15:58 +1000, Adam Goryachev wrote:
On Thu, 2005-06-09 at 07:41 +0200, Henrik Stoerner wrote:
Personally, I'd most like to see a 'free' client (ie, GPL, without the BB license issue),
Ditto, but I'd really like the bb-central approach. Most of the status information can be grabbed from non-privileged accounts on all unix-like platforms. I concede that a client is necessary in the windows world.
While I can see that some people might like this approach, I would think that the overhead of this method is significantly higher than the bbclient method... Also, you probably don't want to be 'giving' a user level account to people (ie, if they manage to hack your BB central box, then they get free access to your entire network.... As opposed to being able to screw-over your monitoring setup but not really affect much else...
and I'd also like to see *much* better SNMP support. ie, point it at a router, and it will automatically (or some tool) setup the various values to monitor (interfaces, byte counter thresholds, cpu, temperature, etc) or a switch, or firewall, or UPS, or whatever thingamabob you have lying around.
Although I'd love to see a "better mrtg", I'd hate to re-invent the wheel on that one. It would be nice if the mrtg folks would add snmp-v3, but that's not in the offing today.
Well, I don't really know what is needed, but since hobbit includes rrd, really all you need is to integrate some snmp library which can handle retreiving the snmp values for you. The hobbit can do it's normal alerting/trending the same as it does for everything else. Finally, once the various config file formats for this are done, then someone can create a nice search/discover/configure tool to create the config files.
Finally, what about some sort of compression/encryption protocol,
If we are building an extended protocol, we should support authentication as well. That's been a serious hole in bb for a long time - any hacker who sees that you are trusting bb for monitoring can simply send spoofed status messages to either distract you from the real mischief or hide it from obvious view.
Yes, authentication should be included as well, but perhaps it should be server-side as opposed to client-side.
eg, xyz IP address can send reports for abc hostname + a and b status, etc...
This simple option would solve most of the security issues, once they hack the machine, all bets are off anyway (ie, they can see/find the username/password you have configured, use the standard bb tools to send the status/etc...)
Regards, Adam
--
Adam Goryachev Website Managers Ph: +61 2 9345 4395 adam at websitemanagers.com.au Fax: +61 2 9345 4396 www.websitemanagers.com.au