[Snort-users] Performance Monitor Graphing Tool
paul.halliday at ...11827...
Fri Sep 3 15:00:37 EDT 2010
On Fri, Sep 3, 2010 at 10:54 AM, Mike Lococo <mikelococo at ...11827...> wrote:
> On 09/02/2010 02:46 PM, Greg Lane wrote:
>> Does anybody had a good location to obtain a good perfmonitor graph tool
>> for snort? Every link that I have tried doesn’t seem to work and
>> nothing is available.
> With my Zabbix setup, I have a single screen that shows the following
> data for all my snort sensors:
> * Bandwidth at my taps (snmp)
> * Bandwidth to my snort processses (agent custom item)
> * Received/dropped packets for snort (agent custom item)
> * stream/frag stats (agent custom item)
> * CPU usage of various types (agent build-in item)
> * RAM usage of various types (agent build-in item)
> * Disk I/O activity in bytes and in iops (agent build-in item)
> * Free disk space (agent build-in item)
> * A list of the top-5 process-names that are using CPU-time (I
> can't wait for iotop to work on RHEL so I can get this list
> for io-consumers as well, this is an agent custom item).
> * Other stuff I can't remember
I second Zabbix :)
I use a map to relay information about the sensors though:
All of the links you see in the picture are tied to numerous event
triggers. DB connectivity and stats, snort and sguil processes,
perfmon, CPU, MEM, I/O, BW and even latency make up the event
All of this summarized with: "OK" or "Problem". I don't start looking
at graphs until there is a problem :).
The perfmon stuff is useful but it is only a small part of a much
More information about the Snort-users