August 10, 2012

Zenoss or Nagios? Your All-Seeing Network Eye in the Sky

One of the most common questions when comparing network monitoring tools is "What does Zenoss do that Nagios doesn't?"

Like a lot of grumpy old network admins, you can pry my Nagios from my cold dead fingers. I know it inside out, and deep knowledge of a particular tool often gets better results that unfamiliarity with a (theoretically) superior tool. Nagios + Cacti = monitoring, alerting, and historical performance happiness.

Zenoss is one heck of a sophisticated, enterprise network monitoring, alerting, and IT systems management application that may be the better choice under certain conditions. If you're riding herd on less than 100 networked devices, or manage a static network that rarely changes it's probably overkill, though it doesn't hurt anything to try it out. (You might want to count your network hosts, as even a small network often contains more nodes than you might think: printers, laptops, tablets, routers, wireless access points, smart switches, smartphones...)

Nagios vs. Zenoss

Zenoss dashboard

Both Nagios and Zenoss have free community editions, and commercial versions with more functionality. It is easier to learn about Nagios without installing it first because there are several live demos for all Nagios versions, and you can even log in as Administrator and mess things up. The nice Zenoss people have invested considerable effort into producing flashy videos, Webex sessions, whitepapers, and blogs, but it is all heavily-larded with marketingspeak, there are no live hands-on demos like there are for Nagios, and the enterprise evaluation and some of the presentations require jumping through registration or salespeople hoops. (Fie on Webex anyway, as it is unreliable and never wants to work for me.)

The "killer feature" that used to set Zenoss apart is its excellent network host auto-detection. Nagios has this now via a number of good third-party plugins that detect hosts and write Nagios configuration files for them. Nagios has mobile plugins, high-availability, mass quantities of plugins, and it's not hard to write your own, so it is easy to customize.

Both have cloud support, and reams of good documentation: books, howtos, blogs, videos, and even the official vendor docs are pretty good.

Zenoss Service Dynamics

So when would you choose Zenoss over Nagios? When you have a large, complex network: multiple locations, networked storage, virtual machines, clouds, mobile devices, and whatever else people are stuffing into their IT infrastructures these days. Zenoss Service Dynamics (not included in the free core) gives a complete, real-time picture of a complex dynamic network. Its most valuable ability, in my sometimes humble opinion, is the dependency and service mapping that shows the relationships between all of your various network elements. This is priceless when you're troubleshooting, because it shows the exact linkages between services, servers, virtual machines, and storage. They even have a feature called "Automated Root Cause Analysis" for zeroing in on problem spots.

Zenoss bundles some nice analytics so you can easily track workloads and find bottlenecks. It even has some flashy predictive analytics to help plan when and where to add capacity.

You can automate responses and fixes for problems. For example, stop and start services when certain performance thresholds are reached, send alerts to humans, generate trouble tickets, and trigger custom scripts to do whatever else you might want, like re-allocating cloud resources.

A Bit More Than Pointy-Clicky

If you do decide to go with Zenoss, there are a few caveats you must know about. Zenoss has a pretty AJAX-based Web interface, but it still requires a bit more effort and knowledge than point-and-click. You still need to understand snmp, MIBs, Linux networking utilities, network protocols, and the servers and services you're monitoring. Zenoss offers online training courses via Webex. These are all things any network admin should know, but sometimes people get the idea that a pretty interface means you don't need to know anything.

The dashboard is customizable with the addition or removal of portlets (see above), and there are all kinds of community-supported portlets to try in addition to the stock portlets. If you know a bit of Python or JavaScript you can write your own.

Zenoss runs on the usual LAMP stack, and Zenoss Core is included in a number of Linux distributions for easy installation and updates. You can also download VMWare images for Linux, Mac, and Windows, and binary stack installers that bundle all dependencies for Linux and Mac. Source tarballs should build on pretty much any Unix-y operating system.

Click Here!