To all of you system administrators out there, Happy SysAdmin Day!!! Too often do we forget our system administrators, without whom our jobs would pretty much be impossible...
I know that this can sometime be a thankless job, but believe or not we do appreciate you. So to all of you SysAdmins out there - whether you administer SQL Server, Exchange, Orion APM, AD, Oracle, SAP, Orion NCM, WWW, Sharepoint, Orion NPM, or whatever - here's to you!
Follow me on Twitter
This August we’re going to be hosting a webcast titled “Network Management – Back to the Basics” where we revisit some of the fundamentals of network management. Within that webcast we’ll highlight the different roles that fault management products like ipMonitor play as compared to performance management products. In preparation for the webcast and because they’ve just announced a new version, I’ve been re-reviewing the new What’s Up Gold (WUG v14). In many ways it sort of took me back to some of my early days in network management. Back then, if you were looking for a fault management product and weren’t ready to dive neck deep into performance management your choices were pretty much limited to:
a) Do nothing – wait for the phone calls.
b) Buy HPOV, get nothing, brace for the phone calls.
c) Get WUG for practically nothing and avoid the phone calls.
As someone who has spent a ton of time on complicated fault management systems like HPOV, the WUG that we used back then was exactly what we needed - basic, reliable, and instant fault management.
Unfortunately, as I was reviewing the latest version I couldn’t help but be disappointed. It seems that the WUG that I remember is no more. Instead, I found myself struggling to use a product that didn’t quite seem to know it’s place. I owned a boat like that once. They called it a “fish and ski”. Problem was, it was too large and cumbersome to be a decent fishing boat and it was small to be a good ski boat. I found myself feeling cheated on both fronts and eventually got rid of it.
I was chatting with Nick Bhavsar who runs our ipMonitor business here and he says that this is exactly why so many people are choosing ipMonitor over WUG. In his words, “ipMonitor is laser focused on being that basic, reliable, and instantaneous fault monitoring product and is winning fans wherever it’s seen . Unlike WUG, ipMonitor is a flat-fee product. Monitor as many devices as you want to, for the same price.”
He went further to throw down this challenge. Whether you’ve already bought WUG, are evaluating it, or even have never heard of it until just now – mention WUG and he’ll give you ipMonitor for $995. He calls it the “Slug a WUG” campaign and it’s good for a limited time.
Don’t take Nick’s word for it (the dude’s in marketing for crying out loud) and certainly don’t believe me. Check out the products for yourself, make a smart decision, and, as always, flame on…
One of the things that I get asked about a lot is whether it's best to use centralized vs. distributed syslog servers within your overall network management strategy. It's a great question as there are advantages to each, so let's take a look...
Centralizing Syslog Collection
There are several advantages to centralizing the collection and storage of your syslog messages. An obvious advantage is that you'll have only one place to look when searching for log messages. This can be a huge advantage if you search often or if you have a large volume of log messages. Another advantage is that in a centralized collection system you only have one system to maintain (assuming that you can scale a single system to meet your needs). This will simplify your management of upgrades, alerts, and rules.
Distributed Syslog Servers
The downsides of using a centralized syslog collection architecture are the upsides of using a distribued design. For instance, in a centralized system the log messages are shipped across the network to the centralized collector. Depending upon your network topology, available bandwidth, and the volume of syslog messages this could be a very bad idea as the log messages may be competing with other applications for bandwidth. Additionally, because most log messages are transported as low-priority UDP messages the reliability of your log storage system will be better the closer the syslog server is to the device generating the log messages.
Scale is another readon to consdier distributing your syslog servers. Many network devices create a lot of log messages. Some networks generate several thousand log messages per second. In these environments, consolidating all of these messages into a centralized database may not be cost effective or even possible.
Combining the Methodologies
Many people today use a combination of the above methods to accomplish their goals. For instance, many of our cusotmers here at SolarWinds buy and deploy the Kiwi Syslog Server as a distribued syslog server - putting copies in each data center or anywhere that they have a collection of devices generating log messages. The Kiwi Syslog server stores the messages locally and provides an interface for local admins to search/view any messages that they need. Then, using the rules/alert engine within the Kiwi Syslog Server they foward any enterprise management/network management related messages up to Orion.
Orion then fills the role of the the centralized NMS and syslog server and has the ability to do additional alerting and to tie the syslog messages back to the original devices since Orion's monitoring those devices and the Kiwi Syslog Server has the ability to forward syslog messages using the original source address.
This system works well when managing network devices such as routers, switches, and firewalls and also works great when managing servers. Historically syslog was only available on Unix/Linux based system but we've also just released a new tool called the "Log Forwarder for Windows" which can be pushed out to your Windows servers and converts standard Windows event messages to syslog messages and then forwards them along to your syslog servers. The Log Forwarder for Windows is free to SolarWinds customers with active software maintenance.
Ping me back if you have any questions about syslog server setup or configuration and as always, flame on...
Well, it's official. The wicked cool new version of Kiwi Syslog Server that I've been testing and filming videos on is now publicly available. You can read more about it and download a free copy here.
The coolest new feature is the addition of a web based UI. It's ridonculous. Our guys over in New Zealand really did an awesome job on this.
Here's a quick video detailing some of features and providing an introduction to syslog in general.
Check it out and let us know what you think.
Follow me on Twitter
This week we hosted a free seminar in Washington D.C. on how to expose and leverage some key Cisco technologies using SolarWinds network management software. Specifically, we covered NetFlow, IP SLA, Cisco EnergyWise, and the new Nexus 1000v virtual switch. You can view the slide presentation from the session here.
The seminar went really well. We had a great group of attendees with tons of questions during the presentation and great conversations afterwards. I learned a few pretty interesting things that I thought I'd share here...
The majority of the people in attendance were using NetFlow for traffic analysis. This is a significant change from what I've seen with similar groups in the past and in my opinion is just freakin' awesome. This is really great technology that you can leverage quite literally for free and I'm really stoked to see more and more people taking advantage of it. Some of the attendees were using the Orion NetFlow Traffic Analyzer, some were using free tools, and some were using other applications but nearly everyone attending was doing some sort of traffic analysis using flow-based technologies.
Conversely, very few people attending were leveraging Cisco IP SLA (IP Service Level Agreements). If you're not familiar with this technology, you can watch a webcast that we recently hosted on it here. In a nutshell, IP SLA is a feature built into Cisco IOS that allows you to have your routers run tests from their location within your network and then you can pull the results back into your NMS. This technology can be leverage directly within Orion NPM, within the Orion VoIP Module, and even within some of our free tools.
Another interesting thing I learned is that a surprising number of the attendees are unable to watch the videos what we post to YouTube and Amazon due to traffic restrictions on their networks. Several of them said that they spend their evenings watching the educational videos that we produce and would love it if we could figure out a way to make them more available from their workplace. If you're also having this problem, ping me sometime or leave a comment here.
Anyhow, as I said, it was a great trip and a great seminar. I'm looking forward to the next one.
Follow me on Twitter
Next week we'll be in Washington D.C. delivering a free seminar on extending Cisco technologies. We'll cover some cool technologies like NetFlow, IP SLA, and EnergyWise. Full details and sign up information here.
Also, there will be free food and I will try to come up with a new joke or two. The food should be good...
Follow me on Twitter
Last week I was in San Francisco speaking at Cisco Live! (used to be called Cisco Networkers) and it an awesome event. First off, it was only about 70 degrees there which was 35-40 degrees cooler than here in Austin and that in of itself was worth the trip. Cisco also got smart and changed the hours so that the we could all sleep in a little later every morning and therefore party a little harder every night which combined with the great weather made for some interesting evenings...
I was lucky enough to have the opportunity to give presentations in the SolarWinds booth, in Cisco's Theatre, and within some breakout rooms and afterwards to chat with several network engineers and network managers. We shared some great discussions on new technology and trends but one thing really stuck with me - there are still a lot of folks out there that haven't deployed what I consider to be "meat and potatoes" technologies like QoS, NetFlow, Network Configuration Management, and in some cases basic network monitoring.
If you find yourself in this boat, drop me a line as I'd love to pick your brain a bit. Otherwise, stay tuned as I'll be providing some information on the items above to help you get started with each.
Follow me on Twitter