_stump · infrastructure engineer

You're right. Reachability problems are annoying when you're dealing with a remote monitoring solution. A single, dedicated team doesn't always make sense. It depends on the business model, too. If you've got branch offices that act as independent entities, with their own IT department and budget, centralized monitoring is…

I'll just leave this here: Rise of the Hybrid Engineer.

Totally agree re: decent compliance team! The challenge there is to position compliance as a partner to operations, not an auditing organization.

Oh yes, nice catch on the testing.

I think it's easy to blame the network first because network is one of those rare resources that EVERYTHING consumes. If a device isn't on the network, what good is it? Network becomes the LCD, therefore the "obvious" source of the problem. I don't agree at all with this, just wondering if this might be part of the reason…

The Thwack Pack.

Just tried the link. Got a message that says the survey has closed. So.... yeah.

jkump wrote: That request ended up being 22000 items to review and I was instructed I have 2 days to complete. Well, suddenly my 14,000 items seems like a breeze.

While the intent to keep solutions simple is noble and worthy of consideration, it should not be a constraint to any design. The fact is that some problems are complicated, and some solutions must be in order to perfectly solve the problem. As always, it's a cost-benefit decision that the company needs to make. I'll build…

Lol re: Butt Sets

NMS becomes more useful the longer it runs. I'm always interested in identifying the use patterns of various network and server resources, so you can make decisions on whether you have sufficient capacity for peak use times. The historical data, the baselines... that's where you can turn information about your network into…

It warms the soul to see this post about my three oldest friends: grep, sed, and awk. There are certainly many great web-based logging analysis tools on the market today, but I'll take a Linux shell or a similar CLI any day of the week. Of course, manipulating logs, especially security-related logs, can lead to data…

A story for you. Last week, I spent some time with a Cisco engineer to install UCS Director. We're checking out its bare metal deployment capabilities for building new ESXi hosts en masse because we're lazy interested in automation. We deployed the bare metal appliance (a virtual appliance, of course), set up the PXE boot…

ROFLCOPTER Thanks for the laugh today, SolarWinds!

belthasarx wrote: 4.Being the "insert tech label" guy/girl at your company ensures that you will keep your job. It also ensures that you will never ever have a day off. Great point! What some people call job security is what others call death through over-specialization. Master one tech, sure. But don't bet your entire…

Tell me more. What SW products are you using, and how? I always like to hear about success stories (mainly so I can steal borrow your ideas).

It's tough when open source is in the mix, because it's hard to argue with a free tool that provides useful data. But tool sprawl doesn't have to mean one tool to monitor everything; using a small number of tools is a completely logical approach, assuming that each tool was selected for a specific purpose.

I really dig the second part of this month's contest. I mean, it's not that I don't like answering questions about these products. It's just so nice to actually dig in a little bit and use some of this stuff.

I see this happen often. Have you looked into the 1000v? Network operation teams like the 1000v because it gives them control over the virtual networking, and avoids that situation you described where you lose visibility into the networking once it leaves your physical switch.

HerrDoktor wrote: As solarwinds evangelists always say, when an alert does not require an action, turn it off. You win the comments. This is obvious to many of us, but it's lost of the poor operations staff who just stare at thousands of active alerts and don't know where to begin. If it's not actionable, it's…

This reminds me of the best advice you can get for CLI administration: stop piping output through grep.

Dude, you need a home lab.

"Why don't you know everything that you don't know?" - mgmt

post hoc ergo propter hoc. amirite?

+1 for LEEEEEEEROY JENKINS!

Why can't you? If you extend your network into a cloud VPC, you certainly could run monitoring from the cloud. Oversimplifying a bit, but still.

I really like the "Hardware now told us stories about themselves" bit. That's amazing. Did you end up pulling data from an inventory or other CMDB to track that hardware history? The help desks I've worked with in the past have always set SLAs based on organizational stature. But that led to an ever-evolving hierarchy that…

Same here. In fact, I like catching the reboot traps to confirm that the servers have restarted after the patch installed. I'll run a report after the patching is done, and confirm that all of my hosts rebooted as expected.

Not sure if you've seen this: The Results of the CloudFlare Challenge | CloudFlare Blog. Basically, a few people were able to successfully steal private keys from a web server with a vulnerable OpenSSL implementation. So this vuln is real. Not just hype.

Yeah, agree. The gap between saying you're adopting a new framework and actually embracing that framework is wide. It's easy to declare, "we're doing SecOps!" and think your job is done when you set up a recurring collaboration meeting between security and operations. But you have to put in the hard work to identify the…