jgherbert

Thanks, rharland2012‌! No alternative ... yeah. And that's partly what frustrates me. It's almost like the industry has given up and said "It exists, there are tools to support it, it's a pain to change it so we won't." If there are any vendors reading who want to comment on that, I'd be very interested to hear a vendor…

Putting the "crash" in "crash course"? ;-)

Very much so.

That assumes of course that this company has a change management process in place. I've been in many companies that don't (much to my horror), and doubly so on the office network side of things (rather than the data center). Not communicating within your own team though...bad show.

The funny thing is that when you push those apps into the cloud, it seems that quite often resources are magically found to update the applications to make them work (whereas while it was being propped up by the infrastructure internal to the company, nobody cared).

Eek, that's three for SecretServer. They must be doing something right!

Watch this space; I have a post coming up which talks about just such a problem (although the solutions are rarely technical I'm afraid).

Yep, it's like shooting fish in a barrel...

"Low hanging fruit" - a phrase I wish I had thought to include in the post! That's exactly it.

Me too! Part of the challenge can be that there's so much overlap between products, you feel silly layering products redundantly (and often stacking up that latency as well).

I ran the graph past my wife for her comments, and she asked if I thought it would work. My conclusion was that it would take a miracle... :-/

Very good point. It's probably fair to say that progressively more of the networking hardware out there is linux based, and if you have the ability to install software (or scripts) on there, you have opportunities to customize your monitoring. Many of the white box switching OS options are basically linux with a switching…

That's fantastic. It's great to have this kind of information available, and to be able to use it to show a provider the exactly location of a problem is just awesome. I also like that you get the steady state baseline - i.e. what does it looks like normally, so you have a reference point when something changes.

Ironically, Cisco has traditionally been one of the slowest to provide APIs (including NETCONF) to their devices, let alone APIs with full command coverage. Still, I too am heartened by their increased focus over the last few years.

That's for sure, and it's doubly hard when it's not established when an application is first deployed. This is the classic network engineer problem of being told there's an outage for an application and you ask "Ok, who is supposed to be talking to your application" or "What is your application trying to connect to" and…

And, muwale‌, the trick is to keep them that way!

*lol* It sounds far worse than it really is ;-)

That's for sure true. The last thing we need is a different solution for each vendor, or (maybe even worse) the introduction of proprietary protocols.

Outside script usage, most commonly I use Excel with vlookups in the configuration. e.g. I have a cell at the top into which I put the DC (usually with a dropdown selection), and I call the cell "DC_NAME". Then the cell containing the syslog line might look like: =concatenate("logging ", vlookup(DC_NAME,syslog1,2,false))…

Thank you!

*lol* Look at it this way: it's just another set of arbitrary things to try and remember. The nice thing is that some of those things are kind of natural; if I were to ask you what the answer was to "6 + cat" you'd stare at me much as some interpreters/compilers would report an error to you. And anybody who specializes in…

A few of the companies I've worked for have had sufficient budget to use external DDoS mitigation providers like Arbor and Prolexic. At least then once identified, somebody else can do the hard work for you, with a much higher capacity to do so than we would have wanted to pay for.

Great points, as always. >I see the biggest challenges being in larger shops with separation of duties, high visibility, high presure, growth, etc. Separation of duties is definitely a challenge, though not an insurmountable one. While teams can process their own elements individually, it becomes necessary to have a…

By the way, I never did manage to complete the game. Sad.

Live to Work vs Work to Live? I would imagine that both fishing and programming share periods of time spent staring blankly into the distance. Does that count? ;-)

This is very true, and I think the more time spent coding in a language, the more we're likely to understand the importance of doing so. What concerns me I guess is that newer users may not be thinking about data types, and rather than the interpreter saying "Hey, what you've asked me to do is ambiguous; can you clarify?"…

Fair points, but once upon a time, RIP had a huge support base, AUI ports were on everything, and people used to buy music on vinyl discs, and IPX was the shizzle. My point is, ubiquity does not mean the end of the line. If something better comes along - and ideally something that could demonstrate a tangible benefit over…

I love that. BE the network. ;-)

So, speaking of putting the geek in geek speak... I understand about 1 in 3 words of the above comments, but it sounds pretty cool ;-)

Ansible seems to be the most common solution I'm hearing about right now. I don't know if it's the best, but certainly it's common Thank you for sharing!