User: Dclark/Events

From LibrePlanet
Jump to: navigation, search

John Rouillard - Nagios and SEC


Nagios, unlike some other FLOSS software, has Correlation - parents and others

  • Limited cause/effect detection
  • Don't use host_name in "define service" stanza -- use hostgroup_name instead!
  • Has test on each host where it looks up it's own name to make sure dns is working on that host
  • Flap detection is problematical - he leaves it turned off
  • Nagios can put performance data "somewhere" - DB, RRD etc.
  • is_volitile useful in special cases
  • read the manual - twice

Correlation - find the fingerprint - only be notified of things that matter

Nagios 3 will support defining own variables - write up on hack to do this now how to monitor SSL is on nagios-users list (find post) check_ldaps

Servicegroup - bundle of group of services that provide a customer-visable server (e.g. db2, websphere app server, apache)

Serviceextifo/Hostextinfo going away in Nagios 3 -- info shifts to becoming attributes of service and host objects

Nagios 3 in alpha now.

  • Nagios really a service monitoring program, not a host monitoring system

Many other monitoring projects are missing correlation.

Nagios 2 - host checks are done in series (In Nagios 3, they will be in paralel)

Correlation includes (slide) Topology, Thresholds, Service, Cluster (meta) plugin, Flap detection (doesn't quite work, but SEC replaces it)


  • Links to TWiki for a knowlege base for services, hosts, addl commands
  • Can change html pages - he has "Unack Svc Probs" - on call person lives in this screen
  • Downtime scheduling
  • He uses cacti and rt integrated with twiki - interesting feature - find last ticket in RT that mentions system
    • connect via (ajaxterm?)
    • look at nagios definitiaons
    • (cacti not from nagios - he doesn't like nagios for rrd suff - he uses drraw instead)
    • Also have wiki pages for services
    • Nagios just has link - no dual-way automation, but don't really need it in this case - wiki-side template for hosts and services do exist however


  • Is very passive
  • often times you may need to hook rule types together -- in groups
  • only useable in real time at the moment
  • can do everything that nagios does except topoplgy

Plugin talks to device, sec determines severity level, gives data back to nagios (nagios not time aware, sec is)

  • He has created patch to Nagios that allows te active events to be passed through to sec - patch is in beta this month, still 2 open slots for more beta testers - beta period will last at least 2 months.

When used with nagios his patch adds:

  • counting ok states before reamrming
  • differeent triggers or polling interval on analysis of error not just non-ok severity
  • changing trouble thresholds per time period/activity
  • SEC also monitors nagios log file - often this file will show nagios configuration errors


Nagios is good at "what is hapening now"; sec is good at figuring out "how I got to now"

  • His patch will be released under GPL
  • Personal Website:
  • easy: passive service event -> nagios
  • trick here is getting active stream from Nagios

OpenNMS (in 2004) - didn't have good correlation compared to nagios, and certainly not comperable to SEC

  • Does it have correlation now?
  • It used to have thresholding issues as well, and may still


  • He couldn't see correlation aspects that he really needed.

Temperature censors - lmsensors and smartcontrol can be used instead of stand-alone devices in some cases

Some tricks:

  • Rack as host - if 3 boxes in rack have high temp, rack is overheated
  • Room as host - "room is on fire' alert if 3 racks have high temp
    • But really needed "room is underwater" alert :-)
  • Q: lots of host - does he manual edit? A: Yes, but working towards defining every host once in config (his config mgmt app, akin to cfengine/puppet/bcfg2/lcfg)
    • automation issue: Think of a host group as a set, nagios only has set subtraction - makes automation very difficult
    • could just not use hostgroups, but then that makes the nagios web GUI suck
    • hostgroups for admin data

Cool wiki integration stuff

These are notes from a follow-up email I sent John (John's writing).

> BTW is your neat TWIKI integration with nagios et al doc'ed anywhere
> >public? Not the code, just would be interested in the list of things you
> >integrated / screenshots.

Hmm, I don't think so. I was doing a live demo for BBLISA, I suppose I
could doc it up. Basically add:

  #generic serviceextinfo entry template
  define serviceextinfo {
	  register        0
	  name            generic-service
	  notes_url       /twiki/bin/view/Main/NagSvc$SERVICEDESC$?templatetopic=NagSvcTemplate&host=$HOSTNAME$&service=$SERVICEDESC$&alias=$HOSTALIAS$
	  action_url      /twiki/bin/view/Main/NagSvc$SERVICEDESC$?host=$HOSTNAME$&service=$SERVICEDESC$&state=$SERVICESTATE$&output=$SERVICEOUTPUT$&alias=$HOSTALIAS$&templatetopic=NagSvcTemplate#ServiceFunctions

This add notes and services links for the service. e.G. for service
FooStuff it adds a link to the NagSvcFooStuff page. It passes in the
hostname, alias, service name and uses as a templatetopic when the
page doesn't exist NagSvcTemplate.

If you are using the action link it jumps to the ServiceFunctions

For all your serviceextinfo declarations use generic service:

  define serviceextinfo{
        service_description     SomeTwikiWord
        hostgroup_name          ...
        notes                   ...
        use                     generic-service

Also I did something similar for the hostextinfo setup.

In TWiki I had to modify as the TWiki.WebTopicViewTemplate
so that the link to create the new page read:

   * Continue to <a href="%SCRIPTURLPATH%/edit%SCRIPTSUFFIX%/%WEB%/%TOPIC%?templatetopic=%URLPARAM{"templatetopic" default =""}%&host=%URLPARAM{"host" default =""}%&formtemplate=%URLPARAM{"formtemplate" default =""}%&alias=%URLPARAM{"alias" default =""}%"><b>Create the new page</b></a>

as the oops page wasn't passing the query parameters along and the
edit box wasn't getting some of the parameters set.

The 4 templates:


are in the attached tar file.

Hopefully those will give you some idea of what we do with them.

We have a few auxilary twiki pages that have embedded searches in them
that allow us to aggregate machine name, serial number, asset tag and
purchase date for our accounting people and for audit use.

Also we have other pages that list our rack layouts (basic 5 column
twiki table with U number, front of rack equipment, rear of rack
equipment, left and right power strip info). The equipment is put in
the racks using the twiki NagHost page name so we can click on it and
get more info. But this also means we can pull the info from the rack
page to id the U that the piece of equipment is at. (Ideally we would
have seperate SiteRackOne SiteRackTwo .. pages that we could search so
we wouldn't have to manually enter the site and rack info but...)

Anyway if you have more questions feel free to shoot them over here.
I'll be traveling for the next couple of days but I'll get around to

Python meetup 2008-06-18

3 Presentations:

  • Brian - Google Apps Engine
  • PK - Django
  • Nate - Pylons

Google Apps Engine

  • Tim Bernes-Lee uses Python
  • Download SDK - also check license
  • Supports their own web platform, and Django
  • Brett Canon - Sandbox mode python
  • -> -> Talk to guy who was interested in this stuff - looks a bit like desai - send link to clipperz (?) project
  • Check: Google a member of

J2EE to Django: Ready for the Enterprise?

  • QuerySet - lazy, chainable
  • use new forms package (but it's really limited) - under active discussion
  • Lack of AJAX support (vs. RoR great support) - position is you get to decide on AJAX package - JQuery recommended
  • Lack of IDE support
  • Dynamic typing makes development with large #s of people difficult
  • Waiting for 1.0 - email support, ORM, newforms, mail, argument names, textile - Sep 2008!

Cool things to try:

  • Write a custom tag - application specific, helper tags
  • Write a context processor
  • Test client - unit tests as web browser - works well, trick is that if URLs change, have to change all tests.

If something breaks, get stack trace, pretty useless. Pet peeve.


  • DevHouseBoston / BetaHouse - All day coding jam session - Python, Ruby, etc.
  • Ian Bicking - VirtualM - little python sandbox - local vs global python

MIT SIPB IAP 2009 Debian Packaging

Class Link

General Documentation

Random Notes

diffstat < (gunzup -c .. ; cat ...)

debian/control file - want "Replaces" for -fsf3 linux

debhelper (dh_) is old; newer / simpler is cdbs "common debian build system"

libpam-afs-session (lenny or later)
to get package not in your repo:
* copy link for dsc file
---> * dget (path to dsc file)

upstream-debian revision number (how debian package releases are named)

"ubuntu1debathena3" is legal

---> So gNewSense needs things like "ubuntuXgnewsenseY"
Make sure that new upstream versions superscede your own

New changelog entry: "dch"

dch -v 1.5-1broder1
(opens editor with correct formatting for new entry)

2 environmnet variables:
(export in .bashrc)

wc -l rules (94 lines long) for libpam-afs-session from hardy 
... so we want to make it into a cdbs rules file instead

#!/usr/bin/make -f

include /usr/share/cdbs/1/rules/
include /usr/share/cdbs/1/class/

DEB_CONFIGURE_EXTRA_FLAGS := --enable-... yada yada

To build a package: debuild -us -uc 
"-i -I" -- don't include version control files (.svn etc) -- See also debathena doc.

Can ignire changelog-should-mention-nmu and source-nmu-had-incorrect-version-number

"missing-build-dependancy" *does* matter

aptitude show build-essential --> shows what the packages are that you prob don't need to specify in depends.

dpkg -c -->> what does this do?

make file not installing your files? Use dh_install
1: use the command line: dh_install lib/security
2: look at file to do it - more normal (in man page of the debhelper util - "man dh_install") - so 
debian/packagename.install looks like: lib/security

man page install: dh_installman ; so packagname.manpages like:


invirt - behind xvm
(has patches dir under debian - via quilt) - handles a series of patches that should be installed in a certain order.
~/.quiltrc need certain line - see debathena doc

quilt new {patchname}
quilt edit (to edit a file under a certain patch) -- IMPORTANT

quilt pop (-a for all)
quilt push (-a for all)

other trick you need to use: add
include /usr/share/cdbs/1/rules/ in your debian/rules file

 (look in it) -- to doa mod before deiified
DEB_PYTHON_SYSTEM=pysupport (sipb prefers this to pycentral - may be push to merge the 2)


DEB_AUTO_UPDATE_DEBIAN_CONTROL = 1 (need to have a file with @cdbs@) 
- catch is that it is very frowned upon by debian archive maintainers because 
it changs source package at build time. debathena may be removing it soon. 

if but no configure - DEB_AUTO_UPDATE_AUTOCONF = 1 - has to be *before* include
ALSO needs to be included before other things.

common-install-impl:: target (reference cdbs doc)

---> buildcore.png -- get a massive poster of this

In debathena, clean:: target is often used to try to restore orignial package state - eg rm configure


To see if got right: use debdiff (two .deb files), will tell you how they differ. 
Can also diffstat - see if need to work on clean target. 

debathena often has ~debian4.0 to end of string to make them all be able to be in same apt repository.
~ = binary nmus -- WEIRD sorting in debian on tilde. Followed by other things also strange. Odd.
+ = specific to env version

QUESTION: how does debuild differ from dpkg-buildpackage?

       debuild creates all the files necessary for uploading a Debian package.
       It  first runs dpkg-buildpackage, then runs lintian and/or linda on the
       .changes  file  created  (assuming  that  lintian   and/or   linda   is
       installed),  and finally signs the .changes and/or .dsc files as appro-
       priate (using debsign(1) to do  this  instead  of  dpkg-buildpackage(1)
       itself;  all  relevant  key-signing options are passed on).  Parameters

Double colon rule can have multiple times - cdbs only uses :: rules so you can always add more.

See Also

Libreplanet 2009

Day 1 Talks

James Duncan, Free Software Cloud

Free GMail, Free Google Reader (Yocto Reader)

  • fmail
  • google app engine

Free Facebook / social Networking

Matt wants this on av gnu org

  • Jamendo (by author of gnash)


Misc 2