Total SA/Engineer Management Software

Question

So, as we've seen all over server fault, and over the years I've built several of each system,

System / Network Monitoring (I use nagios)
System / Network Trending (I use Cacti)
Centralized Log Monitoring (syslog-NG)
Host-Based Intrusion Detection System (OSSEC)
Ticketing Systems (Request Tracker)
Internal Wiki Software (MediaWiki)
IP Tracking (in house NMAP-based software)

However at the end of the day, I sometimes feel like I've somewhat "cobbled together" what seems like it could be one or two softwares, at most.

I'm kinda looking for an "All-in-one solution thats easier to manage then having to deal with 7 different softwares. Something that just works.

Anyone know of any? I've seen tons of monitoring apps and all that, but they always are missing the wiki and ticketing portions. That never made much sense to me, in my opinion if a alert goes off that should be a ticket for an engineer to address. Same goes for the IDS going off, and maybe trending warnings for future notice.

It's probably a good thing to have small independant components instead of a software beast that tries to do everything. That said, what would be *really* useful is a common inventory system from which all these components could draw configuration information... — b0fh, Jul 24 '10 at 22:34
i would kill for such a system... I dont mind individual pieces, i just hate having to configure 5 softwares to add a single server... — grufftech, Aug 29 '10 at 03:34

score 1 · Answer 1 · answered Aug 15 '10 at 15:16

There's also Groundwork Open Source which performs this "cobbling" for you. I don't think it has a wiki or ticketing system though:

http://www.groundworkopensource.com/

I've used an earlier version a few years ago and it seemed very promising. In the end, my company decided to blow their budget on HP OpenView, so we never went past initial trials.

It's worth a look IMHO.

score 0 · Answer 2 · answered Jul 29 '10 at 21:34

0

It won't replace all 7, shows ads, sits on Windows, and has device limits, but if you're a forgiving sort you might look at Spiceworks. Version 5 is now in beta.

answered Jul 29 '10 at 21:34

Paul

779
1
9
18

Tom · Answer 3 · 2010-08-13T02:43:20.043

0

I have indeed felt the same about this motley set of software components. Both nagios and RT3 seem pretty venerable and in need of being dragged into 2010. (Zabbix was a contender for the nagios replacement, but it was more pain that it was worth and I reverted to nagios, (after taking a diversion via hyperic))

HOWEver I may have found an answer! ;-) well a solution to having to deal with these many different configurations problem, and its data centre automation in the form of Puppet Labs (http://www.puppetlabs.com/)

Once you come over to the puppet way of thinking, you start to think of writing puppet recipes rather than configuring servers directly, and a lot of pain and trial and error of disparate a tool-set goes away.

Puppet (or if you prefer cfengine) combine revision management for your config files and centralised management of many of those tools.

I would estimate that once you have your servers managed by a template engine like puppet, 50% of your administrative pain goes away.

edited Aug 13 '10 at 02:43

answered Aug 13 '10 at 02:00

Tom

10,886
5
39
62

I guess puppet does not address the problem of ticketing systems, and the mediawiki for storing documentation. Also I think there is a lot of scope for someone to develop a dashboard front end that pulls together the data from nagios (horrible web interface), rt3, munin, cacti, rsyslog, syslog-ng into something rivalling a commercial admin tool. – Tom Aug 13 '10 at 02:19
Puppet is an amazing piece of software, however it doesn't really replace the need of any of the above softwares; It makes deployment night-and-day more efficient, however it doesn't remove the need to have it properly monitored and thoroughly documented. – grufftech Aug 13 '10 at 05:31
I think given the UNIX philosophy of "Write programs that do one thing and do it well", fully integrated tools are only going to exist in the commercial software realm. ANd saying that, I've not even seen anything slick there, HP Openview was very clunky. Splunk was good for log monitoring but appears to be very expensive to get alerts – Tom Aug 13 '10 at 12:02
If you're looking at deployment/config automation, an alternative to Puppet is Chef, from http://www.opscode.com/ – Paul Aug 25 '10 at 21:40

score 0 · Answer 4 · answered Aug 13 '10 at 02:35

I just had a thought which is that all these tools have to pull their configuration data from somewhere. ie nagios needs a list of servers to monitor, cacti some devices to poll, syslog needs to know where the central syslog-ng server is. Additionally rt3 and mediawiki need authentication backends, ie user lists and passwords

And no-one wants to be maintaining these lists in many places.

Really the way to simplify the management of all these apps is to use a common configuration directory and database.

And this makes MS Active Directory looks like a really good idea!

score 0 · Answer 5 · answered Aug 20 '10 at 23:33

As far as commercial products goes, KACE software gets very good reviews. I'm not sure of the expense, but if you're planning to use all its features and have the "single pane of glass" that marketers love, it's not unreasonable at all.

It includes patch management, software management, help desk ticketing, remote assistance (something you don't currently have), host re-imaging, and several other features that you mentioned.

I have no relation to KACE, but have seen several successful installs. That said, if you do like your individual solutions for each problem, there's no huge reason to go with something like KACE.

Total SA/Engineer Management Software

5 Answers5