LinuxHPC.org/Cluster Builder 1.3

Network Monitoring

The term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing systems and that notifies the network administrator in case of outages via email, pager or other alarms. It is a subset of the functions involved in network management.

While an intrusion detection system monitors a network for threats from the outside, a network monitoring system monitors the network for problems due to overloaded and/or crashed servers, network connections or other devices.

For example, to determine the status of a webserver, monitoring software may periodically send an HTTP request to fetch a page; for email servers, a test message might be sent through SMTP and retrieved by IMAP or POP3.

Status request failures, such as when a connection cannot be established, it times-out, or the document or message cannot be retrieved, usually produce an action from the monitoring system. These actions vary: an alarm may be sent out to the resident sysadmin, automatic failover systems may be activated to remove the troubled server from duty until it can be repaired, etcetera.

Monitoring the performance of a network uplink is also known as network traffic measurement, and more software is listed there.

Software used in network monitoring

The ping program
MRTG
RRDtool
IBM AURORA Network Performance Profiling System
Intellipool Network Monitor
SNMP servers
Nagios (formerly Netsaint)
PRTG
Cacti network graphing solution
RANCID - monitors router/switch configuration changes

Network Management Systems

HP OpenView Network Node Manager (NNM)
IBM Tivoli Netview
Network Administration Visualized (NAV)
NetQoS Performance Center

_{^{All text used in this article is
available under the GNU Free Documentation License. It uses material from
the Wikipedia article "Network monitoring".}}