![Page 1: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/1.jpg)
Monitoring systems using Open Source Tools
Randy Saeks, Network ManagerGlencoe School District 35Glencoe, IL@rsaeks
![Page 2: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/2.jpg)
Background
● 16-years in K-12 EdTech● Systems Integration● Conference Presentations● iOS Deployment● G-Suite for Edu Deployment
![Page 3: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/3.jpg)
What are the trends And how can we be ready
What is happening And let us know
Why did it occur And should we be worried
![Page 4: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/4.jpg)
Tools
Alerting via Nagios
Monitoring via Cacti
Logging via ELK
![Page 5: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/5.jpg)
Alerting
● Focused around current state of operation● Indicates server or service health● Functional area notifications
https://media.giphy.com/media/FXGoDrsgrNLj2/giphy.gif
![Page 6: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/6.jpg)
Alerting | NAGIOS
● Create structure● Extend with service plugins● Define relevant alerting times● Basic reporting ability
![Page 7: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/7.jpg)
HOST
PARENT
PARENT
Web Server
DMZ Switch
Firewall
![Page 8: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/8.jpg)
![Page 9: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/9.jpg)
![Page 10: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/10.jpg)
Define Host
define host {host_name ESXialias GCS-ESXI-01
address 192.168.40.24parents GCS-3750contact_groups admins
}
![Page 11: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/11.jpg)
Create Structure
define hostgroup{hostgroup_name web-servers
alias Web Servers members www,glencoecentral,glencoesouth,glencoewest,intranet }
![Page 12: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/12.jpg)
HOST
HOST Group A(Hosts in building A)
HOST HOST HOST
HOST Group B(Hosts with E-Mail functions)
HOST HOST
![Page 13: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/13.jpg)
Extend with service plugins
define command{command_name check-host-alivecommand_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100%
}
![Page 14: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/14.jpg)
Assign Services to Hosts
define service{host_name ns1,S-Net,W-Netservice_description DNScheck_command check_dns!$HOST$!www.apple.com!.200!.500
contact_groups admins}
![Page 15: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/15.jpg)
HOST
HOST Group A(Hosts in building A)
HOST HOST HOST
HOST Group B(Hosts with E-Mail functions)
HOST HOST
Services (via check_command) assigned to hosts
![Page 16: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/16.jpg)
Functional Area Notifications
define contact {contact_name saeksr
alias Randy Saeks email [email protected] }
define contactgroup { contactgroup_name admins alias Nagios Administrators members saeksr}
![Page 17: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/17.jpg)
Define relevant alerting times
define timeperiod {timeperiod_name InHours
alias Included Hours Hours, 7AM - 5PMmonday 07:00 - 17:00tuesday 07:00 - 17:00
wednesday 07:00 - 17:00thursday 07:00 - 17:00
friday 07:00 - 17:00}
![Page 18: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/18.jpg)
HOST
HOST Group A(Hosts in building A)
HOST HOST HOST
HOST Group B(Hosts with E-Mail functions)
HOST HOST
Services (via check_command) assigned to hosts
Notification
![Page 19: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/19.jpg)
![Page 20: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/20.jpg)
![Page 21: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/21.jpg)
Monitoring vs Alerting
● Alerting can tell us an AP is down● Monitoring can tell us number of connected clients● Monitoring can tell us if a network port maxed out
![Page 22: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/22.jpg)
Monitoring | CACTI
● Network device focus● Numerical data retrieved via SNMP● Graph basic trends● GUI based● Extend with community templates
![Page 23: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/23.jpg)
Step 1: Add a device
![Page 24: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/24.jpg)
![Page 25: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/25.jpg)
Step 2: Generate visualizations
![Page 26: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/26.jpg)
Remember
● Understand what the graph is telling us● Relate information to actual environment
![Page 27: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/27.jpg)
![Page 28: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/28.jpg)
![Page 29: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/29.jpg)
What about custom data?
● Determine by manufacturer MIB● OID represent an element of the device
○ 1.3.6.1.2.1.1.4 - sysContact
![Page 30: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/30.jpg)
Logging | ELASTICSEARCH, LOGSTASH, KIBANA
Logstash
Data collection Plugin ecosystem
Beats
Shipper from edge machines to
Logstash
Elasticsearch
Search, Analyze, Store data
Kibana
Visualize data
![Page 31: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/31.jpg)
Beats | FILEBEAT
● Installed on edge device● Configured with log files & paths● Shipped to Logstash
![Page 32: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/32.jpg)
![Page 33: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/33.jpg)
Logstash
● Learn to ♡ Logstash● Text-based configuration of Inputs, Filters, Outputs
https://media.giphy.com/media/VNFJZ6mpsvfHO/giphy.gif
![Page 34: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/34.jpg)
Inputs
input {
udp { port => 5514, type => "cisco-switch" }
udp { port => 5544, type => "cisco-fw" }
beats { port => 5044 }
}
![Page 35: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/35.jpg)
Inputs
input {
file {
path => "/var/log/remotelogs/wlc.log"
type => "cisco-wlc"
start_position => "beginning"
}
}
![Page 36: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/36.jpg)
Filters
Because …
15092 10:16:28.939 PTR record for <74.125.82.54> exists
for HELO string <mail-wm0-f54.google.com>, accepting
...doesn’t really help us
![Page 37: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/37.jpg)
Logstash Filters
● Format information● Parse out fields of information● Use patterns for specific services
![Page 38: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/38.jpg)
Filters
![Page 39: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/39.jpg)
How do we do this?
15092 10:16:28.939 PTR record for <74.125.82.54> exists for HELO
string <mail-wm0-f54.google.com>, accepting
match => [ “message”,
“%{NUMBER} %{TIME} PTR record for <%{IP:clientip}> exists for
HELO string <%{IP:from_server}>, %{WORD:status}” ]
GROK!
![Page 40: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/40.jpg)
![Page 41: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/41.jpg)
Filters
filter {
if [type] == "cisco-switch" { }
if [type] == "cisco-fw" { }
…
}
![Page 42: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/42.jpg)
Construction Example | GROK CONSTRUCTOR
grokconstructor.appspot.com
![Page 43: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/43.jpg)
Outputs
output {
if "beats_input_codec_plain_applied" in [tags] {
elasticsearch { index => "filebeat-%{+YYYY.MM.dd}"}
}
else if "twitter" in [tags] {
elasticsearch { index => "twitter-%{+YYYY.MM.dd}"}
file { path => "/tmp/logstash.log" }
} }
![Page 44: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/44.jpg)
Elasticsearch
● Central Storage of your data● Elasticsearch is configured as a logstash output● Create indices for source-types● Least amount of time for setup
“Discover the expected, uncover the unexpected”
![Page 45: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/45.jpg)
Kibana
DASHBOARDVISUALIZATION VISUALIZATION VISUALIZATION
SEARCH TERMSEARCH TERM
SEARCH TERM SEARCH TERM
SEARCH TERM
SEARCH TERM
![Page 46: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/46.jpg)
Visualization
![Page 47: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/47.jpg)
Denied Firewall logins
![Page 48: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/48.jpg)
Denied Firewall logins
Login denied from 182.100.67.252/18872 to outside:65.126.243.146/ssh for user "root"
Action Login denied
Source IP 182.100.67.252
Our public IP 65.126.243.146
Service ssh
Username root
![Page 49: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/49.jpg)
Dashboard - Firewall Events
![Page 50: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/50.jpg)
VPN connections
![Page 52: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/52.jpg)
Switch events
![Page 54: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/54.jpg)
What does the data tell us?
2017-07-06 18:11:03,257 WARN
[ImapSSLServer-64396] [ip=117.158.110.87;]
security - cmd=Auth;
[email protected]; protocol=imap;
error=authentication failed for
[[email protected]], invalid password;
![Page 55: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/55.jpg)
Dashboards
![Page 56: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/56.jpg)
Connections per Access Point
![Page 57: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/57.jpg)
Valid E-Mail logins by Country & State
![Page 58: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/58.jpg)
Do we know why there is a spike?
![Page 59: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/59.jpg)
Other Examples
● Filtering through data example● Social Media Analytics
![Page 60: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/60.jpg)
That’s how it starts ...
![Page 61: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/61.jpg)
… you check the charts ...
![Page 62: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/62.jpg)
… and start to figure it out.
![Page 63: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/63.jpg)
That’s how it starts
![Page 64: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/64.jpg)
Power of dashboards
● Dashboards consolidate information otherwise isolated● Reduce time searching logs for events● Once data consolidate we can manipulate● Dashboards can focus around project-specific metrics● Use time to troubleshoot instead of discovering
![Page 65: Monitoring systems using Open Source Tools - Join …macadmins.psu.edu/.../07/...systems-using-open-source-tools-tsx6if.pdfMonitoring systems using Open Source Tools Randy Saeks, Network](https://reader030.vdocuments.us/reader030/viewer/2022020108/5a9f94127f8b9a89178cecb1/html5/thumbnails/65.jpg)
Q&A