functionality, security and performance monitoring of web assets (e.g. joomla, wordpress,built from...
TRANSCRIPT
Functionality, security and performance [email protected] |Microsoft MVP | ELITE M’sia
Topics • What is monitoring
• The need for monitoring• Options available out there
• Core components of a typical website• What to monitor?
• Inter-networking• Physical• OS• Backend• Frontend
• An introduction to Nagios - Framework Monitoring • Q&A
What is monitoring?Wiki:
Network monitoring is the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator (via email, SMS or other alarms) in case of outages. It is part of network management.
Ping – my first monitoring tool..
Monitoring is an art, it’s an orchestration for visibility
Why monitor?• Commercial impact• Personal impact• Organizational and establishment impacts
If’s there aren’t any problems, just wait..
If your digital assets are valuable, your monitoring tool will help sustain that
Why? Some, of the many many reasons..• Measure performance, monitor security and
assure functionality• Slowdowns make search engines to not like
you anymore• Problems will make customers cringe • Security breaches can hurt credibility • Plan wisely, save money• Service levels• Compliance
http://backlinko.com/search-engine-ranking
The application and monitoring conundrum
Your Site
Your Monitoring
If users complain and if you don’t know
YOU NEED MONITORING
Questions to ask…• Do I know what’s going on with my site(s)?• Do I know what is the experience of my consumers on my site
are like?• Do I know if my resources are sufficient?• Is there any room for improvement?• Am I sufficiently informed on issues?• Do I comply with industry standards?
Smart admins automate as much..Smart developers get smart admins to help them automate as much..
Options available out thereWhat to use?
Monitoring software• Virtually hundreds.• Some commercial, some free, some free and open source.
Some on cloud and some hybrid and some on premises.• Examples of Open Source Monitoring Tools
• Nagios• Cacti• Icinga• Opsview• OpenNMS• Op5
General guidelines when choosing• Familiarity • Functionality• Flexibility• Cost• Complexity/Completeness• Support (and roadmap)
What to monitor?With special focus on Joomla and its ecosystem
The drawing board – Relative OSI model
The drawing board– A typical Joomla Site
Inter- Networki
ngPhysical OS Backend Frontend
The drawing board - Supporting Actors• Application load balancers• Security solutions• Cipher off loaders• Clustering• Caching technologies• Custom app add-ons• Others…
Each one of those components, can and will affect your site.Thus, every one of those should be monitored.
What to monitor General connectivity
• Routes• DNS• Local vs Geographical reachability
• Edge devices• Firewalls• IPS/IDS• Routers• Switches• Load balancers
Inter-networking• ICMP Ping
• Host up or down• Roundtrip time & Latency• Packet loss
• TCP Ping• Port specific
• UDP Ping• Send with / expected reply
DNS – The building blocks of the internet
• DNS Resolution• Correctness• Speed
• Domain expiry• Rogue domains
proliferation
Firewalls• Thousands of logs? Are we
reading them? Well we should!• What’s inside those logs?
• Can we form a pattern to be preemptive rather than reactive?
• Is the firewall the bottleneck?• Is the firewall overworked?
What to monitor • Physical
• CPU• Memory• Disk• Temperature• Hardware modules
• RAID• Fans• Power Unit
• Power
Server (s) capacity
What to monitor – OS• Operating System (OS)
• Updates• Open files• OS messages• Interface Bandwidth• Attempted/Unauthorized access• Rogue apps/Trojans/Rootkits• File accessibility• File configuration changes• Check for ports/processes• Check for services• Check for job completions/backup completions• Check HA/Replication• Date and Time
Rootkit
What to monitor - Backend• Backend
• PHP engine (Apache/IIS/NGINX)• Databases (PostgreSQL/MySQL/MSSQL)• SSL engine (mods)• Data replication • HA and load balancing • Caching engine• FTP/SSH/SFTP etc..• Others
• Email server• LDAP/Directory• File share• Virtualization • Remote access• VPNs
PHP/Webserver• Is the webserver running• Is the PHP engine running• Is it running the latest relative
version• Other PHP modules loaded and
working properly• E.g. suhosin, mod_security
• Worker processes• Compilation/execution time• Throughput• Server crashes• Requests vs responses• Error codes/Events
Databases• Is the database server running• Queries
• Slow queries• Rogue queries (injection attempts)
• Check # of processes/queue• Replication statuses• Latency of read/write• Table statues• Connections to the server• Threads• Errors• Memory and CPU usage
Frontend• Checking functionality of the PHP scripts
• WebInject• Checking PHP script data size consistency• PHP version• Apdex score• Events• Responses• Defacement• Periodic & Automatic auditing• Check Joomla version against yours
• Updates• Security• Mods
Frontend reverse check• An interesting way to have a real life test on your servers
Normal way
Interesting way
Nagios – Framework MonitoringPerhaps the best monitoring tool, I know…and here’s why
Introduction to Nagios• N.A.G.I.O.S -> Nagios Ain't Gonna Insist On Sainthood
• Worlds most deployed open source monitoring solution
• Winner of several awards and recognitions
• Can monitor *anything*, really..!
More on Nagios..• Nagios is a framework• Enterprise grade
• Same class as HPOV, Tivoli, etc..• Supports just about anything you have• It's open source • Highly scalable• Easy to use and customize• Built around largely successful apps such as
MRTG, MySQL, Apache and surely, Linux
Typical monitoring offerings• Other monitoring solutions…
• It’s a nice house• It will only be like that as
designed by the architects• You can renovate, but cost you
lots of $$$• You have to always go back to
the developer for help• If you wish to do more, you
need to buy a new house
Framework?• With Nagios
• Make the most beautiful house• You decide how your house
should look like• Renovate, redesign, rebuild
and customize, no additional cost!
• Anyone knows to use a LEGO set, knows how to support your house
• Need to do more? Don’t need to buy a new house, just use the blocks and enjoy…
Why Nagios?• Building a monitoring solution of what you need, not what the product can offer
• Unlimited possibilities• Monitor everything
• No license cost• No maintenance cost
What Nagios can do?• Again, quite a bit, specifically…
• Hardware• Software• Event logs• Any logs• Clustering support• Through WMI• Through scripting (VB, PowerShell, cmd.exe)
Plugins are at the heart of Nagios’s success
Plugins: Nagios is has the largest repository of plugins in the planetOver 5000 and counting
Customizing – Creating your own plugin
• Simple logic to do so• If something = some value
then set OKelse then set WARNING
• Exit codes tells Nagios to set OK, warning or critical. So if I exit 0=OK, exit 1=warning, exit 2=critical
Just about any system..
Response: If <event>, then, do this, that…
Something went wrong
Send alerts
Remedyand more..
The B list of stuff to monitor• File and print server availability. Fake a file save operation and see if that
worked/or not..• Check if clusters are still “clustering”• Scan network for open ports• Scan if a log has been compromised. Or, scan logs for a particular keyword• Check if the last backup was successful• Check licenses on a license server (e.g. lm-manager)• Check if servers running on UPS or city power• Check any log files• Run shell codes to gather informaton
• Unix shell, MS Powershell
And finally..• Environmental devices • Other Monitoring Tools
Thank you | Q&A
Copyright 2016 © Astiostech Sdn Bhd. For informational purposes only. No warranties of any kind are made and you have to verify all information before using it. You can re-use this presentation as long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties or on our website.
Experts in Open Source Network Monitoring | VoIP | Cloud Telephony | Security | CMDB