Scanning for SNMP communities

Adding devices into monitoring system is easy. Getting all the right SNMP communities for them is harder. People don’t give you the right community string or forget to open firewall ports.

If you have to test a lot of IP’s against various IP addresses you can use nmap and a community list file as an input.

Be aware you talk about permission to run this test otherwise somebody can get angry when you try to brute-force community strings against their devices.

Centralized Logging with Graylog2

How many times do you connect with SSH to your remote server and cat, grep, tail and awk through your logs? It probably works for 3 servers and running a handful services, but if you have more, you should definitely spend some time to centralize your logs.

I personally prefer Graylog2 which can deal very well with different log formats like GELF, Syslog RFC’s. Just start some listener with the format and forward them to your Graylog2 instance.

Cleaner log with Docker and SNMP

Centralizing logs is important as soon you have more than 2 servers. In my environment the bare metal is monitored with Net-SNMP and my services are deployed as containers with Docker. All system logs are sent to a Graylog2 instance and I quickly noticed a few ugly entries caused by snmpd.

Cannot statfs /run/docker/netns/...: Permission denied

You will notice a few of them. First approach try to increase the logging level in /etc/default/snmpd from SNMP daemon with

Monitoring DevOps and the Status Quo

As most of us noticed a few companies changed our perspective how to develop software and deploy them as a service. There are quite a few changes between selling every year a box with 10 CD’s and develop and deliver your software as a service. This article is a collection of thoughts and ideas I had and wanted to be written.

Who cares about a version number?

User give a shit about version numbers anymore, all what matters needs to be focused on the user. Great user experience, functionality and a good “Effort-to-Outcome” ratio to solve your problems will make your software successful.

Docker Shell Corner Cases

During work building Docker executables, I ran in an interesting corner case. Fortunately the Docker IRC channel helped me to investigate with special credits to Ravensoul.

When you build a container as an executable you can use the ENTRYPOINT for your binary to execute and CMD as a default overwritable argument. In most cases the CMD is the --help argument to provide a useful default behavior in case you just run the container without anything specified.

Mac OS X and DHCP is screwing your Host Name

I’m using Mac OS X with iterm2, oh-my-zsh and spend 75% of my time in those terminals. It is totally annoying to me if I connect to a DHCP network and it screws up my hostname. Especially when I’m used to looking at the prompt which tells me the host I’m connected to.

It is possible to fix your computer name for several things using the scutil command which requires administration permissions. I’ve found a link to the Mac OS X Server Worksheet which explains a few things in more detail. Here is what I did to prevent my computer changing the host name.

Zyxel vs. Vodafone Easybox with VDSL 50

I ran in some trouble with my Vodafone Easybox 904 xDSL. Even with 2Ghz and 5Ghz WLAN I had regularly drops. Had to turn on / off the WLAN on the device or had to reboot it to reconnect. Otherwise the VDSL line reguarly got disconnected, also replacing the Easybox from Vodafone didn’t helped, so I bought a Zyxel VMG1312-B30A.

IPv6 and Monitoring

We are all happy when we are able to get IPv6 connectivity for our new servers. In case the network is provided by someone else and some kernel settings you can get in some tricky situations.

With IPv6 there are so many addresses your Laptop and Mobile can have a unique public IPv6 address forever - pretty cool huh? The downside is, it would be pretty easy to trace every connection you ever do back to your device - this really not what you want! When you provide a service this behavior is not so useful. Otherwise there are several ways to autoconfigure your IPv6 configuration, beside DHCPv6 the interesting one is stateless address configuration.

Pimp my Mail Notifications

Notifications are important if you do monitoring. I never liked mail notifications from monitoring systems where all the information is hidden in non-sense text. Otherwise notifications never look the same, so I’m always forced to read all that useless crap again and again. This is an approach to improve the usability of monitoring notifications using more a table pattern which helps me to recognize useful information much quicker.

Probably a lot of E-Mail guys will hate me for the reason I’m using HTML in mails. The notifications work so much better for me so I don’t care. I’ve used just inline CSS and there is no JavaScript involved. All the things are in the mail and there are no external resources loaded. Here is how I work with OpenNMS mail notifications.