Friday, June 15, 2007

Host Monitoring – Agent vs Agentless

We monitor all of our hosts with an agent based solution. You get the most flexibility, but the administration and upgrade of agents is time consuming and people intensive. I want to move us towards having both solutions. A development box doesn't need the ability to run complex operational scripts, and we overpay for that monitoring. In the future I hope to re-prioritize the monitoring tools for the needs of the environment. More on this as we move forward with the transition from HP to the Mercury tool.

Log processing

I am looking at a way to help network support deal with the huge number of log entries coming from the firewalls. I could use a cool tool like splunk, but there is so much data that the cost is high. I am thinking about using a sniffer logging product maybe. I have to talk to more people, but I'm not sure what the best tools are for the job at hand.