This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Monitoring NetWitness with Nagios

RSAAdmin
Beginner
Beginner

‎2014-10-17 04:58 PM

It's been a month since the RSA Global Summit and I finally got the documentation together on how we implemented Nagios monitoring of Netwitness hardware and services. I've uploaded it to documents and you should be able to find it here:

 

Monitoring NetWitness with Nagios

 

I've also attached a copy of the Perl script a cow-orker wrote as a Nagios check specifically for pulling SNMP values from the NetWitness services, which is invaluable for monitoring stats like memory, sessions processed, dropped packets and such.

Preview file
6 KB
0 Likes
2 REPLIES 2

Anonymous
Not applicable

‎2014-10-25 03:44 AM

is their any option to monitor them using SNMP traps, with any other third party monitoring tools or SNMP server?

0 Likes

RSAAdmin
Beginner
Beginner
In response to Anonymous

‎2014-10-27 09:43 AM

I'm not sure. The appliances use a stock SNMP agent for Linux, so theoretically you could set something up on the appliance that would locally monitor an attribute via SNMP over the loopback, then send an SNMP trap to a given destination. That's assuming you want to do traps in response to values in the decoder/concentrator/broker services.

 

Since you can install Nagios plugins locally you can definitely use SNMP traps for the OS-side of things, such as an alert on low disk space or such. We have never implemented such a setup.

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.