Rollout: Zenoss Core

The open-source Zenoss Core aims to be a complete systems-management tool for small and midsize enterprises. If it isn't, it comes awfully close.

June 20, 2007

5 Min Read
Network Computing logo

Finally, enlightenment. In 2007, the percentage of IT organizations that consider open-source management and monitoring tools viable for enterprise use broke the 50-percent mark, according to a Gartner report. This awakening is attributable to vendors that are packaging open-source software monitoring tools with solid technical support to supplement active developer communities. Zenoss' Linux-based Core 2.0 is indicative of this trend. Through "ZenPacks," it offers integration with conventional enterprise systems, including Microsoft Exchange, and a spiffy new Ajax interface that places a multitude of configuration options at IT's fingertips.

Zenoss is putting space between itself and rivals selling enterprise-level support for OSS management products, such as the Java-based Hyperic HQ and open-source tool integrator GroundWork Monitor. The biggest differentiator: Zenoss' approach to organizing the vast amount of information needed to properly monitor a network.

Zenoss Core is freely available as a straight software download to install on your own Linux box or VMware image. The company also offers the product on two appliances; the $3,995 version handles as many as 250 nodes, while the $7,995 device manages 1,000. Support contracts start at $4,200 annually for 50 devices and go up from there. With a support contract come enterprise software ZenPacks to monitor Microsoft Exchange and SQL, as well as the ZenWeb ZenPack, for Web site testing. Even with only one Zenoss server we discovered, modeled and tracked hundreds of devices at our University of Wisconsin Real-World Labs® without any difficulty.

Event ProcessClick to enlarge in another window

Beyond Eye Candy

New with Version 2 of Zenoss Core is a very nice Ajax-based interface. This is more than shiny paint--it adds significant value and maturity by making a lot more of Core's functionality available from the GUI than in previous iterations. Unfortunately, getting started was challenging as Zenoss provided no context-sensitive help to guide us through a truly staggering number of configuration options.

Another differentiator is Zenoss Core's event-management system. For any one status change--say, the HTTP port on the Web server is not responding--error messages could be coming your way via syslog, Windows Events, even SNMP traps. By aggregating all events through a single rules-processing engine, Zenoss Core eliminates duplication, making for a manageable user interface.

Although Zenoss Core is based entirely on Linux, administration requires minimal Linux knowledge. Of course, since the product is open source, you can delve into the details if you like.It's The Model

Your network is ever-changing, and Zenoss Core's well-designed device-discovery mechanism should help you keep up. By building a detailed, hierarchical model, we had the flexibility to easily organize our devices by group (organizational unit) or by system (functional unit), and we could customize monitoring around different device types. Configuration changes can be attached to a host or to the structure.

That's all well and good, but sorting devices can be tedious, even for small networks. Fortunately, Zenoss Core can discover hosts on the network automatically, on demand and on a continuous basis. We could describe arbitrary values, such as OS version and hardware details, to map devices into appropriate places in the hierarchy.

Once nodes are properly placed, Zenoss starts collecting information--everything from performance, to event monitoring and log watching, to tracking changes made to the host or within Zenoss. We were impressed that the product distilled all this data into the most relevant information, yet we could easily see all the data that triggered, and potentially cleared, any event. And, Zenoss Core sports an elaborate and extensive system that allows for customized notification schedules.

To get its information, Zenoss Core 2.0 uses not only standard SNMP MIB2 and net-SNMP MIB modules, SNMP traps, port scanning, and network protocols like ICMP, it can handle WMI (Windows Management Integration) calls, SSH, telnet, and Nagios and/or custom commands. For processing SNMP traps, vendor-provided SNMP MIB modules can be added using the command line.By extending the DCOM support in Version 4 of the Samba project, Zenoss implemented full WMI functionality directly from a Linux server to Windows machines. Previous versions of Zenoss--and currently all other open-source management tools--proxy WMI calls through a dedicated Windows server. Core Version 2.0 eliminates that need and can natively speak WMI to Windows machines. Zenoss says it will provide its WMI extensions back to the Samba project.

Extending Zenoss Core is easy with ZenPacks, bundles of Zenoss modeling and performance templates. Zenoss gave us a sample ZenPack, and Core lets IT build custom ZenPacks.

But Is It Fast?

Another natural concern is performance, and on this front the product delivers. Zenoss Core is built on an expandable architecture that lets you place Core servers near the devices they will monitor, and add additional servers as your needs grow. Say you have three data centers; you could place a performance and event monitor in each to minimize WAN traffic and increase efficiency. Each Core server can be managed independently, or you can add the ZenMoM console to aggregate information. n

Jeff Ballard is the unix systems manager for the computer-aided engineering center at the University Oof Wisconsin-Madison. Send your comments on this article to him at [email protected]

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights