Nagios Glossary

Introduction

Enter the sphere of monitoring and alerting systems where understanding key terms is the gateway to navigating complexities with ease.

Explore the Nagios Glossary for essential definitions related to monitoring, alerting, and performance optimization. Elevate your grasp effortlessly and empower your knowledge in monitoring systems.

Nagios Terms

A

Active Check: A check conducted by Nagios Core or Nagios XI at scheduled intervals, typically initiated and executed using plugins for active monitoring.

Agent: Software that is installed on servers/workstations so they can be monitored. Agents are available for Windows and Linux machines/servers. In contrast, agentless monitoring refers to the ability to monitor a machine without having to install an agent on it - usually using SNMP or WMI.

AIX: A variant of the UNIX operating system, specifically AIX, which can be monitored using plugins with Nagios Core and Nagios XI.

AngularJS: AngularJS, a client-side JavaScript library and development framework, is utilized in web applications such as Kibana and integrated into Nagios Log Server. The dashboard panels within Nagios Log Server are created using AngularJS.

Apache: Apache is an open-source web server that can be deployed on both Linux and Windows platforms. Nagios Core and Nagios XI are capable of monitoring Apache, and Apache is also used to power the web interfaces for both Nagios Core and Nagios XI.

Auto-Discovery Wizard: Nagios XI features an Auto-Discovery wizard that allows users to scan a specified network range. The wizard leverages tools like fping and nmap to identify active hosts, determine the operating system, and detect the open ports on each discovered machine. Users can then optionally integrate the Auto-Discovery results into Nagios XI monitoring to ensure the continued availability of the discovered services and ports.

Availability: Availability is a metric that represents the percentage of time (or amount of time) a service, application, or device was functioning correctly. Both Nagios XI and Nagios Core provide availability reporting capabilities.

B

Backup Repository: In Nagios Log Server, the Backup Repository is a shared file system that is accessible to all data instances within a cluster. The repository stores daily backups of the previous day's indexes, and all instances in the cluster must have access to the shared file system for backups to function correctly.

Bandwidth: Bandwidth is a metric that represents the amount of data transferred in and out of a network switch, device, or server. Nagios XI provides the capability to monitor bandwidth utilization, often using the Switch/Router Wizard.

Bash: Bash, a Linux/Unix shell, comes pre-installed on distributions like CentOS, RHEL, and various other Linux/Unix systems. It serves as a versatile tool for executing scripts, commands, and applications, making it a popular choice among system administrators for tasks such as maintenance and system information retrieval.

Business Process: Business process monitoring involves assessing the effectiveness of specific operational aspects within a business, such as its ecommerce service. These processes typically rely on sub-components like web servers, database servers, and more. Nagios BPI (Business Process Intelligence) addon enables users to monitor and analyze these critical business processes.

C

CentOS: CentOS is a Linux distribution that is derived from the source code of Red Hat Enterprise Linux (RHEL). More information about CentOS can be found at the official website, www.centos.org.

Component: A software addon package for Nagios XI that expands its native functionality. Nagios XI components can add new notification methods, dashlets, menu items, or other features to enhance the platform's capabilities.

Config Snapshots: It is essential in Nagios XI to create configuration snapshots when applying changes. These snapshots serve a dual purpose: firstly, they act as a safety net by enabling automatic rollback to the last known good configuration in case of any issues during the application of a new configuration. Secondly, users can utilize these configuration snapshots to store and revert back to previously known good configurations, providing a reliable mechanism for configuration management and ensuring system stability.

D

Dashboard:

  • In Nagios XI: In Nagios XI, a dashboard is a personalized page that can be tailored to display specific information, known as dashlets. Each user has the flexibility to create multiple dashboards, allowing for customized views of critical data that cater to their unique needs and preferences.
  • In Nagios Log Server: A dashboard is a customizable interface designed to showcase query results effectively. It can incorporate graphs and tables to present log data in a visually accessible manner, enhancing the comprehension of the information displayed.

Dashlet: A movable container that can be positioned on a dashboard within Nagios XI. Various dashlets offer performance graphs, custom HTML content, and diverse data to enhance monitoring and visualization capabilities.

Database: A software application that serves as a storage mechanism.

Distributed Monitoring: Scaling Nagios XI and Nagios Core to monitor a large number of devices/machines, potentially across diverse networks, is facilitated through a method called distributed monitoring. This is often desired by large organizations and Managed Service Providers (MSPs) for efficient monitoring. Nagios Fusion's central dashboard is an excellent choice for distributed monitoring solutions, and both Nagios XI and Nagios Core can be set up for distributed monitoring configurations.

E

Elasticsearch: Elasticsearch is the database indexing engine that powers Nagios Log Server. It is responsible for handling queries, indexing, and replication. Elasticsearch is the 'E' component in the ELK (Elasticsearch, Logstash, Kibana) stack.

ELK Stack: The ELK stack comprises Elasticsearch, Logstash, and Kibana, serving as the core components of a comprehensive log monitoring solution. Nagios Log Server leverages the capabilities of the ELK stack for effective log management.

ESXi Server: VMware ESXi, previously known as ESX, is a high-performance hypervisor designed for enterprise virtualization. Nagios XI offers monitoring capabilities for ESX hosts and guest VMs on ESX and vCenter servers through a user-friendly VMware monitoring wizard.

Event Logs: Typically pertains to log files found on Microsoft Windows machines/servers. Monitoring Windows Event logs is commonly sought after by individuals to detect security alerts and other important events.

F

Failover: Failover is a technique that ensures seamless continuity of service by automatically transitioning duties from a failed server to a backup server, minimizing or eliminating disruptions for end-users. Failover monitoring is frequently sought after by users to guarantee uninterrupted system monitoring and operation.

Firewall: Firewall, whether in the form of software or hardware like a network device, serves to safeguard a network and computer systems within it from external attacks and unauthorized connection attempts. Firewalls are commonly integrated into routers for added security.

Flow: A flow represents a series of packets traveling from an originating device to a target device.

H

High Availability (HA): Typically refers to the same concept as failover.

HP-UX: A UNIX-based operating system.

Hyper-V: Microsoft's virtualization platform, which serves as a successor to their previous Virtual Server product.

I

IIS (Internet Information Server): Microsoft's web server software.

IP Address: A unique identifier, such as an IP address, that enables other devices to establish communication with a workstation, server, or network device.

IPv4: The existing iteration (4) of the Internet Protocol, IPv4, is predominantly utilized by most Nagios plugins for communication with servers and applications.

IPv6: The upcoming generation/version (6) of the Internet Protocol, IPv6, is supported by certain plugins.

J

JRuby: JRuby is a Java-based implementation of the Ruby programming language. Elasticsearch, and consequently Nagios Log Server, utilizes JRuby.

K

Kibana: Kibana serves as the user interface for Elasticsearch, enabling users to execute queries, visualize search results, and create custom dashboards. It is the 'K' component in the ELK stack and is integrated into Nagios Log Server.

KVM: An open-source solution for hosting virtual machines.

L

LAMP Stack: The LAMP stack is a blend of Linux, Apache, MySQL, and PHP, providing a robust framework for developing and operating web applications.

LAN: LAN (Local Area Network) typically denotes small-scale home or office networks.

Linux: An open-source operating system with various distributions such as RedHat, CentOS, SuSE, Debian, Ubuntu, and openSuSe.

Log Files: Log files are data repositories maintained by applications and servers to store details on access, security alerts, and other events. Monitoring log files for critical information, like security alerts, is a common user requirement.

Logstash: Logstash is a tool for handling events and logs. It is used to collect, parse, and store log data, enabling subsequent searches and other use cases. Logstash is the 'L' component in the ELK stack and is integrated into Nagios Log Server.

M

MongoDB: A document-oriented database falls under the category of NoSQL databases. Nagios XI has the capability to monitor both MongoDB servers and MongoDB databases.

MSP: Managed Service Providers (MSPs) are firms offering external monitoring and management of computer and network services for their clients' remote networks. MSPs often establish VPN connections with their remote clients, yet may require an agent like NCPA to efficiently monitor devices located behind a NAT.

MSSQL: Microsoft SQL Server (MSSQL) is the proprietary database software developed by Microsoft.

MySQL: An open-source database system. XI utilizes MySQL as its database backend and has the capability to monitor MySQL databases.

N

Nagios Exchange: Nagios Exchange serves as the primary hub for a wide range of Nagios projects, including plugins, addons, documentation, extensions, and other resources. It is a platform created for the Nagios Community to collaborate and share their Nagios innovations.

Nagios Fusion: Nagios Fusion is a robust solution that facilitates visualizing operational status and expediting issue resolution throughout an organization's complete IT infrastructure. By connecting to Nagios Core and Nagios XI servers, Nagios Fusion provides a consolidated view of the entire infrastructure.

Nagios Incident Manager: Nagios Incident Manager is a powerful tool that enables efficient management of infrastructure incidents and accelerates problem resolution across an organization's entire IT landscape.

Nagios Library: The Nagios Library acts as a centralized repository of tutorials, videos, technical tips, downloads, and best practices related to all Nagios products and projects, providing a wealth of knowledge in one place.

Nagios Log Server: Nagios Log Server is a robust, enterprise-grade log monitoring and management application that enables organizations to efficiently view, sort, and configure logs from any source across their network. Designed to analyze, collect, and store log data based on custom specifications, Log Server provides users with enhanced visibility and insights into the data across their network infrastructure.

Nagios Mobile: Nagios Mobile offers a versatile mobile interface for Nagios compatible with iPhones, Android phones, and various other portable devices. It is included with Nagios XI by default and can be accessed on the XI server at the location: /nagiosmobile/

Nagios Network Analyzer: Nagios Network Analyzer is a commercial-grade network flow data analysis solution that offers organizations in-depth visibility into their IT infrastructure and network traffic. By leveraging Network Analyzer, organizations can proactively identify and address outages, unusual behavior, and security threats before they impact critical business operations.

Nagios Reactor: Nagios Reactor is an advanced automation engine engineered to streamline operations by automating problem resolution without human intervention. This solution enables organizations to quickly create, deploy, and manage complex automation tasks in a user-friendly manner, thereby reducing time and costs.

NAT: NAT (Network Address Translation) is a technique that involves utilizing 'private' IP addresses within home and office networks. It enables multiple computer systems to utilize a single 'public' IP address. Monitoring remote devices or computers located behind a NAT (such as on a different network) can present challenges and may necessitate port forwarding, a continuous VPN connection, or the use of an agent like NCPA.

NCPA: NCPA (Nagios Cross-Platform Agent) is a multi-platform monitoring agent compatible with Nagios Core and Nagios XI, designed to run on Windows, Linux/Unix, and macOS systems. Its capabilities include active and passive checks, remote management, and a local monitoring interface. Additional details on NCPA can be found on the Nagios Exchange platform.

NDOUtils: NDOUtils is an addon for Nagios Core that enables exporting current and historical data from one or more Nagios Core instances to a MySQL database. NDOUtils is integrated into Nagios XI. Further information on NDOUtils is available on the Nagios Exchange platform.

NetFlow: According to Wikipedia, NetFlow is a capability introduced on Cisco routers that allows for the collection of IP network traffic as it enters or exits an interface. By analyzing the NetFlow data, network administrators can gain insights into the source and destination of traffic, class of service, and the causes of network congestion. Nagios Network Analyzer leverages this capability to collect and analyze NetFlow data, enabling the reporting of bandwidth usage and traffic patterns across the network.

NOC: In large organizations or managed service providers, the Network Operations Center (NOC) serves as the central hub where administrators monitor and manage the entire network infrastructure.

NPCD: NPCD, also known as Nagios-Perfdata-C-Daemon, is a component of the PNP4nagios addon for Nagios. This daemon is responsible for processing performance data and storing it in RRD files. In Nagios XI, the NPCD daemon is employed to handle performance data generated by the Nagios Core engine.

NRDP: NRDP (Nagios Remote Data Processor) is a PHP application created to serve as a versatile data transport mechanism and processor for Nagios. It is commonly utilized to send passive checks to Nagios Core or Nagios XI from a remote Linux or UNIX system. NRDP operates using standard protocols (HTTP(S) and XML) over standard ports and can be deployed as an alternative to NSCA.

NRDS: NRDS (Nagios Remote Data Sender) is a pre-installed component on a Nagios XI server that enables administrators to create and manage configurations and plugins for deployment with a passive agent. This agent can be installed on a variety of operating systems, including Windows, Linux, AIX, and Solaris. The passive agent downloads the current configuration and required plugins from the Nagios XI server, executes the checks, and reports the results back to the XI server.

NRPE: NRPE (Nagios Remote Plugin Executor) is an addon that enables the remote execution of Nagios plugins on Linux/Unix machines. This allows for the monitoring of remote system metrics, such as disk usage and CPU load. NRPE can also communicate with certain Windows agent addons like NSClient++, enabling the execution of scripts and checks on remote Windows machines as well.

NSCA: NSCA is a C-written addon that facilitates the transmission of passive check results to Nagios Core and Nagios XI. This addon comprises a daemon operating on the Nagios system, which receives passive checks from remote send_nsca client scripts.

NSClient++: A Nagios Windows agent enables users to monitor various metrics such as disk, CPU, and memory usage, as well as service states, using Nagios. XI is compatible with the NSClient++ addon, which is utilized for monitoring Windows systems. While NSClient++ is commonly used for this purpose, many users opt for NCPA as their preferred choice for monitoring Windows machines.

O

Open Source: Open source software typically refers to programs that are available at no cost (free as in "free beer") and can be modified and redistributed by end users (free as in "free speech"). Examples of open source licenses include the GPL (GNU General Public License).

P

Passive Check: A passive check is a type of monitoring task performed by an external application, operating system, or device, and the results are then submitted to Nagios Core or Nagios XI for processing. Certain monitoring agents, such as NSCA, NCPA, and NRDP, can be utilized to send passive checks to Nagios. Additionally, an SNMP trap is also considered a form of passive check.

Performance Counters: Performance counters are a Windows operating system feature that provides insights into the performance of the operating system, applications, services, or drivers. Nagios XI leverages both the Windows Monitoring wizard and the NCPA monitoring wizard to monitor performance counters on Windows machines, enabling administrators to gain a deeper understanding of system performance.

Perl: Perl is a programming language that is widely used for system administration scripts and applications. It also has capabilities for developing web applications. Many Nagios plugins are written in Perl, and various components of different Nagios products are implemented using the Perl programming language."

PHP: PHP is a server-side scripting language designed for building web applications, and it also serves as a general-purpose programming language. Nagios XI and other Nagios products employ PHP for their web interfaces, leveraging its capabilities to provide a user-friendly web-based interface for monitoring and managing IT infrastructure.

Plugin: Plugins are executable scripts such as shell scripts, Perl scripts, or compiled programs utilized by Nagios Core or Nagios XI to conduct monitoring checks. These plugins are responsible for actively monitoring devices and applications, enhancing the functionality of Nagios Core and Nagios XI. A vast array of plugins can be accessed on the Nagios Exchange, expanding the monitoring capabilities of the Nagios ecosystem: http://exchange.nagios.org/

Polling: Active monitoring refers to Nagios actively checking or re-checking a website, service, device, or other resource on a regular, predefined interval (e.g., every 5 minutes).

Port: According to Wikipedia, a port is a software construct that serves as a communication endpoint within a computer's host operating system. The purpose of ports is to uniquely identify different applications or processes running on a single computer, enabling them to share information across a network. In the context of the Internet Protocol, a port is associated with the IP address of the host, as well as the type of protocol used for communication. Both TCP and UDP utilize ports to facilitate communication between various services, applications, and devices.

Postgres: Nagios XI utilizes Postgres as one of its database backends, enabling it to monitor Postgres databases. Postgres is an open-source database system.

Python: Python is a versatile programming language employed for web application development, general application development, and system administration scripts. Python is utilized in backend scripts across different Nagios products.

R

RAM Disk: According to Wikipedia, a RAM drive (also known as a RAM disk) is a block of RAM (primary, volatile memory) that a computer's software treats as if it were a physical disk drive (secondary storage). In Nagios installations, significant performance improvements have been achieved by utilizing a RAM disk to reduce disk I/O operations.

Redundant / Redundancy: Typically synonymous with Failover.

Remote Network: Remote LANs typically consist of devices, servers, and workstations that users wish to monitor. These networks may be connected to the central LAN or NOC using a VPN.

Root User: The root user on a Linux/UNIX server is the system's "superuser" or administrator with full control. This user has the authority to execute all commands on the system, such as initiating, halting, and rebooting services, adjusting system settings, overseeing file and directory permissions, and managing user privileges.

Router: A router is a network device that facilitates the routing of data packets between different computer networks. For example, a router is commonly used to connect an office network to the broader internet.

RRD File (round-robin database file): RRD (Round Robin Database) files are used to store and compress time series data, such as performance metrics returned by Nagios plugins. Nagios XI utilizes RRD files to store all the performance data that generates graphs.

S

Server: A server is a specialized computer system primarily tasked with running databases, websites, and other services. Unlike workstations that are regularly used by people, servers are typically employed for executing batch jobs, applications, and services.

Shell: In Linux/UNIX distributions, a shell offers direct access to the operating system and its running applications and services. For those accustomed to Windows, a Linux shell is akin to the Windows command prompt. Performing various administrative tasks on Linux/Unix systems often necessitates shell access, frequently requiring elevated privileges like those of the root user.

Shell Script: A shell script is an executable program that can be run from a Linux/Unix shell, such as Bash. While shell scripts are often Bash scripts, they can also include scripts written in other shell languages like tcsh. More broadly, shell scripts may encompass scripts written in programming languages like PHP, Python, or Perl, which are executed from a shell prompt.

SLA: SLA (Service Level Agreement): Denotes a client's stipulation that servers/applications must be operational and functioning correctly for a minimum of X percent of the time (e.g., 99% uptime).

SNMP: According to Wikipedia, SNMP (Simple Network Management Protocol) is an established protocol for managing devices across IP networks. Devices commonly compatible with SNMP encompass routers, switches, servers, workstations, printers, modem racks, and more. SNMP is predominantly utilized in network management systems to oversee network-connected devices for any issues requiring administrative attention. SNMP serves as a protocol/method for monitoring network devices and servers. Most switches and routers can be monitored through SNMP, and certain servers (both Windows and Linux) also support SNMP monitoring. Nagios XI facilitates SNMP monitoring with dedicated SNMP wizards. SNMP is frequently employed in agentless monitoring of servers and devices. Both Nagios Core and Nagios XI are proficient in monitoring devices using SNMP, whether through processing SNMP traps or actively polling SNMP-enabled devices.

SNMP Trap: SNMP traps allow a router, switch, operating system, or application to inform a management station about important events through an unsolicited SNMP message. Both Nagios Core and Nagios XI have the ability to receive and handle SNMP traps.

snmptrapd: snmptrapd is an SNMP application that listens for and receives SNMP traps. It operates in tandem with SNMPTT, which further processes the traps received by snmptrapd.

SNMPTT: SNMPTT (SNMP Trap Translator) is a Perl-based SNMP trap handler designed to work with the Net-SNMP/UCD-SNMP snmptrapd program (www.net-snmp.org). It carries out post-processing on traps received through the snmptrapd application. SNMPTT proves valuable for handling SNMP traps effectively with Nagios Core or Nagios XI.

Solaris: A UNIX-based operating system.

Source: In Nagios Network Analyzer, a source functions as the data collector. Beyond Nagios Network Analyzer, a source refers to the origin location of data.

Source Group: In Nagios Network Analyzer, a source group is a collection of one or more sources.

SSL: SSL (Secure Sockets Layer) is a data encryption method used to secure data communications. NRPE and various addons offer SSL support to safeguard the transmitted data.

Sudo: Sudo enables system administrators on a Linux/Unix system to delegate permissions to non-administrator accounts for executing specific privileged or restricted commands. These permissions are configured by administrators in the /etc/sudoers file.

SuSE: A Linux distribution for commercial use.

Switch: A network switch is a device that connects various computer systems and network components using network cables. A managed switch has an IP address and can be monitored, while an unmanaged switch lacks an address and cannot be monitored.

T

TAC: TAC (Technical Assistance Center): This term is sometimes used interchangeably with NOC (Network Operations Center).

TCP: Transmission Control Protocol (TCP) is a fundamental network transport protocol enabling data transfer across the internet. It offers a connection-based transmission model, unlike the connectionless approach of UDP. Many network services and applications communicate over various TCP ports. Both Nagios Core and Nagios XI can monitor applications and services that utilize TCP for communication.

U

UDP: User Datagram Protocol (UDP) is one of the primary network transport protocols, alongside TCP, that facilitate data transfer across the internet. It employs a connectionless transmission model, in contrast to TCP's connection-based approach. Many network services and applications communicate over various UDP ports. Both Nagios Core and Nagios XI can monitor applications and services that utilize UDP for communication.

Unconfigured Objects: These are Nagios objects for which check results are being received (typically through passive methods like NSCA or NRDP), but no corresponding configuration exists. Nagios XI maintains a list of these unconfigured objects, which can be easily added to the configuration from the Unconfigured Objects page.

UNIX: A broad term encompassing various UNIX-based operating systems, including Solaris, AIX, and HP-UX, among others.

User Experience Monitoring: The term typically refers to monitoring the performance and functionality of web applications from the end-user perspective.

V

View: In Nagios XI, Views are personalized web pages that can be shown within the Nagios XI interface. These pages can include internal Nagios XI pages or external URLs that administrators may wish to integrate for convenient access to crucial information. Nagios XI offers the feature to automatically cycle through views, which proves beneficial in Network Operations Centers (NOCs) where administrators need to periodically view information on different screens.

Virtual Machine: This term refers to an operating system (e.g., Windows XP, Windows Server 2003, Linux, etc.) that runs within a specialized software program, rather than on a dedicated hardware system.

Virtual PC: Microsoft's no-cost solution for running virtual machines on XP and Windows 7 workstations.

Virtual Server: A generic term often used interchangeably with 'virtual machine', referring to Microsoft's commercial product for running virtual machines.

Virtualbox: An open-source solution for running virtual machines.

VMware: Describes a collection of tools that enable the operation and administration of virtual machines.

VPN: VPN (Virtual Private Network): A secure communication channel or network from one location to another, traversing an untrusted intermediary (such as the public internet). MSPs (Managed Service Providers) frequently maintain persistent VPN connections to the remote networks of their clients. A persistent VPN connection is always active, while a non-persistent VPN is manually established and terminated by an administrator.

VPS: VPS (Virtual Private Server): A term commonly used to describe web servers hosted on the internet and provided to customers through rental or leasing agreements.

vSphere: Vmware's product for operating virtual servers.

W

WAN: WAN (Wide Area Network): A term typically used to describe larger networks comprising multiple LANs (Local Area Networks) and VPNs (Virtual Private Networks).

Web Transaction: Web transaction monitoring refers to the process of ensuring web applications are functioning correctly, such as verifying the ability to add an item to a shopping cart and proceed to the checkout page. Nagios XI provides a website transaction monitoring wizard to facilitate this type of monitoring.

Website Defacement: Website defacement is a type of attack that alters the visual presentation of a website or web page. These are often carried out by system crackers who gain unauthorized access to the web server and replace the hosted website with their own content. Nagios XI offers a Website Defacement monitoring wizard to help detect potential instances of website defacement.

Wizard: In Nagios XI, wizards provide a simplified way to configure hosts and services through the web-based user interface. These wizards streamline the complex process of creating hosts and services, defining configuration parameters, and assigning contacts, contact groups, host groups, and service groups into a user-friendly 6-step form within the Nagios XI interface. Additionally, new wizards can be easily added to Nagios XI through the Admin -> Manage Wizards menu, expanding the platform's capabilities.

WMI: Windows Management Instrumentation (WMI) is a component of Windows operating systems that provides management data and operational information about those systems. WMI can be leveraged to automate administrative tasks on remote Windows-based computers. Both Nagios Core and Nagios XI are capable of monitoring Windows machines using the WMI interface.

X

Xen: An open-source solution for running virtual machines.