The BigBrother Monitoring System


In order to sufficiently monitor the network state and services availability, the information obtained by standard SNMP agents is not enough. An important issue is the evaluation of particular TCP/IP network services quality (like ftp, http, smtp and nntp), services reliability and local host resources like CPU, disk and so on.

Big Brother is a free Web-based UNIX Systems monitor, developed by Sean MacGuire [4]. Big Brother consists of simple shell scripts which periodically monitor local system conditions (Local System Monitor or bb-local.sh) and network connectivity (Network monitor or bb-network.sh) as well as Intra-machine communications programs (bb, bbd, nettest). Disk usage, CPU loading, ftp, smtp and http servers, and important processes can be kept track of. The results of monitoring are reported in a status matrix (using a colour code) for each system/area combination, which is displayed on a central monitoring station (Display Server) and presented through a Web based user interface.

For the needs of ExperNet, we have integrated HNMS+ and BigBrother in order to achieve monitoring of TCP/IP services and remote computer resources by the ExperNet intelligent agents. HNMS+ MIB was extended to incorporate the additional monitoring values of the status matrix of BigBrother that correspond to all services/resource types included in the latter. HNMS+ server (or IO module) analyses a local log file created by BigBrother and fills out the previously mentioned MIB variables.

Additionally to existing BigBrother processes, a UNIX daemon (module) was developed that offers the possibility of remote UNIX command invocation. This was necessary since, ExperNet intelligent agents, in some cases, require information that cannot be obtained directly from HNMS+, but only through command execution on the monitored remote hosts, as for example information obtained by the "traceroute" and "tcpdump" packet monitoring utilities. Although in such cases the usual "rsh" UNIX command could be used, the above solution was preferred since it offers the possibility to restrict the set of commands that are allowed, through appropriate configuration of the module, thus leading to a more flexible and secure system.

 

 

 

 

 

 

 

 

 

 

 

 

 

To conclude, the modified BigBrother provides information to ExperNet intelligent agents through HNMS+, not only about the status of the most important TCP/IP network services, but also about the operational parameters of the individual monitored hosts. It also offers a relatively secure remote command invocation that allows the system to better monitor or even control the network.

info.h5.gif (1109 bytes)