Re: SLA monitoring and reporting to customers

North American Network Operators Group

Re: SLA monitoring and reporting to customers

From: Rubens Kuhl Jr.
Date: Sun Mar 18 19:13:28 2007

Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=KXDvhjtL2TKaC5bAXsQ93VQSSd8+0oWTx6xsh13z1O0pAkJN/EKeQgq1YJQryjTBUXqEkYUDh0Kj/EoZXvCmO2gVHwuO7UuBMj3IDcH18Zcbyr3BeLS4T/V5+Z+zNILpMaj0FryPNcpsvKJLO0+GIpjMZwjrP05F7IrdLNo/Nu8=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NQ4hzPoNCp6Fy1ivPoCyoUmk4uUOhDPxOX+zwhjY1/FKC0FcEqUC2WXrRbdC+TDPbHfCszncMHR6EWESDQQtDxL8xsBcM7M7wHj8ccwogsJqh6Y4BOy9aN3OV+bQkbnu9QaN677yXCURiG0fHauzrxoqx12y1qRXkZIFUfpEs7E=

> What open-source or low-budget tools are operators using for SLA
> monitoring when the reports (current state and historical) should be
> available to customers ?

Please define SLA in terms of monitoring.


- 99.x% availability (defined by packet loss and response time) monthly
- A certain number of hours from service interruption to service recovery

> Looking at NANOG archives, NAGIOS is the most prevalent tool, but its
> authorization mechanisms are somewhat below I would like so customers
> could not change anything both in configuration and in SLA software
> state

You can setup so that customer only sees the data on status of the
services he or she has access to by adding customer into as a contact
for host or services.


There are 2 main issues on my reading of
http://nagios.sourceforge.net/docs/2_0/cgiauth.html
- Users can issue commands for hosts/services they are contact for.
They could acknowledge an outage even when we should know about it.
- Some devices of interest to a customer are not specific to a
customer: a switch, a router. If they are considered contact for such
devices, they can issue commands for it.

Do you think that your customers should or
should not have such access to your central nagios system?


That's something I woud like to hear opinions on, but even with NAGIOS
such an issue could be solved by having one NOC-only NAGIOS and one
customers-only NAGIOS. Using NagiosQL would be probably make
replication easier.


> I'm looking for something more like Cacti, where customers can be
> contained to only see some of the generated graphs.

Would you be satisfied with graphing extension to nagios that is
tied replicates nagios security mechanism where customer can see
graphs for the service he/she is listed as contact for?


Is it http://nagiosgraph.sourceforge.net/ ? Can a user be a
nagiosgraph contact without being a NAGIOS contact ?


Thanks,
Rubens

Follow-Ups:
- Re: SLA monitoring and reporting to customers william(at)elan.net

References:
- SLA monitoring and reporting to customers Rubens Kuhl Jr.
- Re: SLA monitoring and reporting to customers william(at)elan.net

Prev by Date: Re: SLA monitoring and reporting to customers
Next by Date: RE: SLA monitoring and reporting to customers
Date Index
Thread Index
Author Index
Historical