Check_MK is a complex addon for Nagios/Icinga and consists of three subprojects. The check and inventory system Check_MK is a general purpose Nagios plugin for retrieving data. It adopts a new approach for collecting data and obsoletes NRPE, check_by_ssh, NSClient, and check_snmp. It features a significant reduction of CPU use on the Nagios host and automatic inventory of items to be checked, and is especially useful with larger Nagios installations. "MK Livestatus" gives immediate and fast access to live and historic Nagios status data. It's a supported backend for many addons including NagVis, NagiosBP, and Thruk. "Check_MK Multisite" is a feature complete replacement for the Nagios GUI, and uses MK Livestatus as a backend. It is very fast, and supports efficient distributed monitoring.
The sysstat package contains the sar, sadf, iostat, nfsiostat, cifsiostat, mpstat, and pidstat commands for Linux. The sar command collects and reports system activity information. The statistics reported by sar concern I/O transfer rates, paging activity, process-related activites, interrupts, network activity, memory and swap space utilization, CPU utilization, kernel activities, and TTY statistics, among others. The sadf command may be used to display data collected by sar in various formats. The iostat command reports CPU statistics and I/O statistics for tty devices and disks. The pidstat command reports statistics for Linux processes. The mpstat command reports global and per-processor statistics. The nfsiostat command reports I/O statistics for network filesystems. The cifsiostat command reports I/O statistics for CIFS filesystems.
BGPHist is a tool that receives MP-BGP updates, decodes them, and writes them to a database for logging and monitoring purposes. It support not only Internet routes, but also IPv4 VPN, IPV6 VPN, and L2VPN. It sounds text output (console) and MySQL databases. The the MySQL backend, there is also a simple PHP frontend. It could be used to monitor and log an ISP's customer activity for Internet and VPNs, as a passive BGP looking glass, or as a backend for some external monitoring and accounting system.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
LPAR2RRD makes historical, future trends and nearly "realtime" CPU utilization graphs of LPARs and shared CPU usage of IBM Power servers. It collects complete physical and logical configuration of all servers/LPARs. It is agent-less (it gets everything from the HMC/SDMC or IVM). It supports all kinds of logical partitions (AIX/AS400/Linux/VIOS).
PHREL is a per host rate limiter. It will track the rate of incoming traffic on a server and insert a chain into iptables when a configured threshold is crossed. The inserted chain may either rate limit or block the offending host for a period of time. The inserted chain is automatically removed when the offending host's traffic levels return to normal. PHREL is particularly well suited to protecting nameservers (DNS) from random hosts that flood requests, and to preventing SSH brute force login attempts.