Sparklining Excel

According to Wikipedia a sparkline is a

“small, high resolution graphics embedded in a context of words, numbers, images … Whereas the typical chart is designed to show as much data as possible, and is set off from the flow of text, sparklines are intended to be succinct, memorable, and located where they are discussed. Their use inline usually means that they are about the same height as the surrounding text.”

A group has released an open source add-in for Microsoft Excel called TinyGraphs “that creates sparklines, mini column graphs, and area graphs from a row of data. It generates beautiful tiny graphics that are as small as a cell and is useful for visualizing large quantities of data, such as stock prices and exchange rates.”

While I have yet to actually use the add-in it is something that I definitely can see using in a number or reports that I generate at the office.

Advertisements

Review: SB EventLog Monitor

SB EventLog MonitorI have only one thing to say about this product, “How did I ever live without it”. If you manage more than one Microsoft Windows Server then you definitely need to be using SB EventLog Monitor.

So what does SB EventLog Monitor do that is so great, it collects, collates, and reports via a web interface upon Microsoft Event Log data. The UNIX world has had syslog forever and a ton of tools to help you manage the logging data generated by servers. I’ve even tried to shoehorn Microsoft Event Log data into some of those products, but it was never a good fit. SB EventLog Monitor allows you to quickly and easily manage and analysis what is going on across all of your servers. It allows you to quickly and easily view and filter error messages from different servers and identify patterns. This is particularly useful with dealing with multiple servers across slow WAN links.

It collects the Event Log data either via a Microsoft VB script that use WMI to collect only the new events or via an agent that you can install on your servers. The other requirements are MySQL, PHP (5.0+), and a web server (apache, IIS). While the install is geared towards running everything on a Microsoft server it is possible to run the database and web server on Linux. In fact that is what I did. The install is really pretty easy, so if you are looking for a relatively simple way to increase the manageability of your servers, then I strongly recommend that you take the time to install the open source SB EventLog Monitor.

Review: Script Your Documentation Instantly

If you are anything like me you probably have little to no documentation on your servers. Probably it is because you don’t have the time or the personal to perform the tedious (and boring) work required; you know it is important, but other things seem to take priority. Well, you no longer have any excuse for not getting it done.

SYDI (Script Your Documentation Instantly) is an open source solution that will document your Windows Servers, MS SQL Servers, and Exchange Organizations. It is a fantastically easy product to use. In its simplest form, it will query an individual server and produce a Microsoft Word document detailing the hardware, software, networking, user accounts and storage settings with a table of contents and loads of other useful information. With a little extra work, you can have it query all of your servers and produce a set of XML files that can be converted in to HTML documents (using an included script) that makes publishing a breeze.

Using SYDI is really simple; it is just a VBS script that is launched from a command prompt. You do need to have Microsoft Word installed on the workstation if you want it to produce the documentation in that format. The software is written by an IT Consultant named Patrick Ogenstad. He has posted some really good how-to guides on his site.

I highly recommend that you take a look at SYDI and use it to help jump start you server documentation project. I did and in about 30 minutes I had published our server configs on our Network Management server.

Managing Your FLEXlm Licenses with Cacti and phpLicenseWatcher

So you are tasked with managing multiple FLEXlm based software license managers, but you want more than a dump of the current license information into a text file or in some horribly written and truly user-unfriendly Windows GUI. Then I have a couple of web based open source products for you, and while the installs are not the easiest they do offer some great insight into your license usage.

Managing Your License Servers

The first product is phpLicenseWatcher. It presents in a nice web interface all of the information that the command line as well as Windows GUI tool provides, and then some. Quoting from their website:

  • Shows the health of a license server or a group of them
  • Check which licenses are being used and who is currently using them
  • Get a listing of licenses, their expiration dates and number of days to expiration
  • E-mail alert of licenses that will expire within certain time period (i.e. within next 10 days)
  • Monitors license utilization

One of the biggest advantages of the product is that it allows you to monitor and manage multiple servers at once. It even includes the ability to graph your license use, but instead I would recommend the following:

Graphing Your FLEXlm License Usage

As you know I’m a great fan of the Cacti graphing system. Well thanks to the work of a user named pvenezia on their forums, he developed a fantastic template and script for graphing FLEXlm usage. The script allows you to monitor multiple license servers and graph the usage of every application on those servers.

What makes the Cacti based graphs of the FLEXlm servers so nice is that you can combine the data from multiple servers to give you an overall picture of your license use. For example we have multiple FLEXlm servers in different offices handling our AutoCAD use. Following graph shows an example of how I’ve combined the usage data from the multiple servers to show how each office is the licenses (note this is a custom graph create from the data from the referenced script and template).

I highly recommend these two open source solutions for helping you to monitor and manage your FLEXLm license servers and their associated products. It will help you to control your costs (i.e. knowing if you have too many licenses) and better manage who is using your software.

Cacti’s Painless Network Monitoring


For the past week I’ve submersed myself in the world of Cacti, and have been have a lot of fun making cool graphs. As my staff will attest, I’m really big into monitoring anything and everything on our network. I find it’s very helpful to be able to track usage, capacity, growth, and a bunch of other things. Without some kind of baseline how do you know if things are operating as they should?

Oh, so you’re wondering what Cacti is, well here is the developer’s description:

Cacti is a complete network graphing solution designed to harness the power of RRDTool‘s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.

Anyway, I’ve been using MRTG for last 8+ years to graph utilization, etc. It was a great product, and I’ve built up a number of useful scripts and hacks to monitor all kinds of things from Windows boxes to printers to email queues. I’ve even built a neat menu system, but it was a real hack. It was hard to manage, add devices, or even make changes. I’ve followed the RRDTool world for a while (and even moved my MRTG configs over to using RRD), but never found a solution that was easy to use and had the flexibility I wanted/needed. That was until I stumbled across Cacti.

Cacti has a templating system that makes adding new devices easy, it as an active user community that is sharing their templates for graphs, and device monitoring. It is really powerful and actually quite easy to use. It even integrates with Nagios, although I have yet to accomplish that integration. In the coming weeks I’ll be sharing my adventures with the installation and configuration as well as some of the templates that I have used and created/modified. So stay tuned for further post about Cacti.

Insecure Protocols, Passwords, Ettercap, and PHP

So I was doing my daily web browsing looking for something cool, when I came across something that for the first time really hit home how completely unsecured the Internet is and how simple it is for people to grab your passwords.

Now, I’ve been on/using the Internet in one shape or form since 1987, and have seen things migrate from the nearly open educational network that the amazing and scary thing that it is today. The problem lies in the fact that a lot of the Internet still uses the same insecure protocols that were popular back in 1987; in particular POP/IMAP email authentication along with basic HTML and others.

I’m an IT professional (granted I’m in management now, but still …) but I was taken back by how utterly easy it is to now capture username and password information. So your thinking no big deal, I use a “secure” website to access my online banking, etc. Well do you also use a different password for every site you visit?

What really hit home for me was this post about the Wall of Shame on the Irongeek site. What the site has is some very simple PHP to display the username/password combination sniffed out by Ettercap.

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis.

Ettercap is an amazing piece of software with many features. The main site only offers the source code, so knowing that I needed to run the Irongeek’s page on my Linux box, I started to compile the ettercap code. My box was missing one of the libraries and seeing as how I only wanted a proof of concept anyway. I downloaded a precompiled Windows binary. Within about 2 minutes I had everyone up and running and I was capturing the username and passwords of the traffic crossing my network. Wow, that’s really scary.

Today’s little 30 minute diversion is going to really cause me to change the way I use the Internet, and secure my password information. I’m going to look at SSH/SSL tunneling for all my data when I can’t use a secure stream.

Merry Christmas

Merry Christmas to everyone from the Nerhood family. I hope you have a wonderful holiday filled with warm thoughts and memories. You probably won’t see any updates until the new year, but you never know.

Ellie drew the picture with TuxPaint, a wonderful open source, cross platform drawing package for kids. Click the picture to view a bigger version.

Software for Your Mac

Mike over at JeepinXJ is almost ready to buy a Mac mini. He’s been asking about what software he’ll need to install in order to replace his Linux box. Instead of just sending him an email, I figured I post my list so that other could comment on it as well.

Fink is like yum for macs. It installs linux packages on your Mac. – I used it to install a number of things including wget, mtr, and lynx.

Darwinports is the other package installer for Mac OSX. (I have not used it)

Mike uses the No-IP dynamic DNS service so he’ll need MacOSX client download package. I obviously haven’t tried this one. If you have problems with this one, you could always try downloading the linux one. I use DynDNS for my dynamic DNS and they have a Mac client as well.

A good site with PHP install packages for Mac is Marc Liyanage’s site. This is what I would use if I were doing it again. It works with the out of the box Apache 1.3 on Mac OS or an Apache 2.0 install. (He also has some other stuff as well).

You can now install MySQL directly from a MySQL Mac OS X package on their site. (note it is about 3/4 of the way down the page)

I used the packages from Server Logistics to install Apache2, MySQL, and PHP. I would recommend not using them seeing has how they have not been updated in a long time.

PostfixEnabler, helps gets postfix and IMAP working on your box. Great App It also can setup POP3 and IMAP servers as well.

DNS Enabler helps you configure the box as a dns server (again very handy)

I haven’t tried WebMon, but it looks interesting for installing PHP, Apache and WebDAV support (this allows you to supposedly share iCal information).

A couple of other Mac OS X – Apache, MySQL, PHP server install packages exist. MAMP and XAMPP are two. I haven’t tried any of them, but a little research would be in order. Note the MAMP people do not recommend running as a production server (mostly for security), XAMMP always says that, but they do offer a script to tighten the security down. The nice thing about these two packages is that they come with the PHP eAccelerator already installed (it makes a big difference on PHP performance)

Probably the best Mac news site is MacInTouch, but there are also MacFixIt and MacNN as well for keeping up to date on the latest Mac information.

If you have your favorite, must have Mac OSX application/site please leave a comment.

Monitoring Dell Hardware with Nagios

We use the excellent Nagios network, host and service monitoring software at the office to track the status of our servers, routers, and network devices and connections. The program works great and we love it. However, the one area that we have wanted to track was the status of Dell PowerEdge servers, particularly those running Windows Server 2003. We’ve installed Dell’s OpenManage software on all the boxes and that works great, but we were not getting notified when something on the server failed (power supply, fan, or a disk in an array).

The status of server can be gotten through SNMP to the OpenManage so I knew that it could be done, I just didn’t want to have to reinvent the wheel. I did some searching, and I came across three plugins. The first is simply called check_dell.pl. It is checks the overall health of both the system and the array. If either is non-OK then it gives a warning. It is simple, quick, and effective, but I wanted additional reporting so that I know what was component was actually faulty.

The second plugin is called check_om.py and it checks the overall chassis status. If it is non-OK, it will then check other status indicators in order to create an error message that indicates where the problem lies. It has the ability to check for power supply, voltage, cooling device, temperature, memory, and intrusion issues. It works great, and we now us it!

Now I needed to find a way to report on the status of the drive arrays because the check_om.py doesn’t do that. I found a couple of plugins that would check the RAID controller locally or would do it for Linux servers. Then I finally found this check_win_perc plugin posted on a Dell mailing list site. It has a number of really good features, like telling which drive in the RAID array was having problems, but it also has some quirks. For one thing it stores baseline information in a temp that must be manually deleted. In order to work in our environment it needed some clean and modification.

I modified the plugin to better handle passing of SNMP community strings. As it was originally written it reported all the disks and their status, no matter to which array controller it might be attached. I modified the code so that you can select which of two controllers you want to monitor and report on only those disks. Because my coding skills are non-existent, it still has some unresolved quirks, like when it reports the number of Global Hot Spares it is still doing it across all controllers which is wrong.

My modified code is listed below. Please use at your own risk! If you make any modifications or enhancements please let me know.

(more…)

It’s good to be back

It’s been a crazy couple of days. I brought the new iMac home on Wednesday night, and started hooking it up in the office. In the process of hooking everything up, I had to move by web and mail server (the old Dell laptop). This ended up not being a good thing. Not good at all. After getting the iMac all hooked up and working, I tried to connect to the server, and I couldn’t. So I pulled the laptop out, opened it up, and … a screen full of error messages. I must have bumped it pretty hard when moving and the hard drive went “whacky” on me.

I had been planning to move my web and mail to the new iMac, but just not this soon. Also, even thought I’ve talked about backing the unit up, I never found the right solution and hadn’t gotten around to it yet. To top it all off, we’re still having problems with our Internet connection at the house, and that night when I could connect, I was getting slower than dialup speed. I tried to download some tools to rescue the data, but couldn’t. (I placed a call to Comcast and a technician will be out on Saturday). I was up really late trying to get the Mac as ready as possible.

I got up really early on Thursday morning and took the dead laptop to the office in hopes of recovering the data there. After downloading a System Rescue CD which worked but wouldn’t see my PCMCIA network card, and a copy of Knoppix, a live Linux CD, I was able to copy most of the data off the drive. I’m not really sure what was lost, but I was able to recover the database that powers this blog, as well as the templates. I was also able to recover all of my old emails too.

When I got home, I started the rest of the process to build the iMac into the server machine I needed. Even though Mac OS X comes with a lot of the things necessary to run right out of the box, I either needed newer versions or additional software. In particular, I needed MySQL, Apache2, PHP, Postfix, an IMAP server, and BIND.

There are a number of ways to add and update UNIX software on a Mac. In addition to compling the software from source, there are Fink and DarwinPorts which provide linux and bsd style updating mechanisms. Both other some usesful features, but I needed to get things running quickly. So I chose to use some installers from Server Logistics. They offer a series of “complete” installs for Apache2, PHP, and MySQL with all the options that I needed. So I installed them and got my webserver back in action. After a quick install of phpMyAdmin I was able to recover my database, and then in short order get the blog up and going again.

For email, I needed to get an IMAP server installed as well as Postfix configed and running. Again after some searching, I used the Postfix Enabler, from Cutedge. This installed and configured an IMAP server as well as providing an interface to configure and start Postfix. So now I had email again (albeit without any spam filtering) and called it a night at roughly 12:30.