Keep an Eye on your processes #

If you aren’t happy with the current process monitoring tools out there, check out Eye. It uses Celluloid to provide multi-threaded process monitoring that behaves very similarly to Bluepill. One valuable addition is the ability to get more information about the processes running:

$ eye i(nfo)
test
  samples
    sample1 ....................... up  (21:52, 0%, 13Mb, <4107>)
    sample2 ....................... up  (21:52, 0%, 12Mb, <4142>)

Other bonus tools include debugging configurations and tailing the logs of the processes being monitored.

Redis-faina – query analyzer for Redis #

From folks that know something about scale, the Instagram team has realeased Redis-faina, a tool that parses Redis’ MONITOR command to provide stats on Redis queries:

# reading from stdin
redis-cli -p 6490 MONITOR | head -n <NUMBER OF LINES TO ANALYZE> | ./redis-faina.py

Overall Stats
========================================
Lines Processed     117773
Commands/Sec        11483.44

Top Prefixes
========================================
friendlist          69945
followedbycounter   25419
followingcounter    10139
recentcomments      3276
queued              7

Top Keys
========================================
friendlist:zzz:1:2     534
followingcount:zzz     227
friendlist:zxz:1:2     167
friendlist:xzz:1:2     165
friendlist:yzz:1:2     160
friendlist:gzz:1:2     160
friendlist:zdz:1:2     160
friendlist:zpz:1:2     156

...

Check out the source on GitHub. If you’re new to Redis, Episode 0.4.5 with @antirez is a classic.

hoardd – Node.js daemon for collecting server metrics to send to Graphite #

José de Paula E. Júnior has released Hoardd, a Node.js-based daemon for collecting server data to send to Graphite. With a pluggable scripts architecture similar to Hubot, scripts are written in CoffeeScript or JavaScript to collect and publish data on an interval, such as this load average example:

Fs = require 'fs'
Path = require 'path'

module.exports = (server) ->
  run = () ->
    metricPrefix = "#{server.fqdn}.load_average"
    server.cli.debug "Running load average script"

    # Read from /proc
    procfile = '/proc/loadavg'
    if Path.existsSync procfile
      data = Fs.readFileSync(procfile, 'utf-8')
      [one, five, fifteen] = data.split(' ', 3)
      server.push_metric "#{metricPrefix}.short", one
      server.push_metric "#{metricPrefix}.medium", five
      server.push_metric "#{metricPrefix}.long", fifteen

Be sure and check out Graphiti to view your Graphite data. Also head over to the hoardd repo to install or contribute a script.

Amon – Python-powered server monitoring, logging, and error reporting with JSON API #

Amon from Martin Rusev is a simple yet flexible way to add server monitoring, logging, and error tracking to your web stack. Amon consists of three parts: a collector daemon, a Python web app, and JSON API.

  • Collector daemon – Amon’s server and process monitoring is a thin wrapper on top of Unix tools to record metrics and store them in the MongoDB backend.
  • API – Shipping with language bindings for Python, Ruby, and JavaScript, Amon’s JSON API makes it easy to record your own application events.
  • Web interface – The web app provides a friendly user interface for viewing logs and visualizing data in charts.

Amon

The Amon documentation site is a great place to get started with installation and usage.

snorby: Beautiful Rails network security monitoring app for Snort, Suricata, and Sagan #

Last week we brought you Graylog2 which takes the otherwise boring job of log monitoring and provides some pretty slick searching, filtering, and visualization. Dustin Webber aims to do the same for network security monitoring with Snorby, a Rails application front-end for Snort, Suricata, and Sagan.

Features

Snorby boasts a robust set of features including:

  • Metrics & Reports – Drill down into your data by day, week, month, or custom timetables and even export to PDF.
  • Classify events into a number of predefined classifications or create your own
  • Full packet and session data monitoring using OpenFPC, Solera DS Appliances, and Solera’s DeepSee
  • Keyboard friendly hotkeys let you navigate the interface without a mouse
  • Extensibility via third party plugins

screencap

Getting Snorby

Snorby comes in two flavors, the Insta-Snorby NSM network appliance which bundles Snorby 2.2.4, Snort, Barnyard, OpenFPC, and Pulled Pork, or as application source to roll your own solution.

Check the Snorby web site for instructions on installing from source.

Try before you spy

If you’d like to play around with the Snorby interface, there is a live demo:

Be sure to follow Dustin on Twitter, join the mailing list, or drop into #snorby on irc.freenode.net for updates or ask questions.

[Source on GitHub] [Snorby] [Discuss on Hacker News]