Should I get SNMP traps too somewhere if I already get all the syslog messages to ELK stack?
We're almost "every-vendor environment" with devices from basically everyone, so we'd like to consolidate all those vendor specific tools to a common open source platform we can manage. Currently we're running LibreNMS, Nagios and ELK stack for logs. Next step would be Elastiflow (or a really good commercial one but haven't really figured out how those are), though last time I tried it I ran into java heap overflow errors...
I'm wondering if we should also get SNMP traps? Right now I don't see why but maybe I'm missing something? Nagios/LibreNMS polls devices every 5 minutes so maybe to get info on something that's happening right now?
Also any ideas what we should actually monitor? For access I'm thinking something like cpu, mem, link utilization, interface errors, uplink state (up or down), maybe temperatures too? For distribution I'd add OSPF/BGP peerings
Thanks!
No comments:
Post a Comment