From Nagios Wiki

Contents 1 Overview 2 Current Limitations 2.1 Intensive Checks 3 Scaling with Nagios 3.1 Passive vs Active Checks 3.2 NCSA 3.3 NDOUtils 4 3rd Party Tools 4.1 Open Source 4.1.1 DNX 5 Ghettofabulous Strategies 5.1 Separate Nagios Servers

[edit] Overview

This wiki entry outlines various scaling strategies for companies that need to check hundreds (or even thousands) of hosts as efficiently as possible.

[edit] Current Limitations

• annecdotes of ppl 500 checks / min
• each check requires
  • host resources (CPU, RAM)
  • client resources (CPU, RAM)
  • significant bandwidth

[edit] Intensive Checks

examples:

• nsclient++/check_ad runs DCdiag on Windows, which does
• comparison of Windows client checks

[edit] Scaling with Nagios

[edit] Passive vs Active Checks

From the Nagios website

One of the features of Nagios is that is can process both host and service check results that are submitted by external applications. Host and service checks which are performed and submitted to Nagios by external applications are called passive checks. Passive checks can be contrasted with active checks, which are host or service checks that have been initiated by Nagios. Why The Need For Passive Checks? Passive checks are useful for monitoring services that are:

• located behind a firewall, and can therefore not be checked actively from the host running Nagios
• asynchronous in nature and can therefore not be actively checked in a reliable manner (e.g. SNMP traps, security alerts, etc.)
• alarmed by a Nagios server checking specific ports in repetition. Certain services (e.g. Bacula) can be alarmed when ports being used by the service are continuously checked by Nagios from outside the host.

[edit] NCSA

distributed checks

From the Nagios downloads webpage:

The NSCA addon is designed to accept passive host and service check results from clients that use the send_nsca utility (also included in this package) and pass them along to the Nagios process by using the external command interface. The NSCA daemon can either be run as a standalone daemon or as a service under inetd. If you have libmcrypt installed on your systems, you can choose from multiple crypto algorithms (DES, 3DES, CAST, xTEA, Twofish, LOKI97, RJINDAEL, SERPENT, GOST, SAFER/SAFER+, etc.) for encrypting the traffic between the client and the server. Encryption is important in this addon, as it prevents unauthorized users from sending bogus check results to Nagios. Read the included SECURITY document for more information.

[edit] NDOUtils

[edit] 3rd Party Tools

[edit] Open Source

[edit] DNX

• DNX project on Sourceforge.net

DNX is a modular extension of Nagios that offloads a significant portion of the work normally done by Nagios to a distributed network of remote hosts. The DNX module ensures that work is distributed fairly and evenly among the registered DNX client hosts.

• Nagios + DNX
• LDS article

[edit] Ghettofabulous Strategies

[edit] Separate Nagios Servers

• Separate Nagios servers for various host (this makes sense in environments where different admins are in charge of those types of hosts).
  • Windows hosts
  • Linux hosts
  • networking appliances