Response: The How and Why of Flapjack | Fractional

If you run any type of network monitoring system you will know the pain of log management. The firewall team needs one view, the WAN team & DC team need different views. There is a category of software that I call “log and alert routing” and Flapjack is one of those systems

 

Flapjack will be immediately useful to you if:

  • You want to identify failures faster by rolling up your alerts across multiple monitoring systems.
  • You monitor infrastructures that have multiple teams responsible for keeping them up.
  • Your monitoring infrastructure is multitenant, and each customer has a bespoke alerting strategy.
  • You want to dip your toe in the water and try alternative check execution engines like Sensu, Icinga, or cron in parallel to Nagios.

Added to my list of network monitoring software to keep an eye on.

via The How and Why of Flapjack | Fractional by Lindsay Holmwood.

About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus

You can contact Greg via the site contact page.

  • Dave R

    Hi Greg,

    This is a really timely article and one that is close to my heart given the lack of this event normalisation/correlation in our enterprise presently. We’re not truly ‘enterprise’ but would benefit from this correlation of syslogs/alerts/logging functions across multiple platforms.

    In your opinion what are the products of choice for syslogging Campus LAN & firewall infrastructures presently? In my mind presently are products like Splunk and Logrhythm. I’m at the product assesment stage currently and, with the vast array of products out there, down selecting a handful of the better products will save countless days testing/benchmarking…etc..

    • http://etherealmind.com Etherealmind

      Those are good products but they are really expensive. Splunk is so expensive that its not useful for networking in my opinion – it’s become a big data solution and is now pretending it’s not a logging tool.

      You could look at VMware’s LogInsight, Solarwinds has a good solution at small to mid market. There are a number of open source projects that have taken on the same ideas but I don’t have links for those at the moment.

  • http://fractio.nl/ Lindsay Holmwood

    Thanks for the post Greg! It’s very rewarding to see people writing up about the stuff we’ve been working hard on.

    The scenario you talked about above with different network management teams needing to subscribe to different types of alerts is *exactly* the sort of problem we’re solving.

    Our organisation (Bulletproof Networks) has very similar requirements, so we funded Flapjack development to solve those problems.

    If you’ve got any questions or comments please say hi. :-)

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.