NetXMS as a monitoring system for the lazy ... and a little comparison with Zabbix

  • Tutorial

0. Intro

I did not find any article on NetXMS on Habr, although I really searched. And only for this reason I decided to write this creation in order to pay attention to this system.

This is a tutorial, and how to, and a superficial overview of the capabilities of the system.

This article contains a superficial analysis and description of the system capabilities. Deep in opportunity, I did not dig in for a number of reasons. And the description of all the functionality would take far more than one article.

Since more or less I worked only with Zabbix, this article will often be mentioned in the article for comparison with the subject. In addition, it somehow happened that everything is compared with something generally recognized.

1. What and why?

The monitoring system, as can be seen from the definition, is a system that allows you to get up-to-date information on any network node \ machine \ router \ at any time to enter the information you need.

Why this is necessary is just as obvious. To keep abreast of what is happening.

Often, a monitoring system can provide very comprehensive information about the state of both the infrastructure as a whole and its individual parts. Plus, if you set up alerts (and without any monitoring, it’s worthless), then we get a serious tool that allows us to not only respond to emergencies in a timely manner, but also, in most cases, makes it possible to prevent these accidents.

2. Why NetXMS?

A little offtopic for those who love multi-book
When I was young and inexperienced ... So usually all fairy tales begin? .. In short, when I was a maximalist, I studied the issue of monitoring infrastructure, and the result of those “studies” was the conclusion that there is nothing better than Zabbix. And at that moment I really liked him, because he can do a lot, he can do a lot, and his functionality can be expanded with self-written scripts, so we can say that he can do anything if his hands grow from the right place. But Zabbix is ​​a pretty complicated tool. It took me almost two weeks to figure it out somehow. And this is just the stage of implementation. Then a couple of weeks to set up monitoring of everything that I needed then. And how to use it to look at the status of ports on routers I read, read, scared, and decided that I didn’t really need it ... Not,

And after a few years, having matured and matured, I decided that it was time to refresh my knowledge about monitoring systems. And finally, make a normal, stable network monitoring, as this problem has become urgent in connection with the growth of segments, the connection of the branch and other details. Everything flows, everything changes. And I began to test all sorts of tools. I’ll put this system, touch it, then one. And everywhere something is missing, everywhere something is not like. Either the interface is uncomfortable, then you are tormented by tuning, then something else. And then NetXMS turned up for me. By the way: where I worked with Zabbix for two weeks, with NetXMS everything went and went in a couple of hours. Perhaps the experience with Zabbix affected, or maybe the point is in NetXMS itself ... it's hard to say.

NetXMS turned out to be quite easy to install and configure. It has versions of the server and administration console for both Windows and Linux, graphing, a built-in “browser” that allows you to connect to the same routers via http \ https protocols from within the administration console, and the interface is intuitive, as well as an agent for any OS. In a word, this system turned out to be simple and convenient. At first sight.

The documentation they have, by the way, is 8 out of 10. The main things are indicated in it, but in order to understand the subtleties, you need to dig deeper.

The main advantages indicated by the developer
Deep network monitoring
Automatic detection, visualization and search for connected components at levels 2 and 3
Full support for SNMPv3
Active detection with scanning "probes"
Passive detection based on information from monitored devices - ARP and routing tables, interfaces
Application and server monitoring
All basic metrics, what you expect: processor, file systems, I / O, memory, traffic
JMX bridge for monitoring Java applications
Extensions for specific applications: Oracle, MySQL, PostgreSQL, MongoDB, DB2, Tuxedo and many e other
integration APIs for native applications
Designed for large networks
One server can track hundreds of metrics across thousands of devices.
Complete support for distributed monitoring and horizontal scaling.
Monitoring overlapping IP subnets.
Flexible access control for operators and customers.

3. We go deep

How to install the system - there is a whole admin manual available on the developer's site , and there is nothing complicated about it, so I won’t stop there. The most difficult thing to install is connecting the system to the database ... There will only be a difference in choosing a DBMS and server OS. I chose Windows (hereinafter-enter-data-ready) and MSSQL, since I already had it.

3.1. Turn on auto-detection

Autodiscovery of hosts can be enabled during installation. If this was not done for some reason, then it can always be included in the “Configuration-Network Discovery” or by clicking on the icon with the same name. Discovery properties appear in the workspace. You need to enable it by switching to passive or active mode, and specify other properties, for example, the polled subnets. Here you can wind up filters, and you can both select and configure the built-in systems, and write your own scripts. Honestly, I did not need filters. But the setting looks pretty friendly and clear.

Here you can also specify the default SNMP community and its credentials (read authorization).

3.2. Adding Nodes

When Autodiscover is enabled, end nodes (PCs, printers) will be added and distributed across subnets automatically. With active networking, things are a little more complicated.

You should start by enabling SNMP on your network equipment and setting up community. If the default value for the SNMP community has not changed in the auto-discovery properties of network nodes, the system uses the public community, and this setting can be changed for each node in the properties of the added node (node).

For convenience, you can group devices according to any convenient principle. For this, you can create containers in the Infrastructure Services branch in the tree and bind nodes from the Entrie Network into them.

After enabling and configuring SNMP on the routers and adding them to the list of monitored equipment, the system will contact them, interrogate, determine what devices they are, apply templates, start collecting data and show the front panel for each router. Herself. From the box. When I set up Zabbix, I could only dream of such a thing.


I added all of my network glands manually, since they themselves did not show up for some reason. Everything is simple here. We create a container in Infrastructure Services with any convenient name (for example, switches), and RMB-create-node , specify the displayed name of the node, its IP address and it is better to check the box "disable the use of NetXMS agent", since it is still impossible to install it on network equipment, and extra packets to anything.

Built-in browser. You can simply right-click on the desired router and open the web-interface of the device. It seemed to me more convenient than every time to climb into your notes and look for the desired IP. True, the browser is so-so.

3.3. Building a network map

First of all, you need to create a network map as an object. As usual - in the Networks Map branch of RMB, create, select a map type, set parameters , and the system will do everything on its own.

The types of cards are as follows:

  1. The Custom . This is a card designed for manual formation, at the request of the user.
  2. Layer 2 topology . This is a map that allows you to automatically do everything for the user, relying on the 2nd level of the OSI model (in fact, it builds a map based on the mac addresses of devices).
  3. IP topology , aka Layer 3 . The same as in the case of Layer 2 , only the map is built on the basis of the 3-level model of the OSI (IP address).

When choosing manual mapping, you need to drag the nodes from the tree onto the map layer, connect them, etc. Normal drawing.

In two other cases, you need to choose a reference point from which the system will begin to build a map. For example, a node of a router. The system reads from it data about connected devices and the ports to which they are connected, after which it reads data from the next router, compares, and so on. After analyzing all the devices, NetXMS itself will draw the connections between the network devices with the ports where what is connected. It is also possible to specify that the system should also place the end devices (printers, PCs, servers) on the card, simply by tapping the corresponding item in the card properties ( RMB - properties - card properties) Also in this paragraph you can set the "detection radius" if desired or necessary.

A little recommendation. Enable the Always fit layuot to screen property so that every time you update the network map you do not have to scroll through the workspace and work with the zoom.


With a distributed network topology, you can overlay objects on a map of the area. It is also possible to use, for example, a photo of a rack with equipment in the server room, for example, by overlaying the necessary objects on it. Thus, you can quickly determine the status of any device in the rack. In my opinion, this is an extremely useful thing, if necessary, to transfer cases to a successor or to a newly arrived colleague to explain the situation. Visually, conveniently, self-evidently.

3.4. Agents

Agents exist for both Windows and Linux. The principle of operation is the same as that of the agents of the same Zabbix: it is installed on the machine from which you need to take metrics, and transfers the data to the monitoring server. The agent can be installed both before adding a node to the system, and after. After the agent appears on the node, the system will begin to receive data from it after a while, using the standard template. You can add monitored parameters both for one node and by attaching one or several predefined templates to it. It is recommended, of course, to work with templates, as this setting is more flexible.

The list of monitored parameters for agents is quite extensive. See the full list on the NetXMS Wiki

As soon as the system determines that the agent is functioning on the node, it will immediately attach this node to one of the default templates - Windows, Linux, HP-UX, Generic UNIX, AIX , depending on the operating system of the node.

Standard template for Windows hosts: You can


add a parameter for tracking a specific node by clicking " RMB-Data Collection Parameter ", then " RMB in the workspace - New parameter ", and select the one you need from the list. You can also configure triggers for the monitored parameter.

It is important that agents, like Zabbix, can run user scripts.

How to install?
This is offtopic, since everyone ... hmmm ... as he wants.

The question is - do I need to distribute agents only to servers, or even to all the machines on the network? If there are servers, and there are few of them, the easiest way is by hand. If a lot - domain policies, KIX, PoSh. Anything. Agents have the / SILENT switch, which allows them to be “implemented” transparently for the user (if we are talking about distributing them to all machines on the network). I prefer scripts, because you can set a condition and create a certain flag, in contrast to the policies that will put the program every time you turn on the PC. So, we are writing a script from the series “check the presence of the flag file, if not, run the installer with the / SILENT switch and after the successful installation create the flag file”. Profit

3.5. Triggers

Triggers can be configured to respond to certain events in the data being collected. For example, exceeding a certain ping-pong value to the router. The notification method for each trigger is also configured (for some, an icon in the console is enough, and some immediately send alerts wherever possible). The response to the event is selected from the pre-configured in the Action Configuration.

To create a trigger: enter the Data Collection Cnfiguration of the node or template, double-click on the parameter of interest (if not, you must first create it), and go to the Thresholds tab in the properties, click the add button.


" Function"- what or what values ​​to take for calculating the condition. It can take the following values ​​(the number of values ​​used for checking is indicated in the Samples field):
- Last polled value: last / received value / s
- Average value: average value from the last
- Mean deviation: mean deviation
- Diff with previous value: difference with the previous value
- Data collection error: error in receiving data
- Sum of values: sum of values
- Script: value obtained as a result of the user script

" Operation " - trigger condition. take more tions (the value indicated in the corresponding field the Value):
- <: less See than: less than
- <=: less than or equal to: less than or equal
- == equal to: equivalent
-> =: great than or equal to: more or equal
->: great than: more than
-! =: Not equal to: not equivalent
- like: close to
- not like: not close
To the last two parameters, I don’t have confidence in how they work. Therefore, I will not even assume what boundaries are built into them.

In a word, everything is just like in the same Zabbix, but you don’t have to enter the formulas with your hands, being afraid to make mistakes or scold oneself. To restore a trigger (deactivation event), the system itself will substitute a value. (Zabbix again needs to be printed and not sealed).

3.6. Patterns

RMB-create a template, enter a name for the template. RMB-Data Collection Cnfiguration.

Bit of theory
The information collected may come from several sources. It can be a NetXMS agent running on the machine, it can be a " simple request " or " Internal " sent by the server itself (for example, the same ping), " SNMP ", " check point SNMP ", " Push ", " Windows Performance Counters " , " SM-CLP ", or a custom " script". For each type of information, you can choose the type that the system will expect to receive. For example, ping will return an integer value, the amount of free disk space in bytes will also be integer, but the same temperature will no longer be integer, then there is real).

To collect information via SNMP in NetXMS there is a huge list of predefined parameters, that is, you can not enter a specific OID, but find it in the MIB tree, which is quite problematic in fact ... But. In the end, you need to delve into the manufacturer’s documentation and the lawsuit IOD values ​​for each device separately.You can kill a lot of time setting up reading information from devices by bumping into a message from the UNSUPPORTED system, but in the end it turns out that this particular device simply does not know how to provide the requested info. It remains only to smoke manuals and hope .

For example, to collect information about the response time of a node (ping), you need to add a new parameter ( RMB-new parameter ), select Internal in the Origin field, press the Select button, and select Ping Time. There is a search there that I just dreamed about in Zabbix. It also makes sense to change the polling period of the node (by default it is 60 seconds, that is, if the router stops responding immediately after it was interrogated by the monitoring system, it will take almost a minute before the system realizes that there is something wrong with it) so, and it will sound the alarm).

List of Internal data that can be processed:


After all the necessary settings have been added to the template, click RMB-apply and select all the nodes to which this template needs to be applied ( ctrl + LMB) And that’s all. After that, a branch will appear in the tree under the template, opening which you can see all the nodes to which this template is applied.

When detaching nodes from the template, the data being collected does not stop being collected; to cancel their collection, you need to go to the Data Collection Configuration for each node and delete everything manually, or first remove the parameters from the template and only then remove the nodes from it. I don’t know why it was done that way, but, in my opinion, this is an extremely strange thing. But ... As it is.

In the template, you can select the desired data to be collected, and copy it to another template. Massively. And do not copy-paste from one template to another with your hands ... I'm already starting to hate Zabbix ..

3.7. Dashboards

Oddly enough, but the NetXMS Wiki on this subject contains only one link to youtube: Creating a Dashboard , there is not even a list and description of elements that can be added to the Dashboard. In principle, everything is just as intuitive there. Label is just ... well ... Label is ... I don’t even know how to translate it. In a word, a field with an inscription is used to denote and delimit elements, since the elements of the names themselves do not contain. Line Chart is a line chart. Bar Chart is a chart. Alarm Viewer - A list of alerts for the selected node / s. In short, the names speak for themselves.

Next, open the dashboard properties and configure the views. We are interested in the Dashboard Elements tab. Number of columns is the number of columns, elements that will be located horizontally. Each object has its own properties, and I would recommend unchecking Layout-Grab execessive vertical space to minimize the size of each element.


3.8. Action configuration

(Configuration-Actions Configuration)
In essence, these are actions in response to the triggering of triggers.


NetXMS can send e-mail, sms, xmpp messages in response to a trigger. Everything is trivial here - just fill in the required fields.

You can also:

- Send an alert to another NetXMS server
- Run the command on the NetXMS administration server
- Run the command on the node using the NetXMS agent
- Run the NXSL script (NSXL is its NetXMS scripting language )

After creating an action, you can configure the execution delay time for it, as well as apply the macro to execute. The delay time is necessary in order not to disturb the operator if the problem resolves itself (for example, the response time to the ping request was more than the specified value, but it can return to normal during the next check, so why bother with such trifles?) .

3.9. Differentiation of access rights

For each object, you can configure your access rights. For each object inside another object, you can also configure access rights. This allows a very flexible distribution of responsibilities and monitoring capabilities for different user groups. That's all I wanted to say.

4. Conclusion

I would like to refute the title of my own article. NetXMS is not for the lazy. It’s just that the developers did not focus on functionality, like some, but, besides everything else, they also took care of the interface.

Let's do it. I used Zabbix and NetXMS. For this I’ll just write my feelings from these two systems.


I see NetXMS as an extremely user-friendly system. Well ... to the admin ... yes, to the admin. She has what is called an intuitive interface, and it’s just great. No need to write your own formulas, read a bunch of supporting documentation to enable ping verification before the switch or some other simple thing. But. In Zabbix, this simplest thing is not much different from something really complicated, that is, if you mastered it, then you will do the rest. NetXMS has tips, most of the parameters can be found in the interface, select with the mouse and configure. In Zabbix, you need to find out if the system can do just that and this, and if so, how it is written and what parameters it returns. Zabbix wins in the community and tons of templates for all occasions ... if in this mountain of trash you can find something what you need ... On the other hand, NetXMS also has a bunch of fans and the additions they created to this system. And the system itself out of the box can monitor the most popular applications, as described on the main page of the project.

The main advantage of NetXMS against Zabbix for me was the ability to run a script on a problem node in response to a trigger. The temperature of the CPU has risen above the threshold - it itself will extinguish the host. And then we will understand - what is the problem. Perhaps Zabbix also has such a thing, but I couldn’t. As well as port monitoring on routers. And here it is ... Well, as it is ... It is necessary to master the scripting language, and that’s all ...

Access rights in NetXMS allow you to very flexibly differentiate the capabilities of different users of the system. But in order to set it all up, you need to tinker directly.

In general, the systems are quite similar, and their capabilities, at first glance, seem at least comparable. Although it feels that Zabbix can do more, these features lie deep under the hood and for the simple mortal admin, all-in-one is unattainable. NetXMS is seen as simple and straightforward, friendly and enjoyable.

Zabbix has excellent documentation, wiki, how to, FAQ, best practice, as well as various forums, etc., where you can find answers to almost all questions. And if that - set your own.

In summary, I would like to recommend NetXMS for people who are just starting out or for those who do not need to deeply dive into monitoring everything and everything. I am sure that if you deal with it further, you can wind up very, very subtle observations in it.

But still, the main plus I see is a very nice interface and ease of setup.

5. Used materials

youtube channel Tomas Kirnak
NetXMS Wiki
Google search

Also popular now: