MonitoringMonitorizaciónMonitorización de RedesNetwork Monitoring

8 Tools for social media monitoring

April 6, 2018 — by Alberto Dominguez0


social media monitoring

Social media monitoring. Find out 8 tools for great monitoring

From your cousin Paco to your grandmother Maria. From the Pharmacist around the corner to the President of your country. Some studies claim that about 3,000 million people around the world already use social networks. Don’t you think that’s a lot of people?

Since its emergence 10 years ago, social networks have quickly become one of the great things about the Internet. The success of social networks has led millions of people to spend hours and hours each day immersed in endless content and for many of these people this is why they use the network. Given that the number of Internet users is estimated at around 4,000 million users, it could be said that about 75% of people who use the Internet use it for social networks.

Nowadays, companies know how important social networks are. Today, most businesses have profiles on social networks. On the other hand, thousands of professionals also have used these to make themselves popular or to share ideas and experiences.

But the direct presence is not the only concern for brands when it comes to social networks. Users perform all kinds of comments about companies, brands or products in their own profiles. Thus, there are basics concepts for survival online such as digital reputation, which is in the hands of users through these networks like Twitter, Facebook, etc.

In addition to this, it is not just a matter of digital reputation for companies on social networks. The good thing about social networks is that these can be used to advertise the products of a company or these can also be used to generate some buzz about a product.

However, it’s quite difficult to control the volume of content that is generated there. All this volume and complexity, combined with the interest of professionals and companies, has generated all kinds of emerging applications for social media monitoring. Both those ones which specialize in specific networks, and also those ones which are capable of monitoring dozens of them at once, there are many of them to suit the needs of each user.

When it comes to companies, these applications are very useful to answer a question that is quite important nowadays: What do my clients think of my brand?

In this article we will briefly discover some of the tools for social media monitoring which can be found on the Internet. Most of these have some cost-free option, but some of them also have paid versions, which provide additional features. Let’s start!


This is one of the most popular monitoring tools on social networks and according to their own website, it has more than 15 million users. It’s capable of being used in a number of social networks, specially the most common ones; it is easy to use and intuitive. It allows you to monitor your brand and to monitor whatever your customers say about your brand on social networks.


It is one of the most popular tools. It is specially focused on content. It has features that suggest content that may be of interest to followers and it can monitor their reaction. His “Klout score” is quite popular, which is an index between 1 and 100, which represents the influence or ability to generate actions, in every user.

Social Mention

It is able to monitor mentions received by a brand in more than 100 social networks. It classifies its influence through 4 different categories: “reach” “Passion”, “sentiment” and “strength”


It’s very useful for measuring the presence of a brand on social networks. One of its distinguishing features is that it rates differently for each platform, which allows us to distinguish what platforms are performing best for our brand and which ones should improve.

Twitter Analytics

This is one of the greatest tools when it comes to monitoring Twitter. It is able to measure the interaction and improve the success of “tweets” but it also able to explore the interests, locations, and demographics followers.


Another tool which is quite relevant among those for Twitter monitoring. It has several features in relation to this social network, which makes it a very complete tool for monitoring this great social network.

Google Trends

It is one of the classic ones in this industry. It monitors the most common searches on the most used search engine in the world: Google. It also allows you to compare results, by country and to see graphically the evolution of the interest (search terms) for a brand.

Google Alerts

This is another Google service sends by email the new content that has been generated and has been found by the search engine, and that contains the search terms selected by the user. It has configuration options that allow you to select variables such as the type of alert or its frequency.

And so far we have seen some of the best known social media monitoring tools, but there are many more, according to the taste and needs of users. As in so many other fields, the offer you can find on the Internet is limitless.

And yourself, what do you think of social networks? Do you think they will continue being quite popular for the next few years or, perhaps, do you think they will be overcome by some new trend? What do you think?

We are looking forward to hearing your opinion. Let us know your opinion down below in the comment section. Have you checked any of our other articles? We have a lot of articles, which talk about many different topics.
If you have checked any of our other articles, then which one is your favourite?
We want to know!

And remember, if you have any question; don’t forget to get in touch with us! We will be quite happy to help you!

Don’t forget to check our products in our website! We have many different technological tools that might help your company. We have Pandora FMS, eHorus, and Integria IMS. Do you already use one of these? Have a look at our website to check them out! And let us know your thoughts on these social networks monitoring tools.

Thank you very much for participating! We look forward to hearing from you!

MonitoringNetworkNetwork Monitoring

Do you really know what a network is? Learn all about it and improve its security

March 1, 2018 — by Alberto Dominguez0


network security

Network security. What does this actually mean? Learn all about it

Today, we live in a world in which, the use of new technology is greatly enhancing the ability to communicate with each other. The Internet has been globalized very fast and relationships are continuously changing and evolving in all areas.

In this article we will discover what a network is and how we can manage our own network in an efficient way from the office or home. All about network security will be covered in the final part of this article, where we will discover how to improve network security. We will be going through complex concepts but don’t worry, whatever your previous knowledge, you’ll understand everything.

network security

How would our lives be if we didn’t have Internet? If we didn’t have Facebook, YouTube, Netflix, our lives would be so different, I think we can all agree that, internet, that network that we all know, has improved the quality of our lives. But it is quite overwhelming to know that it has no limits. In the past, what we thought it was impossible, today it is a tool fully implemented on our daily basis and we use it very often.

The term human network is the interaction between the Internet, companies and everyday people. For example, the way of learning and training, has incredibly improved. Now we can do courses or careers, from home. In the past, it was impossible to access certain content due to the great amount of time that was needed, and this is something that nowadays companies take advantage from it, when it comes to training their employees.

Our leisure is strongly affected by the use of the network, and specially Videogames. Everything has changed; remember when you used to play “Monkey Island” alone in front of your computer, well now there are great network games such as “League of Legends” or “Call of Duty”.

One of the most common types of network communication is that of client-server, which we use in our daily lives. Well, this type of communication is carried out in tasks like when we double click on the icon of our web browsers, or when sending emails, or accessing web pages … In these cases, we are the client who requests information from the server, which could be, for example, the company that provides us the email service. In order to use the network and access these contents, we use software that allows us to request any information from the specific server, this is the web browser.

network security

The most basic infrastructure of any network is usually composed of: devices, media and services. Media and devices are hardware elements of the network, for example a router or a PC. The services, as we mentioned earlier, can be any web hosting.

We are familiar with a certain network device that is called a terminal. This is just the destination and origin of any message transmitted through the network. In order to make a distinction between terminals, a specific address is used. This way, when communicating with one another, this address is indicated and this makes the message reach the destination that we want. To connect these terminals there are intermediary devices that for this task, the most common one is the router.

If we think about the physical mean that is used to carry out this communication, there are a few of them. These can go from the wires that are in the cables, to the fibre optic, the wireless connection of our Wi-Fi, etcetera… Every network interface is identified by a unique Mac address in the world, which makes them different from the rest when communicating. This address acts as an identity card.

We have to dig deeper into another term in order to understand the operation of a network, this term is called Gateway. Its main function is to work as a gateway between our local network (us) and the outside, translating protocols so that communication is possible. An IP address is assigned to a device, and from that moment on it will act as a gateway. At home, this is the router.

We will discover now the most common network types. We have LAN networks for a small area, the WAN network for an extensive geographic network, and for example the WLAN network, which is similar to the LAN, but wireless. It will depend on the number of users, the size of the area to be covered and the number of services that we will use.

Do you know who provides the connection to the network? Well, this is called ISP, these are the Internet service providers. The most common connection options are: cable, DSL (digital subscription), satellite or dial-up telephony.

A frequent concern of network users is network security. And they have the right to be concerned, since the sensitive information that we transmit by this means, from the data of our bank accounts, to multimedia files could be at risk.

network security

The most common threats that are out there are viruses, worms, Trojans, spyware, adware, zero-hour attacks, identity theft, among others. Many studies have been carried out in order to check which are the best habits to make our network safer, and we have always found the same thing, the worst enemy in our network is our own finger. Let me show you, users have a common habit of pressing all kinds of links without thinking about whether that is safe or not. With a preventive attitude we would avoid 70% of the security problems in our network.

The typical network security components that we know are: antivirus and antispyware, firewall filtering, file encryption, and other mechanisms. All these should be activated on our PCs to avoid problems in the future. Most of them have free versions, so you can have a decent antivirus installed on your PC. If we want to buy an antivirus with all the features, there are cheap options and we can have up to 5 devices with a single annual payment.

In addition to the most usual ones, we also have tools to guarantee extra security. Some of them may be: access control lists (ACL), which filter access and forward traffic; virtual private networks (VPN), which offer safer access for example to remote workers; intrusion prevention systems (IPS), which monitors network traffic or system activity in search of malicious action and dedicated firewall systems, which offer more powerful firewall functionalities to filter traffic.

With this article we wanted to let you know about all kinds of interesting information related to the networks and the security of these. It’s good to know about this since we are constantly using them and sometimes we forget about safety.

Thank you very much for reading the articles that we’ve published in the blog, now that you have increased your knowledge in networks, you can go a step further and monitor them, you can go to the Pandora FMS website to discover an excellent tool for monitoring networks.

MonitoringMonitorizaciónMonitorización de RedesNetworkNetwork Monitoring

How to avoid our devices to become victims of botnets?

November 27, 2017 — by Irene Carrasco1



Botnets? a tutorial to monitor the activity of your computers.

What are Botnets?

First of all, we thought it would be convenient to express what botnets are in the simplest way possible. It is no more and no less than a series or collection of compromised computers connected to the internet, each of which is running one or more bots. Then, when an attacker succeeds in endangering a computer, there is usually a code (inside the malware) that “commands” it to become part of a botnet. So, the so-called “Botmaster” or “Botderder” controls these computers, so that it jeopardizing them by means of standard-based network protocols, such as IRC and HTTP.

More in depth, let’s talk about the three types of hacker attacks:

  • Low-risk: These are unsophisticated attacks that do not generate financial damage and do not steal data.
  • Medium/higher risk: These are the type that happen when our computer is connected to a botnet, making it part of a criminal network.
  • Critical risk: it’s about the installation of software, stealing data from us and, in the worst case, money from our financial accounts. Let us clarify that this higher risk, occurs when our computer has been added to a botnet.

On the other hand, but in the same conceptual direction, let’s note that botnets can be used to carry out a distributed service generation attack, which is also called DDoS and so on:

  • Obtain the data they are looking for.
  • Send spam.
  • Grant access to the attacker, to the target-device and its connection.

The botnet owner can now control it using the command and control software, which is also called “C & C”. Let’s note, by the way, that the word “Botnet” is a fusion or combination of “Robot” and “Network”, that is normally used with a negative and malicious connotation. Once the previous fundamental concepts have been developed, we will go into some depth to state that a botnet is a logical collection of devices connected to the Internet, such as smartphones or loT devices, whose security has been attacked and violated, and the control has been transferred to a third party.

Each of these compromised devices is known as “Bot”, and it is created when it gets penetrated by malware, i.e. malicious software. The owner and/or controller of a botnet is able to direct, almost at will, the activities of such compromised devices through communication channels that are structured using standards-based network protocols, such as IRC and also the so-called “Hypertext Transfer Protocol” or HTTP. It should also be taken into account that botnets are increasingly rented by cyber-criminals, in their unfortunate quality of highly demanded products, for a variety of purposes or purposes.

As far as the Botnet Architecture is concerned, let’s say it has evolved as an effort to elude detection and disruption. Traditionally, bot programs have been built as clients, which communicate through pre-existing servers, allowing the bot administrator himself to carry out all the control from a remote location. However, as far as the most recent botnets are concerned, we must bear in mind that they currently rely on the so-called pre-existing “Peer-to-Peer Networks” to communicate. These P2P programs (bots) carry out the same actions as the client-server model and do not require a central server for communication purposes.

In this image we can see the client-server model:


Source: Definición ABC

Based on the previous image, we see that a network is based on the server-client model, in which individual clients request resources and services from centralized servers, while the first Internet botnets used the same client-server model to carry out their respective tasks. Usually, these botnets operate through networks, domains or, through Relay Chat websites. This way malware-infected clients access a default location and wait for incoming commands from (towards) that server. The bot administrator then sends certain commands to the server and, in turn, transmits them to the clients, who execute the commands and, in turn, report their results to that administrator.

Let’s see, this time, what has to do with IRC botnets, to see that the infected clients are connected, precisely, to an infected IRC server, at the same time that they join a channel that has been designated, a priori, for C & C by the bot “pastor”. The Bot Herder then sends the commands to the channel via the IRC server, while each client retrieves those sent commands and executes them. To complete the process, customers send certain messages to the IRC channel, including the results of their respective actions executed. Let’s look, this time, at an image of Peer-to-Peer (P2P):


Source: NEO-University of Málaga

As we can see, a Peer-to-Peer (P2P) network in which, by the way, interconnected nodes or “Peers” share resources with each other, is established without the need for a centralized administrative system. Now, to find other infected devices, the bot does a discreet probing of IP addresses, until it gets in touch with another infected machine. Thus the bot that has been contacted responds with information, such as its software version and a list of known bots. If one of the bots is lower than the other, a file transfer is started to update so that each bot increases its list of infected machines, and at the same time it is updated by communicating periodically with all known bots.

Regarding the most important components of botnets, we have:

  • The “Zombie” computer: in the field of informatics, a zombie computer is a computer connected to the Internet and that has been intervened or compromised by a hacker, by means of a computer virus or a trojan. It can also be used to perform malicious tasks remotely. Zombie botnets are usually used (mostly) to spread spam and also to launch denial-of-service attacks. The vast majority of the owners of “zombie” computers are unaware that their system is being infected or used in such a way. This whole process is often called “Scrumping”.
  • Control protocols: IRC is a traditional means of C & C, thanks to its communication protocol. To be more explicit, let’s note that a bot manager creates an IRC channel, so that infected clients can join. Messages sent to this channel are then transmitted to all members of this channel. And the administrator has the possibility to configure the channel theme to command the botnet.

Monitoring tools for a network of computers: when we believe that they do not work because of Botnets

Regarding this subtitle, there is an inescapable question: is there any way to detect that a computer is being used in a DDoS botnet-based attack? Others may ask the following alternative question: Is there a tool such as software that is capable of detecting strange and/or unusual traffic exploiting the activity of that (apparently) attacked computer? The answer is that there is currently no easy way to detect it. However, there are defences in the field of prevention:

  • First, we should avoid infection. Much has been said and written about ways to prevent security breaches. For example, countless security guides have been written for inexperienced users, such as “Secure Linux Desktop”. However, it is best to think about what elements we would include and at what depth. There are issues that may seem obvious and can be overlooked, but they should be taken into account. For example, it is highly recommended that people read the “Consumer Report Online Safety Guide”, as it covers many items that we need to know.
  • Secondly, user behaviour must be cautious, even to the extent that it is necessary:

    Adopt good password practices: we should all choose two very strong passwords, and use them like this: one for the email account(s), seriously considering that we should never have the same password for two or more email accounts (if we have more than one). And, on the other hand, another password for other activities that we usually display on the Net, such as registering on websites and other similar ones. For the issue of passwords for bank accounts and international payment gateways (such as Paypal, Payonner, Skrill and so on), it will be highly recommended to choose passwords that are different from the previous ones and which, by the way, are very secure, having more than 9 or 10 characters, combining uppercase, lowercase, numbers and some symbols.
    Let’s also highlight that everyone should be aware that anyone who knows an email password has access to bank accounts, Facebook and many other Internet services.

    Use the password manager of the browser(s) we use, taking advantage of the fact that these administrators allow us not to memorize the passwords. Now, when the browser asks us if we allow you to remember the password, the answer must be “yes”. Once we grant this authorization, we may choose complex passwords that are difficult to guess by third parties.

    We need to know where we enter our passwords: we need to mark sensitive websites on the security issue, such as banks and email account providers. When we log in to them, we must click on the bookmark and then enter the password.

    We should never download software from unknown sites to avoid receiving malicious programs.

    When surfing the net, you need to look up and to the left: we must look at the address bar of the browser, to identify the domain name of the site we are navigating through, and avoid surprises. If we are going to enter personal information into that website and have questions about who will receive it, this bar will find the answer..

  • Thirdly, we must administer the system: to that end, it is necessary:
    Work with a safe browser. Chrome is the most recommended, while if you want to work with Firefox, it is best to install HTTPS Everywhere.
    Enable automatic updates, to make sure that the best patched version of all software is always running.
    Enable automatic backups without your participation.
    If our operating system is Windows, you need to install a free antivirus or, in other words, don’t trust the preloaded software that is a trial version, whose license expires after a while. And once it’s expired, we’ll be unprotected. Avast and Avira are the most recommended free antivirus programs. If you have a Mac, you don’t need to install any antivirus software.

Finally, let’s note that in Pandora FMS we can also find valuable and detailed information, regarding this botnets topic and, about the ways we can monitor our networks in order to implement the necessary actions to avoid being infected. Being part (unknowingly) of a botnet is very dangerous for the security of our data and, above all, our financial resources.

MonitoringNetwork Monitoring

Network monitoring system , what do you need to know about it?

September 25, 2017 — by Javier0


monitoreo de red que debemos saber

Some of the features about Network Monitoring System that you must know: Characteristics required for a Good Network Monitor System

For any company networks are now a fact of life. They are one of the most important elements of your business so a network monitoring system able to oversee and provide feedback on your network is absolutely imperative. If the network goes down for whatever reason your data won’t be transmitted and your company won’t be offering any service to its clients, your SLAs will suffer, your brand will be tarnished, and your customer complaints lines will be red hot with incoming grievances.

For all these reasons and more, a monitoring system can make all the difference to your business. The main objective of any systems administrator is to ensure that the network is in tip-top shape, performing as required, 100% of the time. Choosing the right tool for the job is going to help you detect problems before they provoke a general network collapse or at least some serious downtime.

To be clear about terms, we should first distinguish between network monitoring and network management. Monitoring is what allows you to analyze and get feedback on your network’s status. Network management, on the other hand, goes further, as it not only allows you to manage your systems but also to take actions to alleviate network problems and provide global oversight of all your systems.

In this article we’re going to take a look at carrying out some basic network monitoring, and go on to look at the principal characteristics that any network monitoring system should have.

Basic Network Monitoring

Network monitoring 101, where syslog messages and bandwidth control are fundamental.

What are syslog messages?

Syslog messages are generated by communication hardware and are sent to a central server where they are saved. Once on the server they can be easily monitored, analyses can be performed and alarms configured. For example, a syslog server can collect all failed login attempts and launch an alarm when more than ten failed attempts have been made in one minute, warning you that that something is wrong and needs to be fixed.

Syslog servers

Windows Syslog. Used on Windows operating systems
Tftpd32. For Windows systems. In addition to a syslog server it has DHCP, FTP, DNS and TFTP servers
Visual Syslog Server. For Windows systems.
Syslog Server. For Linux and Windows

What is bandwidth?

Bandwidth refers to the quantity of information that passes through a network link during a specific time period, regardless of whether the data is passing through a physical connection or via Wi-Fi. The information is measured in bits/second and being able to measure the flow of data correctly is what tells you how busy your network is.

When a network is at 90% of its bandwidth it will start to have a knock-on effect on systems that are on the network. Using monitoring software it is possible to get accurate feedback on the status of your bandwidth, and whether it is saturated and why.

Tools for bandwidth measuring

Bandwidthd: Valid for Linux and Windows.
Band WIdth Monitor NG. Beta. To measure network traffic and analyze protocols such as TCP, http, UPD, etc.

 network monitoring system

These two tools, correctly configured, give you the basics on your network’s health and allow you to configure and trigger alarms, as well as record and measure network activity, but do not let you manage the network. For that you will need a platform you can configure to take action when specific parameters are met or thresholds passed. This is the next step for network management.

Advanced network monitoring

What to keep in mind when choosing network monitoring software

  • Alert notifications.
  • External server integration.
  • Utility and proper representation of  data on your panels.
  • Flexibility to adapt to specific tools or software.
  • Access to API from external systems.
  • Automated device detection.
  • Database integration.
  • Multidevice.
  • Scalability.
  • Support for the greatest number of data acquisition protocols possible.
  • Security.
  • Virtual machine integration.
  • Hardware integration.
  • Remote control.
  • Hardware and Software inventory.
  • Geolocation.
  • Cloud monitoring.

Communicating alerts

When it comes to alerting users and administrators about network incidents it’s always best to have as many options at your disposal as possible. Just as important as the speed of delivery is the message’s format and compatibility. Firstly, messages have to be legible (HTML) and deliverable to smartphones, tablets, PCs, even wearables like your smartwatch or relics from the past like the dumbphone you use on Saturday night because you don’t want your iPhone to get trashed. They also need to be compatible with as many messaging formats as possible; WhatsApp, Telegram, email, SMS, push, etc

Integration with external systems.

Apart from bandwidth and network link status, a monitoring system needs to be able to monitor different servers: email, web or CRM application servers, among many others, allowing you to get statistics on your datacenters vital signs.

Visualizing data on the control panel

A picture tells a thousand words, they say and visual information is easier to understand than reams of paper covered in digits, which is why it is a no-brainer to present the information in as visual a way as possible. Your control panels should be configurable and customizable. They should allow the user to define roles, and access by role, because your CTO and your CFO need different information, even though it comes from the same source.

Flexibility to adapt to specific tools or software

It’s so important that your monitoring system can adapt to different environments and technologies that we wrote it in green. Not only must it adapt to the communication protocols already mentioned, but it must also be able to adapt to applications not found on every installation. If you think of something like a piece of business intelligence software created in-house, it is of maximum importance that your monitoring system is able to detect and monitor it.

Accessing APIs from external systems

Nowadays your applications are communicating among themselves. In order for an application to share its information with your monitoring system and with other applications its data and operations need to be accessible, via API. Bear in mind that the applications are usually located on different networks, so the API has to have broad compatibility (REST protocol, using libraries imported during software compiling, etc.).

Automated device detection

The monitoring tool you use should be able to automatically detect all the different elements and components that make up the network in order to save you time and give you information on how they are being used, their status, etc.

Database integration

In a previous article we saw how important databases are in the IT infrastructure so your monitoring solution needs to be able to integrate your database into the monitored park.


Devices are proliferating as more and more appliances become Internet-enabled, including tablets, TVs, smart watches and even fridges! So why not demand that the software that is going to monitor your network be accessible from any of them (except the fridge, for the time being)?


The key to handling growth in your organization is to ensure your monitoring solution is designed to scale and handle larger and more complex machines and applications, etc. Take a look at the software that you are currently running and ask yourself how it will run if your system scales up and your datacenter expands.

Does it support the widest range of data acquisition protocols?

You want to collect as much data about your network as possible so your system needs to capture messages from network protocols such as Netflow, sFlow, jFlow, etc.


Information is the currency of the digital age, and if you store sensitive information on your network you will be thinking about security. Monitoring tools need tight security regarding third party passwords, for example (most security breaches are due to human error, or negligence, rather than complicated hacks). Solutions should include encryption, double access protocols, etc.

Hardware integration

Networks are not only cables and nodes, but are fundamentally composed of machines and applications, so don’t underestimate your hardware. You don’t have to dig down to layer 1 nuts and bolts (but if you can, so much the better!), but monitoring temperature, disc space, or memory are all essential elements of good monitoring practice.

Remote control

A nice extra for any monitoring platform to include is the ability to remotely operate another PC, to intervene, troubleshoot, fix a problem, whatever.

Hardware and software inventory

Related to point number six, network discovery, but this time referring specifically to hardware and software. No one wants to waste time manually checking for new devices; your monitoring tool should be able to run those checks by itself, discover new hardware and software and give feedback on the status and location of each new element, plus inventorize them.

The most important data to be inventorized are:

  • OS, IP, bios, memeory, CPU and drivers
  • Installed programs, patches and versions.


Networks occupy physical, as much as cyber, space and it is essential to locate components of your network in case you need to physically access them, if they fail, need replacing, if they are offsite or even mobile, keeping track of your IT assets is never not a good idea.

Cloud monitoring

Say it loud, I’m Cloud and I’m proud! No one is afraid of the Cloud anymore, and more servers and applications are migrating there, taking advantage of the services offered by Amazon, and other hosting companies, not only to store gargantuan, incomprehensible amounts of data, but also to run services and applications. Your monitoring tool should most definitely be able to monitor any applications you have running on the Cloud.

A network monitoring tool is much more than a silent watchman, endlessly pinging devices and doing general plumbing and troubleshooting. In fact, they are an integral part of any business strategy, allowing you to use your resources – both human and technological – in a more effective way, reducing costs and times in many areas. Unsurprisingly, we recommend our own product, Pandora FMS, a monitoring tool designed for maximum flexibility and customizability that covers all the above requirements and many more, including UX, transaction monitoring and IOT monitoring.

Have we forgotten anything? Let us know if there is any item missing from our list, or if you have experience using Pandora FMS to monitor any of the above areas.

MonitoringNetworkNetwork Monitoring

Network commands for Windows and Linux

September 13, 2017 — by Javier2


network commands

Basic Network Commands that every administrator should know

In this article we will go through different network commands for Windows and Linux, this is essential for any network Administrator. These network commands, can be used separately or can be combined with Pandora FMS to monitor in real time, or as part of a long-term strategy. This post along with the network tools one, will serve to better manage your network and your time.

If you do not know about Pandora FMS, we invite you to visit our website. But if you are already familiar with this tool, you’ll know that Pandora FMS stands out for its flexibility, therefore it is not surprising that it allows you to create and personalize monitoring plug-ins. With these commands that we will see today, you can create plug-ins in order to facilitate your work, and also suit the tool to your needs.


It is one of the most complete network commands. It works on all Linux and BSD systems, and allows us to monitor network traffic from the console.

  • Installation is simple and fairly quick, allowing monitoring of all network interfaces.
  • With VNStat we can collect all traffic needed from any configured interface.
  • One of the big differences between VNStat and other tools is that VNStat collects kernel data instead of the interface itself, which means a lighter execution for the system.
    It will not require administrator permissions to run.
  • It has the ability to store gathered information so your information never goes missing, even if the system crashes or reboots itself.
  • You can set Vnstat to listen to traffic, daily or by billing period, as well as many other options.
  • It stands out for its flexibility when configuring the reading of traffic.
  • Finally, it is possible to set Vnstat output to generate console graphics and even customize them with colours.

Ping  (Unix/Windows)

Ping dates from the 70s and is known for being one of the most basic network commands. However, it is not as simple as we believe and has many more uses than those we already know. It is based on the ICMP protocol and is used to determine:

  • If there is connectivity between your machine and another machine on the network.
  • It’s used to measure the “speed” or latency time.

Network Commands Ping

It is a command that exists on all operating systems that support TCP/IP, and it is a basic command that you should know.

Ping is known for having dozens of parameters and the one that we find more useful is the one responsible for monitoring “the number of packages to send.” There are networks that undo the first package, so it is essential to send at least three so we can check that at least one has arrived without being discarded. For this we use the -c parameter.

The same technique can be used to determine the loss percentage of packages in our network, sending ten packages and seeing if any gets lost. The number of packages that usually get lost in the network will surprise you. (This tool is included in Pandora FMS)

Execution: Ping name/System IP

Traceroute  (Unix/Windows)

The main objective of this tool is to know the travelling path of a package through our network. This network command will tell us where the package is going through (machines, switches, routers) and check that our network is working properly. If you encounter any problems, it will allow us to have a rough idea about where the fault lies.

Pandora FMS uses this in its network-mapping tool (Recon Server) and thanks to this, along with other advanced tools, you can “draw” a hierarchy of the network.

Network Commands Traceroute

traceroute –n (on Unix / Linux)

tracert –d (on Windows)

Arp (Unix/Windows)

This network command is used to change and view the ARP table, which contains the mappings between the IP address and the MAC address. It only sees the connections in our local area network segment (LAN), so it could be called “low level”. However, it’s used to discover what machines are directly connected to our host or what machines we are connected to. It is a diagnostic tool, and sometimes it can be interesting to monitor it in order to discard ARP Poisoning attacks, which are one of the most common forms of phishing attacks in local networks.

With Pandora FMS, a common integration is to check on some hosts, if the IP and MAC connection is always the same. If it suddenly changes, it is because a host on the network is impersonating another.

Execution: arp -a

Curl and wget (Unix/ Windows)

These are essential commands to do HTTP, HTTPS or FTP requests to remote servers. It allows you to download files or whole web pages, even recursively (it literally allows us to make a “copy” of a website, including images). It supports cookies and allows you to send POST requests, in addition to “simulate a” user agent, use a http proxy or even a SOCKS4/5 proxy.

One of the most common utilities in integration with Pandora FMS, is to verify the contents of a specific web page. Because wget / curl allows us to download the entire contents of a web, it is easy to compare the MD5 of that content with a value previously verified. If it changes, it means that the Web has been altered.

Netstat (Unix/Windows)

Network command identifies all TCP connections and UDP open on a machine. Besides this, it allows us to know the following information:

  • Routing tables to meet our network interfaces and its outputs.
  • Ethernet statistics that show sent and received packages and possible errors.
  • To know the id of the process that is being used by the connection.

Netstat is another basic command as Ping that meets many elementary functions. Some of the elements, that Pandora FMS agents use to get information of the system, are the traffic statistics, the number of open connections and most importantly, the number of closing pending connections or in a settlement process. An unusual growth in these metrics can be a serious problem , and it may be due to a performance problem on our server or even an external attack.

Network commands netstat

Whois (Unix/ Windows)

This network command is used to query data domains: to find out who owns the domain, when that domain expires, to view the configured logs, contact details, etc. Its use is highly recommended to contact the administrators of the domains or when incidents of migration of services such as mail and web happen.

To use ‘whois’ on Windows you need to download the software from this url:

You can also look through their website.

SSH (Unix/Linux/Windows)

Command to run terminals on remote machines safely. SSH allows any user to run a console just by registering and entering his credentials. So you can run the commands you want as if you were in local.

More details you need to know about SSH:

  • Putty is recommended when using SSH in Windows. You can find it here:
  • To enable a remote computer to connect to our server via SSH, an SSH server must be installed and set up as FreeSSHd.
  • SSH also allows to obtain an interactive remote Shell, execute remote commands and copy files in both directions.
  • Last but not least, SSH is the natural replacement of classic tools like Telnet or FTP, and has become a basic tool in the administration of systems over the years. It is extremely powerful despite its complex combinations of symmetric encryption and authentication schemes, and verification, and it is the target of continuous attacks.

Pandora FMS uses SSH in different ways, and gives you the possibility to run remote commands. For security, we need the user to establish an authentication scheme based on certificates, which allows remote execution connections from a machine so that these connections can be made without requiring any password. It’s convenient, but something complex to implement. Therefore, in the Enterprise version, our satellite server allows multiple remote executions to different hosts in a much more optimized and comfortable way. This allows us to make hundreds of checks per second.

TCPDump (Unix/Linux/Windows)

It is one of the “basic” tools of network commands, and when used right, goes on to become a great ally for network administrators, system administrators or programmers.

TCPDump is an advanced command used to inspect traffic from different interfaces of a machine so you can get the exchanged packages. You can dump output to file so then you can analyse it with more powerful sniffers and graphical interfaces such as Wireshark. For Windows, you must use WinDump.

Ngrep (Unix/Linux/Windows)

  • The grep command power is taken to the network.
  • It is a TCPDump with a substring text filter in real time.
  • It has a very powerful filtering system for regular expressions and it is typically used to process files generated by tcpdump, wireshark, etc.
  • It is a communication package filter over HTTP, SMTP, FTP, DNS and other protocols.

NMAP (Unix/Windows)

NMAP is considered the father of the general network scanners. Although today there are more reliable tools for some tasks (like Fping), NMAP is a very versatile tool for scanning networks. It is used to determine which hosts are alive in a network and to do different ways of scanning.

Netcat (Windows/Unix)

NetCat, or NC, is the network command most versatile that exists nowadays and one of the lightest. However its use requires some imagination. Only if you’ve played with scripting, you will understand the subtlety of its name: NetCat. It is a tool designed to be used as a destination of a redirect (one pipe or |). It is used to send or receive information about a connection. For example, a WEB request to a service would be something as simple as:

echo -e “GET HTTP/1.0\n\n” | nc 80

Lsof (Unix/Windows)

The ‘lsof’ command is not only used as a network tool, but also is used to identify which files have an open process. In Unix environments, a file can be a network connection, so that is used to know which ports have an open particular running process, something extremely useful in specific cases.

It can also be used to find out how many open files a process has, it has nothing to do with the network, but it sure can be helpful.

IPtraf (Linux)

Special command to obtain traffic statistics. It has a ncurses interface (text) to analyse real-time traffic passing through an interface. It allows you to work at low-level and to see what pairs of connections are established on each machine, and to see in detail the traffic connection of every pair, all in real time. It is very useful if you notice something wrong with your machine and you do not know what traffic is going through it.

Network Commands IpTraf

We hope this list of network commands was of interest to you. Are you missing a network command? Do not hesitate to let us now so we can include it in this list.

AlertsNetworkNetwork Monitoring

Double bind; Network or application, which one is at fault?

August 17, 2017 — by steve2


double bind featured

Double Bind; Network or applications, which is to blame?

Are you ready? First of all, I want you to not think of an elephant. An African or an Indian elephant, it makes no difference which one you don’t picture in your mind, just don’t imagine a large, grey land mammal, notorious for its prodigious memory, long trunk and big flappy ears.

If you’re like me, the first thing you did was to imagine an elephant. This kind of self-contradictory, unresolvable message creates a logical short circuit, and produces what Gregory Bateson was the first to term a “double bind”. Bateson was referring to mental and emotional states, but the terminology has passed over into the world of IT and network monitoring.

In the IT world, when networks and applications are so bound up together, and something goes wrong, it is difficult to disentangle the connections and identify where the fault lays.




First step: investigate your network

Always a good place to start, even though the problem may be somewhere else. To carry out diagnostics on the workings of your network use deep packet inspection to inspect and analyze packets for the type of data they contain, their origin and destination. DPI ought to be able to tell you if the problem is on your network, or at least to allow you to eliminate network issues from your list. Apart from this essential purpose, DPIs can warn about malware, prioritize and/or monitor network traffic, or, in this case, to identify critical applications which could be impacting negatively on your network. If it’s a network problem, go to step 2, solving the problem, otherwise, you can rule out a network issue and proceed to diagnosing your application stack.

Applications have different functions although they usually work harmoniously, forming the base of the system, and ensuring everything ticks along smoothly. However, this makes isolating the offending application all the more complicated, as they are so interconnected.

To find a solution to this problem you have to know how each application is related in the stack, including all the components that ensure their correct functioning. This is where your database comes in and the storage systems that make up the infrastructure, giving you global oversight of your applications, and their history.

Running manual diagnostics on your infrastructure or your Cloud-based resources is impossible. Nevertheless, a good monitoring system like our own Pandora FMS will give you the oversight and information control necessary to locate and solve problems the moment they are detected.

Of course, the best way to solve any kind of problem, is to know when it’s coming down the pipe and be able to anticipate it and rely on automated actions, or alerts, incase of fails, slowdowns or errors, and be able to respond quickly. It won’t be possible in every case to anticipate errors but in this case it’s possible to mitigate the negative consequences evaluating the financial implications of shutting down the network to perform repairs or application changes. Keeping your eye on the bottom line might not be your number one priority as a systems administrator, but your CFO will appreciate it. If you follow our tips for identifying the source of a double bind, you are sure to save time, money, increase your network security and restore your clients’ peace of mind, as well as your own.

Network Monitoring

Network administration in IT companies: 5 steps to success

July 17, 2017 — by steve0


network administration

Network administration in the IT sector is a Sisyphean task, an uphill battle to deal with new technologies, ward off cyber attacks, keep abreast of updates, and keep the tubes clean.
Maintaining a network at optimum performance, keeping in mind its cost, its evolution, and daily monitoring, can add up to a steep bill on headache pills. To save you a bit of cash on Advil, we’ve come up with five guidelines to help with network administration:

1. Select your material and human resources
2. Know your network
3. Know your devices
4. Be client-facing
5. Constant revision and evaluation

1. Choose the best resources, human and technological

To competently oversee a network requires training, and, if it’s backed up by official certification, so much the better. When you find the right person they need to be trained in the specific tool you use in your organization.
A tool like Pandora FMS is going to simplify your network administration, and give you a heads-up when something goes wrong. Pandora FMS’s visual components enable you to see all its operations at a glance, and on a single screen.

2. Know your network

As Francis Bacon declared “Scientia est potentia”, knowledge is power. Network mapping gives you that power, and the power that we are dealing with here is immeasurable: The power to understand the capacity, needs and resources of your network, and to administrate the hell out of it.

Depending on the size of your business, your network will be to scale, and, like precious, byte-based snowflakes, each one is different, but you still need to be aware of its operational protocols and its capacities. Without forgetting the Internet of Things, which gives you a window on a wider world outside your immediate office network, allowing you to track geographically vehicles, devices, cell phones, and so on, that are related to your business activities.

network administration

Network maps are your best friend for so many reasons that it’s surprising they don’t have their own Hallmark card:

– Detect/correct bad network behavior.
– Allow you to streamline your resources, and wring the last drop of MBs from your network.
– Reduce costs by controlling expenses.
– Let you know the geographic location of resources in a data center/server farm, for example; an invaluable help for the on-site technician.
– Better network security.
– Maintain quality control, with graphs, reports and reams of figures, accurate to four decimal places.
– Control updates and network patches, and avoid service interruptions.

3. Know your devices

Network administration is present in more fields than ever before, mixing it up with signals and images packaged together, voicemail with data services, different types of network – LAN, WAN, MAN, all employing different OSs and protocols.
A good sysadmin should know the devices present on the network, and adapt working practices to the environment: how each component operates in order to monitor them at maximum efficiency.

Technology is here to stay

Anyone who thought that the Internet was just a new kind of hula hoop or spacehopper – here today, gone tomorrow – probably feels pretty stupid right around now. Internet is here to stay, at least until The Big One hits, so get used to it. Furthermore, the Internet has migrated to a plethora of network-enabled devices, grouped together under the umbrella term, The Internet of Things, implying the need for new protocols, security, hardware, OSs, etc…

4. Client-facing. Always.

Real products for real people, real sysadmins overseeing real networks.
Pandora FMS is designed to be a multi-functional workhorse, with enough grunt to tame the wildest beasts on your IT setup. As a systems administrator, your task is to maintain the network and provide in-house and third-party support.

5. Review and evaluate processes

A network is like a woman complicated organism; constantly changing, never the same, frustrating, full of data that must be sifted to arrive at a true understanding, and requiring a lot of care and attention.

Achieving successful network management is a non-linear process with a lot of ups and downs. But, with the help of a good monitoring system like Pandora FMS you’ll see quick and efficient changes in your network monitoring.

network administration

We hope you enjoyed reading about our tips for network mastery. If you’re interested in subjugating your network to your will, visit the Pandora FMS website.

AlertsFeaturesMonitoringNetworkNetwork Monitoring

Network management: reduce alerts for better performance

May 11, 2017 — by steve2


When faced with the technological plenitude offered by almost any company’s IT infrastructure you might be tempted to think that installing a monitoring system to oversee each device, and alert your team when there’s an issue, is the best bet. Of course, here at Pandora FMS we love monitoring, but even we realize that less is often more.

network management featured

“Man’s reach should exceed his grasp”, wrote Robert Browning, when he wanted to extol the human spirit and its insatiable ambition. However, when it comes to network monitoring, too much ambition will leave you trying to micromanage every node, which, if you try to do it manually, like the man in Browning’s verse, will leave little time for anything else.

What do you really need to monitor?

Basically, we’re talking about huge amounts of data, machines, devices, elements, components, gee-gaws, gadgets, and so on, so the best way to go about monitoring these elements is to set up automated alerts. Forego monitoring non-essential equipment and concentrate on business-critical hardware and software

Network Management and Alerts

Webster’s dictionary doesn’t have a lot to say about alerts in the monitoring sense, but we can define them as configurable responses to network events. These responses are channeled through messaging services such as email, Twitter, Telegram, SMS, or even as command executions. Alerts can employ custom properties to identify relational systems and thereby be created intelligently. It’s possible to set up alerts to trigger when certain conditions are met, such as an agent being unresponsive for 10 minutes, or when the CPU’s memory is overloaded.
Configuring alerts to this level of fine-tuning can be complicated on many monitoring tools, which is why Pandora FMS has a modular alerts system allowing the user to separate the triggering condition that launches the alert from the action to execute when the alert is triggered from the command executed.

Modularity is the key to simplifying alert configuration, and will save you time in the long run, as once a new alert is configured you don’t have to configure it again in case you decide to add another agent. Pandora FMS simplifies alert deployment of configured alerts, and makes network management much easier.

Deactivated or deleted alerts

Before cancelling or deleting an alert, remember you can also modify the alerts you’ve previously configured. Take a look at the trigger conditions and add new ones-hey presto! You’ve just reduced the number of alerts that are going to be unnecessarily generated, saving time and money. Give yourself a pat on the back!

Before deleting any alert definitively, you can decide to deactivate it and put it on Standby (the difference between the two states is that alerts on Standby are visible in the alerts view). This is useful if you’re doing some network plumbing and you don’t want alerts triggering at a specific time, for example.

Click on “disable alert” to deactivate an alert from the agent side.

network management

And lastly, if you want to eliminate an alert from the agent you just have to click the trashcan icon on the right.

network management

Why monitor?

If your IT environment is composed of heavyweight machines and applications – real beasts – it’s almost impossible to know which machines are running smoothly, or what exactly has gone wrong and where. A monitoring tool gives you the necessary oversight, and a flexible monitoring system like Pandora FMS, with its custom options and module-based alerts, facilitates deployment and maintenance more than certain legacy systems that aren’t 100% integrated, or that don’t easily scale up when your organization does.

So, you’ve deployed your monitoring, configured your alerts, and installed your agents. But you don’t want to be disturbed by inconsequential alerts all the time. Hello, Cascade Protection!

Cascade protection

Cascade Protection is a Pandora FMS feature that allows you to avoid a ‘flooding’ of alerts if a group of agents can’t be reached due to a connection failure. These kinds of things tend to happen if an intermediate device such as a router or a switch is down and all the devices behind it simply cease to be reachable by Pandora FMS. It’s probable the devices are working as they’re supposed to, but if Pandora FMS can’t ping them, it considers them to be ‘down’. For those about to be saturated with alerts, we salute you. For the rest, Pandora FMS devised Cascade Protection.

With Cascade Protection activated, only one alert gets triggered, indicating that the router, for example, is down. You’ll still see the rest of the downed elements marked in in red, you just won’t get swamped with alerts.

To get the most out of this function, configure an alert associated to a CRITICAL condition on all parents, and so avoiding triggering alerts on the child agents. Check out the Pandora FMS Wiki for more on how to set up Cascade Protection.

Check out more ideas on how to get the most out your monitoring tool by integrating Pandora FMS alerts in Twitter.

MonitoringNetworkNetwork Monitoring

Best Network Tools to manage your network

March 13, 2017 — by Javier3


Best Network Tools to manage your network

network tools featured image
Today, we’re going to bring you a compilation of all those network tools you should know about in order to correctly manage your networks. Many of these network tools have been around for some time, but they all continue evolving  and are still used in productive environments. They’re free, or at least have an open version. On another note, we’d be delighted to receive new proposals for us to evaluate and add to the list. Drop your commentaries letting us know which network tools you think are the best, and which of those you’d add to our list. We want to hear from you!

Network toolkit

In this section we’ll tell you about the most important open or free network tools that you should add to your network toolkits to better manage your net. Please keep in mind that some of these can offer enterprise editions.

MonitoringNetworkNetwork MonitoringPandora FMS

Network monitor: all you need to know

March 6, 2017 — by Javier0


network monitor featured

Network monitor with Pandora FMS

In this article we’re going to take a look at the main characteristics that a network monitor should have, their pros and cons, and how to know if it’s time to install one to oversee your company’s network. Plus, we’ll talk about the specific network monitor, Pandora FMS, a network monitor operating since October 2004 (first public release).

Pandora FMS offers both an open source version and an Enterprise version, which can be expanded with many other features according to a company’s needs.

Network MonitoringPandora FMSServer Monitoring

Server monitoring: a small guide with the best practices you need to know

March 2, 2017 — by Javier5


Small guide of best practices for server monitoring

The best practices for server monitoring begin much before the moment at which we choose or deploy a tool. It’s not about fixed guidelines, rather a way of working and understanding how to use a monitoring software. All this can be applied to any software, be that Tivoli, OpenView, Spectrum, Zabbix, Nagios, Pandora FMS or ZenOSS.

Some monitoring tools will be more flexible and allow the process to be easier to apply and others will force us to do things their way, stopping them from adapting to our philosophy. Throughout our many years of experience with different types of companies working with different applications, we’ve created a small guide for good server monitoring practices, an idea we hope will help you in your daily work.

server monitoring

Phase 1. Identifying issues when they happen

Identify your assets
This includes all that which can be monitored. You should establish a hierarchy since there are relations between different items. For example, the relation between key items such as databases and the systems they feed. A failure in the DB will affect everything else, and it’s just one of the things you should bear in mind.

Identify what needs to be monitored and what doesn’t
How is this done? by establishing priorities. Add to that list a new column that is labeled ‘priority’. This will help you start since there is a chance that hundreds of items that need monitoring will come up. You should begin by what’s really critical or high priority.

If you have a security policy, you can “cannibalize” that list since on it you’ll find things as important as business databases, backups and critical infrastructure systems. All these items should be the first to be monitored.

Classify your assets
Once you have the list and a priority field for each item, focus on critically importan items and those related to them. For example, a critical database will depend on a base system, that will at the same time have memory, hard drives and a CPU. All these items can be considered critical because of their “direct relation” with the main item.

You can create an item hierarchy that will allow you to further understand how they are related amongst themselves, for example:

server monitoring best practices

Translated into something purely technical, this could be written as:

● Accessible service verification (TCP port or WEB transaction).
● Application process that is active, RAM/CPU resources.
● CPU resource consumption from the base OS, amount of available RAM on the base OS and available disk space on the base OS.
● General device status: load average, network traffic…
● Basic device connectivity (ping)

This should be grouped into a single item so that a “simple glance” will allow you to easily view the necessary information. There are many ways to group this information: according to service, technology or origin (node/agent), everything will depend on whether the service is more or less complex and forms part of cluster or not. In any case, each application has different ways to do this. On Pandora FMS it can be done using services, groups or tags.

Define what to do when there is a problem.
This point usually passes by unnoticed and it’s essential to having the best server monitoring practices. What good is it if we detect problems, even before they occur, if we don’t notify them efficiently? Monitoring for a complex environment can be a very long process, even using an exception-based management system (event-based management) we suffer the risk of not identifying urgent issues quick and efficiently.

We already have a list of high priority services, and the items they include, the next step in our best practices for monitoring is that of identifying a responsible person that can act quickly when a problem occurs. Here we can choose the notification method (email, SMS, emerging window in the app) and the degree of scaling, based on the item affected in the service, or how recurrent the alert is. In summary, we’ll notify an operator when the service’s base system CPU is overloading, and in case that person doesn’t reply we’ll send an SMS alert to the person responsible for the service.

Categorize alerts
It’s very important to define which alerts we want to unveil and their category, with the goal to avoid alerting users unnecessarily, and so our support team knows what priority to apply to each type of alert. At first we could classify our alerts into the following groups: Critical, Warning and Message.

At this point we’ve already gone over three key ideas: numbering the assets, classifying services and priorities and defining who will be responsible and their communication methods. All this is done using a simple spreadsheet so, up until now, all these good practices for monitoring are actually useful for any monitoring tool. Dedicating time to doing this before applying the monitoring process will ensure the following: 

  1. It’ll avoid overseeing the monitoring of relevant items on our systems. This means that when there’s any issues we can be sure that nothing really bad can happen without us being aware of it. This is one of the most important things, since it’ll allow us to “trust” our own monitoring. There is nothing worse than something bad happening and realizing that it was our fault for not monitoring it.
  2. When something bad happens, we’ll have data pertaining to the issue that is accessible and easy to interpret  because we decided to retrieve information from the entire service and not do it in an isolated manner. This will help determine the cause of the problem (root cause analysis) in a natural way, defined by ourselves, independent from the supposed magic some developers offer.
  3. When a problem occurs, the involved parties will already be implicated and informed. We won’t waste time informing about the issue, rather we’ll work directly on a solution.
  4. Offer only the necessary information. This is especially important considering that if we have an entire screen filled with red icons, mixing irrelevant alerts with critical alerts, it’ll take us a long time to determine the origin of the problem and our answer will not be as quick or efficient. Excessive information can be even more harming than the lack of it.

Once a work method has been defined, this method can be applied to deconstruct the main issue (the entire organization’s monitoring) into parts, like any competent engineer would do: we can do this by services, priority, technology, departments, geographic locations, etc.

phase 2. Identifying problems before they happen.

Once we have the basic idea down–identifying without a shadow of a doubt when something wrong happens–in a second phase we can face something much more difficult: determining when a problem is near. This feature, along with the one meant to detect the cause of an issue automatically and the one meant to configure monitoring tools automatically (smart thresholds, dynamic monitoring, event correlations, big data monitoring, etc.) are some of the most sought out features on any monitoring software product.

In our search for having the best server monitoring practices we must be very wary of false positives or negatives, which will start to come up when we allow the system to interpret the data. These results can lead us to misinterpreting a complex situation and take the wrong decisions in turn. All operators develop a basic instinct with time, based on their knowledge of whats normal and what’s not, they cannot say that something is wrong, but they can have the intuition that something is not right.

With this we want to insist on the fact that no one yet has achieved total automation and we always recommend our users and customers to think calmly before making a decision, and not to gamble to heavily on extreme automation, which can lead to different mistakes that will only come out when we have a problem in our installations and it may be too late to fix it by then.

Monitoring by intuition is a term that hasn’t been heard yet, not even from Gartner analysts, but it’ll all come around.

What does intuitive monitoring consist of?

There are two ways of going along with it: the pseudo automated way or the purely visual way. In the first one, we’ll define small alerts that advise us when something leaves the “normal” operational thresholds. This doesn’t mean that they enter into “harmful” or error thresholds, simply they go into values that are different to what is contemplated as “normal”. For this we must create an alert category, as we mentioned in the first phase, that leaves no margin for misunderstanding that these abnormalities are not an issue, rather just something suspicious, erasing the concept of “criticality” in them. This is meant so in case there are many events of all types, these can be hidden from the general view with ease if necessary.

The other way is to create dashboards or displays (each tool has its own way to label it) that have to serve the purpose of putting up a group of real time graphs on a really big screen, in order for all people to have the same information. An operator that is always looking at the same displays, in the same order, with time develops the ability to tell when something isn’t right.

The necessary tools

Without getting into specific applications, what will be discussed here are features that are essential at the time of applying any useful monitoring processes for an organization that takes the operation seriously.

Some indispensable items for any software that claims to give value are:

Alerts. They must allow for scaling, include item groups (correlation) and allow users to define complex tasks (apart from sending an email or SMS notification). Now that many organizations work with collaborative tools (such as Slack or Mattermost), the ability to insert an event into a group, including a graph and a description of the issue, along with a direct link to the monitoring scheme, allows for a much quicker response than a simple SMS alert would.
Graphs. Graphs should be a tool, not something static. This means that they have to be able to be filtered, pressed, they must be able to be combined dynamically with other data series, show the detailed evolution throughout large periods of time which can be compared to values in similar intervals from prior months, etc. Graphs are the main source of numerical analysis we have available. A graph provides a lot of information in a very easy to interpret way. A system with static graphs can be very aesthetically pleasing, but it’s not useful.
Logs. The following step when approaching an issue or suspected problem is to analyze raw information. This can simply be done through data charts or raw data that’s being introduced to the system (log registries). In case this data is missing, we are then limited to graphs and events.
Direct access to the source. This exceeds what the monitoring system does in general but, if we have precise information (alerts), data strings that help us understand the behaviour (graphs) and precise data that helps narrow down our analysis (logs), the next logical step is to directly access the system that generates all that information. The fact that a monitoring tool allows us to access that system easily simply closes the cycle.

We hope this article on good server monitoring practices has given you more of an idea on how to carry out a good monitoring process. For any doubts, comments or suggestions, don’t hesitate to contact us and we’ll be delighted to reply to your questions. 

MonitoringNetwork MonitoringServer MonitoringVisual consoles

Solarwinds alternative to monitor your infrastructure: Pandora FMS

January 18, 2017 — by Carla Andres3


Solarwinds alternative

Solarwinds alternative


In the present article, we want to introduce Pandora FMS as a Solarwinds alternative. We’re going to put two of the fullest-featured and highly regarded monitoring products on the market, Pandora FMS and SolarWinds, through their paces, and seeing how they shape up mano a mano. We’ll begin with a general overview of the two tools before looking in more detail at:

  • General technical capabilities
  • User-friendliness
  • Costs and licensing

Both solutions are designed with medium-to-large business IT infrastructures in mind, and are focused on monitoring those systems to ensure detection and anticipation of problems proactively and immediately. Both platforms are also visually oriented, presenting information in the form of graphs, charts and dashboards.



Let’s begin by looking at what’s needed, in terms of number of machines, to start using these solutions. Here is where we find our first difference: Pandora FMS is a more compact solution, requiring fewer machines for its installation. Pandora FMS consolidates almost all its functions in a single product, which, in the Enterprise version, includes all the components necessary to monitor networks, hardware, websites, and to produce reports and network maps, enable dashboard functionality, and so on. Moreover, the Enterprise version of Pandora FMS includes extra features, which, while being integrated in the console interface, have to be installed separately, for example remote control or dedicated mainframe monitoring and dedicated SAP monitoring. On the contrary, SolarWinds is made up of a series of products which can be integrated, covering all the bases by use of a modular system, but which requires more machines for its installation.


We’re going to look in detail at the components and requirements for each product, as well as carrying out a price comparison, based on the starting price points quoted by each supplier on their website:

Pandora FMS Products

With the Enterprise version and the SAP plugin (Total €6750), Pandora FMS provides the same network oversight as the Solarwinds products listed below.

The NMS version of Pandora FMS, oriented toward network environments, includes the same functions and features as the Enterprise version with the exception of remote management of software agents. eHorus allows remote control and Shell remotes, as well as file transfer, and is totally integrated within Pandora FMS. The prices shown above are for a total of 100 devices and a period of one year, including official support; when the year is up, the license continues indefinitely but without support.

SolarWinds Products

Each of these components have their own hardware requirements; some of them belong to the Orion suite of products, some of them can be integrated to create a central monitoring server modularly, others function independently. The hardware requirements of almost any of these products surpass those of Pandora FMS. Orion suite products can be installed independently or on the same machine, but will always require an additional physical server for the installation of an SQL database. As for the rest of the products, the manufacturer does not specify if they can cohabit the same machine, or whether it’s recommendable that they be installed separately. However, given their elevated hardware requirements, a setup with a minimum of three machines would probably give the best results; Orion suite, SQL database and Log & Event Manager; the other products listed above have more limited requirements and can be installed on one of the previously mentioned machines, although the manufacturer recommends those machines be used exclusively to host monitoring applications.

To put it basically: just one Pandora FMS license gives you the same monitoring coverage as the following Solarwinds products:

Pandora FMS Enterprise Network Performance Monitor
Server and Application Monitor
Web Performance Monitor
Netflow Traffic analyzer
IP Address Management
Virtualization Manager
Log & Event Manager
Network Topology Mapper
Secured Manager File Transfer Server

The cost of the base license includes a minimum of 100 elements to monitor, plus a year’s official support, except in the case of remote control software DameWare, whose licenses are for number of users, not the amount of hardware to manage, with a starting price of €299. In the case of Pandora FMS, the remote control cost is based on the number of devices, independently of the number of users or active sessions there are.

Requirements Comparison

After analyzing both possibilities, and the different concepts they represent, some differences are particularly noticeable:

  1. Pandora FMS offers 90% of its features within a single tool. Solarwinds is totally modular.
  2. Pandora FMS’s hardware  requirements are minimal, whereas Solarwinds requires various powerful machines.
  3. To get the same functionality from Solarwinds as you can from Pandora FMS you’d be obliged to invest much more of your business’s money. In both cases the price corresponds to 100 elements and a year’s official support.


Pandora FMS comes with all the necessary components out-of-the-box to launch integrated monitoring. Some of these components come deactivated by default for performance motives, but are easily activated.


On the other hand, SolarWinds is made up of various products that must be separately installed. We’ve tried a few of them ourselves: Network Performance Monitor, Server and Application Monitor, Web performance monitor, Virtualization manager, etc. Each of these products has its own hardware requirements and its own installer, but it’s possible to install many of them on the same machine (Orion) and their integration is totally automatic, with a single point of access to the information (web console), although some will also function independently from the monitoring web console. However, to achieve the same functionalities as offered by Pandora FMS you’d have to install all the distinct Solarwinds products mentioned above.


The second difference is in the area of compatibility: Pandora FMS is officially supported on Linux and Windows systems while SolarWinds is only supported on Windows. While it’s true that Pandora FMS is supported by both operating systems it’s also fair to say that it’s oriented especially toward Linux, mainly for reasons of performance, stability, ease of integration and historical trajectory. The third important difference resides in its database; Pandora FMS uses MySQL (with support for Oracle currently in testing phase) while SolarWinds uses SQL Server.


Installing either solution is simple. The Pandora FMS team provides an appliance in the form of an ISO image with which to install the recommended OS (CentOS), along with the application and all its dependencies. In just a few minutes the software is ready to go. On the part of Solarwinds, .exe installers are supplied for each of its applications, which, via a simple wizard, quickly carry out the installation.




How user-friendly are they?

Once you log on to either one of the systems you have total access to the tools. Apart from the design component, you can see clearly the basic differences. The Pandora FMS interface is cleaner and more intuitive, featuring dynamic menus sorted into convenient subsections. It also tells you where you are in the dashboard at all times, via a green check mark in the corresponding menu. Solarwinds, for its part, presents an interface with a large amount of default information.

In terms of navigation, Pandora FMS’s clean layout makes it easy to explore, with its clearly differentiated sections, large and intuitive buttons, and little in the way of clues about what’s inside, making it obligatory to start from zero and explore for ourselves the possibilities contained in this “Pandora’s box”. Solarwinds, for its part, displays a lot more information right from the first screen, with a default appearance loaded with dashboards, graphs, charts and information-bearing elements, giving a good account of its power to present data. Furthermore, practically all tasks and configurations are executable through detailed wizards.


The final choice will depend on your own preferences: the lightness and clarity of Pandora FMS, easy to assimilate but featuring less initial information; or SolarWind’s info-bombardment, which needs time for the user to get to grips with, but which demonstrates from the get-go much of its capabilities. In the case of Pandora FMS, supplementing the lack of default visual elements is easy enough, by creating agents, dashboards and custom screens, thanks to the clarity of its interface and its “one tab” navigation system. Solarwinds’s wizards perform the same function, guiding the user through screen creation and custom options.


One useful detail of the Pandora FMS dashboard is the ease of orientation within the different menus: you always have a visual reference letting you know just where you are at any time, facilitating the learning process, something lacking in the Solarwinds GUI.




Both tools support remote monitoring as well as agent-based monitoring on Windows and Linux. Both technologies are also similar, using principally ICMP, SNMP and WMI for remote checking, as well as port and web transaction checks. As far as agent-based monitoring goes, Solarwinds has an advantage: automatic deployment of agent software on the machines where you want them, directly from the server. You’ll need the corresponding credentials, but it makes the initial deployment go much more smoothly.

On Windows systems it’s important to keep in mind that possible problems and incompatibilities can arise (ongoing conflicting installations, pending reboots, system requirements (.NET framework version)), and so on, making a troubleshooting manual all but mandatory. Once the agents are installed, both solutions centralize management via their respective web consoles.

Solarwinds’s agents work based on a series of default plugins, installed in function of the system where they are to operate and these plugins obtain the relevant information from that system, making working with agents very easy as they run a large number of default checks. The drawback is the extra drain on the system’s memory such a loaded agent implies.

Pandora FMS comes with a powerful software agent, whose function is based not only on plugins but also on individual checks, as well as permitting the deployment of software thanks to its archive collection, proactive execution of scripts and self-healing commands. Apart from being lighter, the biggest advantage of Pandora FMS agents is their flexibility, which allows an administrator to individually carry out any kind of check in the form of a command or a script, as well as to add new community plugins (developed in any language) in order to perform more complex checks and extend the capacities of the tool still more.

Despite the ease of installing Solarwinds’s agent software and the access it affords to abundant visual information, its lack of flexibility and reliance on the included plugins can be limiting. In this category it’s not unfair to say that Pandora FMS’s powerful agent software has the lead over Solarwinds.

Furthermore, Pandora FMS incorporates dedicated Mainframe monitoring as one of its very few additional modules, and it’s 100% integrated in the Pandora FMS console, a feature that Solarwinds doesn’t include.

Adaptability in different environments

Both tools can adapt to distributed and complex environments, adopting different options to do so, for example, monitoring via NAT, monitoring DMZ networks, cloud monitoring, behind firewalls, and so on. Although they are labeled differently, the options are quite similar on both Solarwinds and Pandora FMS. Both offer distinct monitoring engines which act as proxies, redirecting the information before finally consulting a single database. In this respect both solutions have done their homework, being highly adaptable, and able to operate in diverse technological environments.

solarwinds alternative


data storage/maintenance

Since we’re dealing with products whose value resides in the information they collect, the database is a critical component, impacting on the performance of the tool and its usefulness. Each solution has its own way of managing the data history of the monitored systems in order to optimize performance and maintain the data in the best way possible.

Solarwinds maintains its database through periodic purges of older data. The default values permit the storage of detailed data for a seven-day period, hourly data for a 30-day period, and daily data for 365 days.


According to these (configurable) default values, you can access reports with complete data for a week, or reports with hourly data for three weeks, and daily data reports for a period of up to the previous 11 months (the 12th month corresponds to the present and will contain more detail). This data is stored for each individual check carried out by the tool, and maintenance is automatic, and on a regular basis.

Pandora FMS is different in this feature, as it stores all data for a period of up to a year, thanks to a double database system: one in real time, and the other historic. The real-time database stores all information for 45 days by default and afterward transfers it to the historical database, where it is stored at the same level of detail. This is done by compressing the numerical data, thereby getting the most out of the storage system without suffering any negative consequences, in terms of degradation, or affecting the database’s performance.

Pandora FMS enables you to get detailed reports, and for longer, without affecting performance. Maintenance, as with Solarwinds, is performed automatically and on a regular basis.

Dashboard and custom screens

Solarwinds enables us to view large amounts of information due to its automatically generated dashboards, viewable upon installation of the applications, and completion of the wizards.


solarwinds alternative


solarwinds alternative

Pandora FMS ‘s requirements are considerably less demanding, but a more ample deployment is necessary at the beginning in terms of manually constructing the dashboards. Plus, Pandora FMS runs fewer default checks than Solarwinds. However, its potential is immeasurable, and thanks to its flexibility, allows the user to achieve similar, or even superior, results when compared to Solarwinds.

solarwinds alternative



Both tools feature mapping utilities allowing the user to create custom maps, which can be used in dashboards to present information quickly and intuitively on a large monitor or screen, either for a team of operators or an operations manager in order to, for example, see the result of nightly backups or regional sales.

Given that Solarwind’s agents are oriented exclusively toward collecting IT data (networks, servers, applications) it’s complicated to make control panels which also include complex business metrics, such as calculations derived from a database, real-time calculations, etc. Using Pandora FMS it is possible to display this kind of real-time information, giving the edge in terms of flexibility.

Pandora FMS:


solarwinds alternative

solarwinds alternative




solarwinds alternative



Alerts system

Both solutions also come with their own alerts systems that enable configurable automated actions to occur, such as email delivery or the execution of personal scripts. Both alerts systems feature advanced configuration options, affording them both a high degree of flexibility. The alerts are generally based on the state of modules, which are defined by thresholds.

In this sense, Solarwinds does go the extra yard, featuring an intelligent learning system that automatically modifies thresholds, basing the modifications on recent data (from the previous few days). However, this feature is also integrated in the Pandora FMS roadmap for its next major release at the beginning of this year, 2017.

events console

Both Solarwinds and Pandora FMS feature detailed events consoles that supply useful information about the platform immediately, using “activity register” mode. This permits the execution of filters and searches to locate problems or changes, extremely practical when it comes to precisely identifying the problem.

However, Pandora FMS includes an advanced feature that enables event-based alerts, allowing the user to configure automated responses to specific situations, such as updates, the introduction of new agents, received SNMP traps, and so on, adding yet another layer of flexibility to your tool.

Pandora FMS:




Network maps and topology detection

Pandora FMS and Solarwinds both automatically generate their own network maps, based on self-discovery and manually created group distributions. The design of both is similar, although Solarwinds has an especially useful characteristic: exporting maps to Microsoft Visio. It needs the Network Topology Mapper product in order to use this function, whereas Pandora FMS comes with full maps in its Enterprise version.

Both products are capable of detecting network topologies via the switches’ SNMP and map the interfaces of each device, allowing manual editing of the maps generated.

Pandora FMS:





Managing large environments

One of Pandora FMS’s most notable characteristics (much missed in Solarwinds) is large-scale management of the monitoring environment. Threshold editing, deployment of new checks, creation of new checks and new alerts, plugin execution, and so on, all performed on hundreds, or even thousands, of devices simultaneously and from a centralized point, Pandora FMS’s policies consist of complete monitoring screens that include all these elements and can be deployed on as many devices as you want, centralizing the deployment and allowing custom monitoring and the ability to change any element simply by editing the policy, whose changes are inherited immediately by all the devices included in that policy.

The most pertinent feature to note is Pandora FMS’s capacity to perform the above either via agents or remote checks, enabling total control over the monitored park.


Furthermore, among Pandora FMS’s numerous features, a software deployment system can be found, the archive collection, which allows any kind of file to be transferred from the tool to the agents, facilitating the deployment of plugins or additional personal scripts. The archive collection can be found integrated with the policies, meaning it can be massively managed. Solarwinds has a separately available product dedicated to software deployment, Secure Managed File Transfer Server.

Solarwinds does not have a solution targeted specifically at massively managing a monitored environment, making it difficult to maintain the tool, or to include new elements within our monitored area. Although Solarwinds can achieve this by means of groups, Pandora FMS has the lead in this area.

Scalability and large environments

Both Solarwinds and Pandora FMS are upward scalable to accommodate large or distributed environments. Basing their scalability on adding extra process servers, both manufacturers claim to be able to manage thousands of devices with no degradation of the service.

Solarwinds allows the addition of as many polling engines as necessary, which contact the main server, and this in turn contacts the relevant database. In the case of Pandora FMS, there are various options, from adding servers that redirect the data to the principal server, or installing processing servers (in the latter case the servers require an individual connection to the database). It’s also possible to install Pandora FMS on parallel servers and allow an external load balancer to handle the load distribution. As you can see, both Solarwinds and Pandora FMS feature diverse high availability and failover options, and not either one of them seems to have found its limit in terms of the number of devices that can be managed.

Both alternatives come with a high-level management dashboard for just those cases in which an architecture is geographically distributed, or distributed among different clients. These consoles allow the user to access all the information from different instances, with their respective databases, and provide quick access to the status of a high number of machines. Pandora FMS’s Metaconsole is free for environments of over 2000 devices; Solarwinds’s Enterprise Operations Console comes at an extra charge.

Pandora FMS:





Web reports and SLA

Again, both tools include a reports section integrated in the web console. They work in similar ways, allowing the user to choose among a series of items and default reports, showing the results in HTML in the browser itself or in PDF. Solarwinds’s variety of prefabricated reports gives it an advantage in this area, but Pandora FMS can create reports based on custom SQL queries.

Solarwinds also comes with a free product dedicated specifically to creating SLA IP reports. However, on-demand SLA reports must be created manually via SQL queries.

The following example shows an SLA report on work hours:


In terms of SLA reports, Pandora FMS has the edge over Solarwinds, whether it’s in the case of predefined monthly reports or custom reports for measuring SLA for any element, which can also be displayed as graphs or charts and extra information relevant to the specific SLA, and all via a complete wizard which allows you to modify any parameters still farther. Furthermore, thanks to Pandora FMS’s data storage model, which stores detailed data for long periods, it’s possible to get SLA reports (or any others) long after the data was collected.

The next example shows an SLA report including maintenance periods:




Pandora FMS y Solarwinds both have an integrated inventory management system which allows you to see what hardware and software you have installed, and which can generate reports, alert on any changes in the infrastructure and perform searches to achieve real time control over your IT assets such as, for example, finding out which of your machines have an anti-virus installed. This characteristic is especially useful, facilitating enormously the work of system administrators, liberating them from the tedious task of updating spreadsheets.


Service monitoring

Is your online store working correctly? Is there any problem with deliveries? Can users access my web support? All these questions have their answers in technical components: servers, databases, and so on.

In order to cover these requirements at the highest level Pandora FMS counts on a series of features known collectively as service monitoring, through which it’s possible to define a series of critical elements, forming a tree graph like the one below, displaying the critical points of a company and where it’s possible to see how technical issues can impact on the business itself. The graph also includes the SLA status of any critical service.


In the above screenshot, the graph displays just how a failed component is affecting an intermediate service (a monitoring satellite), and producing a dip in service quality for the end-user or client.

In the following screenshot, the effect of a failed component on a larger network can be seen. You can see how the software allows a user to know whether the problem is critical, or represents a drop in service, and exactly where the problem is occurring within the infrastructure.


Solarwinds does not have a product or application that meets this demand, giving Pandora FMS another significant advantage.


Final conclusions

After an in-depth analysis of these two monitoring products it’s time to go over one more time the key points of each tool, and their respective pros and cons. Both solutions feature characteristics aimed at Enterprise environments, and supply solutions that any medium to large company needs to have covered.

solarwinds alternative

Pandora FMS


  • Compatibility
  • Price
  • Requirements
  • Flexibility: the possibility to incorporate any plugin to the tool, along with the possibility to customize both the monitoring and the control panels
  • Software agents
  • Business-side monitoring/services monitoring
  • SLA reports
  • Managing huge environments: policies


  • Limited default content
  • More extensive initial deployment
  • Steep learning curve, due to its power



  • Easy to install
  • Large number of default control panels
  • Large number of plugins and default information
  • Gentler learning curve: use of wizards


  • Price
  • Requirements
  • Difficult to maintain: many products and machines
  • Not much flexibility to change default content
  • Compatibility: only with Windows

Pandora FMS focuses its efforts on being a technically powerful product that also enables customization and flexibility, being a light piece of software that doesn’t require a large team of admins to use or maintain it. It offers a suite of tools that make managing your network simpler, and almost all its functions are incorporated in the one product.

Solarwinds offers a lot of information, control panels and content quickly and easily right from the get-go, and to a high quality. Due to its range of separately licensed products Solarwinds can achieve better results in some specific monitoring tasks such as log analysis and correlation, or exporting Microsoft Visio to its network maps.

MonitoringNetworkNetwork Monitoring

Seven of the best free network tools every sysadmin should know

January 5, 2017 — by Carla Andres0


free network tools

Free network tools that you need to know

Network administration is one of the toughest challenges a sysadmin can face. Not only is it complicated in itself, it´s also of vital importance for large and medium-sized companies, and their balance sheets. In the online world, companies such as Google, Facebook or Twitter, or organizations like banks and telecom companies cannot afford to have their sites unavailable. And that´s not to forget the world of e-commerce; one can only imagine the thousands of dollars in lost business for a company like Amazon or Alibaba if their network isn´t working.

In my experience as a network consultant I´ve been able to analyze hundreds of networks, and I´ve had the opportunity of working with top sysadmins, giving me the chance to learn about many of the problems they face on a daily basis.
Apart from learning what the main problems for a systems administrator are, I´ve also gotten to know the principal tools that they have installed in their Shell, and I’m going to share that information with you. Read on to find out the seven network tools no sysadmin should be without. And, by the way, they’re all free!


Wireshark (and tcpdump)

The go-to tool for traffic monitoring, for its ability to understand and analyze most communication protocols, its low consumption and its ability to generate logs. These same logs can be mined for data in real-time or historically, giving invaluable information about network performance. Plus, it supports both graphic and console modes; what’s not to like? Note: it’s a good idea to use Wireshark if you’re using tcpdump for generating logs.



Are you worried about vulnerabilities in your network? You probably should be. How can you find out which ports are open or which servers are active? Look no farther than NMap. Integrated with Zenmap it provides graphical information about your network, so you can track every node, every element, everywhere. It also integrates third-party scripts, making it even more effective at self-discovery. Get a head-start on malicious actors and close down those vulnerable points in your network.


A nice little time-saving tool which every sysadmin should have installed on their PC, and coming in at only 528 KB. With this lightweight tool you get access to every element in your network, whether it’s via telnet, ssh, ftp or others. Manage and save your connections and stop wasting time introducing passwords, IPs and serial numbers constantly.



Another tool for monitoring network traffic, NTop understands almost any protocol and displays them graphically (handy for the non-techy people at work), allowing for a thorough analysis of your network traffic. The Open version supports almost any protocol thanks to the numerous plugins available.



Do you need to upload bulky data packets? Or automate your file-sharing? Look no farther than this free tool. Access any machine via FTP, FTPS or SFTP and start sharing, either by client software or a server.
FileZilla allows you to upload, download, delete or modify files on a remote server, and also comes with a directory comparison function, allowing you to see any differences or changes made on those files. As you can imagine, it’s a beautiful time-saver for the harassed sysadmin.


Time to go mobile? Not a problem. You can keep an eye on your network from your handheld device, using this tool and installing its server. It works via SSP, meaning even if you lose coverage or change WiFi networks you’re still connected. Win-win.



The tool I wish I’d had back in the day. Administering a network and, most of all, assisting its users, would be impossible without remote connection. Perhaps the most well-known of the tools which facilitate this connection are VNC and TeamViewer. Certainly, they’re the ones I’ve come across most often in my time as a network consultant. Well, a few months ago a new player emerged; eHorus. With this tool you can remotely access any computer simply by using a web browser. That’s right, you can access any computer with an internet connection, without having to worry about firewalls.

For me, this is my personal pick of the best, or the most necessary, tools a sysadmin should have in their toolkit. That’s without going into all the other components such as servers, proxies, firewalls and storage that are a vital part of any network. Depending on the demands of your network some of them will be more necessary than others. In this article we’ll take a look at over 40 network tools.

MonitoringNetwork MonitoringPandora FMS

Top 16 best network monitoring tools for 2016

January 2, 2017 — by steve60



Towards the end of 2016 we made a short introduction to network monitoring and we told you about the main characteristics to keep in mind when selecting a network monitoring tool. This was meant for users whose installation couldn’t conform with standard syslog monitoring or standard bandwidths.

To see what characteristics we talked about in order for you to make a smart choice, you can refer to that article about network monitoring. In addition, read this article to get more understanding of a network monitor.

EnterpriseMonitoringNetwork MonitoringPandora FMSSystem Monitoring

Is it worth installing a monitoring system: a cost analysis

October 26, 2016 — by Javier3



For some companies it can be difficult to put a monetary value on a monitoring service, especially if that company has never experienced a serious network or system failure. In the balance between cold, hard cash and a bunch of hypothetical variables which it’s your sysadmin’s job to sort out, you might be tempted to think it’s not an essential investment. On the other hand, if you’ve ever had a server go down due to monitorable elements misbehaving (overloaded data drives, security breaches), or experienced a non-functioning application slowing down your procurement process, you know how much business can be lost before the problem is diagnosed and your network is up and running again.

We’re going to attempt to formulate an equation to calculate the benefits of having a monitoring system in place. Not just any monitoring system, but our own multi-tasking monitoring application, Pandora FMS; equally at home monitoring HW and infrastructure, applications, servers and business processes, among its bag of tricks. The more of your network Pandora FMS is monitoring, the greater the benefits will be, but for now let’s just focus on network monitoring.

Before we begin let’s just take a quick look at what we mean by a network monitoring system, and how a business or organization could be affected by a network outage.

What is a network monitoring system?

Briefly put, it’s a system, or software tool, capable of observing all the different components of a network, both software and hardware, and reporting on their status and activity with the objective of avoiding incidents before they happen, or, if something does happen, to provide a solution.

So, for example, Pandora FMS can take highly abstract information, like the activity inside a network, and represent it graphically, giving you a clearer view of what’s happening. This information can be further segmented and grouped to give information about the different OSs installed, or the bandwidth they’re occupying, about the availability of your website, or the status of your servers, all delivered through a configurable dashboard. Most importantly, the system generates alerts, according to the parameters established by the user, which warn us of any changes in the elements or components being monitored.

Now we know a little more about what a monitoring system can do, let’s take a look at the different areas of our organization which could be affected by not having a monitoring system installed, and try to put a cash value on them.

Areas affected by not having a monitoring system

Human Resources and Financial Resources

Employees are often said to be the most valuable asset of any company, but that manpower comes at a cost.

System Administration team

How big is it? How many workers do we have checking on our network, and solving incidents? How much is our system administration costing us? A quick look at the payroll should give us our answer. Are the employees working around the clock to keep an eye on the network? Are they working with an outdated legacy system, requiring specialist knowledge of the idiosyncrasies of that system? Wouldn’t it be cheaper to automate that service, or to export to a homogenous, integrated system, and have it maintained by an onsite technician with remote backup support?

Incident resolution time

Another function of a network monitoring system is to assist the people in charge of maintaining the system to detect and solve problems as quickly as possible, which, thanks to their mapping and analytical capabilities, monitoring systems are very efficient at doing.

Call Centers

If a company operates a call center, monitoring the availability of our network is imperative, since a lack of availability is going to seriously affect the quality of the service. A monitoring system capable of detecting and resolving possible availability issues is going to be able to maintain, or increase, the traffic at that center.

Other employees

If your email server is down, plenty of employees are going to be affected, productivity is going to decrease and business is going to be lost. And that’s just email. Imagine the number of applications any organization is running and you have an idea of what it costs for those applications to be down.

Advantages for businesses

There’s a direct relationship between the correct functioning of our network and our balance sheet; depending on the kind and size of company the impact of an outage will be greater or lesser, for example:

  • Online sales: obviously a business that relies on an internet connection is going to be affected by a network outage, not only financially but also their reputation is going to be affected as well, seeing as they were unable to provide a satisfactory customer experience.
  • Companies using internal software tools: Any company with a BackOffice system and employees working in incident resolution, orders, purchasing, customer attention and so on, is going to be at risk of some seriously costly downtime if there is an outage. Monitoring those internal software elements is going to save a lot of money, and our reputation, in the case of an incident.
  • Network-based client services: Telemarketers, telecommunications companies, multimedia services, and so on, rely completely on access to a network to provide those services.

Intangible values

These are values which are difficult to calculate, or put a cash value on, for example brand reputation. It isn’t easy to evaluate the value of a brand, but we know it decreases if it’s associated with any of the situations described above.

Associated costs of monitoring software

We’ve seen how a network outage can adversely affect a company’s or business’s bottom line, either through loss of sales, downtime or damage to the brand reputation. Now it’s time to look at the costs of acquiring a network monitoring tool. Even an open source tool, such as Pandora FMS, has some costs associated with its installation and configuration which will form part of the equation we’re trying to work out. The chief costs are:

  • Licensing costs, in the case of Enterprise versions
  • Maintenance costs, and the cost of the internal support team. These costs will be higher if the software isn’t backed up by an external support team, who can give valuable help with the initial installation, and any subsequent upgrade installations, new releases and new functions, incident resolution, etc.
  • HW and SW storage for the monitoring tool.
  • Training in the use of the tool.
  • Consultation and/or post-sales services.

Calculating the ROI

One of the principal functions of a monitoring system is to detect problems in the network, and launch alerts to avoid any collapse or loss of availability.

Different manufacturers have different ways to calculate cost-savings based on having their monitoring systems installed, but there are so many variables and hypotheticals involved that a really accurate calculation is almost impossible to make.

The simplest evaluation to calculate is to look at the impact on employees of a network outage using the following parameters:

NT = Number of times there has been an outage in the past year

AD = The average duration of the outage

EA= Employees affected

CE = Cost of maintaining an idle employee


In the hypothetical case of a medium-size company of 100 employees

If the company experiences six outages a year, with an average duration of three hours each, affecting a third of the employees (33) and costing $25/hour we get the following result:

(6 * 30) * 33 * 25 = $148,500/year in losses due to outages, without taking into account any loss of sales or damage to the brand.

Does my organization need a monitoring system?

We’ve seen how it’s possible to get a rough estimate of the cost on our business of network non-availability and the usefulness of consulting with potential suppliers the viability and benefits of monitoring systems.

What to keep in mind when deciding which network monitoring tool is the right one for our needs

Installing a network monitoring tool is vital if we want to avoid losses related to network issues, and dedicate our employees’ time to more productive tasks. However, not every system is going to be the right one; the right tool for the job should be our motto, so keep in mind:

  • You should be able to deploy and configure your chosen tool rapidly and easily
  • It should be simple to maintain
  • It shouldn’t have any hidden costs

Keep in mind that as your business grows your monitoring system should be able to grow with it. It’s what we mean when we talk about scalability; the ability to incorporate new functions and new elements to monitor without implying an increase in the licensing fee.

Hidden costs can be taken to mean using an open source version rather than an Enterprise package. With open source there are no license fees, but there’s a higher cost in terms of the expert manpower needed to oversee the system. Keeping a high-level systems engineer on the payroll is always going to be more costly than having an integrated and supported package requiring only a systems administrator to keep an eye on things.

Hopefully, some readers will now have a better idea of the cost-saving potential of network monitoring, which, if we factor in other levels of monitoring, such as server, application or process monitoring, can only result in even more time and money saved.

EnterpriseNetwork MonitoringPandora FMSServer Monitoring

13 Reasons why Pandora FMS Enterprise is the Best Bet for your Company

October 3, 2016 — by Javier2



We believe we have one of the most powerful open source monitoring software on the market. For this reason, there are more and more users are installing and using our free, open source version. Here we will show you the main differences between Pandora fms community vs enterprise.
If you’re reading this, it’s probably because you’re curious and are asking yourself what else Pandora FMS can do for you and your business. Let’s list the virtues of Pandora to help you decide whether you need the Enterprise version or you can continue with the Community open source version. Next some key differences between Pandora FMS Community vs Enterprise will be showed.

Event Intelligence

So, your Pandora FMS starts to generate events and you want to be able to interpret them and act accordingly. Has it ever occurred to you that you can trigger certain actions based on specific events? This is called event intelligence. Pandora FMS Enterprise lets you take action based on multiple correlated events.

The most basic implementation of this is to define an alert for a type of problem, whether it takes place in a single agent or a group of a thousand. Imagine having a single alert for a thousand cases. How much time would you save? How much more simple would managing the system be?

Another case is the famous “root cause”. With correlation rules Pandora itself will tell you what’s going on, for example, if an application is not responding, but shows connectivity, the machine it’s running on is working, and also the database, then we can infer that the application must be restarted. Just one example among many.

Professional Reports

Would you like to automatically deliver Pandora FMS reports to your customers with customized covers, your logo, and according to a specific schedule? Would you like to do it through a system of templates that can do all of the above and save you even more time?

The Enterprise version is designed to make the most of your time.

Widget-Oriented Modular Dashboard

Do you think your Pandora FMS console is stuck in a rut? Would you like to customize it, incorporating the most important widgets or components and be able to see your monitorization status at a glance?

We know that many of our users not only monitor hundreds of machines but take advantage of Pandora FMS’s flexibility to monitor applications and business processes. This usually means there are more eyes on your Pandora FMS checking up on the status of the installation, applications and business processes. Would you like to configure the dashboard according to each user profile to show what each profile should see on your dashboard ?

Agentless monitoring, without limits

Have you discovered the power of agentless monitoring and want to apply it to as many agents as possible?
In the Enterprise version there are no limits when it comes to monitoring agentless nodes and you can deploy your monitor more efficiently. With the Enterprise version you can monitor all nodes that do not allow the installation of agents, deploying the satellite server that allows even more flexible remote monitoring. In addition, Enterprise network servers have up to 100 times more speed and capacity.

Virtualization infrastructure monitoring

The proliferation of virtual machines has driven us to include in monitoring all these machines. Your Pandora FMS Open is only able to monitor the virtual machines in your infrastructure, but, do you think this is enough to be sure that everything is going well? We have 300 virtual machines in perfect condition, but what if our infrastructure virtualization, which supports these 300 machines, starts to have problems?
With Pandora FMS Enterprise you can not only monitor each of your virtual machines, but you can monitor your infrastructure virtualization: VMware, EC2, HyperV, XEN, RHEV among others.

Commercially-proven plugin technology at work in production environments

One of the greatest strengths of Pandora FMS is that you can create your own plugins and monitor anything you can think of . But have you thought about how long it takes to develop all the plugins you need? Wouldn’t you like to save all this time and dedicate it to more important tasks?
With the Enterprise version you have access to all existing plugin technology for complex and specialized production:
JD Edwards, DB2, Informix, SAP, AS400, Z-OS, Oracle, Edi, SQL Server, WebLogic, Exchange, Websphere, IBM MQ, Notes, Sybase …

Centralization and automation

Are you tired of having to run manual scripts to deploy plugins and settings across your network? With Pandora FMS Enterprise you can save time and ensure 100% deployment with its console plugins distribution and configurations. With a single click you can display anything you want using hundreds of servers through policy management.

Transactional monitoring (web applications and desktop)

With the open version of Pandora FMS you can monitor virtually everything you want to at infrastructure, server and application level. But wouldn’t you like to be able to monitor the transactionality of your company from the point of view of your customer?
We have over twelve years of experience in monitoring, and we know that the closer we can monitor our client the sooner we can detect the problem and find a solution with the least possible impact.
Pandora FMS Enterprise lets you simulate a transaction, whether through corporate web portals, web client applications, intranets or heavy desktop applications.
With this functionality you can be more confident that your systems not only work, but your customer experience is right.

Complex business processes

We are confident that with your Open Pandora FMS version you have been able to monitor many elements of your infrastructure. But things are often not as simple as monitoring if a disk is full, or if an application works or if the server is up. In the real world, in companies like yours, there are complex processes that require that several steps be carried out over long periods of time, sometimes in parallel, with different execution times.
With Pandora FMS Enterprise you can monitor any process of your organization and show its status in your custom process views. Procurement, insurance or mortgage processes, product purchases, logistics distributions (EDI) and many more can be monitored in your Pandora.
Thanks to this feature of Pandora FMS Enterprise you will know if there are bottlenecks and slowdowns in your processes, and be able to take steps to streamline and optimize them; and many more advantages.

Cloud Monitoring

Migrating services to the cloud substantially reduces operating costs and many companies are opting for this type of solution.

Are you in the cloud? Are you thinking about moving your infrastructure to the cloud?

Your open version Pandora FMS can add to your monitor solely information from machines within the cloud infrastructure. However, with the Enterprise version you can manage the data of the cloud infrastructure and integrate it into a single centralized monitoring, and, furthermore, validate the level of your service provider.

Infinite horizontal scaling

Is your open Pandora FMS running at the limits of its capabilities? Would you like better performance? Do you face challenges where you prefer to trust to the proven ability of a commercial product rather than constantly having to “hack” open source software?
The Enterprise version can scale up to tens of thousands of devices, and performance in some environments can be improved 1000%. Not to mention, that with that level of commitment, professional support will avoid many upsets.

Patch updates and 100% secure upgrades

Good monitoring can prevent complicated situations before they arise. Service downs can be prevented, but if a monitoring system goes down? You’re driving blind. The Enterprise updates, unlike the community ones, must pass rigorous quality testing. These consist of several stages, including a testing operation performed manually. We offer direct support and support our customers when they update. What if I have a problem with a community update? Patches of the OpenSource version are automatically generated each week, although obviously, those tests are not equivalent to those of the Enterprise version.

Support and consulting

Did you know that with the Enterprise version you have direct access to developers and the Pandora FMS sales team? Our team will not only help to resolve any questions you have and help you take the best decision, but they can also perform consulting improvements your monitor and perform the best kind of monitoring for your business. We don’t offer support or advice to the community version, because we are always working with long-term commitments.

We hope that after reading this article you may have a clearer idea of whether or not your business needs the Enterprise version. If you have any questions, please do not hesitate to discuss it in the post and we will happily respond.

Network MonitoringServer MonitoringSystem Monitoring

Cacti vs Nagios vs Pandora FMS, in depth

September 29, 2016 — by Javier5


Cacti, Nagios and Pandora FMS are three monitoring applications with three different approaches: Cacti is focused on graphics, Nagios on status and Pandora FMS covers both, among other functions. If you are familiar with RRDTool or MRTG, Cacti expands on that philosophy: for example, if you have a data source, you can create a graph with that data. If you have various data sources, you can combine them. Cacti started out with that philosophy and has evolved from there: creating graphs from data, which, it must be said, it does very well, as can be seen in the graphs below.

Traditionally, Cacti was used to create graphics, and Nagios to manage status and create alerts. Which is not to say that Cacti cannot create alerts, nor that Nagios has no graphical capabilities, but in both cases these are add-ons. Pandora FMS, meanwhile, was conceived and designed to execute both functions.

In this article we’re going to take a look at some different monitoring tools, make some comparisons and put them to the test in order to help our community on this blog take the decision of installing a monitoring tool on their own system.

Cacti vs Nagios vs Pandora FMS: The global picture

cacti vs nagios vs pandora fms

Data Storage and Management

Cacti uses RRDTool to manage data, storing the information as numerical data in temporal series. However, it is not designed to work as a conventional database, which limits its use outside of its graphics capabilities, and impedes comparison of data from different sources, a drawback not experienced with Pandora FMS, nor with Nagios, provided it has the relevant add-ons.

This is not to say Cacti does not use a relational database, only that it uses it to save information related to graphics and reports, among other functions, but not to store or process the graphic information it generates.

Cacti, Nagios and Pandora FMS: Network Monitoring

Cacti developed out of MRTG (Multi-Router Traffic Graphing), in order to measure router traffic via SNMP (Simple Network Management Protocol) and was later expanded to measure any information transmitted through an SNMP interface, and ultimately, any information that returns numeric data (network traffic, lost packets, CPU process time on a server, and so on).

Monitoring a network is more than measuring broadband consumption, counting lost packets, or measuring network latency. Fundamentally, we are checking for pings.

Moreover, self-discovery, system detection and topological mapping are common requirements for any network monitoring software, primarily at L2 (data link level). Furthermore, in sizeable environments, it is necessary to receive status and performance reports via asynchronous monitoring based on receiving SNMP traps, and to generate network traffic statistics working with NetFlow to visualize consumption in real time, with information proceeding from routers, and according to user-generated filters.

Cacti is only able to perform a reduced portion of these functions, due to a lack of capacity to detect a network link collapse, or to explore a network, and much less to create a network map. Nor can it receive traps or work with NetFlow.

Regarding Nagios; its initial function was to detect if a host was down, and little by little additions were introduced, although it is far from providing all the functions which a complete network monitoring system requires. Traps management is basic, and mapping is not customizable, and only works at network level. Furthermore, measuring information through graphs is only possible via third-party plugins. Nagios, however, unlike Cacti, is compatible with NetFlow.

Pandora FMS covers all these functions, and is particularly effective in the area of network discovery and mapping levels 2 and 3. The traps management system is similar to that of CA Spectrum or BMC Patrol, and is able to process dynamic variables in traps with various bindings, generating visual data modules, and alerts or events from single specific values in a trap variable. Furthermore, Pandora FMS can generate graphics of traffic consumption in an SNMP interface, monitor latency, service availability, etc.


cacti vs nagios vs pandora fms network map nagios

Pandora FMS

cacti vs nagios vs pandora fms network map pandorafms

Cacti vs. Nagios vs. Pandora FMS regarding Event Management

Or the monitoring of all events throughout an IT infrastructure, and the keeping of a record of events and incidents as they occur, are resolved or remain pending.

If a monitoring tool detects an incident this triggers an event, and another event is triggered when the incident is corrected. An event is also triggered when the system detects new elements, or in case of an alert, or in the case of reconfiguration. Event management therefore serves as the initial point of investigation as to why an incident has occurred, and also provides a history of the incident.

This technology is standard in the business world, where software programs such as HP OpenView, IBM Tivoli, BMC Patrol o CA Spectrum, Pandora FMS and ZenOSS are all used for event management. However, neither Nagios or Cacti can perform all of these functions, despite Nagios having incorporated an event history function, as this function cannot provide a full monitoring service, being merely a record of the event, without the correlation, auto-validating or monitor streaming capabilities of the above mentioned software.


cacti vs nagios vs pandora fms events nagios

Pandora FMS

cacti vs nagios vs pandora fms events pandora fms

Decentralization and Management Distribution

Both Pandora FMS and Nagios have the problem of having to obtain information from networks which are inaccessible to the main server. Nagios gets around this through its agent catalog, while Pandora FMS features a server specifically designed to function independently, to monitor, explore and detect high performance networks (more than 50,000 devices running through each autonomous server. Furthermore, Pandora FMS features specific tools for distributed network environments, such as Export Server, Metaconsola and backup servers. As for Nagios, it can be installed distributed network environments, although it requires multiple third-party tools to make this possible. Unfortunately, despite the number of plugins available, the catalog is badly maintained due to its open source nature and not having a company dedicated to maintaining or managing the extensive library of plugins.

Plugins and out-of-the-box monitoring

As mentioned, Nagios requires numerous plugins to offer a complete range of services, as does Cacti, with a much smaller catalog of plugins and extensions available, making it incompatible with standard business software such as Oracle, Exchange, Active Directory, Informix, SAP and others. Pandora FMS’s plugin library is much smaller than that of Nagios (fewer than 500), but it has the great advantage of having a company behind it to provide maintenance and management. Despite some of the third-party offers not being free, they are focused on providing real-world solutions to daily situations. The open version of Pandora FMS comes with a collection of ready-to-use plugins and modules, for basic tasks, whether with agents or for remote diagnostics. It also incorporates an SNMP explorer and various wizard SNMP and WMI to remotely monitor network teams and servers.

Cacti has an ingenious system of templates which allows it to reuse the definition of a type of source and use it massively, which simplifies its deployment in similar environments, although its usefulness is limited to the kind of homogenous environment we already know.

Network monitoring with Nagios implies having to get used to struggling with hundreds of personalized scripts, which, when completed, someone else will transform into black magic. Its very complicated to work with collaboratively, resulting in Nagios being an unwieldy combination of software and custom development.

To get the most out of Nagios, between four and five add-ons are required (check_mk, HighCharts, OMD, NRPE, NSCA, ndoutils, thruk, nagvis), plus other complex projects, such as puppet, and thousands of lines of one’s own script, in order to manage configurations. All of which makes Pandora FMS a much more independent solution.

User Community

Nagios: the first one on the scene, and with the largest community, with an almost infinite number of forks: OpsView, Op5, Centreon, Icinga, Naemon, Shinken. The community is inevitably a little chaotic when it comes to implementing plugins, and P2P tool-sharing. Each offshoot of Nagios has a different focus, which, over time, has led to issues of incompatibility among the different branches and with the original project.

Cacti has a forum, and a repository of plugins and extensions which cover the majority of the functions not included in the original software and which are maintained and updated by the users themselves. It is a widely-used system, with a variety of device templates related to network equipment.

Finally, the Pandora user community is small but compact. At least a third of the modules library is generated and maintained by the community itself, and there are forums that are continually growing. Furthermore, Pandora FMS has a community of business-users whose requests to improve specific aspects of the software, contribute to its development and improvement, and to its application in many different areas of enterprise.

Management and Configuration

One of Cacti’s notable features, when considered from a professional perspective, is the absence of group profiling, which makes it inappropriate for working with operators, clients and managers. User role management is straightforward, consisting of assigning permission to each user, via resource graphic

The user profiling system of both Nagios and Pandora FMS is more powerful, allowing integration, in Pandora FMS’s case, of users in Active Directory, Ldap or SAML (Security Assertion Markup Language), reducing the number of functions of specific users, or even defining which parts of a node are accessible to a user (all functions unavailable on Nagios).

Management on Cacti is achieved via creating data sources, based on scripts, and/or SNMP, graph management, user generation and little else. Most of the low-level work performed using Cacti is done at the keyboard, editing files of text.

There is a seemingly infinite number of plugins available for Nagios dedicated to improving aspects of its management, many of them with proprietary interfaces and even their own licensing systems, which tends to make managing Nagios something akin to trying to interpret an ever-changing collage in real time. Confusing, to say the least. Not to mention that Nagios generally requires extensive personalization from the shell, editing file configurations.

Furthermore, Nagios, and various recent forks, including Naemon, still use CGIs written in C, which isn’t necessarily bad, but it does makeit complicated to expand on it, or to make improvements. Even the most basic change requires patching and manual compiling, and bear in mind that the Nagios ecosystem is a hodge-podge of patches on each different fork, and every time you want to reconfigure it you have to restart.

Pandora FMS, on the other hand, is completely homogenous and coherent in this aspect. Plugins, extensions and third-party tech are seamlessly mounted in the interface. 99% of management is done via the WEB console, without ever having to touch a file or the shell.


While basically absent in Cacti, Pandora FMS and Nagios both entertain the concept of a customizable dashboard, which in Nagios is possible with the nagvis plugin. In Pandora the same plugin comes as standard, and it could be said that it is the software which provides the best results.


cacti vs nagios vs pandora fms graph nagios

Pandora FMS

cacti vs nagios vs pandora fms dashboard pandora fms


cacti vs nagios vs pandora fms graph cacti

These kinds of screens are not available on Cacti, although there are extensions that permit visualization of graphs in grids and charts, but can’t show status or values, very far removed from what one can achieve with Nagios or Pandora FMS.


The standard of reports which Nagios is capable of generating is quite low, while Cacti doesn’t even feature any kind of report function: the most it can do are stacked graphs. However, a few plugins are available which perform similar functions to the report software available on Nagios. Keep in mind that, unlike Pandora FMS, neither Nagios or Cacti operate under the philosophy that a report is a highly polished end product, something fit to be presented to a senior manager, an executive or a client. Even the opensource version of Pandora FMS comes with a powerful report generator , which allows customizable report creation, light years removed from the capabilities of Nagios or Cacti.

Pandora FMS

cacti vs nagios vs pandora fms report s


cacti vs nagios vs pandora fms report nagios

Cacti with report plugin

cacti vs nagios vs pandora fms report cacti

Agent Software: Server Monitoring / APM

Some may believe that monitoring software based on agents is out of date, it remains true that powerful players, such as CA, HP or IBM sometimes cover up their remote technologies, passing them off as 100% agent-free, when really, what they are doing is making a copy of an agent, executing it, and later deleting it.

For many monitoring tasks, it’s still necessary to have an agent in the machine. Nagios has quite a few (NRPE, NCPA, NRDP, and others), which, like almost everything on the program, require a bit of DIY, and, in many cases, are out of date and poorly maintained. The use of different agents within the same program is consistent with the Nagios philosophy.

Cacti doesn’t feature agents or anything like it (as is the case with ZenOSS), while Pandora FMS has far and away the most powerful agents of any of the software under consideration here. If we make a technical comparison of the quantity and the quality of the functions of Nagios and Pandora FMS agents, we can see that it’s the latter which features the most complex functionalities integrated within the agent, such as collection of events in its native form, (using a fully compatible and speedy API derived from Windows NT4, totally distinct from WMI methods), inventory collection, watchdog services and processes, collection IRT of process and service incidents, native WMI user-interfacing, agent-integrated networks diagnostics, and many others that can’t be implemented via scripts or commands, as this implies that the agent works at a low level, rather than at user level.

Not being able to rely on agents limits server/application monitoring (both of performance and status management), being as they only use SNMP (remotely) and WMI, as a plugin.

The power of Pandora FMS’s agents allows them to execute auto-validation tasks, removing elements dynamically- depending on which host they are deployed in- generating information depending on the specific host system configuration, avoiding generic metrics, and compiling the most relevant information according to the circumstances.


As the creators of Cacti say on the first page of their website, the software is intuitive, features many systems as standard and is suitable for LANs, and other networks connecting hundreds of devices.

All of which is to say that, what it does, it does very well, but it is not designed for networks of thousands of connected devices.

While it’s true that there are many well-known cases of Nagios being installed on dozens of nodes, it’s also fair to point out that there are no documented examples of clients with over 15,000 nodes featured on the Nagios website. Although Pandora FMS presents similar numbers, under laboratory conditions it has monitored up to 500,000 nodes. However, in real-world conditions, the most successful examples have been with clients with 15,000 nodes. Suffice to say that Nagios and Pandora FMS are leagues ahead of Cacti in this area.

Conclusions Nagios vs Cacti vs Pandora fms comparison

By now it should be clear where we stand (especially so, considering that this is a Pandora FMS blog!), although it must be said that we have been objective in our evaluations, testing the different under laboratory conditions and seeking always to be impartial in our considerations.

Hopefully this article will have been of use to anyone considering installing a monitoring software on their system.

MonitoringNetwork MonitoringServer MonitoringSystem Monitoring

Nagios Alternatives: 6 of the best

August 25, 2016 — by Javier2



It’s been some time since we’ve been wondering, why is Nagios deserving of the self-proclaimed title of being the “Industry standard” when it comes to monitoring. We’ve reiterated this question to ourselves more ever since they seem to be kind of limping around the industry. But that’s another story to be told, we’re here to talk about the Open Source version of Nagios (Nagios Core) and the –constantly improving- alternatives to this software which has somehow dominated the monitoring scene for the last few years. And don’t get us wrong here, this article has no intention of bashing on Nagios or any of the wonderful things it’s done for the monitoring world, it’s just that we think it’s time for a cycle change and other solutions should somehow be analyzed like a potential alternatives to Nagios.

We have about a half-dozen reasons why the “Monitoring industry standard” title is no longer property of Nagios, and we’ll discuss all of these Nagios alternatives here: Zenoss Core, Zabbix, PRTG, OpenNMS, OP5 and Pandora FMS.

All of these products offer Open Source solutions that are no longer much different from what Nagios had pioneered in about a decade ago. Let’s discuss some of the pros and cons of each, and how they compare to the “industry standard”, who knows, we might be able to establish a new standard by the end of this article if we all agree that a or b product is better for x or y task.

Before going ahead, we would like to introduce you some comparisons we have already done in Artica. We are continuously benchmarking Pandora FMS versus other solutions and we love to show you our results. Comparing Pandora FMS along with our community feedback is one of the best ways to improve our software.

Analysis that have already been conducted:

Zabbix vs Nagios vs Pandora FMS

Zenoss vs Nagios v Pandora FMS

Are you looking for other analysis and comparisons? Let us know and we will work it out.

What do we look for generally in monitoring? Well depends on how technical you want to get with it. In the IT sense, we search for the holy grail, the all-in-one solution that’ll make our lives easy and our jobs pointless: that one product that you can setup and have your boss use without anything breaking, the one that can give you the most amount of information that you need to know. If you’re on the other side of the technological know-how spectrum (means, you’re the business type with no interest or time to become an IT guy), then you’re probably looking for comfort, ease of use, something technically watered down and easy to swallow.

So let’s go over our favorites Nagios alternatives one by one.

Nagios alternative number one. Pandora FMS. All in one, built from scratch, more flexible than ever

All right, let’s address one of the elephants in the room: in monitoring most products or projects do most of the same things as the one next to it. The issue gets serious when a company decides to build its monitoring solution from a solution already developed and working. Don’t get me wrong, this is not a bad behavior, however, if you want to stand out from competitors in an already crowded industry such as the monitoring sector, the best way to do it is starting from scratch and try to change the current monitoring standards.

This is where Pandora breaks the mold. We actually went through the trouble of building something from scratch that really works. More so, it works like it’s supposed to.

We nailed it and actually created something “all-in-one” that works if you read the documentation where we have spent thousands of hours explaining how to go to the extra mille with Pandora FMS.

If you’ve got the IT know how and are willing to take the time to comb Pandora to your taste, you’re getting the best price-quality ratio, considering there’s no price on these solutions. The legend even states that some Open Source users have tweaked this out to be just as powerful as their enterprise edition, but legends are legends, right?


OP5, the second Nagios alternative- A flexible, Nagios fork, fresh but limited

OP5 is a bit more complicated to use just like most others, their open source version is a gateway to their Enterprise version, and obviously leads to revenue for them.

The good thing, although it’s a Nagios-based code, is that it’s oriented to be flexible, just like the aforementioned Pandora FMS. This means, they also pay great attention to their community, and essentially thrive off it. They’re heavily oriented to not only add value to technicians, but also to the customer or sales manager. This makes OP5 much more versatile.

They have managed to adapt quite well to cloud service monitoring and, in general, do pretty well on the internet’s fashion runway. They’re hip, fresh, up-to-date and all those good things one pays attention to while developing. “You’ll absolutely need to have that Hadoop (or Big Data) integration” the boss says, well OP5’s done that for you. Hooray! A simplification in your line of work.

But what’s the big downside of this Nagios alternative? Their Open Source version is quite limited and leaves you needing more when it comes to larger or more complex monitoring environments. It almost forces users to end up paying the license to get the full-featured edition.


Third Nagios alternative: Zenoss core. User interface and SAAS oriented monitoring

Zenoss is a really good option for network and server monitoring. Let’s be honest about it: it is a better tool than Nagios for monitoring. Really Zenoss made it, they created a very well-rounded monitoring solution, almost air tight with regards to stability and features. Thing is Zenoss Core is more oriented to SaaS (with their ZaaS [Zenoss as a Service] program). That’s their competitive advantage. Their downfall you ask? Less on premise features, less customization, and everything you get from a company that’s very rapidly trying to hop on to the “cloud monitoring” wagon of the SaaS train. Although we must admit that their interface and user friendliness is top tier, their free edition is very limited and the upgrade to enterprise is too expensive.


Nagios alternatives number four. Zabbix. Complex to handle but really trendy nowadays

Zabbix is hard, but not because it’s significantly unique when compared to others, but because their documentation is just so cryptic you probably will need an IT translator just to understand the setup. This is their main drawback: the cryptic nature of the software that makes a difficulty comparison made with the rest of the aforementioned services.

Yeah, the learning curve for Zabbix is steep, very steep Thing is, if you’re developing software you should already understand that user friendliness is about 90% of what you need, the rest is just stuff that your real users won’t understand, or even bother to do so. Conclusion. Make it easy, it’ll make selling easier too. If you as a user can overcome all of these uniquely fantastic obstacles, then you’re in, and probably not getting out.


PRTG, another Nagios Alternative. Easy and straight to the point in not complex environments.

PRTG is a software that is up to date in the latest trends like web-based GUIs, mobile adaptations, and some other features that users crave. They have the best intentions with what they’re doing, and the services they provide are very well thought out, but nowadays you can’t just monitor from the outside looking in. Everything is integrated, and if it looks easy, it’ll probably be shallow. To sum up, PRTG is a valid product if what you need it for isn’t overly complex. Heed to this especially if you’re trying out the free version, it’s really a toy model for the real one.

They’re good, easy to use, and have a very strong adaptive power, yet they almost feel like they’re the cuttlefish of the monitoring industry, but all this means is that they hop on to a lot of bandwagons with little real efficiency.

Paessler created something unique, but times change, technology evolves and PRTG should find it in themselves to make something new. Their technology is not the most up to date, and they should rethink their architecture.

Still they manage to offer a whole lot of features, despite you getting their freeware version, which is limited to 100 nodes, and though this may seem limited, it’s surely more than enough for many installations. Anyway, it’s solid, although. as a programmer, adapting the tool to your installation can be a little bit tricky. Nagioscan be more powerful than PRTG. Except for the lack of database monitoring which is a big problem on their behalf, it’s a great product, and relatively as good as or better than Nagios.


Nagios Alternative number six. OpenNMS: Strictly open source, and proud of it

OpenNMS is like the holy grail of Open Source monitoring software. They’re basically the only company mentioned that is STRICTLY open source, and they defend this principle like only real Open Source fans would. They have an enormously huge and active community and obviously pride themselves of this. They say they’re the only monitoring solution that offers Enterprise features while remaining Open Source. Yep, that’s right, according to what we’ve read and tested, you can basically scale ONMS onto unlimited devices from a single instance.

So why isn’t this the industry standard you ask? Although we’re praising them here, and although their strongpoint is network monitoring, ONMS is lacking strength when it comes to application or server monitoring. Apart from this, their reporting tools for non-technicians (for your boss) are inexistent. Putting it into simple terms, it’s limited, but for monitoring networks exclusively, it’s a great alternative to Nagios, especially if your budget is close to none.

So, in conclusion, we have a very wide array of Nagios alternatives that can quite easily replace Nagios. As a final conclusion, stop looking for the monitoring solution you’re told you have to use and start building some criteria. If your boss insists on using Nagios, prove him or her wrong with deep knowledge on the matter, let that person know that really you’re the one who’s going to be giving the best advice because you’re the one using the solution everyday. No need to get caught up in large marketing schemes that misguide buyers into believing an inexistent hype; support smaller software producers, you may be surprised by the effort and care put into generating quality solutions that most times are overlooked.

We hope we have showed you some other tools to replace your Nagios installation. As we mentioned before, we love testing and comparing tools. Any other alternative to Nagios in your mind? Please, let us know and we would love to test it in case other tool can replace Nagios.


MonitoringNetwork MonitoringPandora FMSServer MonitoringSystem Monitoring

Zenoss vs Nagios vs Pandora FMS

August 18, 2016 — by Javier6


In this article we’re going to establish a comparison that we hope can aid our readers in making the correct decision. Nowadays, the most common comparison is between Nagios and Zabbix (which we recommend you read before diving deeper into this article), due to the fact that Nagios has –during many years—been the main reference in monitoring software, and is now losing its ground to other systems, Zabbix one of the most proliferous ones on that list of contenders.
On this occasion we’ll be taking care of helping those admins or IT professionals that are searching for an alternative to their Nagios or ZenOSS environments and that also want a comparison between these two monitoring tools.

The main goal behind our comparisons is to give an objective point of view on the compared tools, as well as adding Pandora FMS into the mix, so you can also check the features and capabilities this tool—our tool—has (if we can be allowed the license to do so).

The Final Result

If you are in a rush, let us show you before you start the result of our analysis. If you want to go into detail, we invite you to keep reading through the full article.

zenoss vs nagios vs pandorafms analysis results


How was this comparison made?

In order to make this comparison we’ve set up two devices in our lab with one of the tools installed on each. From there, we’ve begun to monitor our systems and we’ve tested the features we believe to be most relevant in terms of monitoring software.

Zenoss vs. Nagios vs. Pandora FMS

ZenOSS represents an alternative to NetCool, rather than an alternative to agent-based solutions such as Nagios, Zabbix or Pandora FMS. Located in Austin, TX, ZenOSS strives to be the innovative leader in an IT niche that is quite worn out: ITOM (IT Operations Management), betting for something that back in the day someone said would be the future: agentless monitoring.

It’s true that the use of agents represents a certain resistance: in the end, you do have to install them. For this reason, on many occasions the use of agents represents a great disadvantage because of this initial deployment. What is usually left silent is that for supposed agentless systems—such as NetCool or ZenOSS—to properly work, you’ll need to set said systems up, and in many cases activate or install software components on our systems which we previously didn’t have. It’s a lot of work to only obtain a fraction of the information we could retrieve from agents. In agentless monitoring we must always bear in mind the following factors that on occasions can generate a lot of issues: the system load is equal or superior to the same with an agent and the security can be compromised, since it requires an external system to access the host device in order to extract information, whether this be via WMI, SNMP or remote executions (generally SSH). In order to obtain certain information, there’s no other option but to run commands on Windows, activating the WinRM subsystem that allows for remote connections. NetCool, for example, copies a type of “customized” agent every X amount of time, runs it, and then deletes it. Against this, Pandora FMS’ agents don’t allow for incoming connections, this means that it’s much safer than activating remote execution on each server.

Zenoss vs. Nagios regarding low level settings: a rough start.

Although ZenOSS is sold as a very visually driven tool, the truth is that the installation and post-configuration processes are filled with text files, arcane terminal commands, and many interactions with different pieces of the operating system and third party applications alike. You only need to quickly scan their documentation to realize that there are more screenshots of the console and text files than those corresponding to visual screens. In this sensem ZenOSS is worse than Nagios, since this contender, even though it also has a complex set up process, it’s still quite centralized. There aren’t as many different places to fiddle around with. Compared to Pandora FMS it has a centralized system and a much simpler design. One wonders why the people that develop ZenOSS still boast about being the simplest monitoring tool in terms of use.

If we visit this link (which lead to the ZenOSS official documentation) we can see how complex it really is, and the amount of files, console commands and different subcomponents that we need to tangle with.

Many users run from complex set ups. Sometimes it’s true that a good regular expression can be the most compact and precise solution, but ZenOSS goes way overboard. Back in my college days I’d heard people talk about the Inverse Polish Notation used to define an operation; ZenOSS uses this for postprocessing values. Being blunt, you may have to have a university degree in order to use ZenOSS.

Flexibility and growth in monitoring: monitoring for everything. Yes, everything; thanks to Zenpacks.

It’s easy to say that there’s monitoring for anything… anything that has a ZenPack that is. If not, you can make a ZenPack yourself, as long as you thoroughly study all the documentation on how to become a ZenPack engineer. Unlike Nagios or Pandora FMS, in order to implement small checks, we have to do so following some very strict guidelines and learning a technology that’s pretty limited.

This last detail, combined with the absence of agents makes obtaining information from systems when needed an uphill climb. The ZenOSS manual explains how to connect to those systems using the terminal and how they should be configured in order for them to report information remotely. It’s true that in an ideal world, if all systems were configured properly, they could always be monitored remotely, but the real world is filled with problems and over all with the need to take better advantage of our time, instead of having to add configurations to the snmpd.conf file on our Linux systems.

Opposite to the cheerful anarchy related to Nagios, and the flexibility Pandora FMS offers, ZenOSS is known for being rigid in how it’s proposed to users. It’s true that once the monitoring method is defined, along with the model and hierarchy system for items, information fluxes are identified, different data sources are configured and the rest of the hundreds of details are finely tuned; ZenOSS can be closer than the other two when it comes to being the ‘Holy Grail’ to “Root Cause Analysis” (detecting what issues there are, and their causes). This is something that has been pursued so long in monitoring, but with the cost of having a very rigid corset that prevents an operations team from performing calmly. Apart from the ZenOSS software itself, you’ll need a small development team to help you make your own ZenPacks, and a team of engineers that can take care of the monster. In order to do this properly, just like it’s recommended to be done. Of course there are always intermediate paths, shortcuts and in very extreme cases, users can even “cut corners”.

Zenoss vs. Nagios: Tending to third party integrations.

Integrations with third party tools is vital to any monitoring tool, since one of the main goals behind these tools is to be able to include—overtime—the most amount of tools to monitor on the same monitoring panel. In ZenOSS we highlight a large amount of rigidness when it comes to integrating the tool with third party applications, both in the way to obtain the information (via complex processes, defined by the user, with previously existing tools) and the way they produce results (notifications) in third parts, reusing third party technology. The tools that ZenOSS has—because in theory it can do anything—are rigid and systematically establish how everything is supposed to be done, meaning that simple tasks—such as interacting with an external database to notify an issue—can be much more complex than a simple 4 line script, like it would be on Nagios or Pandora.
Nevertheless, it’s true that ZenOSS has a rest type API (JSON API) which allows integrations much like Pandora FMS would, which are much superior to what Nagios allows.

Event management

It’s quite obvious that both ZenOSS and Pandora FMS have been “inspired” by many of the same sources when it comes to working with events; something that Zabbix, Nagios nor many other tools have done. The influence that event management from traiditional platforms such as Tivoli or Patrol have had is noticeable: automatic validation, event lifecycle management, workflow iterations, notifications and correlations are some of the things that both ZenOSS and Pandora FMS solve in a very similar fashion.

Zenoss vs Nagios when it comes to scaling and architecture

Nature is wise. That’s why we can find so many curves in nature: evolution makes the shapes that best adapt to the environment survive. Because of this we can find similar designs in different points of the planet. The same thing happens with the architecture meant for larger environments on ZenOSS or Pandora FMS.


The philosophy regarding large deployments (8000 nodes or more) is similar between Pandora FMS and ZenOSS, leaving Nagios out of the game. Both ZenOSS and Pandora FMS reassure, using success stories with names and faces, the success of their productive environments with dizzying digits. Nagios, is yet again left out of this category.

zenoss vs nagios architecture zenoss vs nagios architecture pandorafms

Zenoss vs nagios in graphs and reports

When it comes to graphs, ZenOSS and Pandora FMS are quite similar, offering the final user not only the capacity to view data graphically but also to use the graphic motor and the stored data as a real-time analysis tool, something way over what Nagios can do in this aspect.

From the report perspective, again ZenOSS applies a philosophy that is a too technical. It allows the administrator to create reports based on item “types” and filtering results through TALES expressions (something similar to a regular expression), offering reports that are most useful to technicians. From this point of view, ZenOSS offers an interface for technicians and reports for technicians. It fails, since it doesn’t allow for a user without deep knowledge of the system to generate a report, nor for said reports to be interpreted by a manager or final customer. Pandora FMS is thought out to offer an interface for report creating that is meant for end customers and the final reports can be presented as is—directly in PDF format and in the customer’s inbox—since it was the main purpose behind the report system from the beginning. Nagios in this sense is again far behind both ZenOSS and Pandora FMS.

Snapshot of a graph in Zenoss Dashboard:

zenoss vs nagios graph report zenoss

Snapshot of a graph in Nagios dashboard:

zenoss vs nagios highcharts report

Snapshot of a graph in Pandora FMS dashboard:

zenoss vs nagios vs pandorafms graphs report

Unified Monitoring

This is one of the strong points ZenOSS has. Its distributed architecture and combination of business oriented tools allow it to be used in complex networks, that are geographically distributed, also monitoring business applications, servers, virtual environments; operating in hybrid cloud/local environments.
It offers different dashboards and summary screens that allow hem to show off these capabilities, similar to those on Pandora FMS but much superior to the poor integration that Nagios has which cannot aspire to monitor complex networks, work applications or hybrid environments.

zenoss vs nagios unified monitoring
Predictive monitoring.

Just like CA and IBM systems, ZenOSS favors that which they call “predictive analysis” and heuristic root cause detection systems. The magic in this case is based on the prior definition and classification of all the assets in a series of related “types”. It’s a very well designed system that provides a necessary order many times, but that also makes deployment very complex, forcing those who are deploying the monitoring to be omnipotent and to know the system they want to monitor very well, something that in the real world—unless you have a small system—doesn’t really happen too often.

zenoss vs nagios predictive monitoring

The dependencies graph—part of the magical essence to root cause analysis—is a really beautiful flash-based graph that allows users to see how systems are connected, but it doesn’t’ show any additional information apart from if the systems are alive or not. Clicking on it won’t take you anywhere either, in other words, it’s not really useful for daily tasks.

Final thoughts on the Zenoss, Nagios and Pandora FMS comparison

ZenOSS’ GUI is visually pleasing but it ends up being a bit tiring for proper daily use. It’s not fluent enough.
The automatic discovery feature that they promise only works correctly for network environments with static paths, file systems and network interfaces. Everything that isn’t obvious has to be described “by hand”. Since it’s remote, it usually ends up being twice as tedious as if it were based on agents and had real access to the OS, instead of doing so through remote WinRM or SNMP interfaces.

Since it’s designed to be agentless, its SNMP, WMI and remote execution capabilities are very powerful, configurable, and well proven; yet again they need for the other end to grant ZenOSS complete access.

Finally, we would like to add a new article added on 25th August 2016 related to other Nagios alternatives. If you are planning to move from Nagios, we recommend you to check it out.

MonitoringNetwork MonitoringPandora FMSServer Monitoring

Zabbix vs Nagios vs PandoraFMS: an in depth comparison

June 17, 2016 — by Javier16


We know that many corporative installations nowadays use Nagios as their main monitoring system for networks, systems and applications. Also, as we mentioned in the article on the best network monitoring tools, Zabbix has been taking pieces from Nagios’ cake for a long time. There are many doubts that start to arise when it comes to choosing the ideal monitoring tool for an installation, and this is precisely the reason we’ve gotten down to work today to analyze both these systems in depth. As was expected, we also brought Pandora FMS into this comparative, for perspective purposes.

MonitoringNetwork MonitoringServer Monitoringservidores

Nginx monitoring with Pandora FMS: getting the most out of your web server

May 27, 2016 — by Javier1

Nginx has  become one of the most used web servers as of now. As a matter of fact, it’s stealing a big chunk of the market pie from the very famous Apache. According to certain sources, NGINX is used as a web server by more than 140 million websites, and it’s supposed to be used by 38% of the top 1000 sites on the web right now.

With this data, and with a strong bet on innovation, NGINX has been made an important element on any company installation. For this reason, here at Pandora FMS we’ve assigned part of our time to develop two plugins for NGINX. The first is meant to be used with the Open Source edition of Pandora FMS and monitors the main metrics from NGINX. The second is included with Pandora FMS Enterprise edition and apart from measuring the most important monitoring metrics, integrates perfectly with the NGINX Plus Status Module, which we’ll talk about below.

MonitoringNetwork MonitoringPandora FMSServer Monitoring

Pandora FMS partners with NGINX for a complete webserver experience

May 24, 2016 — by steve0


For those of you who may still not know, Pandora FMS has recently partnered up with NGINX to produce a new plugin and integration for NGINX plus. This plugin is available for its use on the Enterprise edition of Pandora FMS, and is meant to return real-time metrics on a large list of customisable parameters from NGINX’s service.

MonitoringNetwork MonitoringPandora FMSServer Monitoring

Pandora FMS 6.0 SP2 is here!

April 13, 2016 — by steve0


After months of hard work and effort, we’re very proud to announce that Pandora FMS 6.0 SP2 is now available. In this post we’ll detail the changelog to further inform on the improvements this version has. Apart from fixes we’ve actually added some new features. We want to continue improving for you and this is just another way of doing so. We appreciate any feedback or user experience reports.

MonitoringNetworkNetwork MonitoringPandora FMSServer Monitoring

Docker Swarm: a boost in your network potential

March 4, 2016 — by Javier0


Docker is developing a new protocol they’re (quite logically) denominating “Docker Swarm“. According to Docker’s new documentation section specific to this add-on Swarm is literally  a “native clustering for Docker. It turns a pool of Docker hosts into a single, virtual Docker host. Because Docker Swarm serves the standard Docker API, any tool that already communicates with a Docker daemon can use Swarm to transparently scale to multiple hosts.”. This sounds really nice and promises to be a very powerful tool to further squeeze potential out of Docker.

MonitoringMonitorizaciónMonitorización de SistemasNetwork MonitoringServer Monitoring

Computer system monitoring: advantages, procedures and use

February 4, 2016 — by Javier4


computer system monitoring

Computer system monitoring: advantages, procedures and use

Most company’s workforce is based on their computer systems, therefore these must be capable of responding in any situation, and sometimes at any given time of the day. Monitoring theses systems has become a fundamental task to manage all of a company’s IT infrastructure, with the following main goals in mind:

  • Taking maximum advantage over a company’s HW resources.
  • Instance prevention and problem detection.
  • Notifying possible issues

In general these objectives can be summarized into one single, very quantifiable, objective: Cutting down costs, less instances, less time used and higher client satisfaction rate.