SNIPS : Frequently Asked Questions (FAQ)


Last updated June 2001

  1. General
  2. Installation
  3. Miscellaneous

     


GENERAL

What is SNIPS ?
SNIPS (System and Network Integrated Polling Software) is a complete package for monitoring networks or Unix systems. It can generate alarms based on thresholds, graph monitored data using RRDtool (MRTG style) and generally offer all the functions that you would expect from a monitoring package. It is being used in large ISP networks to monitor as many as 1500+ devices. The most popular SNIPS monitors are   for TCP ports, ICMP (ippingmon), RPC (rpcpingmon), Unix systems (hostmon), SNMP variables (snmpmon).
 
How does SNIPS differ from NOCOL?
SNIPS is a complete rewrite of NOCOL (which was released in 1991 as freeware also) and supports many enhanced features not available earlier (RRDtool graphing support, more customizable monitors). The core has been rewritten entirely and is better suited to future extensibility. It supports all the monitors that were available in NOCOL, but uses a slightly different  and enhanced event data structure. These enhancements were necessary to permit future enhancements in the product.

If you are a current user of Nocol, SNIPS is a drop in replacement. You can install SNIPS and then copy over all your existing NOCOL configuration files without modifications. However, SNIPS allows additional keywords in some monitors (rrd support, ippingmon more flexible, etc.) so you should see if you want to add these keywords to your configuration files. Change your mail aliases and /etc/services file to replace 'noclog' with 'snipslog'  and 'nocol' with 'snips' and you should be done.

How does SNIPS differ from MRTG ?
SNISP  is a complete monitoring package which detects outages or errors on your devices and generate alarms/pages when this happens. In addition, it also generates stores historical data in the MRTG 'rrdtool' format, and can generate graphs similar to MRTG.
 
Where do I get SNIPS
The distribution site is at http://www.netplex-tech.com. It can also be downloaded via ftp from ftp.navya.com
 
What about support ?
SNIPS is freeware, and hence no official support is available. However, it is a popular product and you can send messages to the snips-users@navya.com mailing list or search the Web using any popular Internet search engine (Altavista, Excite) for your queries.
You can also email queries to snips-support@navya.com which might grow larger in some distant future.
 
Is snips Y2K compliant ?
Yes. All events are logged to snipslogd in the Unix timestamp format, so the timestamps are not effected by the Y2K problem.
 

INSTALLATION

What are the hardware requirements ?
Snips can run very comfortably on any Pentium-100 class Unix machine with 64MB of RAM and monitor several hundred devices. It is very lightweight in design and implementation.

There are existing SNIPS users who are monitoring 1500+ devices using a Sparc Ultra-5.
 
Should I run snips as root ?
NO! You should create a separate user such as 'snips'  and all monitors should be run by this user. The few monitors which require root priveleges (such as pingmon or trapmon) are installed as suid root in the snips bin/ directory.
 
I am getting lots of messages from keepalive_monitors about restarting
Either your system's ps command is not listing the complete program name and keepalive_monitors is trying to restart the program since it thinks its down or else the monitor being restarted cannot write the pid or data file and is dying (incorrect owner and permissions on the snips/run directory).

If the monitor is not running, then try running it in debug mode (most monitors will take the -d option for running in debug mode). The errors from these programs are written to the  run/prog.error   file.

multiping gives error socket: Operation not permitted
multiping requires a raw socket, and needs to be installed suid root. You probably did not run make root while installing snips. Check the ownership and permission of this program- it must show mode -rwsr-x--x with owner root. If not, do the following:
		chown root multiping

		chmod 4751 multiping
	
Nothing is being logged to snipslogd
Events are logged ONLY when their state changes. Thus, an event will be logged to snipslogd if a device goes from info level to warning level, etc.
 
Why do I get lots of sniplog messages when I restart a monitor?
When any monitor starts, it sets the state of all devices to 'UNKNOWN'.  After the first poll, it determines the actual state of the devices  and logs it to snipslogd since its a change in the event's state. This information is important in snipslog since any intelligent log file parser should know when a monitor restarts.
 

MISC

Can snips handle SNMPv2 ?
SNIPS uses the latest CMU SNMP library which does support SNMPv2.
 
How can I page myself when a device goes down?
Assuming that you have an alphanumeric pager and can page yourself using email or any other perl script, you can page yourself on a particular event by using snipslogd and piping the events to a simple script such as utility/beep_oncall.
In addition to snipslogd, you can also run utility/notifier.pl to page you.
Paging software such as qpage can be used to do the actual paging.
 
How do I get notified when a device comes back up ?
All monitors in snips log events to snipslogd based on the worst of new severity or previous severity of an event.

Hence, when a device goes down first, it will be logged at 'warning' level. If it comes back up, it will be marked as up but will be logged at a loglevel of 'warning' since that was the old severity. This mechanism allows you to not only detect when a device goes critical, but also detect when the device comes back up.

How do I get paged as soon as a device goes down ?
In order to avoid false alarms (and prevent operators from getting into the habit of wait-and-it-will-go-away), SNIPS will escalate any events severity gradually. If you want to get paged or notified as soon as a device or variable changes, you can set alerts at the Warning level instead of the Critical level.
 
Can I setup host or variable dependencies in SNIPS?
The various displays do not handle dependencies at this time, but is on the wish list.
 
Where can I find an SSL web monitor?
This monitor is simple to write but requires linking against an SSL library which might be subject to US export regulations and hence is not available at this time.
 
Does snips run on windows NT ?
SNIPS currently only runs on Unix platforms and there are currently no plans to port it to Windows platforms.
 
Who maintains SNIPS ?
This software is currently maintained by Vikas Aggarwal and is copyright Netplex Technologies, Inc.  The SNMP library is Copyright Carnegie-Mellon University. Additionally, there are contributions by many users included as part of the core distribution, and this information is in the contributed files.

Feedback