The Big Brother Network Monitor ------------------------------------------------------------------------ Frequently Asked Questions Version 0.93 Beta - 25 April 1997 ------------------------------------------------------------------------ 1.0 About Big Brother 1.1 What is Big Brother? 1.2 Where can I get Big Brother? 1.3 What is the current version? 1.4 What do I need to run Big Brother? 1.5 How do I install Big Brother? 1.6 How can I upgrade? 2.0 Debugging Big Brother 2.1 I get the message: "bb: CAN'T CONNECT TO bbd" 2.2 I get lots of processes, then bb dies! 2.3 I get garbage / my environment all over my screen 2.4 I get the message: "Can't open stream socket" 2.5 conn (connection) test is always red / not working... 2.6 http test is always red / not working... 2.7 * bbnet is dumping core 2.8 Background color is always red / yellow / wrong 2.9 Pager problems 3.0 Using Big Brother 3.1 How can I monitor routers / things that have no hostname? 3.2 Can I monitor NT's, Novell servers, VAXEN with BB? 3.3 Can I monitor things outside my network? 3.4 Is Big Brother secure? Do you have to be root to run it? 3.5 How can I monitor more services? 3.6 How can I check password protected web pages? 3.7 Can BB restart processes that have failed? 3.8 Can BB show historical data? 4.0 Miscellaneous Big Brother questions 4.1 Where is the name from? 4.2 Do you write BB or bb? 4.3 Whose picture is that, and can I get rid of it? 4.4 Is there a Big Brother Mailing List? 4.5 Where can I get more help? ------------------------------------------------------------------------ This FAQ is Copyright 1997 by Sean MacGuire. This document may be reproduced, so long as it is kept in its entirety and in its original format. ------------------------------------------------------------------------ Section 1: About Big Brother 1.1 What is Big Brother? Big Brother is a Free Web-based Unix Systems monitor written by Sean MacGuire (sean@iti.qc.ca). It came about as a direct result of a corrupt salesman who quoted the company I was consulting for $313,000 for software and hardware to monitor 20 servers. Big Brother consists of simple shell scripts which periodically monitor system conditions and network connectivity. Disk space, CPU, servers, and important processes can be kept track of. The Big Brother display is a Web page that presents a matrix of machines and monitored functions, with color codes denoting the current status. Big Brother can notify administrators via a pager or e-mail. 1.2 Where can I get Big Brother? Big Brother is only available via the web at http://www.iti.qc.ca/iti/users/sean/bb-dnld/ If you don't have Web access, drop a note to sean@iti.qc.ca and a copy will be mailed to you. 1.3 What's the current version? The current version of BB is 1.04g / 25 April 1997. 1.4 What do I need to run Big Brother? Big Brother is written as Bourne Shell scripts (/bin/sh), with a couple of C programs for client-server communications. You'll need: * A C compiler to port BB * Kermit and a modem (for pager communications) * A Web server to serve up the results BB has been ported to and configuration files are available for the following Unix-based systems: FreeBSD, Solaris, linux, SCO 3/5, HPUX, HPUX 10, NetBSD, Ultrix, OSF, Irix, and SunOS 4.1, RedHat linux, UnixWare, and AIX. 1.5 How do I install Big Brother? Unpack the archive, read the README and follow the instructions. Basically, change to the doc directory, run bbconfig, run make, run make install, edit etc/bb-hosts, edit runbb.sh and start it. If you don't understand the above, read the README. 1.6 How can I upgrade? Save your old bb-hosts file... then... Depends how much customization has been made to your version of Big Brother. Generally, all you should have to do is recompile, make the above changes, and copy your old version of etc/bb-hosts in. ------------------------------------------------------------------------ Section 2: Debugging Big Brother 2.1 I get the message: "bb: CAN'T CONNECT TO bbd" This message indicates that the an instance of bb can't connect to the Big Brother daemon. The might be because bbd isn't running, or that bb can't determine where bbd lives because of some troubles with the bb-hosts file. So check the following things: * bbd is actually running on your system... * BBHOME is correctly set in runbb.sh... * Your bb-hosts file is formatted correctly * Your firewall isn't blocking port 1984 2.2 I get lots of processes, then bb dies! Define -DZOMBIE in the Makefile, recompile and run "make install". This seems to happen on some Solaris machines, and will definitely happen on SunOS 4.1.3, although 4.1.4 is OK! 2.3 I get garbage / my environment all over my screen This is almost always due to a problem with the way your bb-hosts file is laid out. BB needs this file to be perfect to work, and any little problem with it will cause BB to fail. The most common cause of this problem is pop3 being defined as pop-3 in /etc/services. Make sure the spelling of all services in bb-hosts matches /etc/services. 2.4 I get the message: "Can't open stream socket" This message is from bbd being unable to attach itself to port 1984 and begin listening. Make sure there are no "bb" processes running (bb, bbd). If there are, kill them. Make sure port 1984 is also not in use. To check this issue the following command: netstat -an | grep 1984 If anything comes back, wait a few minutes and try again. Once this command returns nothing, you should be about to start up Big Brother. 2.5 conn (connection) test is always red / not working... The connections column is generated from the machine defined as BBNET in bb-hosts. This machine tries to ping every IP address listed in the bb-hosts file. BB looks to see that the reply from ping contains the string "bytes from". Check that PING and PINGPARS are set correctly in etc/bbsys.sh. 2.6 http test is always red / not working... This is usually because the http test isn't for the same machine as defined on that line in the bb-hosts file, i.e.: Wrong: 204.101.110.101 fred.bobo.com # http://youre.bobo.com/ Right: 204.101.110.101 fred.bobo.com # http://fred.bobo.com/ 2.7 * bbnet is dumping core Add a trailing slash at the end of the URL. This is a programming bug by the author. Fixed as of v.1.04g thanks to Doug White 2.8 Background color is always red / yellow / wrong The background color should reflect the most serious state on your network at any given time. If it's not doing this, or the background color is wrong, it's because there are some leftover log file in the www/logs/ directory. To check this, hit the VIEW button on the main web screen, and the offending entries should become visible. Delete them. 2.9 Pager problems The paging subsystem is really time sensitive. It's possible that the timing be either too long or two short for your pager. The following comes from Don Carney : In the etc/numeric.scr where it actually dials the number. the command is something like dial /@[3],,,,,,,,/@[4] my fix was to remove a few of the commas, and everything worked fine. (Commas are generally used by modems for short delays). Similarly if you're using one of those 800 number paging services you'll probably have to embed these commas in the pager number itself, something like: PAGER="1800PAGENET,,,,,,7777" where 7777 is your account number. ------------------------------------------------------------------------ Section 3: Using Big Brother 3.1 How can I monitor routers and things that have no hostname? Yup. Just put a line in the bb-hosts file and make up a name for your router. 3.2 Can I monitor NT's, Novell servers, VAXEN with BB? You can monitor them from the outside, but not from the inside. That means the bbnet tests that check for connectivity and servers should work, but the bb-local tests which monitor processes and disk space won't because there is no BB client for these systems. 3.3 Can I monitor things outside my network? Yup. Just put the appropriate lines in the bb-hosts file and that's all. However it is good form to ask permission, just because the remote admin may get curious about repeated accesses from the same addresses every 5 minutes, 24 hours a day. 3.4 Is Big Brother secure? Do you have to be root to run it? A certain amount of effort has been made to make sure that BB is reasonably secure. However, on most systems you should be able to run BB as a non-root user. 3.5 How can I monitor more services? Somewhere around line 75 in bb-network.sh, there's a line that looks like this. Add the new service at the end and make sure it's in /etc/services. That's it, that's all. Simple. nntp* | ftp* | pop3* | smtp* | ADD-SERVICE-HERE* ) # SERVICES Make sure to kill anything starting with bb, and restart it. It'll magically have a new column watching your service. 3.6 How can I check password protected web pages? Paul Venezia had the answer for this one: I've gotten around this by specifying LYNX to be /usr/contrib/bin/lynx -dump -auth : 3.7 Can BB restart processes that have failed? No, that is your job. BB will tell you about the problem, you solve it. The philosophy is simple, BB will monitor and notify, that's all. The reason behind this is simple, doing more than that makes BB exponentially more complex to run, configure and support. 3.8 Can BB show historical data? Not offically. BB is stateless, and will only tell you what's going on right now. However - check the mailing list for possible third-party add-ons. ------------------------------------------------------------------------ Section 4: Miscellaneous Big Brother questions 4.1 Where is the name from? Big Brother is taken from George Orwell's novel 1984. Big Brother is the head of a totalitarian regime, INGSOC, where everyone is watched. "... the poster with the enormous face gazed from the wall. It was one of those pictures which are so contrived that the eyes follow you about when you move. BIG BROTHER IS WATCHING YOU, the caption beneath it ran." Doubleplus ungood for people. Doubleplus good for networks. 4.2 Do you write BB or bb? Doesn't really matter. bb tends to be used when denoting programs (i.e. bbnet) whereas BB tends to be used when discussing the entire Big Brother system. 4.3 Whose picture is that and can I get rid of it? That picure is of the creator of Big Brother, Sean MacGuire, doing his best to do justice to George Orwell. It's supposed to be scary. If you don't like it, feel free to change it to something more neutral. Change the file $BBHOME/www/gifs/bb.gif. 4.4 Is there a Big Brother Mailing List? Yes, and it's an exciting place run by Paul Sittler. You can subscribe by sending e-mail to MajorDomo@taex001.tamu.edu. In the body of the e-mail message (not the Subject line), place the statement: subscribe bb Nick Silberstein has made an archive of the Big Brother mailing list available. It can be found at the URL: http://www.fusioni.com/~bb/ Check it out. It's great! 4.5 Where can I get more help? Run the tests as outlined on the install and debug web pages. Subscribe to the mailing list. Check the archives of the mailing list to see if you're question has already been answered. Send a message to the mailing list, and as a last resort, mail sean@iti.qc.ca.