Tuesday, December 14, 2010

Zabbix VS Zenoss

Zenoss was my favourite network monitoring tool, But it is Zabbix now. The conclusion was made after comparing Zenoss 3.0.3 to Zabbix 1.8.3 in Lab environment.

Features Zenoss Zabbix
Server Zope application server (in Phyton) Server Daemon (Written in C)
Frontend Phyton PHP
Backend Mysql MySQL, PostgreSQL, SQLite or Oracle
Client None Linux,Window,BSD,AIX,HP-UX,Solaris
Monitoring methods SNMP/SSH/External command SNMP/Agent/SSH/External command
Graphing Supported Supported
Cost Zenoss Core and community contributed zenpacks are free All features are free
Others Latest package in RPMS/DEB, very easy to install
Heavy weight due to Phyton and Zope, requires higher hardware specs
Latest package has to be compiled from source
Light weight, the Server daemon has very small footprint, the other components are just web server(e.g. Apache) and DB server.
As shown in the above table, Zabbix has more features than Zenoss's  

Zenoss Strength


Better looking GUI Zabbix's  PHP can't beat Zenoss's Phyton
Better support for SNMP
Zenoss has built-in snmp template for monitoring servers, Server auto discovery is smooth
Because Zabbix is more agent focused, Zabbix doesn't include snmp template  for monitoring servers (at least in 1.8.3), You have to create your own.
Lots of community contributed zenpacks
Better support for agent-less type of  Windows  Servers

Actually Zabbix has better support for  Windows servers, if you don't mind installing monitoring agent.
For agent-less monitoring, Zenoss is easier than Zabbix. Because Zenoss has  zenpacks for Windows.
Zabbix users have to write their own WMI scripts using  WMI tool, which can be downloaded and complied from http://dev.zenoss.org/svn/trunk/inst/externallibs/
or use SNMP Provider to link SNMP to WMI

Zabbix Strength


Graphing
You don't need to create graph definition for a single data source, the graph can be dynamically generated on demand. For multi-data source graph (e.g. SYS CPU/USR CPU in one graph) , the graph definition is easier than Zenoss (changing display order is just a matter of clicking up/down button.
Alarm expression It seems Zenoss only supports alarm value ranging  from min to max in numeric values.
Zabbix supports dozens of expressions: avg,min,max,last,diff,regexp …
for example you can use regexp ('ERROR') to check if the response contains string “ERROR”
Web application monitoring
Zabbix supports  complex scenarios consisting of many steps (HTTP requests) .e.g login, execute some tasks, logout 
Unique Agent checks Search Windows Event log for a string: eventlog[logtype,<pattern>,<severity>,<source>,<eventid>,<maxlines>]   
Search any text file for a string:
log[file,<pattern>,<encoding>,<maxlines>]
Check if a file has been modified:
vfs.file.cksum [file]:
Zabbix Proxy
Zabbix Proxy is a process which collects performance and availability data from one or more monitored devices and sends the information to a Zabbix Server.  It is very useful for monitoring device which can't be reached by  Zabbix Server
---Update Zabbix 2.0 Low Level Discovery
Zabbix 2.0 has new feature called Low Level Discovery,It can do SNMP dynamic discovery and any customized application discovery based on JSON format. In order to monitor an item of a script output, other monitoring system  I know of requires item name has to be typed in manually through UI, but Zabbix can discover the item automatically, if there dozens of items to be monitored, huge  amount of maintenance effort will be saved. check out this example. http://honglus.blogspot.com.au/2013/01/zabbix-monitor-customized-applications.html


4 comments:

  1. I'm using Zenoss enteprise although I worked with Nagios for 3 years. I don't know Zabbix but in my opinion, in complex environments, the MOST important thing is the flexibility. Zenoss can use Nagios plugins and there are hundreds of plugins availables on www.nagiosexchange.org. If a particular plugin is not present, just write some lines of shell code and done.Zenoss can use them (I'm using them with Zenoss)because it natively support Nagios' plugins.
    What about this kind of flexibility with Zabbix?

    ReplyDelete
  2. Hi Marco,

    Zabbix supports any external command including check_nrpe for Nagios. But it can't flag the severity on demand based on Nagios returned value. Which means you have to "statically" define two severities: one for WARNING the other for CRITICAL.

    ReplyDelete
  3. Hi honglus

    I thank you for your clarification. I hope to find some time to test Zabbix because it seems to be very cool. I always worked with Nagios but 2 years ago my company chosen Zenoss Enterprise. I can say to you that we are enable to monitor everything without any problems and, with Zenoss, the effort is very small but it is not very cheap!
    Anyway I think that would be interesting to write a complete comparison between Zabbix and products like Opsview or Groundwork that have lot of features compared to standard Nagios.
    And now...there is icinga!
    But I know that is very difficult to find someone that tested all of them.

    Thanks Honglus
    Marco

    ReplyDelete
  4. "Phyton"? I assume you mean "Python", right?

    ReplyDelete