Wireshark is a free and open source network troubleshooting tool.
$0
Zabbix
Score 8.6 out of 10
N/A
Zabbix is an open-source network performance monitoring software. It includes prebuilt official and community-developed templates for integrating with networks, applications, and endpoints, and can automate some monitoring processes.
I don't know of any other tool that works as well as Wireshark for packet capture an inspection. It's extremely easy to get up and running, and even with little to no knowledge of how to use the tool, you can be looking at all the traffic coming off a network interface.
Zabbix is very well suited for infrastructure monitoring i.e. the underlying host servers, basically, compute nodes. However, it has limited FM & PM capabilities for the workloads, i.e., the virtual machines (VMs). Zabbix has an easy-to-use GUI which can be explored easily & provides good filtering of the data.
Collecting hardware data - CPU, Memory, Network, and Disk Metrics are collected and reported on.
Flexible design - It is very easy to build out even very large environments via the templating system. You can also start where you are - network monitoring, server monitoring, etc. and then build it out from there as time and resources permit.
Provides a "plugin architecture" (via XML templates) to allow end users to extend it to monitor all kinds of equipment, software, or other metrics that are not already added into the software already.
Very complete documentation. Almost every aspect of Zabbix has been documented and reported on.
Cost - Zabbix is FOSS software and always free. Support is reasonably priced and readily available.
A more user-friendly interface would be nice, but then again it is not really designed for those who are not quite comfortable with this type of software.
Changes to functionality on updates - this can sometimes happen unexpectedly and can be an annoyance.
In a busy Zabbix environment, it can easily overwhelm the underlying database. Plan on having SSDs and a significant server infrastructure to keep up with more than a hundred hosts.
Building out Zabbix metrics that suit your environment can be very time consuming. When choosing a monitoring platform like Zabbix, expect a steep learning curve and to invest significant resources to make the tool valuable.
This is less important than it has been in the past, but current versions of Zabbix still do not handle IPMI checks of hardware very well. We needed to write our own wrapper for IPMI checks rather than using the built in IPMI poller.
It is free. It didn't cost anything to implement (other than my time and the cost incurred for it) and it is filling a badly needed gap in our IT infrastructure. Support is available if we have issues and can be done annually or paid for on a per incident basis as needed. Expansion, updates, and all other future lifecycle activities are likewise free of cost, so as long as someone is able to implement/maintain the software (and the OSS project is maintained) then I imagine the company will never leave it.
I give Wireshark a 10 for usability because it is very usable. Just about anyone can capture packets within a few seconds of opening the program. The analysis is a science but as far as just using Wireshark; it's very easy.
I don't believe Wireshark has "true" support as the software is open source. However, there is an active & friendly community around Wireshark that are more than happy to help answer questions. From a comprehensive Wiki and FAQ section on the site to the Ask a Question forum and bug tracker section, there's plenty of support options to make sure your questions and issues are addressed.
The setup is the most time-consuming portion of using zabbix. It takes a lot of effort to shape it into a usable format and even then it can get very messy. It's not exactly intuitive and as mentioned the UI seems a bit antiquated. If I was to roll out a monitoring solution from scratch, I'd probably look for alternatives which are easier to use and maintain.
We are a mainly Windows environment, so it would be useful if we could have used Active Directory to deploy agents. As of version 4.2, Zabbix has announced a new agent MSI file to allow exactly that. Unfortunately, we didn't have that option. Also, for Linux and MAC deployments, there is no simple way to deploy that. Using remote scripts you may be able to create something, but most places will opt for either SNMP (agentless) or manual installation of agents to add to Zabbix. A way of deploying agents via discovery would go a long way to helping in the adoption of the tool.
Wireshark is a free tool that came highly recommended by one of our former network security consultants. Using the tool he was able to resolve all of our higher tier network tickets, so we observed first hand why we needed to add Wireshark into our toolset. We received in-depth instruction and training scenarios that demonstrated the effectiveness and power of the product, so we didn't spend any time reviewing competing products.
We're using the Solarwinds suite as our global monitoring standard, but it is very complex and its licensing model makes it difficult to monitor a wide range of technologies. So, we're using Zabbix as a complement on our monitoring process. Zabbix is a way more flexible and has free integrations to a wide range of technologies. It is also more 'user friendly' and easy to manage.
Zabbix simply makes it easier to identify, and subsequently resolve problems quickly
Zabbix gives one web page to look at to see a list of all on-going issue in a single place
Zabbix can automate response to alerts. For example, Zabbix allows you the customization to take a monitored server out of production rotation if it is identified as unhealthy
