Big Sister Components

Big Sister comes in three parts:

A network monitored with Big Sister (a "Big Sister Environment") is composed of a Big Sister server and several agent nodes (see figure 1.1). The server is responsible for the storing, processing and visualisation of the data collected or received from the monitored systems. A "Big Sister Server" acutally runs the Big Sister Server (bbd), the Big Sister Monitor (bsmon) and the Apache httpd. Bbd is responsible for the communication with the agents including checks if agents are permitted to do certain operations. Bbd then passes all the information it gets from the agents to bsmon as is. Bsmon processes this information and builds status pages, does alarming, etc.

Figure 1.1. Big Sister Components

Big Sister Components

Every monitored system or service is monitored by a Big Sister Agent (uxmon). Some of the healthchecks performed are only applicable to the system hosting the agent while others are done via the network. Usually you will install agents on all the systems you want to monitor provided there is an agent implementation available for a particular system. Systems with agents installed will collect the specified data about their own state and send it to the Big Sister server for further processing. By default this is done with a tcp connection to port 1984 on the server machine. Please keep in mind that you have to open tcp port 1984 on your firewall in case the agent(s) and the servers are on network segments separated by a local firewall or access-lists.

[Note]Note

In order to simplify your firewall rulebase and add an additional security level through encryption to your data connections, you can use a Secure Shell (ssh) tunnel.

On systems which are not capable of running an agent (like switches, routers etc.) or where the installation of agent software is not desired (like webservers at remote sites), every agent node can also do remote healthchecks via the network . Remote healthchecks can be done (for example) by accessing OIDs via SNMP or http-requests for certain content. Only a limitted set of checks are available via the network though. For more information on the currently available healthchecks and their usage read the Healthcheck Command Reference .

It is possible to use the Big Brother agent as a replacement for the Big Sister agent (e.g. for Netware). However, some features of Big Sister (e.g. performance data collection) will not be available in this case.