Big Brother

A Web-based Unix Network Monitoring
and Notification System

FAQ - Frequently Asked Questions




		     The Big Brother Network Monitor
------------------------------------------------------------------------
			Frequently Asked Questions
		    Version 0.93 Beta - 25 April 1997
------------------------------------------------------------------------

1.0	About Big Brother

	1.1	What is Big Brother?
	1.2	Where can I get Big Brother?
	1.3	What is the current version?
	1.4	What do I need to run Big Brother?
	1.5	How do I install Big Brother?
	1.6	How can I upgrade?

2.0	Debugging Big Brother

	2.1	I get the message: "bb: CAN'T CONNECT TO bbd"
	2.2	I get lots of processes, then bb dies!
	2.3	I get garbage / my environment all over my screen
	2.4	I get the message: "Can't open stream socket"
	2.5	conn (connection) test is always red / not working...
	2.6	http test is always red / not working...
	* 2.7	bbnet is dumping core
	2.8	Background color is always red / yellow / wrong
	* 2.9	Pager problems


3.0	Using Big Brother

	3.1	How can I monitor routers / things that have no hostname?
	3.2	Can I monitor NT's, Novell servers, VAXEN with BB?
	3.3	Can I monitor things outside my network?
	3.4	Is Big Brother secure?  Do you have to be root to run it?
	3.5	How can I monitor more services?
	3.6	How can I check password protected web pages?
	3.7	Can BB restart processes that have failed?
	3.8	Can BB show historical data?

4.0 	Miscellaneous Big Brother questions

	4.1	Where is the name from?
	4.2	Do you write BB or bb?
	4.3	Whose picture is that, and can I get rid of it?
	4.4	Is there a Big Brother Mailing List?
	4.5	Where can I get more help?

------------------------------------------------------------------------
This FAQ is Copyright 1997 by Sean MacGuire. This document may be 
reproduced, so long as it is kept in its entirety and in its original 
format.

------------------------------------------------------------------------

Section 1: About Big Brother

1.1	What is Big Brother?

	Big Brother is a Free Web-based Unix Systems monitor written by
	Sean MacGuire (sean@iti.qc.ca).  It came about as a direct result 
	of a corrupt salesman who quoted the company I was consulting for 
	$313,000 for software and hardware to monitor 20 servers.

	Big Brother consists of simple shell scripts which periodically
	monitor system conditions and network connectivity.  Disk space,
	CPU, servers, and important processes can be kept track of.

	The Big Brother display is a Web page that presents a matrix of
	machines and monitored functions, with color codes denoting the
	current status.  

	Big Brother can notify administrators via a pager or e-mail.


1.2	Where can I get Big Brother?

	Big Brother is only available via the web at
	http://www.iti.qc.ca/iti/users/sean/bb-dnld/

	If you don't have Web access, drop a note to sean@iti.qc.ca
	and a copy will be mailed to you.


1.3	What's the current version?

	The current version of BB is 1.04g / 25 April 1997.


1.4	What do I need to run Big Brother?

	Big Brother is written as Bourne Shell scripts (/bin/sh), with a 
	couple of C programs for client-server communications.  You'll
	need:

	* A C compiler to port BB
	* Kermit and a modem (for pager communications)
	* A Web server to serve up the results

	BB has been ported to and configuration files are available for
	the following Unix-based systems: FreeBSD, Solaris, linux, 
	SCO 3/5, HPUX, HPUX 10, NetBSD, Ultrix, OSF, Irix, and SunOS 4.1, 
	RedHat linux, UnixWare, and AIX.


1.5	How do I install Big Brother?

	Unpack the archive, read the README and follow the instructions.
	Basically, change to the doc directory, run bbconfig, run make,
	run make install, edit etc/bb-hosts, edit runbb.sh and start it.

	If you don't understand the above, read the README.


1.6	How can I upgrade?

	Save your old bb-hosts file... then...

	Depends how much customization has been made to your version
	of Big Brother.  Generally, all you should have to do is 
	recompile, make the above changes, and copy your old version
	of etc/bb-hosts in.


------------------------------------------------------------------------

Section 2: Debugging Big Brother


2.1	I get the message: "bb: CAN'T CONNECT TO bbd"

	This message indicates that the an instance of bb can't
	connect to the Big Brother daemon.  The might be because
	bbd isn't running, or that bb can't determine where bbd
	lives because of some troubles with the bb-hosts file.

	So check the following things:

	* bbd is actually running on your system...
	* BBHOME is correctly set in runbb.sh...
	* Your bb-hosts file is formatted correctly
	* Your firewall isn't blocking port 1984


2.2	I get lots of processes, then bb dies!

	Define -DZOMBIE in the Makefile, recompile and run "make install".
	This seems to happen on some Solaris machines, and will definitely
	happen on SunOS 4.1.3, although 4.1.4 is OK!
	

2.3	I get garbage / my environment all over my screen

	This is almost always due to a problem with the way your bb-hosts
	file is laid out.  BB needs this file to be perfect to work, and
	any little problem with it will cause BB to fail. 

	The most common cause of this problem is pop3 being defined as
	pop-3 in /etc/services.  Make sure the spelling of all services
	in bb-hosts matches /etc/services.


2.4	I get the message: "Can't open stream socket"

	This message is from bbd being unable to attach itself to port
	1984 and begin listening.  Make sure there are no "bb" processes
	running (bb, bbd).  If there are, kill them.

	Make sure port 1984 is also not in use.  To check this issue
	the following command:

		netstat -an | grep 1984

	If anything comes back, wait a few minutes and try again.
	Once this command returns nothing, you should be about to
	start up Big Brother.


2.5	conn (connection) test is always red / not working...

	The connections column is generated from the machine defined
	as BBNET in bb-hosts.  This machine tries to ping every IP
	address listed in the bb-hosts file. BB looks to see that the
	reply from ping contains the string "bytes from".

	Check that PING and PINGPARS are set correctly in etc/bbsys.sh.


2.6	http test is always red / not working...

	This is usually because the http test isn't for the same
	machine as defined on that line in the bb-hosts file, i.e.:

	Wrong: 204.101.110.101 fred.bobo.com # http://youre.bobo.com/
	Right: 204.101.110.101 fred.bobo.com # http://fred.bobo.com/


2.7 *	bbnet is dumping core

	Add a trailing slash at the end of the URL.  This is a programming
	bug by the author.   Fixed as of v.1.04g thanks to Doug White
	


2.8	Background color is always red / yellow / wrong

	The background color should reflect the most serious state
	on your network at any given time.  If it's not doing this, or
	the background color is wrong, it's because there are some
	leftover log file in the www/logs/ directory.  To check this,
	hit the VIEW button on the main web screen, and the offending
	entries should become visible.  Delete them.


2.9	Pager problems

	The paging subsystem is really time sensitive.  It's possible
	that the timing be either too long or two short for your pager.

	The following comes from  Don Carney :
	In the etc/numeric.scr where it actually dials the number.
	the command is something like
		dial /@[3],,,,,,,,/@[4]
	my fix was to remove a few of the commas, and everything worked 
	fine.  (Commas are generally used by modems for short delays).

	Similarly if you're using one of those 800 number paging services
	you'll probably have to embed these commas in the pager number
	itself, something like:
		PAGER="1800PAGENET,,,,,,7777"
	where 7777 is your account number.
		



------------------------------------------------------------------------

Section 3: Using Big Brother



3.1	How can I monitor routers and things that have no hostname?

	Yup.  Just put a line in the bb-hosts file and make up a name
	for your router.


3.2	Can I monitor NT's, Novell servers, VAXEN with BB?

	You can monitor them from the outside, but not from the 
	inside.  That means the bbnet tests that check for connectivity
	and servers should work, but the bb-local tests which monitor
	processes and disk space won't because there is no BB client 
	for these systems.


3.3	Can I monitor things outside my network?

	Yup.  Just put the appropriate lines in the bb-hosts file and
	that's all.  However it is good form to ask permission, just
	because the remote admin may get curious about repeated accesses
	from the same addresses every 5 minutes, 24 hours a day.


3.4	Is Big Brother secure?  Do you have to be root to run it?

	A certain amount of effort has been made to make sure that
	BB is reasonably secure.  However, on most systems you should
	be able to run BB as a non-root user.


3.5	How can I monitor more services?

	Somewhere around line 75 in bb-network.sh, there's a line that 
	looks like this.  Add the new service at the end and make sure 
	it's in /etc/services.  That's it, that's all.  Simple.

	nntp* | ftp* | pop3* | smtp* | ADD-SERVICE-HERE* )   # SERVICES
	
	Make sure to kill anything starting with bb, and restart it.  
	It'll magically have a new column watching your service.


3.6	How can I check password protected web pages?

	Paul Venezia had the answer for this one:
	I've gotten around this by specifying LYNX to be
	/usr/contrib/bin/lynx -dump -auth :


3.7	Can BB restart processes that have failed?

	No, that is your job. BB will tell you about the problem, you
	solve it.  The philosophy is simple, BB will monitor and notify,
	that's all.  The reason behind this is simple, doing more than
	that makes BB exponentially more complex to run, configure and
	support.


3.8	Can BB show historical data?

	Not offically.  BB is stateless, and will only tell you what's
	going on right now.  However - check the mailing list for 
	possible third-party add-ons.


------------------------------------------------------------------------

Section 4: Miscellaneous Big Brother questions


4.1	Where is the name from?

	Big Brother is taken from George Orwell's novel 1984.  Big
	Brother is the head of a totalitarian regime, INGSOC, where
	everyone is watched.  "... the poster with the enormous face
	gazed from the wall.  It was one of those pictures which are
	so contrived that the eyes follow you about when you move.
	BIG BROTHER IS WATCHING YOU, the caption beneath it ran."

	Doubleplus ungood for people.  Doubleplus good for networks.


4.2	Do you write BB or bb?

	Doesn't really matter.  bb tends to be used when denoting
	programs (i.e. bbnet) whereas BB tends to be used when 
	discussing the entire Big Brother system.


4.3	Whose picture is that and can I get rid of it?

	That picure is of the creator of Big Brother, Sean MacGuire,
	doing his best to do justice to George Orwell.  It's supposed
	to be scary.

	If you don't like it, feel free to change it to something more
	neutral.  Change the file $BBHOME/www/gifs/bb.gif.
	

4.4	Is there a Big Brother Mailing List?

	Yes, and it's an exciting place run by Paul Sittler.  You
	can subscribe by sending e-mail to MajorDomo@taex001.tamu.edu.

	In the body of the e-mail message (not the Subject line),
	place the statement: 

		subscribe bb

	Nick Silberstein has made an archive of the Big Brother
	mailing list available.  It can be found at the URL:
	http://www.fusioni.com/~bb/ Check it out. It's great! 


4.5	Where can I get more help?

	Run the tests as outlined on the install and debug web pages.

	Subscribe to the mailing list.  Check the archives of the
	mailing list to see if you're question has already been 
	answered.  Send a message to the mailing list, and as a
	last resort, mail sean@iti.qc.ca.