# Abuse Monitoring for OpenVZ



## Jasson.Pass (Aug 25, 2014)

What does everyone use to monitor abuse on containers?


----------



## Nett (Aug 25, 2014)

NodeWatch I believe.


----------



## rmlhhd (Aug 25, 2014)

+1 for NodeWatch


----------



## KuJoe (Aug 25, 2014)

Nodewatch is good for a few things, but I have about half a dozen custom scripts that we utilize also. There aren't many options out there so you're better off writing your own scripts for better peace of mind in addition to Nodewatch.


----------



## MeanServers (Aug 25, 2014)

+1 for custom scripts. You can customize what you need much easier than trying to figure out someone elses code if you need to change it. If you don't know how to code your own script, I would still recommend hiring someone else to code it for you, that way you can request features you want and need.


----------



## Jasson.Pass (Aug 25, 2014)

Could custom scripts be found on git-hub for example?

NodeWatch seems very primative.


----------



## MeanServers (Aug 25, 2014)

Jasson.Pass said:


> Could custom scripts be found on git-hub for example?
> 
> NodeWatch seems very primative.


Possibly, I have seen some there in the past. You probably will need to change a few things depending on what exactly you plan to do with it however.


----------



## Flapadar (Aug 25, 2014)

Custom firewall + scripts


----------



## Kihi (Aug 25, 2014)

Flapadar,

Although I cannot say exactly what we use. However, have you looked into Nagios as well as the alternatives in Python / Ruby? 

There are some really good monitoring systems that you could use that would benefit you. One direction I would go is scraping data from vmtop and using that as your metrics. Or even simple iptables logging would do.


----------



## BrianHarrison (Aug 26, 2014)

NodeWatch, custom scripts and sFlow driven network monitoring works well for us.


----------



## Francisco (Aug 26, 2014)

Monbot.

Francisco


----------



## Flapadar (Aug 26, 2014)

Kihi said:


> Flapadar,
> 
> Although I cannot say exactly what we use. However, have you looked into Nagios as well as the alternatives in Python / Ruby?
> 
> There are some really good monitoring systems that you could use that would benefit you. One direction I would go is scraping data from vmtop and using that as your metrics. Or even simple iptables logging would do.


I don't see the point of third party monitoring ( besides obvious stuff like uptime checks, etc ). Our in house firewall is capable of preventing the majority of denial of service attacks to line rate (especially outgoing ones), spam, obvious SSH attacks with frequent notifications - and then other forms of abuse can be handled with the assistance of our own scripts.


----------



## Nett (Aug 26, 2014)

Francisco said:


> Monbot.
> 
> 
> Francisco


In-House?


----------



## Aldryic C'boas (Aug 26, 2014)

Correct.


----------



## SkylarM (Aug 26, 2014)

VPSMon + Wanguard + Some custom stuff.


----------



## VENETX (Mar 4, 2015)

Or you could also hire someone to make you a custom script like :

http://www.smartservermanagement.com/custom.html


----------



## BBGN Brian (Mar 8, 2015)

We've had good success with VPSMon.


----------



## KwiceroLTD (Mar 8, 2015)

One thing which I don't see mentioned here is are you looking to monitor for specific processes/applications? For example, if you just want to rid of outgoing floods, email spam, and IRC, you could very simply write a in-house program to do such.


----------



## SkylarM (Mar 8, 2015)

BBGN Brian said:


> We've had good success with VPSMon.


I gave up on that. Constant issues, servers vanishing from program, program not dealing with rules properly, and then Bryson stopped responding to me  Great potential for that though. When it worked, it worked. Just didn't work often.


----------



## weloveservers (Mar 30, 2015)

NodeWatch, much like what everyone has recommended


----------



## Hosting Specialists (Jan 10, 2016)

Nodewatch and manual eye balls.


----------



## AtlanticServers (Jan 18, 2016)

I use Zabbix for monitoring all system (OpenVZ, Network interface and etc.)


zabbix is adjustable powerful monitoring system


----------



## DMMediaLtd (Jan 27, 2016)

+1 Nodewatch But unfortunately it doesn't protect against video streamers/proxies which require hands on approach to!


----------



## tmzVPS-Daniel (Feb 3, 2016)

Zabbix is a damn great choice if configured properly. 


- Daniel


----------



## Jonathan (Feb 3, 2016)

+1 for Zabbix with many custom UserParameters and backing scripts.


----------



## hmb-patrick (Feb 7, 2016)

Nodewatch is best for abuse monitoring on node servers.


----------



## HostMayo-WK (Oct 24, 2017)

Sorry for bumping this old thread but really need to know which one is being used in 2017. Watch-node or VPMon. Or is there any other better alternate? My only purpose is to monitor and prevent mail spamming.


----------

