Probably 50% of a SysAdmin’s job revolves around information. Knowing what is going on with your systems can make all the difference. Just don’t make the mistake of thinking that the more information the better. What you really need is the *correct* information at the appropriate time and it shouldn’t be obfuscated by extra information.
Good info sources:
Use OSSEC and Nagios. These products will notify you about security issues and outages.
There is a child’s fable about the boy who cried wolf. To make a long story short, the boy made false alarms several times drawing attention until when he really saw a wolf, nobody would come. There is an important lesson in there about information too. After a while, if you are flooded with info you don’t need, you tend to stop paying attention and may miss something important.
The right stuff:
Make sure that you set up your source filters or rules well. Use your mail filters wisely and set them up as you go along to remove non essential notifications. And most importantly, read and pay attention to those alerts and notifications you get!
Wednesday, March 9th, 2011