reply to Bigzizzzle
Re: Enterprise monitoring My advice would be dont mix the configuration backup need with the node health monitoring and trending. Spectrum is several half-products sewn together. There are plenty of better (and cheaper) ways to manage large network configuration repositories (and do a MUCH better job of alerting on config deviations from standard, revision control, etc.)
Solarwinds makes an acceptable small to mid-sized network monitoring solution, however I would not waste the time or cash on the configuration management piece (Is it still called Sirus?)
Remember that the ability to manage incidents is as important as the ability to detect them, you dont want a link failure to generate 300+ tickets to OPS when all the unreachable devices could be automatically childed up to one parent ticket. Having poor integration with your ticketing system results in delayed time to repair, lost revenue, increased support cost, etc.
So with that in mind, can Extrahop integrate with the rest of the operational toolset? Or does the vendor that makes your other pieces also make a node monitor? etc.
tubbynetreminds me of the danse russePremium,MVM
the more that i've been around these types of issues, the greater my frustration grows with vendor lock-in. most monitoring/config management/all-in-one vendors don't adequately (or at all) document their apis and how you can hook systems into them. its their way of locking you in to their software suite.
we hock solarwinds -- a lot. i can see where it has its place in that commercial-select/small enterprise market where you don't necessarily have the vision at the top that spurs the opex in manpower for things like homebrew provisioning and config management systems. these solutions are often "all-in-wonder" in the sales slicks, but it doesn't give you the flexibility to change what you don't like.
i'm starting to think more and more that you find a ticketing/incident management system that you like and has an open api -- then you put together some perl/php-fu to homebrew your provisioning system and config management -- then tie it into a system with expect, ciscocmd, or the like -- potentially using some of the modules provided through rancid (clogin for example) and then hooking your config management/backup system into its own archive but tie it via some nifty web frontend with some egrep functionality.
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."