What is open source network monitoring?

Open source network monitoring refers to the branch of network monitoring that is carried out with the use of open source tools. These, unlike their closed source alternatives, are mostly maintained and developed by communities of volunteers, or companies that embraced the open source methodology for their products. Some of these network monitoring open source tools are in the hands of the same vendor that works on the closed, often premium, version of the same software. Thus, sharing resources and knowledge is common between open and closed source tools, whether in monitoring or elsewhere.

There are many open source network monitoring tools available, ranging from the simplest, the command-line utilities, to the more comprehensive open source network monitors that include plenty of features like alerting, real-time monitoring, customizable dashboards, reporting, and more.

Open source network monitoring has been a reality since the early days of computing in the 1960s and 1970s. Back then the monitoring needs were small, with networks consisting of a handful of local computers, and without any distributed computing facilities. As networks grew in size and complexity, the need for tools to monitor and manage them became more apparent. In the 1980s and 1990s, the emergence of the Internet and the widespread adoption of TCP/IP as the dominant networking protocol led to the development of a variety of network monitoring tools. Most network devices were using proprietary protocols or agents, and open source network monitoring was therefore facing difficulties in integrating with them.

The early 2000s, with the development of virtualization and cloud systems, saw an increase in choice and quality of open source monitoring tools, and monitoring with open source became a complex endeavor. Today, that complexity is attempted to be solved by hundreds of open source network monitors,. many of them a fork or born out of a plug-in of a pre-existing project. Checkmk is one example of this. Unlike closed source monitoring tools, open tools are frequently built upon and improve older ones.

There are a handful of main differences between open and closed source monitoring software. But the primary one is the root of it all: the license.

Within open source monitoring, a plethora of software licenses exist, allowing to modify, use, and redistribute the software freely. Depending on the specific license used, the only constraints may be respecting the original contributors’ code and redistributing it under the same license. This perpetuates the open source ecosystem, generating more and more tools that can be used and built upon in a free manner. Closed source tools on the other hand are proprietary and cannot be modified nor used without purchasing them or using a subscription system.

Using a closed source monitoring system thus means selecting the features that a vendor reputed important and being constrained by them. In most cases, this is not a limit, especially when using comprehensive network monitoring tools with a large set of features. Yet with network monitoring open source tools this is rarely an issue at all, assuming your developers have time to improve them in case the original product did not offer a desired feature.

Documentation may also be a big difference between the open and closed source world of monitoring software. Usually, closed software has a larger set of documents to get you started on using it, but there are many exceptions. Proper technical documentation teams are employed to write good documentation. Open software is rather unsatisfactory here, but there are striking differences between one tool and another. Network monitoring open source tools by no means lack documentation, but some may be maintained less than others.

Open source network monitoring is much more customizable by developers and system administrators. With a closed source tool it is only possible to ask for customizations, while with open source everybody is free to code themself. Clearly this is not always desirable as it may be too time-consuming, and closed source software often has a rapid development cycle that can include asked features and customization in a short time.

Still, monitoring with an open source tool allows for a bit more customizability and scripting capabilities, very broadly speaking. With closed source monitoring tools, administrators are required to work with what already exists more, and have fewer possibilities of interfacing with other tools and APIs. New features may be requested, but they may cost money and especially time when waiting for them to be implemented.

Which brings us to a practical difference between open and closed source monitoring software. Support and maintenance largely differ between the two types of software. An open source network monitor will not grant you any type of support, nor guarantee in being maintained for as long as necessary. It is a software licensed “as it is”, offering no help nor promises. Sure, its developers and contributors will help you when they can, but without any certainty about time and effort. In the case of open source monitoring tools, the community of its users is often the best support you can have. But to large companies, that kind of support for their monitoring efforts may feel unreliable.

Contrarily, closed source software comes with a dedicated support team, and its maintenance is guaranteed until the product reaches the end of line (usually after many years). Thus, a closed source software is more reliable when necessitating support in your monitoring efforts, which may swing the balance in their favor.

Security-wise, there has long been a debate between advocates of closed and open source network monitoring. Proponents of both sides have valid points. Closed source fans laud the rapidity with which a dedicated team can fix security issues and release critical updates. A team of developers working full time on a product knows it better than a scattered group of contributors. Open source fans on the other hand assert how the code being readable by everybody makes it easier to spot security holes and the software more secure due to more developers reviewing it. The debate is not going to end any time soon, which is a key point to keep in mind when choosing an open or a closed source system for monitoring.

Last but not least, cost is an important variable. An open source monitoring tool costs nothing, while a closed source is almost always to be paid before use. The costs are justified by support, maintenance, and priority, and may rise to fairly large numbers when purchasing enterprise licenses, or a monthly subscription. An open source network monitor does not charge you anything, but may prove to be more costly as more time is required to configure and understand it.