Horizon 16.0.4 Security Release

In response to the Apache Commons library that OpenNMS uses, version 16.0.4 has been released to help secure against a remote exploit.

The exploit involves Java Remote Method Invocation (RMI) which listens on port 1099 by default. In my previous post I pointed out that if that port is inaccessible, then the exploit can’t happen.

What 16.0.4 does is limit RMI to only listen on localhost. While that will prevent remote exploits even in the event port 1099 is blocked via the firewall, it doesn’t completely solve the problem. To fix the root cause of the issue will require changes to Apache Commons, and we are ready to upgrade to the fixed version as soon as it is available.

We tend to be very internally critical of security issues within OpenNMS, and some people complained that my last post wasn’t technical enough. So I’m hoping to correct that with this one, but if you don’t care about such things you should probably skip it (grin). I have started updating the Security Considerations page on the wiki with details about securing OpenNMS in general, and that will have better information for people interested in security and OpenNMS than this blog post.

While blocking external access to port 1099 will secure OpenNMS against this attack for most people, it doesn’t prevent people who have access to the machine from exploiting the vulnerability. This is called a “privilege escalation” attack vs. a “remote exploit”, as a “normal” user can now have rights (i.e. root access) if they are locally on the machine. Most of our users tend to limit shell access to the server, so this shouldn’t be a problem, but in environments that rely heavily on directory services such as LDAP, the default may be to allow non-privileged access to certain users (say, the “IT Group”) that aren’t involved in maintaining OpenNMS.

And there is also the slim chance that there is a vulnerability in our webUI that could allow a user access to the system. We, of course, don’t know of any and we take great care to prevent it, but simply hoping to limit access to the server as a way to prevent this exploit is insufficient.

So, to prevent it entirely, we are removing RMI. It was introduced in the first iteration of the OpenNMS Remote Poller, but real world installation found that getting the proper ports open was a real pain. So instead the remote poller now talks over HTTP/HTTPS (with the latter being the most secure). Most networks have ports 80 and 443 open, so that made things a lot easier.

Until that is introduced (most likely with Horizon 17), it is still a good idea to limit access to the OpenNMS server to only essential people.

Note that Java Management Extensions (JMX) also use serialized objects and thus could be vulnerable. OpenNMS has a JMX port (18980) but it is bound to localhost by default. In fact, all ports are bound to localhost by default in 16.0.4 except for the webUI, port 8980.

There are a number of other steps you can take to harden your OpenNMS server. I’m planning on detailing them on the wiki, but start with only doing a minimal operating system install. The less software on the system, the smaller the chance one will have a vulnerability.

Also, OpenNMS currently runs as the “root” user. This is due to the fact that it needs access to ICMP traffic as well as port 162 for SNMP traps. Both of these require root by default. With some “stupid kernel tricks” you can run OpenNMS as a non-root user, but it has not been heavily tested. We have a detailed list of issues for running as non-root on our Jira instance.

Sorry to drone on about this, but we take security extremely seriously at OpenNMS. We also have to labor under the misconception that Java is inherently unsafe. It is not true, although people still have nightmares from the early issues with client-side Java applets. The Java in OpenNMS is server-side and we don’t use applets, and the language is used securely in a tremendous amount of software.

For comparison, WordPress, an application I love, is currently estimated to run 25% of the world’s websites. It is written in PHP, a language that has a huge track record of security exploits, and many of the spam e-mails I get link to compromised WordPress sites.

It is possible to secure WordPress (we use it for all of our websites as well) but it takes some diligence. We will remain as diligent as we can concerning the security of OpenNMS, and we will continue to take steps to make it even more secure.

Dublin OpenNMS Meetup

I’m working in Ireland this week, and our UK/Irish Ambassador, Dr. Craig Gallen, used the opportunity to put together an OpenNMS meetup, featuring beer and pizza (grin).

We held it in an office space near Temple Bar thanks to Barry Alistair. Among his many talents, he is also one of the organizers behind IrishDev.com, an on-line community for the Irish Software Developers Network.

Ulf at Dublin Meetup

It was a lot of fun. We socialized for a bit, and Craig had arranged the pizza to arrive at the end of our talks in order to reward folks for listening to us hold forth on the wonders of OpenNMS (the beer was on offer first, ‘natch). Once again I ran long and the pizza was consumed between my introduction and Craig’s presentation. I did an overview of the history of OpenNMS and why using open source, especially for a network management platform, is a Good Thing™.

Craig at Dublin Meetup

Craig’s presentation was much better, and covered a lot of the new features that have recently been added to the application as well as the direction the product was moving (such as being positioned for SDN/NFV/Internet of Thingies). No one left or fell asleep and there were lots of good questions.

Events such as this are one of my favorite things to do, so I want to thank Barry and Craig for making it possible.

The Many Uses of Grafana

One of the things I love about open source and OpenNMS in particular is watching what people do with it. We knew that we had a great data collector in OpenNMS but sometimes it was hard to display that data in a useful fashion.

OpenNMS is a platform and it is very broad. For example, we do log management, but that is only a small portion of what the application can do, yet there are companies who do nothing but that. So yes, we can display graphs but we don’t necessarily have the resources to focus on making a great data visualization tool.

Enter open source. Torkel Ödegaard has written a great visualization tool in Grafana, so it would be silly for us not to leverage it.

I was at a customer site I and I saw this cool graph:

Grafana Graph

I asked Patrick about it, and he said that he wanted to play with the OpenNMS/Grafana integration so he installed it and within a half hour he had it up and running. He created the graph as a version of the “stacky graphs” you can make in OpenNMS, but it was much easier to do and to maintain.

The name “stacky graphs” came from another customer of ours. They asked me if there was a way to put the bandwidth from all of their peer points on one graph. Now, in OpenNMS, it is easy to make a graph of data from a single device, and it is easy to group multiple graphs together, but it was not easy to put disparate data points on a single graph.

However, OpenNMS is a platform so I was able to find a way. When you create a graph definition in OpenNMS, there are two important fields, called “columns” and “type”. The “columns” value defines the file to look for, say ifInOctets.rrd and ifOutOctets.rrd, and the “type” value tells OpenNMS where to look for those files. So what I did was create symbolic links under the OpenNMS node directory named things like LAX-in.rrd, LAX-out.rrd and NYC-in.rrd, NYC-out.rrd that were linked to the interface RRDs of interest. Then I created a report of type “nodeSnmp” with column names like “LAX-in, LAX-out, NYC-in, NYC-out” etc. Then I could use AREA graphs to print out the data.

This was a pain for a number of reasons. First, you had to do a lot of configuration on the command line. Second, sometimes it is useful to delete .rrd files that haven’t been updated in awhile, but if you aren’t careful you’ll delete the symlinks. Finally, it is a lot of work to add new data sources.

Grafana Graph vs. RRDtool

In this picture you can see the Grafana dashboard in the lower left corner and the OpenNMS “stacky graph” in the upper right. Not only does the Grafana version look better, it will be easier to maintain moving forward.

I am eager to see what others are doing with this, so feel free to check out the integration on the wiki and let me know if you come up with anything cool.

OpenNMS RMI Exploit

Recently, my RSS feed on OpenNMS stories turned up an article listing a possible remote code execution exploit in a number of applications, including OpenNMS.

In it, the researcher shows that it is possible to execute code on the OpenNMS server remotely due to a bug in the Apache commons library, which OpenNMS uses.

We’re a little unhappy that they published this without letting us know first (note that the e-mail address “security at opennms dot org” exists for reporting such things), but it is pretty easy to make sure that your instance of OpenNMS is safe. Simply configure the server’s firewall to disable remote access to port 1099 (it will need to remain for localhost).

I was happy to notice that the example he uses seems to be related to OpenNMS running on Windows. It can be a bit tricky to get OpenNMS to work on Windows, and perhaps the Windows default firewall doesn’t block port 1099 so that it why they noticed it.

It is a good idea to run something like iptables on your OpenNMS server and limit remote access to a minimal set of ports. Technically, the only port you really need access to is 8980, which is the default port for the webUI. I would assume that you would want port 22 for ssh access (unless you want to use the console for all configuration). In addition, port 162 should be open for SNMP trap reception.

That should be it. Now the application needs access to other ports (such as 5817 for events) so those need to remain accessible from localhost ( or ::1) but that limits all exposure to only people who have shell access to the server, which we assume you limit to those people you trust. Remember to include IPv6 firewall rules if you use it.

An easy test to see if that port is remotely accessible would be to run:

telnet [IP or hostname of OpenNMS server] 1099

from a remote system to see if you can access the port. No connection should be made.

Sorry about this, but as I mentioned this wasn’t revealed to us until after the exploit was public. We are looking in to how we can better protect against this issue from a code change standpoint, but until then simply blocking access to the port will prevent most problems. We do plan to have a code fix in place soon.

2015 All Things Open

I love going to open source conferences. Despite that I’ve decided to take a hiatus in 2016 so I can focus on some OpenNMS projects that have been languishing. However, I may need to make an exception for All Things Open.

One reason is that it is nearby. It was odd to wake up Monday morning and drive to a show. The other reason is that it just rocks.

Organized by IT-ology (the same people who do POSSCON), the show attracts nearly 1800 people to the city of Raleigh. Since Raleigh is also the world headquarters of Red Hat as well as being next to the Research Triangle Park, you get a great mix of attendees and speakers. It’s popular, so remember to get there early to avoid the registration line:

ATO Line

This year OpenNMS was a sponsor and we decided to have a booth.

ATO Booth

Come over to OpenNMS, we have cookies.

Well, not exactly. The cookies were a snack from the show, but we did have cool #monitoringlove T-shirts featuring Ulf:

ATO OpenNMS Shirts

Our booth was in a great location, right next to the opensource.com folks and just down from the Red Hat booth. On the first day Jim Whitehurst (the amazing CEO of Red Hat) was there signing his book The Open Organization. Afterward, he spent a few minutes talking with Todd Lewis, the main organizer of ATO, and Jason Hibbets let me photobomb the picture:

ATO Photobomb

I also got to meet this guy:

ATO Taras Mitran

Check out his badge:

ATO Taras Mitran's Badge

Yes, this is the fourth “Tarus” I’ve met, but the first who spelled it “Taras”. The first was a “Tauras”, the second a “Taurus” and the third spelled it like me, “Tarus”. I was named after the movie Taras Bulba so his is the traditional spelling (grin).

We had most of the local OpenNMS team there, and we would take turns at the booth and enjoying the conference. I was speaking on Tuesday, so I had Monday free (well, after I finished my presentation).

Monday night there was an event sponsored by GitHub followed by a Speaker/Sponsor dinner at the Sheraton hotel. At our table sat Gianugo from Microsoft (who helps out OpenNMS with an MSDN subscription) and Jono from Bad Voltage (who, well, we’re not sure what Jono does but we think it’s positive). When I met them earlier in the day I wanted to do that whole David Letterman “Uma/Oprah” bit from the Oscars: Gian … Jono. Jono … Gian.

ATO Gian and Jono

The next morning I gave my talk on “Living an ‘Open’ Life”. It was in a small room but it was full, and my only major mistake was that I thought I had 55 minutes and only had 45, so I missed finishing a chunk of the talk. (sigh)

While I spent most of the conference doing booth duty, I did manage to see the Lightning Talks. I’ve always wanted to do a Lightning Talk. These are short, five minute presentations on interesting subjects, and while they didn’t do this at ATO, I really like it when you get 20 slides that automatically advance every 15 seconds.

Whenever I mention my desire to the team to do this, they laugh and point out that I can’t even introduce myself in less than five minutes. I would disagree but as I demonstrated with my ATO talk, it is hard for me to keep things brief. (grin)

The hour started off with a video featuring an interesting story on the Enabling the Future project. I’m bummed that I can’t find the exact video they showed, as it was moving, but it demonstrated how a community of “makers” was helping to provide improved prosthetic arms to people using collaboration and 3D printers. It was exempted from the five minute time limit.

Then Rikki Endsley and Jason Hibbets from opensource.com took the stage:

ATO Rikki and Jason

They were the organizers behind the lightning talks.

I finally got to see Steven Vaughan-Nichols in person.

ATO Steven Vaughan-Nichols

He is a writer who I have been following for years, and I am disappointed that I didn’t get to meet up with him in person. In his presentation he talked about how he got into writing about open source software, as well as the early computers he used that ran Unix, such as the PDP11. My first experience with a PDP11 was one that ran, I think, RSX-11, but all I can remember is writing in FORTRAN on it.

ATO Jamie Duncan

I also enjoyed the talk by Jamie Duncan, who I had spoken with at the Speakers/Sponsors dinner. He is a delightful individual with wonderful stories, such as those involving his time working to fix healthcare.gov. The title of his talk, “Gleaming the Kube”, was a play on a skateboard movie from the late 1980s. He is very outspoken on the fact that containers, such as Docker, are basically made up of kernel tricks and to make them useful you need something like Kubernetes (hence the name of the talk).

ATO Sarah Kahn

There was also a talk by Sarah Kahn about Girl Develop It, an organization aimed at helping women interested in learning code development skills. It was nice to see a large turn out by women at the conference, probably more so than the others I have been to this year, and with kernel contributors like Sarah Sharp feeling the need to leave the kernel development team, women in tech is something that needs to be addressed.

ATO Charlie Reisinger

While all the talks were good, my favorite was from Charlie Reisinger of the Penn Manor School District. They gave students Linux laptops with full root access (gasp!) and were amazed and what they did with it. While technology can be a scary place for the younger generation, too often school overreact in trying to protect students, when in fact technology can be empowering.

ATO Jono Bacon

The final talk was from my friend Jono Bacon, who gets all the cool speaking gigs and makes me jealous. His talk was on the field of behavioral economics, which points out that most traditional economic theory is based on the fact that people should behave rationally when making buying decisions. Behavioral economics demonstrates that with the proper stimulus, people will behave irrationally. I was introduced to this concept through the book Predictably Irrational back in 2008 and even got to meet the author, Dan Ariely, in 2009, when we met for lunch and discussed the power and problems with the word “free”.

While Ariely is definitely an economist, Jono introduced me to Rory Sutherland, who is a prominent figure in the field of marketing. There is a great TED Talk by Sutherland who talks about marketing, influence and behavioral economics, and Jono covered some of the main points by him and others.

(Seriously, the TED Talk is brilliant, especially Sutherland’s take on wine that starts about 10:30, and his thoughts on understanding English around 20:00)

After the Lightening Talks I headed back to the booth. Apparently the Convention Center was hosting another conference that evening and we were asked to take down the booth around 3pm, so we did. Then we headed home, which was nice since I haven’t spent much time there recently and is one of the reasons for my hiatus, but missing ATO in 2016 will be hard for me to do.

A Wonderful OUCE

Sorry for the delay in posting this, but the fourth quarter is always our busiest time of the year and I’ve been slammed. Plus, I’m still recovering from a great week at the OpenNMS Users Conference. You did go, correct? (grin)

We are always striving to find ways to bring more people to the conference, so this year I thought it would be cool to invite some open source celebrities, namely the guys from the Bad Voltage podcast. Plus, since this year’s conference was in September, we had the opportunity to make a side trip to Munich’s Oktoberfest.

We arrived in Fulda from Munich on Sunday night. Now in the run up to the conference the BV team would sometimes talk a little smack about Fulda (as in “where the hell is Fulda?”, etc.) but I love this town. It is a wonderful combination of old and new, with cobblestone streets and a beautiful cathedral. You can walk everywhere, and for us the fact that the university (the Hochschule) has great facilities makes it an awesome place to hold the OUCE.

Since we rely on the Hochschule we have to schedule the conference during a time when the students are not on campus. While it is usually held in the Spring, this year it got moved to Autumn. I think the weather is about the same, although we did have a snow storm during one OUCE.

The conference itself is two days long, but we put two days of optional training in front of it. I get to teach an OpenNMS “bootcamp” on Monday that attempts to cover most of the basics in a day. So fresh off of Oktoberfest I had to actually work on Monday.

The class went well, if a bit long. The students were some of the best I’ve ever had, and I don’t think we hit many snags except for the occasional typo. As much as I tried to hurry, it still took us about ten hours to cover the material. OpenNMS is such a huge platform that even the basics take time to go over, and perhaps next year I’ll ask the students to do some work before getting to the classroom.

We had about half of the team together for dinner that night, and I got to have some of the dark German beer I like (in this case, Köstritzer). I called it a night early on, although many of the guys headed to a small bar called “The Eck”, which was apparently a lot of fun.

On the second day of training, Jeff and Jesse discussed some of the more advanced features in OpenNMS. I slept in a bit and then worked with the Bad Voltage team to make sure everything was working for the show on Wednesday. This included making sure Bryan Lunduke could access and use the telepresence robot.

OUCE Robot

Normally when we hold the OUCE in Fulda we have access to a student run establishment called Cafe Chaos. Unfortunately this year it is being remodeled, so we had to make our own set up in Halle 8.


It was pretty cool. We had a large refrigerator for drinks and they set up some couches in the back corner. Being at the University, the bandwidth was stellar.

On Tuesday night Nethinks sponsored a meal at the Havanna Bar. Most people had arrived by then, so it was nice to get together. Many thanks to Uwe and his team for putting this on.

Wednesday was the first full day of the conference. I kicked things off with a “State of OpenNMS” keynote, with an introduction by Alex Finger, the man who pretty much created the OpenNMS Foundation.


I thought the talk went pretty well, and thanks to the A/V team at the University you can see it in all of its glory:

After that I could relax and let the rest of the gang take over. There were plenty of amazing talks, and you can catch them all on Youtube.

Speaking of Youtube, Wednesday night was the Bad Voltage Live show. I plan to review that in a separate post, but it was a lot of fun. We ran a bunch of errands Wednesday afternoon in preparation, which mainly included buying a tablet to use as a prize and beer … lots of beer.


On Thursday we had more talks, and then, sadly, the conference had to come to an end. Those of us who were still around helped tear down Halle 8. It looked really empty when we were finished.

OUCE Closing

We then headed off to the Wiesenmühle for one final gathering before going our separate ways.

If you like OpenNMS then you really should make plans to come to the OUCE. Next year will be held at about the same time at the same place, so reserve space on your calendar now.

In the meantime, there are two more conferences left in the year where OpenNMS will be presenting. In a week you’ll find us at All Things Open in Raleigh, NC, USA, and in November Ronny and I will be at the Open Source Monitoring Conference in Nürnberg.

Hope to see you at one or all of these.

Ad hoc Suspension of Polling Services

As I was reading through my RSS feeds this morning, I saw that a user named “Fredebben” had posted a neat find on the OpenNMS wiki.

I didn’t know this, but it turns out that you can temporarily suspend service polling with an event, and then resume it as needed. This is pretty cool, especially if you need to stop polling for just one service.

I once had a client with a requirement that there be a scheduled outage once a week for all services but ICMP. In their case I had them move ICMP into its own package, and then they could use a Poll Outage to suspend polling on the other services. That is still probably the best way to do it for a lot of services, but it is nice to know this event method works as well.

Send an SMS with OpenNMS

I thought I’d written this post years ago, but apparently I didn’t. Since my friend Salma asked about SMS notifications with OpenNMS I felt it was a good opportunity to document this process.

Of course, OpenNMS can’t send an SMS message without a little help. You’ll need some sort of modem that can actually connect to the network. We use one from the great folks at MultiTech.

Multitech Modem

It’s USB powered, so all you need to do is insert an active SIM card and plug it in. Here is the exact model:

Multitech Modem Back

and you can find more information on their products on their website.

For the SIM card, I just added a phone to my AT&T plan for a few dollars a month.

The next thing you’ll need is software to send the notices. I used smssend, which comes in RHEL/CentOS via the smstools package:

Name        : smstools
Arch        : x86_64
Version     : 3.1.15
Release     : 12.el7
Size        : 748 k
Repo        : installed
From repo   : epel
Summary     : Tools to send and receive short messages through GSM modems or mobile phones
URL         : http://smstools3.kekekasvi.com
License     : GPLv2+
Description : The SMS Server Tools are made to send and receive short messages through
            : GSM modems. It supports easy file interfaces and it can run external
            : programs for automatic actions.

This will install a daemon called smsd that is configured via /etc/smsd.conf. You’ll need to edit that file to set the path to your modem, in my case it’s /dev/ttyUSB0. Then start the daemon (via “service” or “systemctl”, etc.)

At this point you can test if it works by running:

smssend [number] "This is a test message"

Note that the number must include the country code, such as “+19195330160”.

Once you have that working, it is pretty easy to set up in OpenNMS. First, edit notificationCommands.xml and add the “smssend” command:

    <command binary="true">
        <comment>Send an SMS</comment>
        <argument streamed="false">
        <argument streamed="true">

This configuration includes the full path to the “smssend” command, and I used the mobile phone “-mphone” field as well as the short message “-nm” field, which are the only two parameters required for the command.

At this point you’ll need to restart OpenNMS. It actually isn’t necessary to make this work, but it is needed to make the webUI know that the “sendSMS” command has been added.

The rest of the configuration can be done through the webUI. For every user you want to receive SMS messages, make sure that their mobile number (including country code) is configured on their user account page. Then you can just add “sendSMS” as a notification action on a destination path and it should just work.

Convince Your Boss to Send You to the OUCE

With this year’s OpenNMS Users Conference a little over a month away, I plan to be writing about it more in the run up to the event. I figured I should probably start on why you should go and, better yet, how to convince your boss to pay for the trip.

First off, if you aren’t using OpenNMS, why not? (grin)

In all seriousness, if you are happy with your network management solution you can stop reading now. But if you aren’t happy, are in the process of considering alternatives, or if you have a serious interest in discovering the benefits of an open source network management platform, the money you will spend to investigate OpenNMS through the Users Conference is a rounding error compared to the price of similar commercial solutions.

Second, OpenNMS is more of a platform than an application. I know of a number of organizations who manage billion dollar budgets using Microsoft Excel, but it didn’t work for them out of the box. They had to build the spreadsheets, integrate it with databases and other applications, but now they have a custom system that fits their needs. Most network management applications require the user to adapt their processes to fit the application. For most IT organizations those processes are what differentiate them from their competitors, so it makes more sense to use a platform like OpenNMS which can be customized to better complement them instead of the other way around.

Third, OpenNMS does have a steep learning curve. It is a broad and powerful tool but it does require an investment in time in order to realize its full potential. One way to get such knowledge would be to attend a week-long training class at the OpenNMS HQ. The cost would be US$2500 plus travel.

Contrast this with the OUCE. The full four day package runs 1000€, currently about US$1100, or less than half the price of the standard training course. Even with travel expenses (assuming you aren’t in Germany in particular or Europe in general) it should make more sense to go to the OUCE than to the usual training course (plus, the next one isn’t until January of next year). If you don’t have the need to go to the one day OpenNMS Bootcamp, it is even less expensive. It makes good financial sense.

Fourth, this is a *users* conference. If you come to training you will most likely get to listen to me for five days. At the OUCE you get to meet and talk with the people who *use* OpenNMS. Got a common problem? Find out how others solved it using OpenNMS. Got a weird problem? I can guarantee that someone at the conference will have a weirder one that they used OpenNMS to fix. The initial list of accepted talks is awesome and will only get better.

Fifth, a lot of the key people behind OpenNMS will be there as well (including yours truly) and so you can experience first hand what makes the OpenNMS community so special. Plus, since we don’t “unveil” new features, you can see first hand what is currently available in the development version of OpenNMS, including “big data” storage, new and improved graphing, elasticsearch integration and distributed polling via “minions”.

Finally, it’s a lot of fun. I can remember meeting Ian Norton during an OUCE several years ago. He had been forced to attend the conference by his (now previous) employer and was very unhappy about it. Not knowing who I was, he candidly ranted about issues he saw with the product. I assured him that we would work hard over the next two days to address them. Now he is one of our biggest supporters, and all it took was two days to “get it” and understand what makes OpenNMS so magical (in the interest of full disclosure, schnapps was involved).

In conclusion, if you are not using OpenNMS you are probably paying too much for a lesser solution. This may not be true in your particular case, but you should at least seriously investigate the possibility. It makes financial sense to do this at the Users Conference, even with travel expenses, plus you can see how real users, just like you, are getting the most value out of the tool. And even if you decide OpenNMS is not for you, you’ll have had some fun and can rest assured you did your due diligence when examining management options for your employer.

Hope to see you there.

OpenNMS, Grafana and the Internet of Things

Things have been as busy and crazy as usual here in OpenNMS-land, so I often can’t find the time to talk about all the cool new shiny that is available. As my truck wouldn’t start this morning (it’s on the charger now) I thought I’d take some time to talk about a cool new plugin available since Horizon 16 was released.

One of the things I think will be needed in the next few years is a management platform that can scale to Internet of Things (IoT) levels. I also think that the only way to overcome the “Internet of Silos” effect will be to make that platform open source. I’d like OpenNMS to fill that role.

To that end we’re working on our “minion” project. These are lightweight remote processes that do data collection and monitoring and report up to a master OpenNMS instance, or even a cluster of OpenNMS management stations. In order to scale to the massive amounts of data generated by the IoT, we’ve created the Newts project to store time series data on top of Cassandra. Both of those projects are well under way and available for testing in various OpenNMS code branches.

Then we were faced with how to display all of this information. Jesse decided to do an integration with the Grafana project, and now this functionality is available as a plug-in (click to embiggen):

OpenNMS Graphs in Grafana

It’s pretty cool – Jesse translates the syntax used for RRDTool reports into a form that Grafana can use, and since this is hosted on the Grafana server you can integrate data points from multiple OpenNMS instances or pretty much data from any source that Grafana can access. Details available on the Wiki.

Hat’s off to the Grafana project for making such a cool application, and as usual we hope you find this new addition to OpenNMS useful.