11 December 2009, 09:49

For some time I've been thinking about a new feature which will justify the increase of the major version number from 6 to 7. Yesterday, I've come up with such a feature.

Hiawatha version 7 will contain a remote monitoring ability. I will create a tool (probably a website) to which multiple Hiawatha instances can send status information. This tool will be able to show the current status and the history of all Hiawatha instances it is monitoring.

The question is: what will the Hiawatha instances send to the monitoring tool? There are several detail levels possible:

  1. Only send errors and other information that require attention from an administrator.
  2. Only send general webserver information, such as how many requests resulted in 200 OK, how many in 404 Not Found, etc.
  3. Send detailed information for every request.

Reasons to go for option 1 are that it only uses little CPU time and network bandwidth. There are enough monitoring tools like Google Analytics availble, even open source ones. So, there is no need to put heavy monitoring stuff in a webserver.

Reasons to go for option 3 are that you have more certainty of the statistics then when using included javascripts, because users cannot change what is sent to the monitoring tool. You can keep the monitoring information to yourself, instead of giving Google more information about your visitors.

What is your idea of what this monitoring tool should offer and why do you think so? A tool like Google Analytics would be very cool, but do we really need it to monitor multiple Hiawatha instances? Please, share your thoughts about this one.

11 December 2009, 13:51
Please, put the possibility of nothing send (in the .conf file). I like hiawatha as it is: simple and simple for configuring. Please, maintain it simple (or at least, simple by default). If I want a monitoring tool, I will install it or I will see the logs.

Personally I think you are wrong of include monitoring tool in hiawatha, but you are the owner. If you do, please, keep the possibility of disable it.

Hugo Leisink
11 December 2009, 14:24
Of course you will be able to disable the monitoring feature. You will even be able to disable it at compile time.
14 December 2009, 09:22
I think that a monitoring tool is a great idea. However, I'd opt for a very simple tool that offers only the most important informations about the webserver, e.g. banned/kicked ip's, bandwidth usage, cpu/memory usage, etc. Particularly, I wouldn't like to see an overloaded detailed weblog analyzer. For this, we can all install awstats or similar stuff. An e-mail alert to inform the admin about heavy attacks (i.e. big numbers of banned/kicked ip's) would be nice.

On the other hand, I still would like to see a possibility to get much more detailed logs about what strings are passed to cgi handlers, authentication failures with username/passwords used, etc.
17 December 2009, 21:00
Okay. Thanks Hugo for all. I like this is disabled by default.
9 May 2012, 11:26
Such a monitor is a brilliant idea!
I just discovered hiawatha, and besides the focus on security this a monitor which allows easy monitoring of multiple web servers is the main reason for me to give it a test.