I am looking for some opinions about what and how I should be monitoring in a very small network. For example, if we have four routers and four switches with each running the firewall feature set and acting as a firewall, what should I be monitoring and how?
I have SNMP traps and audit trails enabled logging to a SYSLOG server, but those logs become incredibly large, and I have a hard time discerning any useful information out of them. Additionally, I have tried a few NetFlow analyzer tools, but have not been terribly happy with them.
I would love to know simple things like "the throughput has been above 90% of the interface bandwidth for over 30 minutes" or "open sessions has exceeded 10,000." And I am especially interested in figuring out exactly who and what is using up my bandwidth.
I am curious, what do you all do to monitor a small cisco network?