I flew from my home in northern Virginia to Anaheim, CA this morning to attend part of USENIX 2005. I managed to join Practical System and Network Monitoring by John Sellens of Syonex. I looked forward to this talk because I typically do not deal with the network performance side of monitoring.
John had to rush the end of his talk because he spent too much time discussing network monitoring projects that he did not recommend or didn't like. I still found his content useful, and I expect his talk tomorrow on System and Network Monitoring: Tools in Depth to be rewarding. Probably the most important lesson from his talk was the need to try out Nagios. I also started thinking about interesting ways to use Net-SNMP to retrieve information from systems running SNMP agents.
John explained that no one has written a definitive text on network performance monitoring. Perhaps I will tackle that subject in the future, or will integrate the key theories, tools, and techniques into a future edition of one of my existing book lines?
Finally, in the spirit of Aaron Higbee's recent Secureme blog rant on conference attendees, I offer this thought. What's the deal with people who attend conferences, especially day-long tutorial sessions, but never look up from their laptop? I bet 1/4 to 1/3 of the people in my session spent more than half their time staring at the LCD screens while John spoke. I guess these attendees don't care to concentrate on the speaker's message when the attendees aren't paying for the privilege of being in a class. Alternatively, if you already know the material, why sit through the class at all?
If you're attending USENIX too, stop by my Thursday class Network Security Monitoring with Open Source Tools. I think I'll also be signing copies of my book on Thursday during class breaks or lunch.