The MonitorIT Windows Agent runs on all
Windows operating systems from NT SP4 and later. This includes the
Windows 64-bit version.
CounterWatch
MonitorIT’s CounterWatch for Windows
monitors the performance of your Windows servers and workstations via
the available performance counters installed with Windows, all Microsoft
applications, and from various 3rd party applications that
take advantage of the performance counter option in Windows. You
selectively monitor and gather detailed data about virtually every
aspect of server/workstation operation via these available performance
Counters. Performance Counters are available for all aspects of the
hardware, including CPU, Disk, Memory, and Network, and software
including applications such as IIS, SQL Server and Exchange Server.
You can optionally
have MonitorIT use this comprehensive performance data to trigger alerts
if specified thresholds are exceeded, and you can generate consolidated
performance reports, or dynamic graphs. There is an option to export
the raw graph data to a CSV file, which can be viewed and processed by
Microsoft Excel.
Create your own
custom CounterWatch report collection set/templates to monitor, analyze,
troubleshoot/diagnose and report, and make recommendations for improving
performance and solving operational problems. All CounterWatch data is
logged to MonitorIT’s Access or SQL Server database, giving you
centralized control of all the monitoring results, and providing
baseline and trending data.
EventLogWatch
MonitorIT’s
EventLogWatch monitors your Windows servers and workstations in
real-time for entries into the various Event Logs including all the
available Microsoft Event Logs, as well as 3rd party Custom
Event Logs. This provides you with the ability to monitor virtually any
and every event of significance that occurs in server/workstation
operation. You can choose to be alerted for those selected, critical
events that you want to know about and act on immediately.
When you enable
Windows auditing, you can monitor for a variety of auditing events to
the Security Event log to significantly increase your server security
monitoring. These types of security events include a variety of events
for Logon actions, Account Login actions, Account Management actions,
Privilege Use actions, and Policy Change actions.
EventLog monitoring
takes advantage of MonitorIT’s Active Directory integration so that you
can use Active Directory Groups as a parameter whereby any event whose
User parameter is a member of the selected Active Directory Group(s) is
considered a match.
You can centralize
your Event Log management by capturing all events or just selected
events to MonitorIT’s Access or SQL Server database, and run the “Alert
Notifications” report to see the captured events for all servers, or
selected servers, and for any time frame. Use the EventLogWatch Display
feature to view received, monitored Events dynamically as they occur,
and to display up to the previous 24 hours of previously received,
monitored Events.
For Sarbanes-Oxley
and HIPAA compliance assistance with respect to the Event Logs,
MonitorIT provides a very flexible and powerful Event Log file archiving
feature. You define one or more schedules or conditions when the Events
Logs on your selected servers and workstations are automatically
backed-up and optionally archived to a central storage that you
specify. Archived Event Log files are automatically saved in a GZIP
compressed format that is very economical on storage requirements.
A powerful Event Log
Viewer is provided where you can view selected events based on easily
defined filters for: (1) events in the Archived Event Log files; or (2)
events in Monitor’s database that were captured with your real-time
EventLog Watches; or (3) events in the actual current Event Log files.
You can filter the monitoring and viewing of Event Log data by Log type
(Application, System, Security, DNS Server, File Replication Service &
Active Directory Service, etc.) and specific Event types (Error,
Warning, Information or Audit Success or Failure events), as well as
filter based on Event Source, Event IDs, Event Category, User Name or
substring in the Event Descriptions; and you can Save your filters and
easily Load them again to use them next time you are back in the
Viewer. For any events that match your Viewer filter, you have the
options to Print, Email, or Export to a CSV file.
ProcessWatch
MonitorIT’s
ProcessWatch monitors selected Windows processes to make sure they are
running; and/or ‘rogue’ processes that should not be running. Define
alert notifications so you know when critical Windows processes are not
running, or ‘rogue’ processes are running. You can optionally have
MonitorIT attempt to restart the processes not running, or terminate the
‘rogue’ processes that are running. For running processes, you can
optionally specify CPU & Memory utilization thresholds, and be alerted
if these thresholds are exceeded; or have ProcessWatch monitor all
running processes, and be alerted if any CPU & Memory utilization
thresholds you specify are exceeded by any running process, and
optionally have ProcessWatch terminate processes that exceed your
thresholds. All ProcessWatch alerts are logged to MonitorIT’s database,
and you can view the history of ProcessWatch alerts in MonitorIT’s
“Alert Notifications” report.
WinServicesWatch
MonitorIT’s
WinServicesWatch monitors your selected Windows services to make sure
they are running. Define alert notifications so you know when critical
Windows services are not running, including services that are ‘hung’
during startup. You can optionally have MonitorIT attempt to restart
these services that are not running or ‘hung’. All service failures are
logged to MonitorIT’s database, and you can view the history of service
failures in MonitorIT’s “Alert Notifications” report.
FileWatch
MonitorIT’s FileWatch
monitors your select Windows server & workstation files. You choose the
files you want MonitorIT to watch. You can specify wild-cards to
monitor groups of files, or even specify a folder name and monitor the
whole folder for any changes including file additions and deletions.
You can optionally choose to be alerted, using MonitorIT's standard
alert notification options, when watched files or folders have met one
of the optional conditions you specify. These options are: (1) the file
is created and exists; (2) the file has exceeded a specified maximum
size; (3) the file size changes from its current size; (4) the file last
modified date/time changes; or (5) the file contains a specified
substring. There is a powerful ‘NOT’ option to check for the inverse
of all of the above conditions, including watching for files to be
deleted. The substring search is optimized to only check when new data
is added to the file.
Use FileWatch to
monitor 3rd party application log text files; watch for
“hacked” files that should not have changed; or monitor key files that
you expect to change and be updated on a regular basis. And when you
have appropriate Windows auditing enabled, you can know not only what,
when, and where but also WHO caused the FileWatch alert.
CustomWatch
MonitorIT’s
CustomWatch provides the ability to extend MonitorIT by creating
monitors for your Windows servers/workstations by executing any Windows
program, command, script, or batch file executable that you provide.
It runs the executable periodically on the monitored server/workstation
according to a schedule that you specify. You can optionally specify a
comparison of the executable’s Exit Code to an exit code you specify,
and generate an alert notification if the comparison fails. You can
optionally specify an Executable Time-Out value and MonitorIT will
terminate the executable if it does not complete on its own before the
time-out expires; you can optionally specify Logon credentials and
MonitorIT will start the executable under the user context of these
credentials; and the specification for the executable, and for the
optional command-line options, support Environment Variable substitution
when bracketed with the percent character; for example, %SystemRoot%.
Use the powerful
CustomWatch to create your own custom monitors but also use CustomWatch
as a central Windows Job Scheduler, and easily manage the scheduled
execution of all your jobs across all your servers and workstations from
the central MonitorIT Server.
Logical Drive and
Memory Page File Watch
For the Logical Drive
& Page File monitoring, you can easily enable an alert notification and
be notified when available Logical Drive Free Space or Page Free Space
drops below a threshold you define.
Registry, HW
Configuration and Server Availability & Reboot Check
For the Registry &
Hardware Configuration monitoring, you optionally choose to be alerted
when server/workstation Hardware Configuration changes are detected, or
when select Registry Key/Value additions, changes, or deletions are
detected.
For the Server
Availability & Reboot Check, you optionally choose to be alerted when a
monitored server reboot/restart check is detected, and when the server
is detected as down and not available.
The MonitorIT Linux/Unix Agent is a Java
implementation and has been certified for JVM version 1.4 or later on
Linux, Solaris, SUSE, AIX, SCO/Unixware, HP-UX and ESX from VMware.
CounterWatch
MonitorIT’s
ProcessWatch for Linux/Unix monitors CPU utilization and Load Average
counters. All of the various CounterWatch features available for
Windows CounterWatch are also available for these Linux/Unix Counters
including monitoring and alerting for exceeding thresholds, for creating
dynamic graphs, and for baseline and trend reports.
ProcessWatch
MonitorIT’s
ProcessWatch for Linux/Unix monitors your selected Linux/Unix processes
to make sure they continue running. Define alert notifications so you
know when critical processes are not running. All ProcessWatch alerts
are logged to MonitorIT’s database, and you can view the history of
ProcessWatch alerts in MonitorIT’s “Alert Notifications” report.
Disk Drive and
Memory Swap File Watch
For the Disk Drive & Swap File monitoring, you can easily enable an
alert notification and be notified when available Disk Drive Free Space
or Swap File Free Space drops below a threshold you define.
Server
Availability & Reboot Check
For the Server
Availability & Reboot Check, you optionally choose to be alerted when a
monitored server reboot/restart check is detected, and when the server
is detected as down and not available.
You can integrate the monitoring of all
your network infrastructure devices such as firewalls, routers,
switches, and other IP enabled devices using the following MonitorIT
SNMP and Syslog monitoring features.
CounterWatch
for SNMP.
MonitorIT’s
CounterWatch for SNMP proactively polls to monitor any select SNMP
Counters. SNMP Counters are derived via server/device MIBs that you
provide to MonitorIT for parsing. The MonitorIT Server component
provides the SNMP CounterWatch polling by default. However, you can
optionally designate one or more deployed MonitorIT Windows Agents to
act as remote, distributed SNMP CounterWatch polling monitors that
forward the SNMP CounterWatch data to the MonitorIT Server via the Agent
connection.
You can optionally
have MonitorIT use this comprehensive SNMP CounterWatch performance data
to trigger alerts if specified thresholds are exceeded, and you can
generate consolidated performance reports, or dynamic graphs. There is
an option to export the raw graph data to a CSV file, which can be
viewed and processed by Microsoft Excel.
Create your own
custom SNMP CounterWatch report collection set/templates to monitor,
analyze, troubleshoot/diagnose, and report, and make recommendations for
improving performance and for solving operational problems. All SNMP
CounterWatch data is logged to MonitorIT’s Access or SQL Server
database, giving you centralized control of all the monitoring results,
and providing baseline and trending data.
SNMP TrapWatch
MonitorIT’s
SNMP TrapWatch monitors your SNMP enabled servers and network devices
for SNMP Traps. You specify the SNMP Traps that are monitored and the
acceptable servers and network devices where they can originate.
Optionally define alert notifications that are executed upon receipt of
specific SNMP Traps. Review the history of all or selected SNMP Traps
received in the MonitorIT “Alert Notifications” report.
There is a MIB
parsing feature to extract and make available the SNMP Trap OIDs from
your server and device MIBs, to make it simple to define the watches for
SNMP Traps. Use the SNMPTrapWatch Display feature to view received,
monitored Traps dynamically as they occur, and to display up to the
previous 24 hours of previously received, monitored Traps.
Similar to the SNMP
CounterWatch monitoring, there is an option to designate one or more
Agents to act as remote distributed SNMP Trap monitors. Traps that
match your defined watches are forwarded on to the MonitorIT Server over
the existing Agent connection for logging to the database and any alert
notification processing.
SYSLOGWatch
MonitorIT’s
SYSLOGWatch monitors SYSLOG messages transmitted from your selected
servers and network infrastructure devices such as firewalls and
routers. The MonitorIT Server listens on the standard SYSLOG UDP port
for these messages and processes them according to your specified SYSLOG
Watch/Alerts. You can be alerted when selected SYSLOG messages are
received, and you can use SYSLOGWatch to centralize your SYSLOG
collection, management and reporting. Review the history of all
or selected SYSLOG messages received in the MonitorIT “Alert
Notifications” report. Use the SYSLOGWatch Display feature to view
received, monitored SYSLOG messages dynamically as they occur, and to
display up to the previous 24 hours of previously received, monitored
SYSLOG messages.
For Sarbanes-Oxley
and HIPAA compliance assistance with respect to the SYSLOG messages,
MonitorIT provides a very flexible and powerful SYSLOG message archiving
feature. You optionally define in a SYSLOG Watch/Alert whether you want
the SYSLOG messages archived for long term storage and saving. Archived
SYSLOG messages are automatically saved in a GZIP compressed files that
are very economical on storage requirements.
A powerful SYSLOG
Archive Viewer is provided where you can view selected Archived SYSLOG
messages based on filters that you easily define for: (1) SYSLOG
messages in the Archived SYSLOG files, or (2) events in Monitor’s
database that were captured with your real-time SYSLOG Watches. You can
filter the monitoring and viewing of SYSLOG messages based on content
with the ability to specify compound/complex search string criteria.
For any SYSLOG messages that match your view filter, you have the
options to Print, Email, or Export to a CSV file.
There is an option to
designate one or more MonitorIT Agents as remote, distributed Syslog
collectors/servers. Agents so designated will optionally forward
received Syslog messages to the MonitorIT Server over the encrypted
Agent connection for logging and alert notification processing,
depending on your SyslogWatch rules. Archiving to flat text GZip
compressed files can also be optionally enabled to storage available
from the Agent machine.
ServerWatch
MonitorIT’s
ServerWatch component ensures the available operation of all network
infrastructure devices, and IP services on any
server/device, regardless of the operating system.
ServerWatch monitors
your WEB, Email and Database services for proper operation --- it lets
you monitor and check server IP services such as SNMP, HTTP, FTP, SMTP,
POP3, DNS, TELNET, Lotus NOTES servers, and SQL & ORACLE database
servers. PING is also available for testing general machine & device
availability, and you can create a custom TCP check called USER to
connect to any specified port with the option to send a request string
and check for a specific response string.
With MonitorIT’s
flexible and powerful alert notification component, you define how,
when, and if you are alerted when ServerWatch detects failures of any of
your IP services being monitored. When defining ServerWatch watches,
you can optionally specify time periods throughout the week when
monitoring is automatically suppressed so you can accommodate
maintenance down-time periods. You can define watches that are
dependent on other watches so that if the primary watched device is
down, alert notifications and actions are suppressed on the dependent
watched device; for example suppress alert notifications from
servers/devices from half your network if they become unreachable when a
particular router or switch is down.
ServerWatch provides
a dynamic display for “at-a-glance” view of availability and performance
of all servers & devices being monitored. ServerWatch also provides a
Discovery feature that automatically locates servers & devices and
associated IP services based on servers/workstations in your Windows
Domains/Workgroups, and/or based on an IP address range scan.
Servers/devices found in the IP address range scan can optionally
determine the domain name for identification purposes. ServerWatch
Discovery makes MonitorIT extremely easy to configure.
All ServerWatch
monitoring results are logged to MonitorIT’s Access or SQL Server
database and there is an “IP Service Availability & Performance” report
available for either a summary or detailed report on “up-time” and
performance of all or selected servers/devices and IP Services, for any
time-frame you specify. You can also use the “Alert Notifications”
report to see the details of all failures, whether they resulted in an
alert notification or not according to your specifications, and view
these details on a selected server/device & IP service basis for any
selected time frame.
Alerting and Reporting
Alert
Options
MonitorIT’s Alert
options provide for Email, Pager, Beeper, SYSLOG, and/or SNMPTrap alert
notifications. And you can optionally execute any program, command, or
batch file, with macro substituted input arguments at run time, when an
alert condition occurs. The execution can be local on the MonitorIT
Server; or remote on the Windows server/workstation Agent that caused
the alert; or on a specific remote Windows server/workstation Agent.
There is an Email
Group feature so that it is very easy to manage sending Email alerts to
multiple Email recipients. When defining the Alert notification action,
you simply reference the Email Group name. There is a custom Email text
option so you can compose the text for an Email alert the way you want
it. Both the custom Email text and the Email subject parameter support
the same macros as the program arguments, so that the specific
information such as server/device name, IP address, date/time, status,
and Watch/Alert name are substituted.
Report
Options
MonitorIT’s Report
options include an “Alert Notifications” report where you can report on
all logged occurrences of your active Watch/Alerts, including IP Service
checks, EventLog events, ProcessWatch alerts, WinServicesWatch alerts,
FileWatch alerts, CustomWatch alerts, SNMP Trap alerts, SYSLOG messages,
and report on all or selected servers/devices, for any selected
time-frame.
There is an ”IP
Services Availability & Performance” report where you can report on the
up-time percentage and the response performance of all your active IP
Services ServerWatch checks such as PING, HTTP, SMTP/POP3, and others.
There is a summary option, and an option to report on all or selected
servers/devices, for any selected time frame
You can create any
number of custom “CounterWatch” reports, for Windows or SNMP, and
analyze monitored counter values from any one or more selected
servers/devices, for minimum, maximum, and average values over any
selected monitored time-frame, and including a Graph so you can pinpoint
spikes and other periods of abnormal behavior.
There is an “Exclude
Time-Period” feature so that you can specify time-of-day and day-of-week
time-periods that you want to exclude from the report analysis so that
you can easily create reports consistent with your Service Level
Agreements.
All MonitorIT reports
can be optionally scheduled to run periodically, and automatically, with
complete flexibility in selecting the servers/devices and time frame for
the report; and you can easily manage your queue of currently scheduled
reports. Report output can be optionally emailed, or a link to the HTML
report output can be emailed, to one or more recipients. The Email
Group feature is supported for specifying recipients of the report
Email.
Graph
Options
With MonitorIT’s
Graph options you can create and save any number of Graph templates to
view any selected set of Windows and SNMP Counters, from one or more
servers/devices, for any time-frame, historic or current. Graphs can be
customized and saved in terms of look, density, type and a number of
other properties. Graph playback of historic or current data is
dynamic, and can be stopped, played in fast speed, or reverse, to easily
analyze any monitored period. The Graphs are a powerful tool for
viewing and analyzing all your Windows and SNMP CounterWatch monitored
data.
Graphs are also
included with all your CounterWatch Reports so that you can easily
pinpoint unusual trends of each monitored Counter for the time-frame
being analyzed.
Hardware
Asset/Configuration Information
With MonitorIT’s WMI
(Windows Management Instrumentation) support, you can easily and
automatically track the hardware asset/configuration details of all your
Windows servers/workstations.
View and optionally
print the hardware details report per server/workstation, and optionally
choose to be alerted automatically when MonitorIT detects changes to the
Hardware Configuration.
You access the
MonitorIT Server and its associated Access or SQL Server database to
observe the monitoring, track alerts, watch server status, and run
performance reports and dynamic graphs from anywhere you have Internet
Explorer and IP access to the MonitorIT Server.
The MonitorIT Server
component manages the MonitorIT Access or SQL Server database and
functions as an HTTP web server. This capability is built into
MonitorIT and you do NOT need any other web software such as IIS. The
MonitorIT user interface is designed and implemented around this web
server feature. For this reason, you use Microsoft Internet Explorer
installed on any computer, acting as the MonitorIT console, for access
to the MonitorIT Server. (Note: The first time you connect from any
particular machine acting as the MonitorIT ‘Console’ you must allow the
secure and signed ActiveX console components to be downloaded and
installed.)
The MonitorIT
‘Console’ uses HTTP to request and download the various user interface
pages, and once the page is loaded, a secure encrypted and compressed
TCP connection, using technology in the downloaded ActiveX Control, is
created back to the MonitorIT Server and all subsequent transmissions
between the ‘Console’ and the MonitorIT Server are done over this secure
TCP connection.
The MonitorIT Server
component also contains an "embedded" Internet Explorer browser that
communicates with the built-in web server. When you run the MonitorIT
Server the first time as a foreground/desktop application the default
view is with the embedded browser. This intranet, web-based technology
provides you with the ultimate flexibility, security, and control when
using MonitorIT.
Using a Remote
Console
You can access the
MonitorIT Server remotely from any computer that has Microsoft's
Internet Explorer and TCP/IP connectivity. This remote access provides
full access to MonitorIT's features, such as graphs, monitoring, alerts,
reports and administration. Connect to the MonitorIT Server's built in
web server just like you would connect to any web site. In IE’s URL
address line, put the IP address of the MonitorIT Server machine or its
Domain name, and use port 81.
For example,
http://n.n.n.n:81
or,
http://MonitorITMachineName:81
The first time you do
this from another computer, MonitorIT will download and register the
appropriate secure and signed ActiveX components from the MonitorIT.
For subsequent access to the MonitorIT Server from this computer, all
components are stored locally, eliminating the need to download them
again.
MonitorIT uses ports
81 and 82 by default but these can be reconfigured to avoid port
conflicts with other applications.
Console Security Options
Your access to the
‘Console’ is also secure. MonitorIT provides very flexible Security
options. You can define authorized Users, with different security and
rights to access and use the various MonitorIT features. You can
restrict select Users to have access to only a subset of the various
Groups of servers/devices you define. This way you limit different
Users to different subsets of your monitored network. You can also
assign ‘Ownership’ rights to MonitorIT Reports and Graphs so that Users
only can access and view Reports and Graphs that they own or are owned
by ‘All’.
With MonitorIT’s
Active Directory integration, you can specify an Active Directory Group
so that any User who is a member of the Group is considered an
authorized User. And if you choose, MonitorIT will authenticate your
LoginName/Password with Active Directory so you can use your standard
Windows login for MonitorIT’s console.
|
Breakout Software
