rg Michael Medin SOA/Middleware Architect Michael Medin

Slides:



Advertisements
Similar presentations
Lecture 10 Sharing Resources. Basics of File Sharing The core component of any server is its ability to share files. In fact, the Server service in all.
Advertisements

NSClient++ in the new millenium!
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Chapter 14 Chapter 14: Server Monitoring and Optimization.
Chapter 11 Monitoring and Analyzing the Web Environment.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
October 2003 Iosif Legrand Iosif Legrand California Institute of Technology.
TCP/IP Protocol Suite 1 Chapter 11 Upon completion you will be able to: User Datagram Protocol Be able to explain process-to-process communication Know.
SNMP Simple Network Management Protocol
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Ch. 31 Q and A IS 333 Spring 2015 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.
CH 13 Server and Network Monitoring. Hands-On Microsoft Windows Server Objectives Understand the importance of server monitoring Monitor server.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
CONTENTS:-  What is Event Log Service ?  Types of event logs and their purpose.  How and when the Event Log is useful?  What is Event Viewer?  Briefing.
Emanuele Pasqualucci Extending AppManager Monitoring with the SNMP Toolkit.
1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
13/09/2015 Michael Chai; Behrouz Forouzan Staffordshire University School of Computing Transport layer and Application Layer Slide 1.
Web Based Inventory Site Building Room Asset Number Category Type Description Serial Number Manufacturer Model Vendor Name Acquired Date P O Number Budget.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.
WaveMaker Visual AJAX Studio 4.0 Training Authentication.
Ripple Technologies, Inc 7/98 LogCaster. Ripple Technologies, Inc 7/98 LogCaster NT Real Time System Monitoring.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
0Gold 11 0Gold 11 LapLink Gold 11 Firewall Service How Connections are Created A Detailed Overview for the IT Manager.
Module 7: Fundamentals of Administering Windows Server 2008.
LiveCycle Data Services Introduction Part 2. Part 2? This is the second in our series on LiveCycle Data Services. If you missed our first presentation,
Networking Functions of windows NT Sever
SUSE Linux Enterprise Desktop Administration Chapter 12 Administer Printing.
1 Version 3.0 Module 11 TCP Application and Transport.
PHP Workshop ‹#› PHP Error Handling. PHP Workshop ‹#› Types There are 12 unique error types, which can be grouped into 3 main categories: Informational.
Ideas to Improve SharePoint Usage 4. What are these 4 Ideas? 1. 7 Steps to check SharePoint Health 2. Avoid common Deployment Mistakes 3. Analyze SharePoint.
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
11 Web Services. 22 Objectives You will be able to Say what a web service is. Write and deploy a simple web service. Test a simple web service. Write.
Step By Step Windows Server 2003 Installation Guide Step By Step Windows Server 2003 Installation Guide.
2440: 141 Web Site Administration Web Server Monitoring and Analysis Instructor: Enoch E. Damson.
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
TELE 301 Lecture 10: Scheduled … 1 Overview Last Lecture –Post installation This Lecture –Scheduled tasks and log management Next Lecture –DNS –Readings:
The Professional Open Source™ Company CLI Shell JBossNetwork Enterprise Manager Command Line Interface.
TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,
CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.
A powerful network monitoring system
Module 8: Planning and Troubleshooting IPSec. Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Vinay Paul. CONTENTS:- What is Event Log Service ? Types of event logs and their purpose. How and when the Event Log is useful? What is Event Viewer?
CCNA4 v3 Module 6 v3 CCNA 4 Module 6 JEOPARDY K. Martin.
DataFlow Diagram – Level 0
Wireless and Mobile Security
©SoftMooreSlide 1 Introduction to HTML: Forms ©SoftMooreSlide 2 Forms Forms provide a simple mechanism for collecting user data and submitting it to.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.
Ch. 31 Q and A IS 333 Spring 2016 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.
Maintaining and Updating Windows Server 2008 Lesson 8.
Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Monitoring Dynamic IOC Installations Using the alive Record Dohn Arms Beamline Controls & Data Acquisition Group Advanced Photon Source.
Npush agent deployment Yancy Ribbens
Monitoring Asterisk with Icinga2
Tiny http client and server
Section 13 - Integrating with Third Party Tools
Securing the Network Perimeter with ISA 2004
Tango Administrative Tools
IT Connects: Lync and Box Staff Association Council
Simple Socket Client Project 1.
Cloud Web Filtering Platform
How to debug a website using IE F12 tools
COMPUTER NETWORKS PRESENTATION
Windows Forms in Visual Studio 2005: An in-depth look at key features
Presentation transcript:

rg Michael Medin SOA/Middleware Architect Michael Medin SOA/Middleware Architect

rg Michael Medin SOA/Middleware Architect Michael Medin SOA/Middleware Architect Monitorin g Simpli fied Monitorin g Simpli fied

NS-what did he say? I’m in the wrong room! NS-what did he say? I’m in the wrong room!

..pdh collection thread not running… ERROR: Missing argument exception PdhCollectQueryData? failed: : : No data to return. Failed to query performance counters:..pdh collection thread not running… ERROR: Missing argument exception PdhCollectQueryData? failed: : : No data to return. Failed to query performance counters:..pdh collection thread not running… ERROR: Missing argument exception PdhCollectQueryData? failed: : : No data to return. Failed to query performance counters:..pdh collection thread not running… ERROR: Missing argument exception PdhCollectQueryData? failed: : : No data to return. Failed to query performance counters:

CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"

NSClient ++

0.4.1 is stable

Get your a** over here and play NOW!

What’s New!

Build 90 ( xx) ◦ ◦ nsclient-full.ini ◦ ◦ Reload from script ◦ ◦ (re)added check_filesize (ie. Check_nt –v FILESIZE) ◦ ◦ Encoding support for NRPE ◦ ◦ New option: scan-range for CheckEventLog ◦ ◦ Various minor bug fixes Build 96 ( xx) ◦ ◦ Reverted external script quoting issues ◦ ◦ (re)added check_fileage (ie. Check_nt –v FILEAGE) ◦ ◦ Added support for binding to both ipv6 and ipv4 ◦ ◦ Various minor bug fixes Build 102 ( xx) ◦ ◦ PDH improvements ◦ ◦ Performance data: pass through ◦ ◦ Encoding support through out ◦ ◦ Various minor bug fixes and enhacements

Modern Windows support Simplified monitoring Real-time monitoring Linux checks

Modern Windows support Simplified monitoring Real-time monitoring Linux checksNSCP protocol Check_xxx clients

Check_os_Version Check_pagefile Check_process NO MORE PDH Check_service Nrpe_client

Filters

filter=” level = ’error’ ”

filter=” source = ’App1’ ”

filter=” source = ’App1 ”

filter=” source = ’App1’ or source = ’App3’ ”

filter=” source = ’App1’ or source = ’App3’ or level = ’error’ ”

filter=” source = ’App1’ or source = ’App3’ or level = ’error’ or level = ’warning’ ”

filter=” (source = ’App1’ or source = ’App3’ or level = ’error’ or level = ’warning’) and source != ’Excel’ ”

filter=” (source = ’App1’ or source = ’App3’ or level = ’error’ or level = ’warning’) and source != ’Excel’ ” filter=” (source in (’App1’, ’App3’) or level in (’error’, ’warning’)) and source != ’Excel’ ”

filter = (id NOT IN ('3', '4', '6', '11', '16', '23', '24', '27', '29', '36', '46', '47', '50', '56', '134', '142', '219', '267', '270', '1006', '1009', '1014', '1030', '1035', '1036', '1055', '1058', '1071', '1073', '1085', '1102', '1110', '1111', '1112', '1131', '1291', '1500', '3095', '5719', '5722', '5783', '5788', '5789', '6008', '7000', '7001', '7003', '7005', '7009', '7011', '7022', '7023', '7024', '7026', '7030', '7031', '7034', '7038', '7041', '9015', '9018', '9026', '9028', '10009', '10010', '10016', '10149', '12294', '15300', '15301', '24679', '36887', '36888', '40960', '40961', '45056') AND level IN ('error', 'warning')) OR (id IN ('3') AND source NOT IN ('FilterManager') AND level IN ('error', 'warning')) OR (id IN ('4') AND source NOT IN ('q57','L2ND') AND level IN ('error', 'warning')) OR (id IN ('6') AND source NOT IN ('Security-Kerberos') AND level IN ('error', 'warning')) OR (id IN ('11') AND source NOT IN ('Kerberos-Key- Distribution-Center') AND level IN ('error', 'warning')) OR (id IN ('16') AND source NOT IN ('WindowsUpdateClient') AND level IN ('error', 'warning')) OR (id IN ('23') AND source NOT IN ('Eventlog') AND level IN ('error', 'warning')) OR (id IN ('24') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('27') AND source NOT IN ('Eventlog') AND level IN ('error', 'warning')) OR (id IN ('29') AND source NOT IN ('Kerberos-Key- Distribution-Center') AND level IN ('error', 'warning')) OR (id IN ('36') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('46') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('47') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('50') AND source NOT IN ('TermDD','Time-Service') AND level IN ('error', 'warning')) OR (id IN ('56') AND source NOT IN ('TermDD') AND level IN ('error', 'warning')) OR (id IN ('134') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('142') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('219') AND source NOT IN ('Kernel-pnp') AND level IN ('error', 'warning')) OR (id IN ('267') AND source NOT IN ('Storage-agents') AND level IN ('error', 'warning')) OR (id IN ('270') AND source NOT IN ('Storage-agents') AND level IN ('error', 'warning')) OR (id IN ('1006') AND source NOT IN ('DNS Client Events','GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1009') AND source NOT IN ('picadm') AND level IN ('error', 'warning')) OR (id IN ('1014') AND source NOT IN ('DNS Client Events') AND level IN ('error', 'warning')) OR (id IN ('1030') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1035') AND source NOT IN ('TerminalServices- RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1036') AND source NOT IN ('TerminalServices-RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1055') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1058') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1071') AND source NOT IN ('TerminalServices-RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1073') AND source NOT IN ('USER32') AND level IN ('error', 'warning')) OR (id IN ('1085') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1102') AND source NOT IN ('SNMP') AND level IN ('error', 'warning')) OR (id IN ('1110') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1111') AND source NOT IN ('Server Agents') AND level IN ('error', 'warning')) OR (id IN ('1112') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1131') AND source NOT IN ('TerminalServices-RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1291') AND source NOT IN ('NIC-agents') AND level IN ('error', 'warning')) OR (id IN ('1500') AND source NOT IN ('SNMP') AND level IN ('error', 'warning')) OR (id IN ('3095') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5719') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5722') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5783') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5788') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5789') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('6008') AND source NOT IN ('Eventlog') AND level IN ('error', 'warning')) OR (id IN ('7000') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7001') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7003') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7005') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7009') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7011') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7022') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7023') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7024') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7026') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7030') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7031') AND source NOT IN ('service control manager') AND strings not like 'citrix' AND level IN ('error', 'warning')) OR (id IN ('7034') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7038') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7041') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('9015') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('9018') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('9026') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('9028') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('10009') AND source NOT IN ('DistributedCOM') AND level IN ('error', 'warning')) OR (id IN ('10010') AND source NOT IN ('DistributedCOM') AND level IN ('error', 'warning')) OR (id IN ('10016') AND source NOT IN ('DistributedCOM') AND level IN ('error', 'warning')) OR (id IN ('10149') AND source NOT IN ('WindowsRemoteManagement') AND level IN ('error', 'warning')) OR (id IN ('12294') AND source NOT IN ('Directory- Services-SAM') AND level IN ('error', 'warning')) OR (id IN ('15300') AND source NOT IN ('HTTPEVENT') AND level IN ('error', 'warning')) OR (id IN ('15301') AND source NOT IN ('HTTPEVENT') AND level IN ('error', 'warning')) OR (id IN ('24679') AND source NOT IN ('Cissesrv') AND level IN ('error', 'warning')) OR (id IN ('36887') AND source NOT IN ('Schannel') AND level IN ('error', 'warning')) OR (id IN ('36888') AND source NOT IN ('Schannel') AND level IN ('error', 'warning')) OR (id IN ('40960') AND source NOT IN ('LSASRV') AND level IN ('error', 'warning')) OR (id IN ('40961') AND source NOT IN ('LSASRV') AND level IN ('error', 'warning')) OR (id IN ('45056') AND source NOT IN ('LSASRV') AND level IN ('error', 'warning'))

Filter Warnin g Critic al Ok

filter=” source = ’App1’ “ warn=” level = ’Warning’ “

Custom strings Supports substitutions ${…} top- and detail-syntax

detail-syntax=”s: ${source} “ top-syntax=“Hello: ${list}” Hello: s: App1, s: App1, s: App3

check_pagefile "filter=name = 'total'” check_uptime "warn=uptime < -2d“ "crit=uptime < -1d“ check_process process=explorer.exe "warn=working_set > 70m" "detail-syntax= ${exe} ws:${working_set}, handles: ${handles}, user time:${user}s”

Simple?

This all seems Like a lot of typing!

Sensible defaults !

check_cp u Just works!

Real time monitorin g

No CPU overhead Notified instantly Powerful filtering

[/modules] CheckLogFile = enabled NSCAClient = enabled SimpleFileWriter = enabled [/settings/logfile/real-time/checks/my_check] destination = FILE,NSCA file = test.txt warning = column1 like ‘warn’ critical = column2 like ‘crit’ [/settings/NSCA/client/targets/default] address = encryption = aes password = secreter

But I use NRP E

No CPU overhead Powerful filtering Stored in cache Check latest result Fetched instantly

[/modules] CheckLogFile = enabled SimpleCache = enabled NRPEServer = enabled [/settings/logfile/real-time/checks/my_check] destination = CACHE file = test.txt warning = column1 like ‘warn’ critical = column2 like ‘crit’ [/settings/NRPE/server] allowed hosts = allow arguments = true

But HOW ABOUT Graphin g?

LIN UX

AGEN T less

Native Secure Simple Fast Light weight A work in progress

check_service computer= check_disk drive=\\ \c$ check_task_sched computer= check_wmi computer=

Light weight remote deployable agent Same as psexec check_cpu check_memory check_process External scripts!

rg Michael Medin SOA/Middleware Architect Michael Medin SOA/Middleware Architect Monitorin g Simpli fied Monitorin g Simpli fied

CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"

check_eventlogcheck_eventlog

Photo by Olga Berrios

THANK YOU!

Information about NSClient++ facebook.com/nsclient Slides, and examples My Blog Michael Medin SOA/Middleware Architect Michael Medin SOA/Middleware Architect