WHATSUP GOLD 2017+ INTENSIVE MANUAL
188
WHATSUP GOLD 2017+ INTENSIVE MANUAL Ipswitch 83 Hartwell Avenue Lexington, MA 02421 Phone 781.676.5800
Transcript of WHATSUP GOLD 2017+ INTENSIVE MANUAL
WHATSUP GOLD 2017+ INTENSIVE MANUAL
Ipswitch 83 Hartwell Avenue
Lexington, MA 02421 Phone 781.676.5800
Table of Content
WHAT TO EXPECT IN THE COURSE ..............................................................................1
LEARNING OBJECTIVES ...............................................................................................1
COURSE AUDIENCE ....................................................................................................2
PREREQUISITES ..........................................................................................................2
IPSWITCH TRAINING ENVIRONMENT ..........................................................................3
POLLERS ....................................................................................................................5
SYSTEM REQUIREMENTS ............................................................................................8
LOGIC ........................................................................................................................8
SERVER ......................................................................................................................8
CLIENT .......................................................................................................................9
BASIC NAVIGATION ....................................................................................................9
MENU BAR .................................................................................................................9
DISCOVERED NETWORK ........................................................................................... 12
MY NETWORK .......................................................................................................... 12
AUTO VS CUSTOM ........................................................................................................ 12 MAP TREE .................................................................................................................. 13 MAP ......................................................................................................................... 14
USER ADMINISTRATION ........................................................................................... 15
USERS ....................................................................................................................... 15 USER GROUPS ............................................................................................................. 15 USER RIGHTS .............................................................................................................. 17 PASSWORD POLICY ....................................................................................................... 19
EXTERNAL AUTHENTICATION ................................................................................... 20
INTEGRATION .............................................................................................................. 20 DEVICE GROUP ACCESS ................................................................................................. 21
SUPPORTED PROTOCOLS .......................................................................................... 23
ICMP ....................................................................................................................... 23 SNMP ...................................................................................................................... 24 SNMPV1 ............................................................................................................................ 25 SNMPV2 ............................................................................................................................ 26 SNMPV3 ............................................................................................................................ 26 WMI ........................................................................................................................ 27 TELNET/SSH ............................................................................................................... 27 JMX ......................................................................................................................... 28
CREDENTIALS ........................................................................................................... 29
ADDING ..................................................................................................................... 30 CREATING AWS READ ONLY CREDENTIALS ......................................................................... 30
AZURE ACCESS ......................................................................................................... 32
MONITORS .............................................................................................................. 33
MONITOR TYPES ...................................................................................................... 35
ACTIVE MONITORS ................................................................................................... 35
POLLING CHARACTERISTICS ............................................................................................. 36 ARE YOU SURE YOUR DEVICE OR MONITOR IS RESPONDING CORRECTLY? .................................... 36 MONITOR OPTIONS ...................................................................................................... 37 HARDWARE, CHASSIS AND WIRELESS ................................................................................ 38 APC UPS............................................................................................................................. 38 FAN .................................................................................................................................... 39 POWER SUPPLY ..................................................................................................................... 39 PRINTER............................................................................................................................... 40 TEMPERATURE ...................................................................................................................... 41 WAP RADIO......................................................................................................................... 42 NETWORK MANAGEMENT .............................................................................................. 43 PING ................................................................................................................................... 43 SNMP ................................................................................................................................ 44 SNMP EXTENDED ................................................................................................................. 45 WMI .................................................................................................................................. 46 WMI FORMATTED ................................................................................................................ 47 APPLICATION .............................................................................................................. 48 JMX ................................................................................................................................... 48 PROCESS .............................................................................................................................. 49 NT SERVICE .......................................................................................................................... 49 POWERSHELL........................................................................................................................ 50 TELNET ................................................................................................................................ 51
SSH .................................................................................................................................... 51 SQL QUERY .......................................................................................................................... 52 HTTP CONTENT .................................................................................................................... 54 ACTIVE SCRIPT ...................................................................................................................... 55 TCP/IP ............................................................................................................................... 56 FILE SYSTEM ............................................................................................................... 58 FILE PROPERTIES ................................................................................................................... 58 FOLDER ............................................................................................................................... 59 STORAGE ............................................................................................................................. 61 SMIS .................................................................................................................................. 62 DEGRADED ARRAY ................................................................................................................. 62 CRITICAL SERVICES ................................................................................................................. 63 ADVANCED EMAIL MONITOR .................................................................................. 64 DNS ................................................................................................................................... 65 FTP .................................................................................................................................... 65 NETWORK STATISTICS ............................................................................................................ 66 CLOUD-BASED RESOURCES ............................................................................................. 67
PASSIVE MONITORS ................................................................................................. 68
LISTENER .................................................................................................................... 68 SNMP TRAPS ............................................................................................................. 70 IMPORT TOOL ....................................................................................................................... 70 SYSLOG ...................................................................................................................... 72 WINDOWS EVENT ........................................................................................................ 73
PERFORMANCE MONITORS ...................................................................................... 74
DEFAULT MONITORS..................................................................................................... 74 CUSTOM MONITORS ..................................................................................................... 75 HARDWARE ................................................................................................................ 76 APC UPS............................................................................................................................. 76 PRINTER............................................................................................................................... 76 APPLICATION/OS ......................................................................................................... 77 ACTIVE SCRIPT ...................................................................................................................... 77 JMX ................................................................................................................................... 79 POWERSHELL........................................................................................................................ 80 SQL QUERY .......................................................................................................................... 82 SSH .................................................................................................................................... 83 NETWORK MANAGEMENT .............................................................................................. 85 SNMP ................................................................................................................................ 85 WMI .................................................................................................................................. 85 WMI FORMATTED ................................................................................................................ 86
THRESHOLDS ........................................................................................................... 87
NETWORK DISCOVERY ............................................................................................. 88
WHAT IS A DISCOVERY ............................................................................................. 88
DEVICE ROLES .......................................................................................................... 90
ROLES ....................................................................................................................... 90 SUB-ROLES ................................................................................................................. 91 ADVANTAGES .............................................................................................................. 91 CONFIGURING ............................................................................................................. 92 CONFIGURATION ................................................................................................................... 92
NEW SCANS ............................................................................................................. 94
SCAN TYPES ............................................................................................................. 94
BEST PRACTICES OF USING SCANS .................................................................................... 94 IP ADDRESS .......................................................................................................................... 94 SEED ADDRESS ...................................................................................................................... 94
CONFIGURATION ..................................................................................................... 95
SCAN DEPTH ............................................................................................................... 95 SETTINGS ................................................................................................................... 97 INCLUDE .............................................................................................................................. 97 SPECIFIC IPS, RANGES, AND SUBNETS ....................................................................................... 98 USE HOST FILE ...................................................................................................................... 98 MONITORED DEVICES ............................................................................................................ 98 CLOUD DEVICES .................................................................................................................... 98 EXCLUDE .............................................................................................................................. 98 IP/MAC ADDRESS EXCEPTIONS....................................................................................... 99 LIMIT................................................................................................................................... 99 MAXIMUM NUMBER OF DEVICES ............................................................................................. 99 ADVANCED SETTINGS ........................................................................................................... 100 CREDENTIALS ............................................................................................................ 102 SCHEDULE ................................................................................................................ 103 SUMMARY................................................................................................................ 104 RUN/SAVE ............................................................................................................... 104
SAVED SCAN SETTINGS ........................................................................................... 105
PRECONFIGURED SCANS ........................................................................................ 105
SCHEDULED REFRESH .................................................................................................. 105 SCHEDULED DISCOVERY ............................................................................................... 106 EXAMPLES SCANS ....................................................................................................... 106
DISCOVERED NETWORK ......................................................................................... 107
LIST VIEW ................................................................................................................ 107 FILTER TAB ......................................................................................................................... 107 ACTIVE SCANS TAB............................................................................................................... 107
DISCOVERY LEGEND TAB ....................................................................................................... 108 MAP VIEW ............................................................................................................... 110 LEGEND ............................................................................................................................. 110 ACTIVE SCANS..................................................................................................................... 110 FILTERS .............................................................................................................................. 110 SELECTING DEVICE ............................................................................................................... 111 ZOOM CONTROLS ................................................................................................................ 113 HIDING DEVICES .................................................................................................................. 113 START MONITORING ................................................................................................... 113 RETURNING TO LIST VIEW ............................................................................................ 113 HYBRID VIEW ............................................................................................................ 114
MY NETWORK ........................................................................................................ 115
LIST VIEW ................................................................................................................ 115 MAP VIEW ............................................................................................................... 116 OVERLAYS ................................................................................................................ 116 LAYOUT OPTIONS ....................................................................................................... 118 ADDITIONAL FEATURES COMMON TO BOTH VIEWS ............................................................. 118 LEGEND ............................................................................................................................. 118 LIBRARY ICONS .................................................................................................................... 119 FILTERS .............................................................................................................................. 120
MAP VIEW LAYOUT ................................................................................................ 121
AUTO LAYOUT ........................................................................................................... 121 CUSTOM LAYOUT ....................................................................................................... 121
CUSTOMIZING THE MAP......................................................................................... 122
DEVICE GROUPS ........................................................................................................ 122 PHYSICAL ........................................................................................................................... 122 DYNAMIC ........................................................................................................................... 122 TOOLS ..................................................................................................................... 125 ANNOTATIONS .................................................................................................................... 125 STYLE ................................................................................................................................ 126 EDIT CONTROLS .................................................................................................................. 126 CUSTOM LINKS IN A CUSTOM MAP ................................................................................. 127
DEVICE INFORMATION ........................................................................................... 128
INFORMATION CARDS ................................................................................................. 128
DEVICE PROPERTIES ............................................................................................... 130
DEVICE PROPERTIES DIALOG ......................................................................................... 130 DEVICE PROPERTIES INTERFACE ............................................................................................. 130 SYSTEM STATUS AND PROPERTIES .......................................................................................... 130 DEVICE CENTER ................................................................................................................... 131
APPLICATION MONITORING ................................................................................... 136
DEVICES IN APM ....................................................................................................... 137 APPLICATIONS IN APM ............................................................................................... 137 DEFINITIONS ............................................................................................................. 138 APPLICATION STATES .................................................................................................. 138
APPLICATION PROFILES .......................................................................................... 139
IMPORTING AND EXPORTING APPLICATION PROFILES ............................................ 140
APPLICATION INSTANCES ....................................................................................... 141
APPLICATION DISCOVERY ....................................................................................... 142
MAINTENANCE MODE ............................................................................................ 143
MAINTENANCE MODE CHARACTERISTICS ............................................................... 143
ARE YOU SURE YOUR DEVICE OR MONITOR IS RESPONDING CORRECTLY? ............... 144
ACTIONS ................................................................................................................ 144
NOTIFICATION TYPE ACTIONS ........................................................................................ 144 AUDIO/VISUAL ACTIONS ...................................................................................................... 145 MESSAGING ACTIONS .......................................................................................................... 145 .............................................................................................................................. 146 EXECUTABLE ACTIONS ................................................................................................. 147 LOGGING ACTIONS ..................................................................................................... 148 MANAGEMENT ACTIONS .............................................................................................. 149 PROACTIVE OR SELF-HEALING ACTIONS ............................................................................ 149 RECURRING ACTIONS .................................................................................................. 149
BLACKOUT SCHEDULE AND POLICIES ...................................................................... 150
WEEKLY BLACKOUT SCHEDULES ..................................................................................... 150 BLACKOUT POLICY ...................................................................................................... 151
APPLICATION MONITORING ACTIONS AND ACTION POLICIES .................................. 152
APPLICATION MONITORING ACTIONS .............................................................................. 153 ACTION POLICIES ....................................................................................................... 154
WHATSUP GOLD ACTION POLICIES ......................................................................... 156
ALERT CENTER ALERTS ........................................................................................... 157
NOTIFICATION POLICIES ......................................................................................... 158
THRESHOLDS ......................................................................................................... 159
ALERT CENTER DASHBOARD ................................................................................... 160
DASHBOARDS AND REPORTS .................................................................................. 161
OVERVIEW ............................................................................................................... 161
DASHBOARDS ........................................................................................................ 162
DEVICE STATUS .......................................................................................................... 164 WIRELESS ................................................................................................................. 165 VIRTUAL .................................................................................................................. 166 APPLICATION MONITORING .......................................................................................... 167 NETWORK TRAFFIC ANALYSIS ........................................................................................ 168
FULL PAGE REPORTS .............................................................................................. 169
LOGS ..................................................................................................................... 170
PREDICTIVE TRENDING ........................................................................................... 171
REPORT CONFIGURATION AND WHATSUP GOLD DATABASE ................................... 172
ALERT STORM AND DEPENDENCIES ........................................................................ 173
ALERT STORM ........................................................................................................... 173 ELIMINATING ALERT STORMS ........................................................................................ 173 DEVICE DEPENDENCIES ................................................................................................ 174 CRITICAL MONITORING ................................................................................................ 175
CONFIGURATION MANAGEMENT ........................................................................... 176
OVERVIEW ............................................................................................................... 176 NETWORK DEVICE CONFIGURATIONS .............................................................................. 177 COMPARING CONFIGURATIONS ..................................................................................... 178 AUDITING DEVICES ..................................................................................................... 178 ALERTING ................................................................................................................. 179 OTHER MANAGEMENT TASKS ....................................................................................... 179 ASSIGNING TASKS ...................................................................................................... 180 CUSTOMIZING ........................................................................................................... 180
W H A T S U P G O L D 2 0 1 7 + I N T E N S I V E
1
What to expect in the
Course
Learning Objectives This class provides you with practical knowledge and specific skills to maintain a complex network using WhatsUp Gold Plus, Which includes Application Monitoring, Virtual monitoring, Network Traffic Analyzer, as well as Configuration Manager.
All of the classes for WhatsUp gold are based on the “Big 5 Tasks” a network or server administrator. This is what you need to get out from network monitoring system, to have a successful deployment.
These big 5 tasks are Discovery, Mapping, Monitoring, Alerting and Analysis
• Discovery is finding all your devices that are on your network. Your routers, switches, servers and more
• Mapping is showing what devices are connected to what
• Monitoring is determining the state of your devices. Are they up or down, as well as, the performance of your devices?
• Alerting is making sure you are aware of the status of your devices and being notified when they are down or performing out of thresholds.
• Analysis is using WhatsUp Gold reports, Dashboards and more to help troubleshoot and verify the metrics of your network and its devices.
Preface
W H A T S U P G O L D 2 0 1 7 + I N T E N S I V E
2
Course Audience This course is intended for the following audiences:
Network Administrators
Server/System Administrators
WhatsUp Gold Implementers
WhatsUp Gold Users
Prerequisites We Recommend (but not required) that students have:
• A working knowledge of network administration
• A working knowledge of server administration
• Familiar with network monitoring/administration terms
W H A T S U P G O L D 2 0 1 7 + I N T E N S I V E
3
Ipswitch Training Environment
During this class, each student will have access to a fully functional installation of WhatsUp Gold that exists within a training environment, complete with an entire network of real-world, operational devices. Network devices such as routers, switches, wireless access points, and a firewall, as well as non-network devices such as Windows servers, Application servers, and File servers all work together to offer you a realistic and representative network in which to take advantage of everything WhatsUp Gold and its plug-ins have to offer.
The Ipswitch Training Environment (ITE) fulfils two main roles for Students attending WhatsUp Gold training:
• The ITE allows you to attend WhatsUp Gold training without the need to use your production WhatsUp Gold server, or install a second copy of WhatsUp Gold on your network just for training.
• The ITE provides Students with an environment rich in the type of interesting traffic and conditions you will want to see live in WhatsUp Gold and its additional features.
4
Both of these benefits work together to offer you engaging and relevant lab exercises with no setup required on your part.
The ITE provides us with a very flexible and portable architecture that we hope you’ll like. Essentially, you could log in to the ITE from anywhere in the world and get started with WhatsUp Gold training immediately
5
Pollers
Polling is the term used for monitoring discovered devices in WhatsUp Gold. Polling can occur in several ways, depending upon the monitors configured for network devices. The default polling method uses Internet Control Message Protocol (ICMP). The default polling interval for WhatsUp Gold is 60 seconds. If you engage the State Suppression it will only do a state change IF the state changed. The back end configuration manages the frequency checking for the state change with the objective for efficiency of operations.
A small amount of data is sent from the WhatsUp Gold computer across the network to the device it is watching. If the device is up, it echoes the data back to the WhatsUp Gold computer. A device is considered down by WhatsUp Gold when it does not send the data back.
WhatsUp Gold comes with one Poller on the local machine and additional ones can be purchased. The WhatsUp Gold Poller is an application used to perform and assign WhatsUp Gold device polling operations to monitor network devices. Specifically, additional external pollers installed on a servers your network transmit active monitor and performance monitor data to the WhatsUp Gold server. Extending polling activity across multiple pollers increases the number of devices for which WhatsUp Gold can poll and collect data to send back to the WhatsUp Gold system. This is referred to as clustered polling. Using clustered polling, WhatsUp Gold can efficiently scale polling operations to a larger number of network devices, ultimately providing the capacity to monitor and manage larger networks.
Introduction
to WhatsUp
Gold
1
6
Scalability pollers assist with Active Monitors these will include ActiveScript Monitors, JavaScript, Vbscript and PowerShell Custom Script Monitors. When assisting with Performance Monitors these include PowerShell Custom Script Monitors.
Currently, Scalability Pollers do not assist with Discovery, Active Script Performance Monitors, Passive Monitors, Configuration Management Tasks, Wireless Polling, or the MIB Walker.
To assist in determining if you need an additional poller, the Poller Health dashboard report displays the status of the local poller and all pollers installed on your network. This dashboard report allows you to ascertain at a glance if one or more pollers are down.
Each entry in the report contains the following information:
Status: A color-coded indicator of poller status.
Name: Displays the name of the poller.
Lag Time: The amount of time in seconds the poller is behind its scheduled time to poll devices; indicates poller overloaded.
Lag Time Status: Indicates if lag time is causing a polling issue. o A yellow status icon is rare and is only seen as an automatic
intermediary between red and green when a poller starts up or is failing.
To the left of each poller name is a circular icon that serves as a visual indicator of poller status:
o Red: Indicates the listed poller is not active or status is unknown. o Yellow: Indicates the poller is starting up or beginning to fail. o Blue: Indicates the listed poller is active and running properly.
An average poll lag time of a few seconds or more indicates your system may not be performing optimally. The WhatsUp Gold CPU and memory utilization reports may also indicate performance issues.
To install an additional poller, you must configure each poller to send data to the WhatsUp Gold server by entering a name to identify the poller, the server name or IP address to identify the device running WhatsUp Gold, and valid credentials required to access the WhatsUp Gold host computer. You must also use this information to configure WhatsUp Gold to receive data from each poller installed on our network.
Scalability Pollers
Assist with Active
and Performance
Monitors
7
The machine on which the WhatsUp Gold scalability poller is installed must have the same access to the network as the WhatsUp Gold machine. Polling data is always reported from the viewpoint of the WhatsUp Gold machine regardless of which device performed the polling task. Therefore, if a poller can only access a portion of the network, devices to which the poller does not have access (even previously discovered by WhatsUp Gold) are reported as down.
The following are prerequisites for installing an additional poller on your WhatsUp Gold system:
Local admin privileges for the host machine are required to install the WhatsUp Gold poller.
The Windows account from which you install the poller must have a known password. You will be prompted to enter this password during the poller installation process.
.NET4 is required for installation and is available to install if not already installed on the host machine.
In order for a poller to successfully connect to WhatsUp Gold, enable communication on the following ports: TCP 9713 - Polling Data Communications and TCP - 9730 Polling Control Communications.
8
System Requirements
Logic WhatsUp Gold user interface logic now resides on the client side. This greatly reduces the performance impact to you and the WhatsUp Gold Server. The end result is a much more responsive experience for you. Due to this WhatsUp now has recommended requirements for both server and any client connecting to the web interface.
Server For a full list of OS and hardware requirements please see the release notes available from our web site. https://www.ipswitch.com/support/documentation.
Requirements may vary depending on the configuration of WhatsUp Gold. Increasing the number of devices monitored, number of monitors, types of monitors, polling intervals or other configurations can result in additional load on the server and database. Adjustments to the hardware may be required to optimize performance for your network.
100 Devices / 500 Monitors
2,500 Devices / 12,500 Monitors
20,000 Devices / 100,000 Monitors
Processor Quad-core Quad-core Quad-core
Processor Speed 2.6 GHz 2.6 GHz 2.6 GHz
RAM 8 GB 16 GB WUG: 8 GB Dedicated SQL Server: 32 GB (64 GB recommended)
Database MS SQL 2014 Express
Dedicated Microsoft SQL Server 2008 R2 / Microsoft SQL Server 2012 / Microsoft SQL Server 2014
Dedicated Microsoft SQL Server 2008 R2 / Microsoft SQL Server 2012 / Microsoft SQL Server 2014
Hard Drive 25 GB of free space
OS/App: 15 GB or more free space in RAID 1 SQL: 4x100 GB
Raid 10
OS/App: 15 GB or more free space in RAID 1 Database files: 8 x 250 GB in RAID 10 Log files: 2 x 100 GB in RAID 0 Temp DB files: 2x250 GB
Raid 0
For more information about moving SQL server database and log files, see the WhatsUp Gold database migration and Management Guide
NIC 100 Mbps Preferred: 1 Gbps
100 Mbps Preferred: 1 Gbps
1 Gbps
Video 1280x1024 or higher
1280x1024 or higher 1280x1024 or higher
9
Client With the change in logic we recommend the following the guidelines below as a minimum suggestion.
100 Devices / 500 Monitors
2,500 Devices / 12,500 Monitors
20,000 Devices / 100,000 Monitors
Processor i5 Class i7 Class i7 Class
RAM 8 GB 8 GB 16 GB Video 1280x1024 or
higher 1280x1024 or higher
1280x1024 or higher
Sound Card
SAPI-capable sound card required for Text-to-Speech actions
SAPI-capable sound card required for Text-to-Speech actions
SAPI-capable sound card required for Text-to-Speech actions
Basic Navigation
Menu Bar WhatsUp Gold menu bar has a common look and feel across all the Ipswitch products. WhatsUp Gold currently had 3 different menus and one button on the main portion of the menu bar. Your menu options are Discover, Analyze, and Settings.
The Discover Menu allows you to view the map of discovered devices or perform a discovery from a new scan or a previously saved scan.
The My Network Button, which takes you to the interactive network map to monitor your device inventory, connectivity and status information. This is the default map view you see when logging into WhatsUp Gold.
The Analyze menu is where you would access any default or custom dashboards as well as generate reports. This is also where you would go to see the extensive library of logs
10
containing historical data to aid in troubleshooting potential network issues. The last menu is Settings, which allows you to configure everything from the WhatsUp Gold itself to individual customization of your deployment.
On the right hand side of the menu bar there are some additional items. First is the search box , where you can search for:
Application navigation and functionality
Monitored and discovered devices
Libraries
Flow Sources
Help and reference content available in the local and online help, Ipswitch community and the knowledgebase.
Items matching your search will appear under 4 different filter controls Filter now filters on ANY IP address on the device was just the default associated with the device but not any of the IP addresses associated with the device.
Next to the search box is a small bell that will take you to Web Alarms dialog page, showing you all the web Alarms that have been triggered but not dismissed.
After the Web Alarm, it will list the user that is currently logged in. By clicking on it you get a menu with the following options:
User Preferences
Legacy Dashboards
Logout
All the way on the right of the menu bar is the Help menu where you can:
Open the help files
11
View the Welcome tutorial
Assess the Ipswitch.com web site
Go to the Education and Training Home page
Get support from multiple locations o Website o Community o Knowledgebase o Access customer portal
View the About Dialog o Where you can see the current usage and License information.
12
Discovered Network In the Discovered Network map is where you will find all the devices WhatsUp Gold has discovered and is either being monitored or is ready to begin monitoring. It is as simple as selecting your devices and clicking the start monitoring button.
My Network My Network features all of the monitored devices in your network. You have the option to see these devices in a list view, map view or a hybrid view that features access to both in one interface.
Auto vs Custom
13
While you can see everything in a single map you have two different option in viewing the map. You have an Auto Layout or a Custom Layout.
The Auto Layout arranges your devices according to connectivity. It also gives you the option to show all the devices in sub-groups.
The Custom Layout allows you to organize your devices where you want them to be. In essence, it gives you finer tuning of your devices and device groups, including adding shapes, annotations and images to the map. Custom links can be added between groups or devise-groups. You can define active monitors for custom links; for groups it is for the "entire" groups.
Map Tree
To navigate the different device groups, you can click on the down arrow on the Group picker. It will expand the navigation tree. Clicking on the arrow shrinks it again.
14
When the tree is expanded you can see the 3 bar menu. This menu allows you to edit, copy, delete, or create device groups and much more.
Map
You can enhance the map with the use of overlays. Apply filters by clicking the Funnel Icon. As well as view your device in a Map view, Grid view or a hybrid of both.
15
User Administration
Users Everyone who is going to be using WhatsUp Gold should have their own login and password, using either internal, LDAP/AD, or Cisco ACS authentication. User accounts allow users to log in to the web interface of WhatsUp Gold and control access to data and functionality either through direct assignment of user rights or by membership in a user group. Also, WhatsUp Gold logs all web user activity making it easy to track down who did what if something strange starts going on.
User Groups Leveraging user groups allows for a single point of editing and configuration of user rights. If at any time you need to change the user rights assigned to a selection of users, doing so at the user group level requires only a single configuration change, versus changing all user accounts individually, if no user groups were present.
This also follows best security practice which states to limit user interaction. Therefore, instead of making changes to multiple users it allows for only making the change one time, while still giving the users the rights they need to perform their job/duties.
One method of user rights management for WhatsUp Gold involves creating user groups with specific permissions sets and adding users to the groups that control features to which they need access. Users can be a member of multiple groups. Their rights will be inherited from each group.
You will want to keep the number of Groups at a minimum, to make it easier to manage. Only create groups that are needed, while still letting them control the user rights.
Initial
Preparation
2
User rights are
cumulative when
users are assigned
to multiple groups.
16
WhatsUp Gold 2017+ comes with 5 default user groups which were found are the most common roles and user right configurations across our customer base.
1. WUG Administrators: Users should be assigned to this group if they are responsible for administering and/or configuring the WhatsUp Gold server. The user rights enabled for this group are equivalent to the default admin user
2. Super Users: Users should be assigned to this group if they are responsible for configuring the WhatsUp Gold server. The user rights enabled for this group are equivalent to the WUG Administrators groups except for the manage user right which is disabled.
3. Network Managers: Users assigned to this group manage larger,
segmented networks. They may access all reports, configure monitors, actions, manage alert center thresholds, and manage groups and individual devices, finally they can create and share dashboards with other users.
4. Network Admins: This group should consist of network engineers who
monitor outages and receive alerts. Users assigned to this group may access reports related to the devices and alerts, but do not have access to system logs or real time performance reports. They can manage devices assigned to device groups, but cannot manage those groups. Users in this group can also view and manage personal dashboard views, but cannot share them with other users
5. Report Viewers: This group is for users who only need to view device,
group, inventory, and alert center reports. Users in this group may also view and manage personal dashboard views.
You may also want to add any other groups you may need besides the default groups. You will also want to make sure you use correct naming conventions. This allows you to see what type of rights a group has by just looking at the name.
17
User Rights User Rights govern what actions and rights a user can perform in WhatsUp Gold. Users inherit rights from group memberships first then any additional rights given to them individually. Similar to Active Directory, a user can be a member of multiple groups.
User rights are cumulative in nature, meaning they will get all the rights from every group they are a member of. Plus any additional rights given to them.
User rights are cached and should refresh within 5 minutes, or when the user logs off and then back into WhatsUp gold.
The Table below lists and describes each user right:
Account Administration
Manage Users (Admin Rights) Enables users to create and edit users for the web interface. This option also allows users to specify Group Access Rights.
Enabling this right will enable all other rights.
Manage all Dashboards Enables users to add and publish all dashboard views as well as configure, move and delete dashboard reports within all dashboard views.
Manage Personal Dashboards Enables Users to add, delete, and copy dashboard views, as well as edit the properties of an owned dashboard view.
Change Your Password Enables users to change their password from the Preference dialog (Click [username] > User Preferences from the upper-right of the network Performance monitor interface.
Manage and Publish Dashboards Enables users to add and publish dashboard views as well as configure, move, and delete reports within owned dashboard views.
APM
Access Application Monitoring Enables user to view APM.
Configure Application Profiles Enables users to configure application profiles in APM.
Configure Application Instances Enables users to configure application instances in APM.
Devices
Access Discovery Enables users to discover network devices, define device roles that help identify specific device features, and add them to the WhatsUp Gold database.
Manage Devices Enables users to add new device and edit existing devices in the groups to which the user has access.
A users must have this right to view and hear Web Alarms.
Manage Device Groups Enables users to create, edit, or remove device groups on the network.
Monitoring
Administer Alert Center Thresholds
Enables users to resolve or acknowledge Alert Center threshold alerts
Configure Actions Enables users to create, edit and remove actions on device in the groups which the user has access.
Configure Passive Monitors Enables users to create, edit, and remove passive monitors on devices in the groups to which the user has access.
Manage Recurring Actions Enables users to create, edit and remove recurring actions on devices in the groups to which the user has access.
18
Configure Action Policies Enables users to create, edit and remove action policies on devices in the groups which the user has access.
Configure Active Monitors Enables users to create, edit, and remove active monitors on devices in the groups to which the user has access.
Configure Performance Monitors Enables users to create, edit, and remove performance monitors on devices in the groups to which the user has access.
Reports
Access Alert Center Reports Enables users to view Alert Center dashboards and reports
Access Inventory Reports Enables users to view Layer-2 data including reports and reporting tools.
Access Real Time Performance Reports
Enables users to view the Real Time Performance reports
Access Virtual Monitor Event Logs Enables users to view the event logs generated by the Virtual Monitors
Access Virtual Monitor Reports Enables uses to view virtual monitor reports
Export / Email Reports Enables users to export reports as a pdf file, export the data as an Excel (XML), csv, or txt files, or email an exported report to a specified email address.
Manage Scheduled Reports Enables users to manage and view scheduled reports of other Network Performance users (Settings > Scheduling Activities > Scheduled Reports).
Access Group and Device reports Enables users to view group and device reports for the groups to which the user has access.
Access Network Traffic Analysis Reports
Enables users to view the Network Traffic Analysis (NTA) reports
Access System Reports Enables users to view WhatsUp Gold component logs: Activity Log, Actions Applied Log, Actions Activity Log, Discovery Scan Log, General Error Log, Logger Health Messages, Poller Health, Web User Activity Log
Access Virtual Monitor Map Enables users to view the virtual machines on the Virtual Overlay
Access Wireless Enables users to view wireless reports an overlays
Manage Business Hours Enables users to view and configure the business hours
System Administration
Access Tools Menu Enables users to access the tools menu for networking utilities.
Configure Credentials Enables users to configure SNMP and Windows credentials
Configure Network Traffic Analysis
Enables users to create and delete WhatsUp Gold Network Traffic Analyzer sources, collection intervals and data intervals for reports.
Email Settings Enables users to configure Network Performance Monitor email settings from (Settings > System Settings > Default Email Settings).
Manage SNMP MIBs Enables users to download and delete SNMP MIBs through the SNMP MIB Manager.
Configure Alert Center Enables user to create, edit and delete WhatsUp Gold alert Center thresholds and notification policies
Configure External Authentication Enables user to configure external authentication (LDAP / MSAD / Cisco ACS) for user authentication in the web interface.
Configure Wireless Enables users to configure wireless settings.
Manage Configuration Management Tasks
Enables users to configure Network Configuration Manager tasks and task scripts on devices in the groups which the user has access.
System Administration Enables users to edit system configuration items, including the maximum number of passive monitor records, maximum dimensions of map, and enabling or disabling mobile access.
19
Password Policy When you sync users with external authentication systems it will let you control the password policy in a central location. These creates a one place for users to comply with your security policies across a variety of applications.
Password Policy allows you to configure different aspects of the password, for WhatsUp Gold User accounts, that are authenticating internally. The table below shows the different aspects you can configure:
Password Policy
Account Lockout Duration (minutes)
Enter the time in minutes that the system should delay before allowing a locked out user from performing a log on attempt.
Maximum number of days between password changes
Enter the minimum number of days required between password changes.
Password expires after (days)
Enter the number of days before a password expires.
Retain Passwords for at least (days)
Enter the number of days to retain previously used passwords.
Ensure password not reused against previous
Enter the number of passwords that are not to be reused against previous passwords.
Warn when (days) left before password expiration
Enter the number of days to warn user before password expiration.
Minimum complex password length
Enter the minimum number of characters required for the password policy. The default minimum complex password requirement is one special character, one capital (upper case) letter, one lower case letter, and one number.
20
External Authentication WhatsUp Gold allows you to synch authentication with two different types of authentication systems:
LDAP o Lightweight Directory Access Protocol (LDAP) Server o Microsoft Active Directory
Cisco ACS
While there are advantages with synching with any external authentication system, your biggest advantage is when you synch with Active Directory. When synching with AD you can synch your WhatsUp Gold user groups with your Active Directory groups; allowing AD group membership supply access and rights into WhatsUp Gold.
The biggest advantage is you will no longer have to create user accounts. When a user logs into WhatsUp Gold for the first time, the user account will automatically get created with the correct rights according to group membership.
You will need to do clean up, for we do not automatically delete accounts.
Integration To integrate with an external authentication system you need to launch the External
Authorization Settings interface. You can do so by going to Settings > System Settings > External Authorization. On the first tab is where you can configure your LDAP or Active directory settings. If you prefer to synch with Cisco ACS you will need to click that tab and enter the IP address of your Cisco ACS server.
On the Active Directory/LDAP tab, you will want to enter your domain controller or LDAP server. Under Server Type be sure to enter your Domain name or for LDAP your Authorized DN.
21
If are using LDAP and not Active Directory be sure to use the fully qualified name LDAP server might be CN=%s, OU=Users, o=yourdomain.net where
%s is replaced by the username and password of the user.
If you are going to synch your Active Directory groups with your WhatsUp Gold groups you will need to click Browse and enter a username and password so you can browse your Active Directory Groups.
Once you have gotten your groups, select each group in the list, or by using the search box. Once your groups are selected Click OK to return and choose from the drop down what WhatsUp gold group will be associated with each Active Directory Group.
Device Group Access Device group access rights enable the system administrator of WhatsUp Gold to allow or deny read and write access to specific physical groups and devices. These rights can be enabled or disabled by the administrator and are disabled by default (except for the user’s Home device group, to which each user has Group Read access). Device group access rights are useful when users need to view and edit only those groups that matter to them, as would be the case with a large network with multiple network administrators. Device group access rights allow an administrator to grant each user rights to only the devices on the network for which that user is responsible.
There are four types of device group access rights:
Group Read: This right allows users to view groups and devices in the selected group. This right allows users to see the group’s map and device
WhatsUp Gold
does not support
nested groups
within Active
Directory
22
list. Group-level reports are not affected by group access rights but are affected by user rights.
Group Write: This right allows users to edit group properties and add, edit, and delete devices and subgroups within the selected group.
Device Read: This right allows users to view the device properties of all devices within the selected group. Device-level reports are not affected by group access rights but are affected by user rights.
Device Write: This right allows users to edit the device properties of any device within the selected group and to delete the device from the group.
23
Supported Protocols Protocols are the rules or standards that define the syntax, semantics, and synchronization of communication and possible error recovery methods.
Credentials are used to control access to information or other resources.
In essence credentials are the passwords and other authentication methods used to access the different protocols used for network management.
ICMP The most basic protocol that we probably all use for network troubleshooting is – ping – it is also a very valuable tool for network discovery. The only configuration information that is needed to run a ping is the IP address of a target device.
A host device sends out a specific Internet Control Message Protocol (ICMP) packet called “echo” to the target IP address, which contains both the sender’s (host) and the intended receiver’s (target) IP addresses. If the intended device is running and is allowed to respond to this message, it does
so with a response packet called “echo reply” which also contains the two IP addresses, but with the sender and recipient addresses flipped. To ensure more confidence in the results of this one exchange, ping can be configured to send out a few packets, or to continuously transmit packets until stopped. However, since it is possible to disable the intended device from responding to “echo” packets, the lack of an “echo reply” response does not necessarily mean a device does not exist at that IP address, is not operating, or that the path to that target is unavailable.
Therefore, the most information the host device could learn through ping is that there is a device at a given IP address, because it receives a response. If you intend to use ping for discovery or monitoring in WhatsUp Gold, make sure every device on your network is allowed to respond to “echo” packets, which is the default setting unless otherwise restricted.
To help reduce security risk, allow ICMP traffic only to and from the WhatsUp gold server and any additional pollers through any firewalls
24
SNMP SNMP, Simple Network Management Protocol, is one of many protocols that have been introduced as part of the Internet, and more specifically, from the Internet Architecture Board. It is a defined collection of tools to exchange information between devices for the purposes of managing and monitoring networked devices, and is part of the overall TCP/IP protocol suite. The first official publication of the protocol was released in 1988, which is now referred to as SNMP Version 1 or SNMPv1. Since then, SNMP has been revised twice, so in addition to SNMPv1, there is SNMPv2 and SNMPv3. The details of all versions of SNMP are very interesting, and the most pertinent features will be discussed throughout this class at the point where and when they relate to the next Lab exercise. Although “simple” is part of the name, SNMP is by no means trivial, and there are many books and websites that go into the myriad details of dozens of official Request for Comments (RFC) documents.
At this point, we will view SNMP at a very high level and only insofar as to compare and contrast it against ping as a scanning technique.
SNMP can poll networked devices and monitor data such as utilization and errors for various systems on a host device. SNMP can also be used for changing the configuration of the host, which enables remote network management. SNMP is based on the concept of network management and monitoring as a system of logical elements including a Network Management System, Managed Devices and SNMP Agents, which are software modules, on those devices.
In our case, WhatsUp Gold is the Network Management System, and the fundamental SNMP architecture is depicted here:
25
Like ping, SNMP can send out a specific message from one device to request information from another device, which responds back with the requested information, and there are specific formats described in the RFCs for the arrangement of the information within these messages.
To be more specific, it is the Network Management System (WhatsUp Gold) that initiates the request/response exchange, not just any host device, and it’s the SNMP Agent on the Managed Device that would respond to the Management System queries. The message sent from the Management System is simply called a “Get” message and a “Response” is returned from the device.
More information relating to hardware and software is exchanged with SNMP, such as make, model, serial number, and performance as well as OS version, state, and status.
SNMPv1 Introduced the term “community” to refer to all the devices in a particular SNMP network, and this concept continues to be used. A unique name or collection of alphanumeric characters is used to identify a particular community and serves as a case-sensitive password, called a “Community String.” Community strings are used to authenticate the exchange of SNMP messages, providing a basic level of security. WhatsUp Gold and each of the SNMP Agents use this string to indicate that they belong to the same community. Every message exchanged between them also must contain this string (passed in clear text), because any mismatch between the string in the message and
26
the string assigned to the device receiving this message would result in the message being ignored by that device. A device can belong to several communities, and its SNMP agent can differentiate requests from any management system, as long as that management system string is listed on the device.
There are two cases of community strings used: Read, and Read/Write. In many cases, vendors of SNMP managed devices will enter “public” by default for the Read community string on their products, and possibly “private” by default for the Read/Write community string. Each of these community strings allow connections exactly as their name would imply, so exercise caution in selecting appropriate community strings for each purpose.
Best security practice is to no longer use the Public and Private Community strings but ones that are unique for your environment.
SNMPv2 Although security was addressed in SNMPv2 and resulted in many alternatives, ultimately the use of clear text community strings was carried over into SNMPv2c in addition to an expanded set of commands and it became the new SNMP standard. Today the terms SNMPv2 and SNMPv2c are used interchangeably.
SNMPv3 Adds many additional benefits to earlier versions, but notably increased security through encryption of packets, integrity against packet tampering, and authentication between manager and agents. This latest version of SNMP was recognized by the IETF in 2004 and continues to gain popularity in network management largely due to these security enhancements, but SNMPv2 is still widely used as well.
There are many more parameters and settings used by all three versions of the SNMP protocol operations, but the fundamental operation is similar among them. We will be describing SNMP often, to address some of these configuration elements.
We strongly recommend that you enable SNMP on all of your devices before discovery to take advantage of the capabilities that SNMP offers. We will discuss how to do this later from an overview perspective, but each vendor will have its own way of doing so.
27
WMI Windows Management Instrumentation (WMI) is Microsoft’s implementation of the Web-based Enterprise Model technology for unified monitoring of distributed environments. It is a set of extensions that provide an operating system interface to collect management data on Windows-based systems. WMI performance monitors can
supervise Windows servers, desktops, and applications performance and health. The monitors can proactively identify failures and bottlenecks by tracking component processes and workloads, and thereby aid in faster troubleshooting. Administrators can also create custom monitors for any web-based or virtual domain applications. Additionally, WMI also trends historical data to chart out application performance over time.
WhatsUp Gold can gather information about Windows computers using WMI. To monitor Windows servers via WMI you must have windows credentials, whether with local administrative rights or at least WMI and DCOM query permissions.
In many cases, the information available via WMI is also available via SNMP. However, Microsoft has deprecated SNMP starting with Windows Server 2012 and it may be altered or unavailable in subsequent versions. So it is recommended to use WMI with your Windows devices.
Telnet/SSH Telnet is an application layer protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet control information in an 8-bit byte oriented data connection over the Transmission Control Protocol (TCP).
Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized as Internet Engineering Task Force (IETF) Internet Standard STD 8, one of the first Internet standards.
Historically, Telnet provided access to a command-line interface (usually, of an operating system) on a remote host, including most network equipment and operating systems with a configuration utility (including systems based on Windows NT). However, because of serious security concerns when using Telnet over an open network such as the Internet, its use for this purpose has waned significantly in favor of SSH.
28
The term telnet is also used to refer to the software that implements the client part of the protocol. Telnet client applications are available for virtually all computer platforms. Telnet is also used as a verb. To telnet means to establish a connection with the Telnet protocol, either with command line client or with a programmatic interface. For example, a common directive might be: “To change your password, telnet to the server, log in and run the password command.” Most often, a user will be telneting to a Unix-like server system or a network device (such as a router) and obtaining a login prompt to a command line text interface or a character-based full-screen manager.
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users.
SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
The most visible application of the protocol is for access to shell accounts on Unix-like operating systems, but it sees some limited use on Windows as well. In 2015, Microsoft announced that they would include native support for SSH in a future release.
SSH was designed as a replacement for Telnet and for unsecured remote shell protocols such as the Berkeley rlogin, rsh, and rexec protocols. Those protocols send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH, allowing them to read the content of SSH sessions.
JMX JMX (Java Management Extensions) is a set of specifications for application and network management in the J2EE development and application environment. JMX defines a method for Java developers to integrate their applications with existing network management software by dynamically assigning Java objects with management attributes and operations. By encouraging developers to integrate independent Java management modules into existing management systems, the Java Community Process (JCP) and industry leaders hope that developers will consider non-proprietary management as a fundamental issue rather than as an afterthought.
29
JMX facilitates the centralized management of managed objects (called Mbeans) which acts as Java wrappers for applications, services, components, or devices in a distributed network. The actual management is provided by an MBean server, which acts as a registry for all manageable resources. The MBean server is the spine of the JMX architectural frame, allowing server components to plug in and discover all manageable objects.
Java Management Extensions for management and monitoring are an optional extension to the standard Java Developer Kit (JDK) and can be used in place of Simple Network Management Protocol (SNMP).
Credentials The Credentials system stores the applicable login, community string, or connection string information for network devices such as routers, switches, servers, virtual hosts, and other devices. Credentials can be divided up into 7 categories:
Network Management o SNMPv1 o SNMPv2 o SNMPv3
System Attributes and Instrumentation o Windows (WMI) o VMWare o SSH (Typically used for Linux and UNIX systems)
Remote Execution o SSH (Secure Shell Client) o Telnet
Storage Device Management o SMIS [SMI-S] (Storage Management Initiative Specification)
Cloud o AWS (Amazon Web Services) o Azure
Application o ADO (Active Data Objects) o JMX
Hyper-V uses windows credentials, therefore if you are licensed for Virtual Monitor then you will just need to enter your Windows Credentials
30
Adding You need to follow your manufacturer’s or operating system’s instructions on adding and enabling protocols on each of your devices. Inside of WhatsUp Gold you can add the credentials in the credential library which can be accessed in 2 different way.
From the menu
Click Settings > Libraries > Credentials
From List View / Map View
Click on the credential Icon in the upper right hand corner
Click the Library Icon
Or add credentials directly by clicking the plus sign Icon
Creating AWS Read Only Credentials 1. Login to the AWS Portal and Navigate to IAM
31
2. Select Users and click Add user
3. Specify the user name and enable Programmatic access
4. Select Attach existing policies
a. Select AmazonEC2REadOnlyAccess from the list
32
5. Make sure everything is correct
6. Copy the Access key and Secret and use them to create a new AWS
Credential in WhatsUp Gold
Azure Access Follow Microsoft’s instructions for setting up the keys for your Azure account here: https://docs.microsoft.com/en-us/azure/billing/billing-enterprise-api under the Enabling data access to the API section.
33
Monitors
While the discovery process learns what devices are on your network, and you can always add monitors after you are already monitoring your device. It is best to create all your monitors first so you can automatically deploy monitors based on the role of the device. So what do monitors do they monitor the condition, state and/or performance of devices that make up your network.
Monitoring the status of the devices on your network requires making or accepting connection to and from each network location, gathering data about the device, and determining if the data is acceptable in terms of what you would expect to see in a healthy environment. In some cases it is useful to compare the data against a range of acceptable responses to see if the device is operating as it should. In other cases, you may want to rely on the device to monitor itself and send data to the WhatsUp Gold server passively, or to simply collect and store data for long-term analysis.
Each of these scenarios may require a different connection method and monitoring solution, and the Monitor Library in WhatsUp Gold allows you to configure a set of monitors to accomplish each task. Link to test the monitors on the device before applying. Test function for Active Monitors: Runs under whatever context the Poller engaging is running under. An example, does the user applying monitor have the permissions to access. Additionally, it will run under whatever poller is being used for that device. Select the monitor and click test.
Monitors
3
34
Dialog box will fill in the device for test and let you select Network Interface to be used during the test. In the Credentials dropdown pick the credentials to be used in the test. If the credential you want is not listed, click the library button to access additional options to use in test. Once all of the fields are filled in, click the test button.
It will provide results of the test so you can adjust if needed.
35
Monitor Types There at four types of monitors in WhatsUp Gold:
Active Monitors – Actively monitor your device. They determine if your device are Up or down
Passive Monitors – sit back and wait for your devices to report to them
Performance Monitors – check how your devices are performing (CPU, drive space, memory, etc…)
Application – monitors your applications health and status. Each monitor type offers unique functionality, with different options and configuration needs, and the data you collect with each monitor type can be used in a distinctly different way.
Active Monitors As its name implies, an Active Monitor actively polls your devices. It will interact with a target device for specific information, such as a ping reply, SNMP response or service status request. After a device is added to the database, WhatsUp Gold begins monitoring that device using ICMP (Internet Control Message Protocol) and any other active monitors established for that specific device role, such as Interface SNMP active monitors on a Router or Switch.
There are approximately 20 default active monitors. There are actually 35 different monitors to create available in the default instance of WhatsUp Gold, ranging from fan, temperature and power supply monitoring to basic TCP-based service monitors such as HTTP, SMTP, DNS and Radius. You can create your own custom Active Monitors as well, ranging from very basic port monitors to advanced synthetic transaction monitors.
Active Monitors simulate user events and actively poll for specific metrics such as MIB values or other sorts of instrumentation, service and application availability and latency, apply queries and exercise APIs. To accomplish this WhatsUp Gold has 6 types or areas of monitors:
36
Hardware, Chassis and Wireless
Network Management and Instrumentation
Application
File system and Storage
Critical Service
Cloud-Based Resources
Many of the monitors in the Critical Service area are better suited to monitor as an application, instead of on individual devices.
Polling Characteristics For Active monitors to determine the state of the target device it must first poll that device. Polling is the active watching, or monitoring, of your network by WhatsUp Gold. In the polling process, WhatsUp Gold sends a message to the device, and expects an appropriate response. If a response is either not received or is not the expected response, the monitor is considered down. When an Active monitor reports down it will initiate a state change. No other type of monitor can initiate a state change. Meaning only active monitors determine if a monitor or device is up or down.
The default polling interval is once every 60 seconds which is configurable per device or per monitor.
Are you sure your device or monitor is
responding correctly? You are able to determine the state of your device with Device States; these State Changes are dependent on a time period.
Down state (not responding - 0): Means it just reported down and WhatsUp continues to poll the device. If, after 2 minutes, two complete polling periods, the monitor is still reporting down, another state change, Down 2 min (not responding – 2), will occur.
Maintenance Mode, which will be covered later along with actions, is a way to show the device is in a planned maintenance window. WhatsUp Gold will not Poll the device and therefore will not initiate any other state changes, fire any actions, or log any activity.
Besides the default State Changes, you may create your own custom state changes. For example, you need a down for at least 30 minutes or down for 15 besides the default
37
down 5 or down 20. Custom state changes are currently only available to through the Admin console; Under Configure > Program Options > Device States. Because the WhatsUp Gold Admin Console is being phased out, the shapes and colors for custom state changes are left from previous versions and will not display or affect the Web Interface in V17.
Monitor Options When adding/editing a monitor to/on your device, you have multiple options in which to configure each monitor to fit the environment. The first option is which interface the monitor should be applied to. By default this is the primary or default interface. If a device has multiple IPs make sure it is assigned to monitor on the correct one. There are multiple options available Under the Advanced section of the Active Monitors Properties Page.
Argument: Enter text to append to the OID for the interface on the selected device. By default, it identifies the number used by the SNMP interface.
Comment: Enter user defined text to appear in the Active Monitors list.
Use independent poll frequency for this monitor: Select this option to have the selected monitor polled based on the Poll frequency.
Poll frequency: Enter the amount of time (in seconds) between polls for the selected monitor. This setting is not displayed unless you select the Use independent poll frequency for this monitor option.
Independent poll frequency for all monitors is ignored when an active monitor is specified as critical.
38
Hardware, Chassis and Wireless
APC UPS The APC UPS monitor watches your American Power Conversion Uninterruptible Power Supply (APC UPS) device and alerts you when selected thresholds are met or exceeded, output states are reached, and/or abnormal conditions are met.
Thresholds: Select which thresholds to monitor. Click Configure to set individual threshold settings if desired.
Monitor the following output states: Select the output state(s) on which you want to be alerted.
Monitor the following abnormal conditions: Select the abnormal condition(s) on which you want to be alerted.
An alert can be sent when the UPS battery capacity is below 20%, when the battery temperature is high, when the battery is in bypass mode due to a battery overload state, and many other UPS alert conditions.
This monitor uses SNMP to pull the information
39
Fan The Fan Monitor checks manufacturer-specific device fans and cooling devices, such as active and passive cooling components, to see if they are enabled and returning values signaling they are working properly. The monitor first checks if the monitored device is manufactured by Dell, Cisco, or HP. Then, it checks for any enabled fans and other cooling devices. If a fan is disabled, the monitor ignores it.
The monitor is considered down when it does not return one of the following values:
1 - Normal (for Cisco devices or Dell PowerConnect switches and routers)
2 - OK (for ProLiant switches and routers)
3 - OK (for Dell Servers)
4 - OK (for HP ProCurve Servers)
Not all types of device fans and cooling components can be monitored
Power Supply The Power Supply monitor checks manufacturer-specific power supplies devices to see if they are enabled and returning values signaling they are in an Up state. The monitor first checks if the monitored device is manufactured by Dell, Cisco, or HP. Then, it checks for any enabled power supply devices. If a power supply is disabled, the monitor ignores it.
The monitor is considered down when it does not return one of the following values:
1 - Normal (for Cisco switches/routers)
1 - OK (for Dell switches/routers)
2 - OK (for HP ProLiant servers)
This monitor uses SNMP to pull the information
40
3 - OK (for Dell server devices)
4 - Good (for HP ProCurve switches/routers)
Not all types of power supplies can be monitored
Printer The Printer monitor uses SNMP to collect data on SNMP-enabled network printers. If a failure criteria is met, any associated actions fire.
Warning in order for the Printer active monitor to work, in addition to being SNMP-enabled, the printer you are attempting to monitor must also support the Standard Printer MIB.
Enter or select the appropriate information in the Failure Criteria section:
If the ink level in any of the cartridges falls below___%. Enter a numerical value for the threshold. If the ink level of any printer ink cartridge falls below this percentage, the monitor is considered down. By default, this option is not selected.
If the printer registers any of the following alerts. By default, the monitor watches for all of the listed printer alerts. If you do not want to monitor a particular alert, clear its selection in the list. If the printer registers one of the selected alerts, the monitor is considered down.
Example, you can monitor for printer ink levels, for a paper jam, for low input media (paper), for a fuse that is over temperature, and more.
Some printers may not support all of the SNMP objects associated with the available monitor alert checks.
41
Temperature The Temperature monitor checks manufacturer-specific temperature probes to see if they return a value signaling they are in an Up state. First, the monitor first checks if the monitored device is manufactured by Cisco, Dell, HP, or Ravica. Then, it checks for any enabled temperature probes.
The monitor is considered down when it does not return one of the following values:
1 - Normal (for Cisco switches and routers)
2 - OK (for HP ProLiant servers)
2 - Normal (for Ravica temperature probes)
3 - OK (for Dell Servers)
4 - Good (for HP ProCurve switches and routers)
If a temperature probe is disabled, the monitor ignores it.
42
WAP Radio The WAP Radio monitor uses SNMP authentication to determine the status of a Cisco Aironet wireless access point. The monitor first checks the ifType (OID 1.3.6.1.2.1.2.2.1.3) value. The ifType value of 71 - IEEE 80211 must be present for the monitor to continue checking the WAP radio device status.
Then, if the ifType value is true, the ifAdminStatus (OID: 1.3.6.1.2.1.2.2.1.7) value is checked. If the ifAdminStatus value for the interface is in the Down or Testing state, the active monitor is considered Down and the ifOperStatus (OID: 1.3.6.1.2.1.2.2.1.8) value is checked. If the ifOperStatus value is 1 - Up or 5 - Dormant, the WAP radio is determined to be in the Up state. Otherwise, the device is considered to be in the Down state.
43
Network Management
Ping Ping monitor sends an ICMP (ping) command to a device. This is the default monitor added to all devices during discovery. If the device does not respond, the monitor is considered Down.
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the specified time is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the server. This is considered a failed connection.
Retries. Enter the number of times WhatsUp Gold attempts to send the command before the device is considered Down.
Payload size. Enter the length in bytes of each packet sent by the ping command.
Use in rescan. Enable this option to have the monitor appear in Device Properties. If enabled, clicking Refresh Connectivity within the Device Properties interface adds the monitor to the selected device if the applicable protocol or service is active on that device.
If getting multiple false negatives create a second ping with:
Timeout = 1 Retries=3-5 Use in rescan=unchecked
44
SNMP The Simple Network Management Protocol (SNMP) monitor gathers information about the functions of an SNMP-enabled network devices by querying it to verify it returns an expected value. Depending on the specific configuration, the monitor can be considered either Up or Down depending upon the returned value.
ObjectID/Instance. Select the target device and required credentials, then select the specific SNMP object to monitor in the SNMP MIB Browser.
Check Type. Select one of the following check types:
When Constant Value is selected:
Value. Depending on the Object ID you selected, enter the appropriate value. If the value matches, then the monitor is: select Up or Down.
When Range of Values is selected:
Low Value. Depending on the Object ID you selected, enter the appropriate value. High Value. Depending on the Object ID you selected, enter the appropriate value.
When Rate of Change in Value is selected:
Rate of Change (in variable units per second). Enter the desired value. If the value is above the rate, then the monitor is: select Up or Down.
45
SNMP Extended SNMP Extended monitor utilizes SNMP to gather specific information about the functions of multiple OIDs by querying the group to verify they return an expected value and allows you to monitor all devices using SNMP. While the standard SNMP monitor checks a single OID against a single threshold, the SNMP Extended monitor checks multiple OIDs against multiple thresholds using an .xml file and predefined values for each supported device type to determine if the monitor is considered either up or down according to the returned value.
Import. Click to select the desired .xml file from the list containing applicable OIDs to monitor, then click OK to return to the monitor configuration dialog. The Thresholds to monitor section of the dialog displays the OIDs from the imported .xml file as parameters.
Configure. Click to specify the request type for the selected parameter.
Value is. When monitoring for a specific value, determine when the monitor should report the device as Down by specifying if the response is greater than, less than, equal to, or contains the entered numeric or string value.
Value is outside the range of. When monitoring a range, enter the minimum and maximum values the response must fall within for the monitor to report the device as Down.
Rate of change between two polls is. When monitoring for a range of change, determine when the monitor should report the device as down by specifying if the response is greater than, less than, or equal to the entered value in seconds.
You can create your own xml files to import. Place the file in the <install directory>\data\SNMPExtended
46
WMI The WMI monitor checks for specific values on WMI-enabled devices. Monitored metrics include systems resources like CPU, disk, and memory utilization, as well as specific process performance counters.
Performance Counter/Instance. Select the target device, performance object, counter, and instance to monitor.
Check Type. Select one of the following check types:
o When Constant Value is selected:
Value. Depending on the performance counter selected, enter the appropriate value.
If the value matches, then the monitor is: select Up or Down.
o When Range of Values is selected:
Low Value. Depending on the performance counter selected, enter the appropriate value.
High Value. Depending on the performance counter selected, enter the appropriate value.
o When Rate of Change in Value is selected:
Rate of Change (in variable units per second). Enter the desired value.
If the value is above the rate, then the monitor is: select Up or Down.
47
WMI Formatted The WMI Formatted monitor checks for specific values on WMI-enabled devices. Monitored metrics include systems resources like CPU, disk, and memory utilization, as well as specific process performance counters. While similar to the WMI monitor that uses raw data, the WMI Formatted active monitor uses calculated counter data. The difference between the WMI and WMI formatted monitor is the formatted monitor will be rounded, instead of using a floating point decimal. It may also be in Gigabyte or Megabyte instead of byte
Performance Counter/Instance. Select the target device, performance object, counter, and instance to monitor.
Check Type. Select one of the following check types: o When Constant Value is selected:
Value. Depending on the performance counter selected, enter the appropriate value.
If the value matches, then the monitor is: select Up or Down.
o When Range of Values is selected:
Low Value. Depending on the performance counter selected, enter the appropriate value.
High Value. Depending on the performance counter selected, enter the appropriate value.
o When Rate of Change in Value is selected:
Rate of Change (in variable units per second). Enter the desired value.
If the value is above the rate, then the monitor is: select Up or Down.
48
Application
JMX The JMX Active Monitor allows you to monitor any server that supports JMX by requesting one or more JMX attributes the server supports and allows you to easily browse and add available attributes to the monitoring list.
Port. Enter the port number on the server that WhatsUp Gold should use to communicate with the JMX service.
Use SSL with RMI Registry. Enable this option to use the JMX active monitor secured by SSL.
Click Add to launch the JMX Credentials dialog.
Enter the IP address or host name of the target device to browse.
You can also click the Browse button (...) to select a device from the device list.
Ensure the Port and Use SSL with RMI Registry settings reflect your selections made in the previous dialog.
If needed, select an existing JMX credential from the list or click the Browse button (...) to access the Credentials Library, then create a new one.
Click OK to proceed to the JMX Browser which you can use to select the target device, domain/path, and attribute(s) to monitor. The monitor configuration dialog should now display the attributes you selected in the JMX Browser.
Select one or more attributes, then click Configure to launch the Comparison Definition dialog.
Specify the Comparison Type and Comparison Value for the selected attribute(s).
Click OK to return to the monitor configuration dialog.
Repeat procedure steps as needed to configure comparison settings for other attributes to be monitored.
49
Multiple attributes can be selected and configured at once as long as they are of the same type. You can also select multiple attributes, then click Copy to configure multiple comparison types and values for those attributes
simultaneously using the same monitor.
Process Process monitor determines if a process is running and issues state changes for the device as needed.
Protocol to use. Select either SNMP or WMI as the protocol for the monitor to use to connect to the selected device. If using SNMP, click Advanced to set the SNMP timeout and number of retries if desired.
Process Name. Enter name of a process or click Browse (...) to navigate and connect to a device from which to select a process to monitor.
Down if the process is. Specify if the selected process is either not loaded or is running for the monitor to report a Down status.
NT Service The NT Service monitor checks the status of a service on a Windows machine and has the option of restarting the service. Service restart can only occur if the appropriate administrator permissions exist.
Protocol. Select either SNMP or WMI as the protocol for the monitor to use to connect to the selected device. If using SNMP, click Advanced to set the SNMP timeout and number of retries if desired.
Service Name. Click browse (...) to specify a server or workstation running the service by entering an IP address or hostname and selecting applicable SNMP credentials.
Restart on failure. Enable this option to attempt to restart the service when it enters a Down state.
50
Use an Action to restart the service instead of the Restart on Failure option. Also using SNMP, if or when possible, will preserve system resources. If you are going to use the NT Service monitor as a critical monitor then you must use WMI.
If you change protocols the service must be selected in the Service Name field for the monitor to work.
PowerShell PowerShell provides a platform for performing a wide variety of monitoring tasks through direct access to script component libraries, including the .NET Framework.
Prerequisites:
WhatsUp Gold uses the 32-bit (i.e. x86) PowerShell engine. Therefore, only 32-bit PowerShell snap-ins are supported and 64-bit only snap-ins will not function properly. Snap-ins that work on both 32-bit and 64-bit operating systems are configured for 64-bit systems by default and must be manually con-figured for 32-bit PowerShell engine to function properly with WhatsUp Gold.
The PowerShell Scripting active monitor requires the use of windows credential.
Configure:
Timeout (Seconds). Enter the length of time WhatsUp Gold attempts to connect to the selected de-vice. When the time you enter is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the SMTP server. This is considered a failed connection. Although the de-fault timeout is 60 seconds, you are discouraged from using a timeout longer than 10 seconds. Use the shortest timeout possible.
Run under device credentials. Enable this check box to execute the script using the Windows credentials for the affected device.
Script text. Enter your monitor code.
51
Telnet The Telnet monitor checks for a Telnet server on port 23. If no telnet service responds on this port, then the service is considered Down.
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the specified time is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the server. This is considered a failed connection.
Use in rescan. Enable this option to have the monitor appear in Device Properties. If enabled, clicking Refresh Connectivity within the Device Properties interface adds the monitor to the selected de-vice if the applicable protocol or service is active on that device.
SSH The SSH monitor uses SSH authentication to connect to a remote device to execute commands or scripts which can be either embedded in the monitor or placed as an executable script file on the remote machine with a command embedded in the monitor to run the script. The success or failure of the monitor is dependent upon values returned by the commands or scripts that can be interpreted by WhatsUp Gold as Up or Down.
Command to run. Enter the command to run and execute on the remote device. The command can be anything the device can interpret and run; for example, a Unix shell command or a perl script. The command or script must return a string value. Please note, if you create a script to run on the remote device, it must be developed, tested, and/or debugged on the remote machine.
Line end character. Select the appropriate line end type: None, Linefeed, Carriage return, or Carriage return linefeed. Multiline scripts are entered and persisted on a Windows operating system and include line-ending characters that may not be recognized on the target device. This configuration feature instructs WhatsUp Gold to replace the line-ending characters with the selected characters prior to connection and command execution.
52
The monitor is considered Up if the following output. Select the appropriate output criteria. For example, if you are checking to see that a specific network connection is present on the remote device, ensure the output contains the specific connection. If the network connection you specify is not present when the monitor checks, the monitor is considered Down.
Use regular expression. Enable this option to apply the target string as a regular expression as it searches the output from the command and considers the selected output criteria. The target string is evaluated as simple text if this option is disabled.
SSH credential. Select the appropriate SSH credential WhatsUp Gold uses to connect to the remote device. WhatsUp Gold uses the SSH credential assigned to the monitored device if Use the device SSH credential is selected.
SQL Query The SQL Query monitor uses WMI or ADO authentication to determine if specific conditions exist in a Microsoft SQL, MySQL, or ORACLE database by querying the database. If the configured conditions are present, the monitor is Up. If changes made to the database since the last query cause data to no longer fall within the defined criteria, the monitor is Down.
Server Type. Select Microsoft SQL Server, MySQL, or ORACLE as the database server type. Please note, MySQL database is supported and listed as a server type option only if the MySQL 5.2.5 Connector is installed.
Connection Timeout. Enter the amount of time WhatsUp Gold waits for the server to respond before terminating the connection and returning the timeout error. The minimum allowed value is 1 second whereas maximum allowed value is 120. Please note, this setting only applies to polling whereas the query builder assumes a default of 15 seconds for the connection timeout.
Server Address. Enter the server address in the applicable format: ServerName\Instance format for Microsoft SQL Server. Example: WUGServer\SQLEXPRESS ServerName for MySQL. Example: WUGServer ServerName/ServiceName for Oracle. Example: WUGServer/Oracle.
53
Port. Enter the database server port number.
SQL Query to Run. Enter the query to run against the specified database to check for certain database conditions.
Click Build to launch the SQL Query Builder for assistance with developing proper query syntax. Only SELECT queries are allowed. Click Verify to test if the entered database query is valid. Number of rows returned is. Select this option to determine the success or failure of the monitor scan based on rows returned by the SQL query. All database rows must match the criteria settings for the monitor to be considered Up. Content of each retrieved row matches the following criteria. Select this option to determine the success or failure of the monitor scan based on criteria which each database row must match. If multiple threshold criteria are used, all thresholds must match the criteria in each row for the monitor to be considered Up. Click Add, Edit, and Delete as needed to create, modify, and remove database column values and conditions, respectively.
To monitor a MySQL database, download and install the MySQL .NET Connector on the WhatsUp Gold machine. Please note, only MySQL version 5.2.5 is supported due to potential compatibility issues. MySQL .NET Connector
version 5.2.5 can be downloaded directly from the WhatsUp Gold website (http://www.whatsupgold.com/MySQL525Connector).
When connecting to a remote SQL instance, WhatsUp Gold only supports the TCP/IP network library.
The SQL query you
enter must return
a single numeric
value. Specifically,
a single record
that has just one
column. If the
query returns more
than one record,
the monitor fails to
store the data. If
the query returns a
single record but
there are multiple
columns in the
record returned,
then the monitor
will pick the first
column as the
value to store and
this first column
has to be numeric,
otherwise the
monitor will fail to
store the data.
54
HTTP Content The HTTP Content monitor requests a URL and checks the HTTP response against the expected content. If the response does not return the expected content, the monitor fails. Use this monitor to ensure web page/web server availability, to check if a page renders properly on specific browsers, or even to check for the presence/absence of specific content. If the monitor does not find the specified content, the monitor is considered Down.
URL. Location to check for HTTP content. The URL must begin with a proper URI, such as http:// or https://. The URL can include the full path to the document including the document’s file name and any query string http://www.example.com/reports.htm?ReportID=100.
Authentication username. Username the web site uses for authentication if applicable.
Authentication password. Password that coincides with the username the web site uses for authentication if applicable.
Proxy server. If the specified content is behind a proxy server, enter the IP address of the proxy server.
Proxy port. Port on which the proxy server listens.
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the specified time is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the server. This is considered a failed connection.
Web page content to find. Content to search for on the specified website as either plain text or a regular expression. Enable Use regular expression when using a regular expression. Please note, this monitor uses standard regular expression processing as supported by the .NET framework.
Request URL contents. Click to populate the dialog box with the Web page contents of the URL you entered above.
Click Advanced to configure the user agent and customer headers if desired:
User agent. Select a browser from the list. The user agent string identifies which web browser is making an HTTP request. Use this feature to imitate your website being visited by various browsers. The user agent from the latest version of the browser is populated for the browser you select.
55
Custom headers. Specify any headers for which you want to check. Enter a header as Field: Value.
Errors can result when using invalid custom headers or when modifying headers which do not allow modification, such as the HTTP Host header.
Click Request URL contents in the monitor configuration interface to test custom headers. If a problem with the header exists, WhatsUp Gold displays an error message. For example, the message “An error occurred with the requested website. Error: The ‘Host’ header cannot be modified directly. Parameter name: name.” indicates the user entered Host:myhost.com as a custom header when the Host header cannot be modified.
Content URLs To check content for the default page of a newly installed IIS server: http://my-device/iisstart.htm —where my-device is the hostname or IP address where a fresh instance of IIS is running.
To see how the HTTP Content monitor works, you can test it against one of the example documentation pages hosted by the Internet Assigned Numbers Authority (IANA): http://www.example.com
Active Script The Active Script monitor allows you write either VBScript or JScript code to perform specific customized checks on a device. If the script returns an error code, the monitor is considered Down.
Script Type. Select either VBScript or JScript.
Script text. Enter the actual script code for the monitor to run.
Execution Model: Select mode to run the Script o Use the “Direct Data Access” execution model
Allows direct database access via Context.GetDB
Script failures may cause the Poller Engine to crash o Use the “Isolated Process” execution model
No access to the WUG database
Variables can still be passed to the script
Poller Engine is protected from dangerous scripts
56
To set the result in WhatsUp gold use the command Context.SetResult. The format is Context.SetResult(0, Comment); 0 for Success (up) 1 for failure (down)
TCP/IP The TCP/IP monitor determines the status of the TCP/IP service that either does not appear in the list of standard services or uses a non-standard port. In essence this a port check monitor.
Network type. Select the network type for the FTP (File Transfer Protocol) service which is TCP; the network type for the RADIUS (Remote Authentication and Dial-In User Service) service is UDP; the HTTPS monitor uses the SSL type.
Port number. Enter the TCP or UDP port that you want to monitor.
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the specified time is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the server. This is considered a failed connection.
Script. Enter your script using as many Send, Expect, SimpleExpect, and Flow Control keywords as you would like. For more information, see Script Syntax
Click Expect to open the Rules Expression editor if desired. Any text placed in the Expression box, appends to the end of the script as an Expect expression.
WhatsUp Gold is installed with the following types of TCP/IP monitors already configured.
Echo. Checks to make sure an Echo server is running on the assigned port.
FTP. Checks to make sure an FTP server is running on the assigned port.
HTTP. Checks to make sure an HTTP server is running on the assigned port.
HTTPS. Checks to make sure the Secure HTTP server is running on the assigned port, and that WhatsUp Gold can negotiate a connection using SSL protocols. This monitor does not check on the validity of SSL certificates.
57
HTTP Content Scan. Performs advanced monitoring of a specific web page to make sure specific content appears in the page's code. Supports advanced HTTP processes such as form submission and non-standard HTTP headers.
IMAP4. Checks to make sure a IMAP4 server is running on the assigned port.
NNTP. Checks to make sure a NNTP server is running on the assigned port.
POP3. Checks to make sure a POP3 mail server is running on the assigned port.
Radius. Checks to make sure a Radius server is running on the assigned port. SMTP. Checks to make sure a SMTP mail server is running on the assigned port.
Time. Checks to make sure a Time server is running on the assigned port.
WhatsUp Gold knows the proper connecting commands for checking the standard services listed on the Services dialog, but to monitor a custom service, you may want to specify the commands to send to the service and the responses to expect from the service in order for WhatsUp Gold to consider the service UP. You need to determine the proper command strings to expect and send for a custom service.
You can use a rule expression to test a string of text for particular patterns.
Enter an expression in the Expression box. Use the >>, Match case, and Invert result options to the right of the Expression box to help build the expression.
In the Comparison text box, enter text to test compare against the expression you built in the Expression box.
Click Test to compare the expression against potential payloads you can receive.
After creating and testing the expression, click OK to insert the string into the Match on box. You create a script using keywords. In general, Script Syntax is Command=String. The command is either Send, Expect, SimpleExpect, or Flow Control.
Using the Rules Expression Editor
58
File System
File Properties The File Properties monitor checks to see if a file in a local folder or on a network share meets the conditions specified in the monitor’s configuration. This monitor supports percent variables (%Device.Address or %Device.HostName) allowing you to use a macro for applying multiple devices to a monitor.
The File Properties monitor only checks files that are accessible from the WhatsUp Gold server.
Path of the file to monitor. Enter the Universal Naming Convention (UNC) file path that WhatsUp Gold uses to access the file. For example: \\192.168.3.1\website\product\index.htm for a file on a single device. If you provide the value for File size, File checksum using, or File modified within options, you can also use percent variables for the path of the file to monitor.
\\%Device.Address\website\product\index.htm or \\%Device.HostName\website\product\index.htm for a file located on multiple machines with the same file path name. Note: mapped drive paths
are not permitted.
File. Enable this option to specify if the file exists or does not exist for the monitor to report as Up.
File size is. Enable this option to determine the success or failure of the monitor scan based on the size of the specified file.
File was last modified. Enable this option to determine the success or failure of the monitor scan based on the date on which the file was last modified.
File checksum using. Enable this option to determine the success or failure of the monitor scan based on the file’s checksum and specified algorithm used to calculate the checksum.
59
Selecting this option can greatly
increase the amount of time it takes
to complete the monitor scan and
degrade or lag WhatsUp Gold
performance. The probability of
lengthy monitor scans and slower
performance increases when you
use algorithms other than SHA1
when you are scanning large files or
when you scan files located on
network shares.
File was/was not modified within X before polling time. Enable this option to specify if the file has or has not been modified within the selected interval for the monitor to report as Up.
Folder The Folder monitor uses the Windows credentials assigned to the device to determine if a local or network share folder meets the conditions specified in the monitor configuration. This monitor supports percent variables (%Device.Address or %Device.HostName), allowing you to use a macro for applying multiple devices to a monitor. If the target folder or directory contents change during a poll, the change is ignored and is not counted toward folder/file size specified in the monitor configuration.
The Folder monitor only checks files in folders that are accessible from the WhatsUp Gold server.
Path of the folder to monitor. Enter the Universal Naming Convention (UNC) path that WhatsUp Gold uses to access the folder. For example: \\192.168.3.1\website\product for a folder on a single device. If you provide the value for File size, File checksum using, or File modified within options, you can also use percent variables for the path of the folder to monitor.
60
For example, \\%Device.Address\website\product or \\%Device.HostName\website\product for a folder located on multiple machines with the same folder path name. Enable Include sub-folders to scan folders under the selection for the specified content.
Selecting this option can greatly increase the amount of time it takes to complete the monitor scan and possibly have an adverse impact on WhatsUp
Gold performance.
Include all files. Select this option to configure the monitor to scan all accessible files.
Include files with names matching the following wildcard expression. Select this option to specify a wildcard expression WhatsUp Gold should use to determine which files to scan. For example, enter *.exe to check for executable (.exe) files in the selected folder. Please note, this option only works using a single wildcard expression. If multiple expressions are entered in this field, the monitor reads the entry as one wildcard expression.
When enabled, this option can significantly slow performance dependent on the wildcard expression specified. The probability of slower performance increases when this option is used in conjunction with the Include sub-folders option.
Folder. Enable this option to specify if the folder exists or does not exist for the monitor to report as Up.
Actual folder size is. Enable this option to determine the success or failure of the monitor scan based on the actual size of the specified folder.
Folder size on disk is. Enable this option to determine the success or failure of the monitor scan based on the size of the specified folder as it resides on disk.
Number of files is. Enable this option to determine the success or failure of the monitor scan based on the number of files within specified folder.
61
Storage The features described in this section are included in Total and Total Plus. It will monitor NetApp and EMC/Dell EMC storage. EMC/Dell EMC storage does not support SNMP only SMI-S credentials. In order to successfully monitor NetApp FAS series storage devices using WhatsUp Gold, you must install the Data ONTAP SMI-S agent. The Agent is required for monitoring volume statistical data and must be installed on a machine that can communicate with both WhatsUp Gold and the storage device or devices being monitored. Use the following procedure to install the agent:
1. Download the Data ONTAP SMI-S Agent executable file from NetApp. For detailed information such as prerequisites, supported operating systems, versions, refer to http://support.netapp.com.
2. Ensure you are logged in using the local Administrator account, then install the SMI-S Agent.
3. Reboot the machine on which the SMI-S Agent was installed. 4. Open a command line, then run the following command to ensure the
'cimserver' has started running: -smis cimserver status: If the response indicates it is not running, ensure port 5988/5989 is not use by another program -ORAccess the list of running services in the Windows Control Panel and start the Data ONTAP SMI-S Agent service manually, if needed.
5. Launch the Data ONTAP SMI-S Agent program from the Windows Start menu.
6. Open a command line, then create a username and password for the SMI-S Agent by running the following command: -cimuser-a –u <username> -w<password> The user created using this command must match an
existing local Windows user account. Additionally, when creating the credential in WhatsUp Gold, enter the password created using this command rather than the
password for the local Windows user account. 7. Set the cache refresh rate interval time by creating a system variable
named: CACHE_REFRESH_SEC The Data ONTAP SMI-S Agent uses a default collection interval of 5 minutes. Ipswitch recommends setting the cache refresh rate interval to match the interval set for
disk utilization data collection in WhatsUp Gold 8. Prior to connecting the Agent to the SVM, launch a web browser and log
in to OnCommand System Manager. 9. Select the Network Interfaces tab. 10. Right-click the interface assigned to the SVM. 11. Select Enable Management Access. 12. Click Save.
62
13. Navigate to Configuration > Security > Users for the specific SVM in the hierarchy at left.
14. Ensure the vsadmin user is present, unlocked, and sshd and ontapi are enabled.
15. Add the SVM to the SMI-S Agent by running the following command: smis add <SVM IP address> vsadmin or smis addsecure <SVM IP address> vsadmin to configure SMI-S to use HTTPS instead of HTTP
16. Ensure the SVM was successfully added by running the following command: smis list
17. Repeat the two previous steps to add each SVM you want to monitor.
SMIS The SMI-S monitor determines if the selected storage device is operational. The success or failure of the monitor is dependent upon values returned by the device that can be interpreted by WhatsUp Gold as up or down. This is
used with EMC/Dell EMC and NetApp Storage.
To configure, simply provide a unique name and description for the monitor.
Degraded Array The SMI-S monitor determines if the selected storage device is operational. The success or failure of the monitor is dependent upon values returned by the device that can be interpreted by WhatsUp Gold as up or down.
To configure, simply provide a unique name and description for the monitor.
63
Critical Services The Email monitor checks a mail server by first sending the server an email via SMTP. The monitor then attempts to delete previously sent emails using either POP3 or IMAP. If any step in the process fails then the monitored is considered Down.
The email monitor supports encryption with SSL/TLS and SMTP Authentication which ensures that the monitor sends emails to a secure email account.
You must use a separate email account for every email monitor created. Failure to do so will result in false negatives. For example, if you want to check both IMAP and POP3 on the same server, and create two instances of the monitor, one configured with POP3 and one with IMAP, you must use two separate email accounts. Otherwise, one monitor deletes all emails previously sent from both
instances of the monitor and incorrectly reports the mail server as Down.
Outgoing mail
SMTP server. Enter the address of the server on which SMTP is running. Use the default, %Device.Address, to use the device IP address on which the monitor is attached.
Port. Enter the port on which the SMTP service is listening. The standard SMTP port is 25.
Mail to. Enter the address to which the Email Monitor sends email.
Mail from. Enter the address you want listed as “From” in the email sent by the Email Monitor.
Incoming mail
Mail server. Enter the address of the server on which the POP3 or IMAP service is running.
Account type. Enter the protocol (POP3 or IMAP) you want the monitor to use to check for correct email delivery.
Username. Enter the username of the account in which the monitor uses to log in.
64
Password. Enter the password for the account in which the monitor uses to log in.
Advanced Email Monitor
Click Advanced to set the following additional advanced properties for the monitor if desired:
SMTP advanced properties
SMTP server requires authentication. Enable this option if the specified SMTP server requires authentication. Please note, this monitor supports CRAM-MD5, LOGIN and PLAIN authentication methods. The authentication method is not configurable. It is negotiated with the SMTP server automatically using the strongest mutually-supported authentication method.
Username. Enter the username to be used for SMTP authentication.
Password. Enter the password to be used for SMTP authentication.
Use an encrypted connection (SSL/TLS). Enable this option to encrypt SMTP traffic if your SMTP server supports encrypting data over a TLS connection. Please note, WhatsUp Gold only supports explicit SSL sessions negotiated using the STARTTLS command for SMTP connections.
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the specified time is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the server. This is considered a failed connection.
POP3 advanced properties
Port. Enter the port number where the POP3 or IMAP server listens.
Use an encrypted connection. Enable this option to connect to a POP3 or IMAP server in an encrypted mode. Select one of the following encryption methods:
Use implicit SSL. Select this option to login to your POP3 or IMAP server in an encrypted mode.
Use SSL with STLS. Select this option to login to your POP3 or IMAP server in an unencrypted mode, and then switch to a TLS connection by sending STARTTLS or STLS command to the server.
WhatsUp Gold only
supports clear text
authentication for
retrieving mail. To
protect your
username and
password when
retrieving mail, you
must use an SSL
encryption
method. When
connecting using
STARTTLS, the
connection is
encrypted before
any authentication
information is sent
or any mail is
retrieved.
65
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the specified time is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the server. This is considered a failed connection.
If your IMAP server is configured to move the test message sent by the monitor to any folder other than the Inbox, the monitor fails. WhatsUp Gold only detects messages in the Inbox folder on an IMAP server.
DNS The Domain Name Server (DNS) monitor is a simple service monitor that checks for the DNS on port 53. If a DNS service does not respond on this port, the service is considered Down.
FTP The FTP monitor performs upload, download, and delete tasks on designated FTP servers to ensure they are functioning properly. You can configure a single monitor to perform all three tasks. However, if any one of the tasks fails, the entire monitor is considered Down.
FTP Server. Enter the device address of the FTP server for which the FTP monitor is configured and on which the monitor performs associated tasks.
Port. Enter the port the monitor should use to communicate with the FTP server.
Username. Enter the username used to access the FTP server for which the monitor is configured.
Password. Enter the password used to access the FTP server for which the monitor is configured.
Use Passive Mode. Enable this option to use passive (PASV) mode rather than active mode when attempting to connect to the FTP server and to perform the subsequent tasks.
Upload. Enable this option to have the active monitor upload a file to the designated FTP server. Please note, this option must be enabled to use the Download and/or Delete tasks.
Ipswitch
recommends
creating a
separate FTP
monitor for each
FTP server you are
monitoring, unless
the same
username and
password are used
for each of the
servers.
66
Download. Select this option to have the active monitor download a file from the designated FTP server.
Delete. Select this option to have the active monitor delete a file from the designated FTP server. Specify a username and password for an account with the appropriate user permissions for the file actions you select. To upload files to the server, the account must have write permissions. To download files from the server, the account must have read permissions. And, to delete files from the server, the account must have delete permissions.
Network Statistics The Network Statistics monitor uses Simple Network Management Protocol (SNMP) to query a device to collect data on three device protocols, Internet Protocol (IP), Transmission Control Protocol (TCP), and User Datagram Protocol (UDP) and alerts you when configured thresholds are met or exceeded.
Thresholds to monitor. Select the IP, TCP, and/or UDP thresholds to monitor. Click on any individual threshold to highlight it, then click Configure to specify Down conditions for the selected threshold.
The OID and a description of the selected parameter can be found at the bottom of the configuration dialog. You can check to see if your device supports the OID with the MIBWalker. While there are Active monitors
for Exchange, and SQL server these type of applications are best monitored with the Application Monitor feature.
67
Cloud-Based Resources Cloud Resource Monitor determines if the selected cloud load balancer or cloud instance
is available. This is useful for tracking service level for applications running in the cloud, tracking uptime, and monitoring health of managed infrastructure when your network or datacenter resources extend to the cloud.
The monitor can be used to determine availability for:
Amazon Web Service Elastic Load Balancing service
Amazon Elastic Compute Cloud (EC2) instances
Azure Resource Manager load balancers
Azure Resource Manager virtual machines The success or failure of the monitor is dependent upon health and operational status values returned by the device that can be interpreted by WhatsUp Gold as up or down.
To configure, simply provide a unique name and description for the monitor.
Before you apply this monitor to a device, the device must have valid AWS or Azure credentials assigned (depending on the cloud service being utilized).
68
Passive Monitors Passive monitors are responsible for listening for device events. Whereas active monitors poll devices for data, passive monitors passively listen for device events. Because passive monitors do not poll devices, they use less network bandwidth than active monitors.
Passive monitors are useful because they gather information that goes beyond simple Up or Down by listening for a variety of events.
Although passive monitors are useful, you should not rely on them solely to monitor a device or service—passive monitors should be used in conjunction with active monitors. When used together, active and passive monitors make up a powerful and crucial component of 360-degree network management.
Passive Monitor types are specific configurations of SNMP traps, Windows Log Events, or Syslog Events. Though you can create any of these three types of passive monitors, SNMP traps are most widely used on network-type devices and Windows Event Logs are used solely on Windows devices. In all, there are about a dozen Passive Monitors in the default instance of WhatsUp Gold Premium.
If you want to know when someone with improper credentials tries to access one of your SNMP-enabled devices, you can assign the default Authentication Failure passive monitor. The monitor listens for an authentication failure trap on the SNMP device, and logs these events to the SNMP Trap Log. If you assign an action to the monitor, every time the authentication failure trap is received, you are notified as soon as it happens.
Listener A Passive Monitor Listener runs continuously on the WhatsUp Gold server listening for events to occur. WhatsUp Gold is installed with three Passive Monitor Listeners:
SNMP Trap Listener. This listens for SNMP traps, or unsolicited SNMP messages, that are sent from a device to indicate a change in status.
Syslog Listener. This listens for Syslog messages forwarded from devices regarding a specific record and/or text within a record.
69
Windows Event Log Listener. This listens for any WinEvent; for example a service start or stop, or logon failures. It will listen for events in the following logs:
o System o Security o Application
Both SNMP Trap and Syslog listeners are not enabled by default and must be enabled before using SNMP Traps or Syslog passive monitors.
You can start the listener under Settings > System Settings > Passive Monitor listener When an event occurs and is sent to WhatsUp Gold the appropriate Passive Monitor Listener first checks the contents of the event to verify it is an item you have defined as important and worth collecting. This is done by checking the event for specific key words and configuration information that must match the configuration of the monitor assigned to the device in WhatsUp Gold. Then the listener logs the event, notifies WhatsUp Gold, and any associated actions assigned to the passive monitor are fired. If the contents of the event do not match the configuration of the passive monitor the event is discarded and no logging or actions take place. In the case of Syslog and SNMP Trap passive monitors you can also choose to accept and log unsolicited events, which do not require a matching passive monitor to be assigned to a device and are stored immediately to the database upon receipt. Take care when implementing this option, however, as collecting too many unsolicited events can very quickly lead to a large database table.
70
SNMP Traps SNMP traps are commonly used on network devices such as routers and switches, as well as some server-level devices, hardware devices, and appliances. SNMP traps can be generated for a variety of situations, both for standardized events like an interface going down and for more specialized situations like a period of high CPU utilization.
Most devices can be configured to send this data to up to two separate IP addresses using the default UDP data port of 162, or to a non-standard port number of your choice. In order to receive these events in WhatsUp Gold you must have the SNMP Trap Listener running on the appropriate port, and have the remote device configured to send the trap to the IP address and port number in use by WhatsUp Gold.
You can configure SNMP Traps using 2 different methods:
Automatically using the Trap Definition Import Tool
Manually using the Passive monitor Library
Import Tool
The easiest and simplest way to get your SNMP trap passive monitors created is using the “Trap Definition Tool” found in the Admin console (Tools > Import Trap Definitions). It will allow you to search for a specific trap you need WhatsUp Gold to listen for, and then import it into the Passive Monitor library. After you have imported the trap, you can make and configuration changes to the monitor in the Passive Monitor Library using the Rules Expression Editor dialog.
Select the trap you want to import and click Import to passive monitor library. If the Trap
already exists in the database it will not be imported a second time.
71
The SNMP Trap monitor listens for unsolicited messages from a monitored network device notifying WhatsUp Gold of a specific event. The monitor can be configured to listen for all SNMP traps or for only specific types.
Enterprise/OID. Select the desired object identifier (OID) from the Enterprise section of the MIB. This is the SNMP enterprise identifier in the trap, which is used for unique identification of traps for a particular application. If you specify the OID in this box, then an incoming trap matches this rule only if the trap enterprise box begins with the OID that you have specified. If you are unsure of the OID to use, or you do not need to be specific, you can leave this box blank and it is ignored. Please note, this option is only available if Generic Type is set to 6-EnterpriseSpecific.
Generic Type (Major). Select the SNMP Trap type. Each trap has a generic type number which is part of the rule determining the matching criteria for an incoming trap.
Specific Type (Minor). Enter an integer value from 0 to 4294967296. Please note, the Generic Type (Major) must be set to Enterprise Specific.
Payload. Click Add to launch the Rules Expression Editor to create an expression, test it, and compare it to potential payloads.
If you have multiple payload "match on" expressions, they are linked by "OR" logic—not "AND" logic. If you have two expressions, one set to "AB" and the other to "BA", it matches against a trap containing any of
the following: "AB" or "BA" or "ABBA".
72
Syslog
Syslog messages are widely used amongst Unix and Unix-based systems as well as network devices, and even simple devices such as printers and power supplies. Because of this they are a very popular method of collecting and storing events from multiple device types into a single depository of data for compliance purposes.
Syslogs are passed to UDP port 514 by default and can make use of varying severity levels in the content of the event, making them a handy utility for very specialized passive monitoring and alerting. As with SNMP Traps you will need to start the listener in WhatsUp under Settings > System Settings > Passive Monitor listener
Syslog monitor listens for Syslog messages on the devices to which it is assigned. For more information about Syslog facilities and levels of severity, see RFC5424 (http://tools.ietf.org/html/rfc5424 page 9 for facilities and page 10 for levels of severity).
Click Add to launch the Rules Expression Editor to create an expression, test it, and compare it to potential payloads.
If you define multiple payload Match On expressions, each expression is considered individually (think "or" operator).
73
Windows Event
Windows devices make use of event logs to store and track information, warning, and error events logged by the local operating system. These event logs can also be monitored from a remote location, allowing a network administrator to browse the Windows Event Logs on a remote server on their network. Windows events include many different parameters in a single event, including an event ID, description, type, and source.
Windows Event Log passive monitors in WhatsUp Gold make use of these parameters by allowing you to configure collection of events that meet a certain criteria, such as events of a Warning type that come from a specific Source, or collecting all events that share a common Event ID. Once this configuration is set in a passive monitor and the monitor is saved to a device, WhatsUp Gold connects to that remote server and registers for that set of events on the remote machine. From thereafter, any time the remote device logs an event that matches your criteria the event is sent to the WhatsUp Gold server and logged by the Windows Event Log Listener. Unlike SNMP Traps and Syslogs the listener is already started.
As a best practice, we recommend keeping conditions simple by opting for multiple Passive Monitors over complex sets of conditions. When complex conditions are unavoidable, we recommend grouping all OR conditions together at the beginning of the set of conditions, followed by the ANDs
The Windows Event Log monitor uses WMI authentication to listen for Windows events on the devices to which it is assigned. To use multiple Windows Event Log monitors, assign a unique monitor to each device. When assigning a Windows Event Log monitor, ensure the device has credentials assigned to it first.
Condition. Enter a list of conditions to match. Only log entries matching these expressions are converted to events. Conditions are processed sequentially from top to bottom. As each condition is evaluated, its results are applied to the next condition until all conditions are evaluated. For complex sets of conditions involving both ANDs and ORs, this serial logic may produce different results than intended.
Click Edit to add or edit a condition or Clear to remove a condition from the box
Match On. Click Add to launch the Rules Expression Editor to create an expression, test it, and compare it to potential payloads.
74
Performance Monitors
Performance Monitors are responsible for gathering data about the performance of the devices running on your network for long-term analysis and reporting purposes. There are many components that can be collected with performance monitors; for example, CPU and memory utilization. This data is collected and stored in raw format, and is then used to create reports that trend utilization and availability of these device components over time. A selection of performance monitors are available in a fresh installation of WhatsUp Gold, making use of SNMP and ICMP to collect common performance statistics from a variety of device types. Additionally, you can create custom performance monitors to track performance metrics for APC UPS devices and Printers, as well as create custom monitors based on Active Script, SNMP, SSH, and WMI to query performance counters on any type of device. All NEW discovered devices will use WMI by default for windows devices; if currently monitored will still run SNMP. Performance monitors are added to individual devices through the Device Properties dialog. You can add:
Default Performance Monitors
Device-specific (Custom) Performance Monitors o Hardware o Application/OS o Network Management and Instrumentation o Disk I/O and Throughput
Default Monitors There are five default performance monitors to track device performance by checking and reporting on device resources. These monitors are:
CPU utilization
Disk utilization
Interface utilization
Memory utilization
Ping Latency and Availability
Each of these default performance monitors includes a specialized set of reports and utilities geared towards getting up and running with performance reporting
75
very quickly. By simply selecting these monitors for collection on your devices you can immediately make use of these built-in utilities, giving you the ability to track long-term performance on your network with almost no setup or configuration required.
The five default performance monitors cannot be edited, copied or deleted.
The default performance monitors all use SNMP to connect to the device and verify its performance. The only exception is the Disk utilization monitor can be configured to use WMI instead of SNMP on a Device by device basis. The advantage of using WMI is it gives the ability to monitor “Mount points” on your windows devices.
NOTE: Starting with WhatsUp Gold 2017 Plus SP1 (v17.1.1) and subsequent versions, the default performance monitors will use either SNMP or WMI to apply them to your devices.
Custom Monitors In Addition to the default custom monitors you can create custom monitors to track specific performance metric. The additional monitors can be split into 4 categories Hardware, Application/OS, Network Management and Instrumentation, and Disk I/O and Throughput. These additional monitors are:
Hardware o APC UPS o Printer
Application/OS o Active Script o JMX o PowerShell Scripting o SQL Query o SSH o Windows Performance Counter o Hyper-V Event Log o Hyper-V Host VM
Network Management and Instrumentation o SNMP o WMI o WMI Formatted
Disk I/O and Throughput o VMWare Datastore IOPS o Hyper-V Disk Activity
76
Hardware
APC UPS The APC UPS monitor collects statistical output power usage information and graphs APC UPS power utilization over time. This monitor detects when a monitored UPS device is close to maximum performance level as well as the time of day networking devices connected to the UPS device are using the most power indicating the need to equally distribute the load across several UPS devices. Only a unique name and description are required to successfully configure this monitor.
Printer
The Printer monitor uses SNMP to collect data on SNMP-enabled network printers. The target printer must be SNMP-enabled and support the Standard Printer MIB for this monitor to work properly. Use this monitor to check for potential issues such as ink levels, paper jams, and
low input media (e.g., paper). The monitored printer must support the Standard Printer MIB.
Ink/Toner Cartridge. Select the ink/toner cartridge you want to collect ink/toner level data. Please note, you must create a Printer performance monitor for each color ink/toner cartridge you want to monitor.
Collection interval. Specify how often data should be collected from the selected toner cartridge.
Please note, all SNMP objects may or may not be supported by the specific printer being monitored depending on its manufacturer and model.
77
Application/OS
Active Script The Active Script Performance monitor enables you to write VBScript and JScript to easily poll one or more SNMP and/or WMI values, perform math or other operations on those values, and graph a single output value. You should only use the Active Script Performance Monitor when you need to perform calculations on the polled values.
The Active Script performance monitor requires one or more of the following credentials:
SNMPv1
SNMPv2
SNMPv3
WMI Configure the Active Script performance monitor using the following boxes:
Script type. Select either JSCRIPT or VBSCRIPT.
Timeout (sec). Enter the length of time WhatsUp Gold attempts to connect to the selected device. When the time you enter is exceeded without connecting, a timeout occurs and WhatsUp Gold stops trying to connect to the SMTP server. This is considered a failed connection. Please note, the maximum timeout allowed is 60 seconds. However, Ipswitch does not recommend setting a timeout that exceeds 10 seconds. Use the shortest timeout possible.
Reference variables. Add, Edit, or Remove SNMP and WMI reference variables using the respective buttons on the right of the dialog. Please note, the use of reference variables in the Active Script performance monitor is optional. For additional information, please see Using Reference Variables with Script Monitors in the help files.
Script text. Enter your monitor code.
Keep in mind that
although you can
poll multiple
values using the
feature, only one
value will be
stored to the
database: the
outcome of your
scripted
calculation.
78
To configure an SNMP Active Script performance monitor:
Click Add from the Add Active Script Performance Monitor dialog to add a new variable to the Reference variables field. The Add New Reference Variable dialog appears.
Enter the appropriate information: o Variable name. Enter a unique
name for the variable. o Description. (Optional) Enter a
short description for the variable.
Select SNMP from the Object type list.
Click browse (...) next to Instance. The MIB Browser dialog appears.
Enter the name or IP address of the computer you are trying to connect to in the Select counters from computer box.
o You can click browse (...) to select a device from a list.
Select the SNMP Credential used to connect to the device. o You can also click browse (...) to access the Credentials Library to
create a new credential.
Click OK. The SNMP MIB Browser appears.
Use the navigation tree in the left panel to select the specific MIB you want to monitor. You can view more information about the property/value at the bottom of the dialog.
Click OK to add the OID to the Performance counter and Instance fields in the Add New Reference Variable dialog.
To configure a WMI Active Script performance monitor:
Click Add from the Add Active Script Performance Monitor dialog to add a new variable to the Reference variables field. The Add New Reference Variable dialog appears.
Enter the appropriate information: o Variable name. Enter a unique name for the variable. o Description. (Optional) Enter a short description for the variable.
Select WMI from the Object Type list.
Click browse (...) next to Instance. The Performance Counters dialog appears.
Enter the Name or IP address of the computer you are trying to connect. o You can click browse (...) to select a device from a list.
Select the Windows Credential used to connect to the device.
The first time that
you poll a WMI
reference variable
that requires two
polls in order to
calculate an
average (such as
“Processor\%
Processor Time”),
it returns “Null.”
79
o You can also click browse (...) to access the Credentials Library to create a new credential.
Click OK to connect to the computer.
Use the performance counter tree to navigate to the Performance Counter you want to monitor.
Select the specific Performance Instance you want to monitor.
Click OK to add the variable to the Performance counter field in the Add New Reference Variable dialog.
* You need to include error handling in your monitor script. Your script either needs a value to graph by using Context.SetValue, or you must use Context.SetResult to tell WhatsUp Gold that the script failed.
* Context.GetReferenceVariable will return ‘null’ if the poll fails for any reason.
* If you do not have a call to SetValue or SetResult, the script does not report any errors and no data is graphed.
* If SetValue is used, it is not necessary to use SetResult, as SetValue implicitly sets SetResult to 0, or “good.”
* Results from this performance monitor are displayed on Custom Performance Monitors full and dashboard reports.
* Errors from this performance monitor are displayed in the Performance Monitor Error log, as well as EventViewer.exe.
JMX The JMX Performance Monitor allows you to monitor any server that supports JMX by requesting a single JMX performance counter the server supports and allows you to easily browse and add available counters to the monitoring list.
Object Path/Attribute. Select the target device, domain/path, and attribute to monitor. See the following procedure steps for additional details about selecting the object path and attribute.
Port. Enter the port number WhatsUp Gold should use to communicate with the JMX object.
Use SSL. Select this option to use Secure Socket Layer connection for communication with the JMX object.
80
Click the Browse button (...) to launch the JMX Credentials dialog.
Enter the IP address or host name of the target device to browse.
You can also click the Browse button (...) to select a device from the device list.
Ensure the Port and Use SSL with RMI Registry settings reflect your selections made in the previous dialog.
If needed, select an existing JMX credential from the list
or click the Browse button (...) to access the Credentials Library, then create a new one.
Click OK to proceed to the JMX Browser which you can use to select the target device, domain/path, and attribute to monitor.
PowerShell PowerShell Scripting enables you to create custom performance monitors using Windows PowerShell.
WhatsUp Gold uses the 32-bit (i.e. x86) PowerShell engine. Therefore, only 32-bit PowerShell snap-ins are supported and 64-bit only snap-ins will not function properly. Snap-ins usable in both 32-bit and 64-bit operating systems are configured for 64-bit systems by default and must be manually configured for 32-bit PowerShell engine to function properly with WhatsUp Gold.
Timeout (sec.) Duration WhatsUp Gold attempts to connect to the selected device. This is considered a failed connection.
Reference variables. Add, edit, or remove SNMP and WMI reference variables using the respective buttons on the right of the dialog. See steps below to configure either an SNMP or WMI PowerShell Scripting Performance monitor.
Run under device credentials. Click to execute the script using the Windows credentials for the affected device.
Script text. Enter your monitor code.
The PowerShell
Scripting
performance
monitor uses the
Windows
credentials to pull
the performance
information.
81
The use of reference variables in the PowerShell performance monitor is optional. If you do use them, you must use Context.GetReferenceVariable, for reference variables to be polled and their data graphed. Reference variables simplify your scripting code and enable you to write scripts efficiently, without having to use a list of device properties, as with the Script Action and Script Active Monitor. They manage the underlying SNMP or WMI mechanisms you would normally have to manage in order to access SNMP or WMI counters on a remote device.
By using the Context.GetReferenceVariable (variable name), you only need to specify the name of a pre-defined variable. WhatsUp Gold uses device credentials and connects to the target device using SNMP or WMI to retrieve the requested information. This information is stored in a variable that you can use later in your script. For more information, see Using the Context Object with Performance Monitors in the help files.
82
SQL Query The SQL Query monitor uses WMI or ADO authentication to determine if specific conditions exist in a Microsoft SQL, MySQL, or ORACLE database by querying the database. If the configured conditions are present, the monitor is Up. If changes made to the database since the last query cause data to no longer fall within the defined criteria, the monitor is Down.
When connecting to a remote SQL instance, WhatsUp Gold only supports the TCP/IP network library.
Configure the following setting to create a SQL query monitor:
Server Type. Select Microsoft SQL Server, MySQL, or ORACLE as the database server type. Please note, MySQL database is supported and listed as a server type option only if the MySQL 5.2.5 Connector is installed.
Connection Timeout. Enter the amount of time WhatsUp Gold waits for the server to respond before terminating the connection and returning the timeout error. The minimum allowed value is 1 second whereas maximum allowed value is 120. Please note, this setting only applies to polling whereas the query builder assumes a default of 15 seconds for the connection timeout.
Server Address. Enter the server address in the applicable format:
o ServerName\Instance format for Microsoft SQL Server. Example: WUGServer\SQLEXPRESS
o ServerName for MySQL. Example: WUGServer o ServerName/ServiceName for Oracle. Example:
WUGServer/Oracle.
Port. Enter the database server port number.
SQL Query to Run. Enter the query to run against the specified database to check for certain database conditions.
Click Build to launch the SQL Query Builder for assistance with developing proper query syntax. Only SELECT queries are allowed.
To monitor a
MySQL database,
download and
install the MySQL
.NET Connector on
the WhatsUp Gold
machine. Please
note, only MySQL
version 5.2.5 is
supported due to
potential
compatibility
issues. MySQL
.NET Connector
version 5.2.5 can
be downloaded
directly from the
WhatsUp Gold
website
(http://www.whats
upgold.com/MySQL
525Connector).
83
The SQL query you enter must return a single numeric value. Specifically, a single record that has just one column. If the query returns more than one record, the monitor fails to store the data. If the query returns a single record but there are multiple columns in the record returned, then the monitor will pick the first column as the value to store and this first column has to be numeric, otherwise the monitor will fail to store the data.
Click Verify to test if the entered database query is valid.
Number of rows returned is. Select this option to determine the success or failure of the monitor scan based on rows returned by the SQL query. All database rows must match the criteria settings for the monitor to be considered Up.
Content of each retrieved row matches the following criteria. Select this option to determine the success or failure of the monitor scan based on criteria which each database row must match. If multiple threshold criteria are used, all thresholds must match the criteria in each row for the monitor to be considered Up.
Click Add, Edit, and Delete as needed to create, modify, and remove database column values and conditions, respectively.
SSH The SSH monitor uses SSH authentication to connect to a remote device to execute
commands or scripts which can be either embedded in the monitor or placed as an executable script file on the remote machine with a command embedded in the monitor to run the script. Each monitor returns a single
numeric value which is recorded in the database and then used later by other WhatsUp Gold functions as needed.
Command to run. Enter the command to run and execute on the remote device. The command can be anything the device can interpret and run; for example, a UNIX shell command or a Perl script.
Please note, if you create a script to run on the remote device, it must be developed, tested, and/or debugged on the remote machine. Select one of the following script options:
Numeric. The command or script must return a single numeric value. The script can be as complex as required, but MUST only return a numeric value.
Old, single-line UNIX-style: free -m | awk ‘NR==2{print $3}’
84
Shell Interactive. This script is not constrained to only returning single numeric values; however, the output MUST contain the string ‘Result=xxxx’ where xxxx represents a numeric value.
New multi-line Linux-style: echo Result=$(free -m | awk ‘NR==2{print $3}’) This newer script format supports all the features of the target script interpreters without burdening the script developer to limit the output to a single numeric value.
Line end character. Select the appropriate line end type: None, Linefeed, Carriage return, or Carriage return linefeed. Multiline scripts are entered and persisted on a Windows operating system and include line-ending characters that may not be recognized on the target device. This configuration feature instructs WhatsUp Gold to replace the line-ending characters with the selected characters prior to connection and command execution.
SSH credential. Select the appropriate SSH credential WhatsUp Gold uses to connect to the remote device. WhatsUp Gold uses the SSH credential assigned to the monitored device if Use the device SSH credential is selected.
85
Network Management
SNMP The Simple Network Management Protocol (SNMP) monitor accesses SNMP-supported network devices and graphs performance output.
Performance counter/Instance. Select the target device and required credentials, then select the specific SNMP object to monitor in the SNMP MIB Browser.
Plot raw values. Enable this option to monitor the current polled value instead of tracking the rate of change over time. Use this feature to graph the current value of the SNMP object
WMI The WMI performance monitor watches for specific values on Windows Management
Instrumentation (WMI) enabled devices. WMI is a Microsoft Windows standard for retrieving information from computer systems running Windows and is installed by default on most Windows operating systems.
Performance Counter and Instance. Enter the OID and instance in the respective fields
o Or click browse (...) to access the Performance Counters dialog. The Performance Counters dialog appears.
Use the navigation tree in the left panel to select the specific performance counter you want to monitor. You can view more
86
information about the property/value at the bottom of the dialog.
In the right pane, select the specific performance instance of the selected counter you want to monitor.
Click OK to add the appropriate values to the Performance counter and Instance boxes on the Add WMI Performance Monitor dialog. The Add WMI Performance Monitor dialog appears.
WMI Formatted Configuring WMI Formatted Counter monitors collects performance data on devices using the Windows Management Instrumentation (WMI) technology. WMI is Microsoft Windows standard for retrieving information Windows platforms. WMI Formatted Counter performance monitor uses calculated counter data.
Performance Counter and Instance. Enter the OID and instance in the respective fields
o Or click browse (...) to access the Performance Counters dialog. The Performance Counters dialog appears.
Computer name. Name or IP address of the computer you are trying to connect to and gather instrumentation from.
o You can click browse (...) to select a device from a list.
Windows Credential. Select a credential to connect to the device you want to monitor. Click browse (...) if you need to access the Credentials Library.
Add WMI Formatted Performance Monitor Dialog
Performance Counter. Select the WMI object to monitor.
Performance Instance. Select the instance of the counter.
Performance counter and Instance boxes on the Add WMI Formatted Performance Monitor dialog.
The difference between the WMI and WMI formatted monitors is the formatted monitor will be rounded, instead of using a floating point decimal. It may also be in Gigabyte or Megabyte instead of
byte
87
Thresholds
You can set a Threshold on any of your performance monitors and more within Alert Center. Alert Center has five major types of thresholds available out of the box: Performance, Passive, System, Wireless, and Network Traffic Analysis. Each category includes a number of different thresholds.
Alert Center Performance thresholds notify you about performance monitors that have exceeded or dropped below threshold limits. These thresholds make use of data collected by your default and custom performance monitors and saved to the WhatsUp Gold database.
Alert Center Passive thresholds notify you when passive monitors fall out of the parameters of the thresholds you configure. This threshold type looks at the passive monitors that have been logged by the various Passive Monitor Listeners.
Alert Center Network Traffic Analysis thresholds notify you on WhatsUp Gold Network Traffic Analysis feature aspects that fall out of the parameters of the thresholds you create. These thresholds make use of standard and custom filters available within Network Traffic Analysis.
Alert Center System thresholds alert you on aspects of your WhatsUp Gold system according to the threshold parameters you configure. Virtualization and Configuration Manager Thresholds are also shown as System thresholds.
Alert Center Wireless thresholds relate to your wireless devices and aspects of these devices that fall out of threshold, including wireless access point and client data.
88
Network Discovery
What is a Discovery
Network discovery is the process WhatsUp Gold uses to identify devices on your network. Network discovery is based on the concept of query and response, where one device will launch a query, and one or more devices receiving this query will respond, in accordance to the protocol used. This process scans each device to determine its IP address, host name and possibly manufacturer, model, running software and services, and displays this information in WhatsUp Gold’s interface. The various scanning protocols will return different information.
WhatsUp Gold applies credentials and a sequence of steps to reveal, learn about, and decide which monitors suit devices on your network. Once a device is discovered, you choose if you want to manage/monitor the discovered device by promoting it to the My Network map. Promoted devices count against your license total.
Discovery
4
89
Network discovery scans can uncover device and host attributes, the device’s role within the network (for example, DNS, SMTP, FTP server), and which other machines on the network the device shares dependencies or frequent connections/conversations with.
Prior to initiating a discovery scan, first ensure your network devices can be discovered and subsequently identified. WhatsUp Gold attempts to discover devices on your network using ping (ICMP) and by scanning for open TCP ports. Please check to see if network devices respond to one or both of these request types before beginning discovery.
After WhatsUp Gold discovers a device on an IP address, it uses SNMP and/or WMI data on that device to gather all available information including the manufacturer and model, any installed components such as fans, CPUs, and hard disks, the operating system, and specific services (such as HTTP or DNS). Devices should be configured to respond to SNMP requests whenever possible. Alternatively, WhatsUp Gold can also gather information about Windows devices using WMI. In most cases, the information available using WMI is also available using SNMP.
If a firewall exists between WhatsUp Gold and the devices to be discovered or if the Windows firewall is enabled on the computer where WhatsUp Gold is installed, make sure the appropriate ports are open to allow WhatsUp Gold to communicate via Ping, SNMP, and WMI.
From the DISCOVER > New Scan page, select Advanced Setting > Expand scan to any virtualization environments to control if Hyper-V or VMware hosts or VMs will be included in the network discovery process.
VMware. Valid VMware credentials are used. VMware Tools are also required.
Hyper-V. Hyper-V devices are discovered when valid Windows credentials are used. Groups and users for passing WMI management objects must be in place. Host OS Application firewalls must align with default Hyper-V firewall rules.
90
Device Roles
Roles Each device discovered by WhatsUp Gold is assigned both a single primary and multiple sub roles based on data gathered from the device during the discovery scan. Roles assigned during discovery determine which monitors and attributes are assigned to the device automatically, and which actions are available for use. Additionally, role assignments affect what devices and associated icons the map views display when filters are applied as well as Layer 2 dynamic group membership and may affect certain overlay-specific behavior such as wireless or virtual.
While WhatsUp Gold determines the most appropriate roles based on information received from the device itself, you can modify the primary role assignment by clicking Change Role in Device Properties, then selecting from the list of available roles and descriptions that appears. The ability to change the primary role and/or sub roles can be beneficial if a device serves a different purpose or performs multiple functions within your network. That is, WhatsUp Gold may assign a primary role based on a device’s assumed function when it is actually being used for a different reason within your network environment.
You can monitor a wireless infrastructure device that could be potentially be used as a wireless controller, a router, switch, or similar in which case, it may benefit you to change its role in WhatsUp Gold to more accurately reflect its actual function.
Assigned
credentials are
used to refresh
device details. If
credentials or
other configuration
details for the
device have
changed since the
previous refresh,
the most
appropriate
primary role
determined by
WhatsUp Gold
during discovery
could be different
depending on what
modifications were
made to the
device
configuration
since the last time
device details
were refreshed. As
a result, new
monitors may also
be applied to
match the updated
role.
91
If you modify any roles assigned to a device, new monitors are not automatically applied based on the new roles. However, the monitors associated with the role determined by WhatsUp Gold during discovery will be reapplied if you:
Update the device by clicking Update Monitoring from the information card on the Discovered Network map.
Request updated information from the device by selecting Refresh Device Details from the actions menu.
If you have modified any monitors and/or attributes for the device, performing these functions neither removes, disables, or re-enables monitors, nor do they update attributes.
Finally, you may customize the default WhatsUp Gold configuration for device roles or create new roles based on your specific network monitoring needs using the Device Role Settings accessible from the WhatsUp Gold console application.
Sub-Roles Devices in today’s networks support multiple roles per device. For example, a device can be a virtual and windows server at the same time and have the appropriate monitors applied, or a wireless LAN controller could also be a switch and DNS server at the same time.
Discovery supports multiple roles (one primary and many secondary roles) for one device so monitors, maps, and UI components will be able to correctly handle these devices. A device will always have one primary role and will be identified as such, when WUG discovers a device that has multiple roles it determines which role is going to be the primarily through a prioritized set of criteria.
WUG will apply all monitors for both roles and sub-roles that apply to that device. A network admin will be able to change the primary role of a device that has multiple sub roles.
Advantages The biggest advantage of device roles is it reduces the manual configuration of your devices. You can automatically add all our monitors (active, passive and performance), during the discovery process. It will also apply an action policy automatically at the device level. It will also allow you to customize other device properties such as attributes, notes and more.
92
Configuring The Device Role Setting are only located in the Admin console, on the WhatsUp Gold Server. Once in the Admin console Click Tools > Device Role Settings. Here you can configure each part of your devices. You can customize your device roles with different percent variables that will try to be discovered and pulled automatically during the discovery process.
You can see a full list of variables available for discovery by doing a search on the help files for “Discovery Percent Variables”
Configuration General Tab
Device Role: basic information can be configured on this tab. o Name o Description o Notes
Source: has three possibilities o Default - Role is preconfigured and is a standard feature in
WhatsUp Gold o Modified - Role is created using a default as a template and is then
further configured by the user o Custom - Role and its configuration are created entirely by the user
Weight o Can be from 100 – 1000 o Used to tip the scale in favor of the role in case one or more roles
are selected during the discovery
Set as network device o When on, will consider this a device that handles or directs
network traffic and add the appropriate performance and interface monitors to it.
Scan Rules Tab
Where you will add the rules that WhatsUp Gold will consider when attempting to best match a role and sub roles when making assignments to discovered Devices.
Applied Sub Roles
This is where you will select which sub roles will be applied to the device.
Remember, in WhatsUp Gold, a device will be assigned a Single Primary role and can have multiple sub roles
Attribute Tab
Attributes are free-form name/value pairs that are used to save any kind of information about a device.
93
You can also use the attributes to categorize or tag devices with any label of your choice, like a maintenance schedule or what building or which server rack the device is located in.
You can also include system and host attributes by using the Discovery Percent variables. The most common discover attributes are included in the device role template.
The list of Discovery percent variables is accessible when you add a new attribute and click on the Discovery Variable List link.
Custom Links Tab
You will associate any web-browesable resources with the device
The template has already added the Browse to the web link of the device by using the URL of HTTP://%Device.UrlAddress
Monitor Tab
On the monitors tab, you will add all of the active, passive, and performance monitors to your device as you see fit.
Clicking the Add button, opens the list of all of the monitors in your monitors’ library, check all that you wish to apply and then click ok
This will add the monitors to the list of monitors to add to the device when promoting (start monitoring) the device to My Network.
Each added monitor has options you may select o Enable the monitor as critical o And the application rule which has two choices
Check support first
Which will check the device to ensure the monitor can be applied to the device
Always applied
Which will apply the monitor to the device if it is actually supported by the device or not
Note: The default device roles, most monitors are applied via the sub roles
Action Policy Tab
Allows you to set the Action Policy for the device
94
New Scans
Scan Types WhatsUp Gold 2017 has two types of network discovery scans:
IP address scan: Limit scans to check for specific ranges, subnets or hosts File
Seed address Scan: WhatsUp Gold “seeds” or builds an address list from target device SNMP data. It then continues to scan for additional devices based on the SNMP responses from these seed devices. This powerful feature can be described as the ‘cast a wide net’ approach. It also has useful controls for limiting the expanse of address boundaries and network hops.
Both scans types discover devices identically. The main difference the seed address scan will crawls though out your network and devices to find other possible devices to discover, while the IP Address scan is limited to the IP Addresses you have configured in the scope of the scan.
Best Practices of Using Scans
IP Address An IP address scan is best used when you need to limit the scope of the scan. Many times you may only want to scan a single subnet or IP address without the fear of going beyond that.
Seed Address The Seed Address scan will crawl and use information from the discovered devices to find other possible devices, discovering everything on your network. This allows you to find devices that you may not have known existed.
95
Configuration
Scan Depth Your network may have been divided into many sub-networks, and WhatsUp Gold can be configured to discover all devices on all your subnets. The Seed address Scan will scan subnets recursively, starting with the configured seed addresses.
The scan depth allows the user to define how deep into the network the scan will go. WhatsUp allows a scan depth of 1-6. Setting the scan depth to 1 will scan for devices that are 1 physical hop from the seed addresses. So if you used a single seed address it would be everything connected to that device.
96
A scan depth of 2 would discover all devices that are within 2 physical hops into the network of all the seed addresses. Moving the scan depth to 2, would allow WhatsUp Gold to look for any additional devices that are within 2 physical hops from the seed addresses.
97
Now, increasing the scan depth to 3 would allow WhatsUp Gold to look even further into your Network, to find further unique devices.
Settings You may fine tune and customize your scan by modifying the configuration of the scan. There are three areas you can configure if you are running an IP Address scan. A Seed Address scan has one additional to fine tune your scan configuration.
Include This section allows you to specify what IP address will be included in the scan. By default the scan will include the Gateway and the local subnet of the WhatsUp Gold.
Clicking on the will display the information about that section. (I.E. the gateway of your WhatsUp Gold server). This is what is listed on the NIC configuration.
If your Subnet mask is wrong you could potentially attempt to discover devices that are not even in your network. (Scan a Class A subnet instead
of a Class C)
Make sure you do not confuse subnet with Physical Hops.
98
Specific IPs,
Ranges, and
Subnets This area also allows you to enter a single IP address, multiple IP addresses (one per line), a single range of IPs, multiple ranges (one per line), singe subnet, or multiple subnets (again one per line). Ranges are entered with a “-” between the starting and ending IP. Subnets are entered in CIDR notation (192.168/24).
Use Host File This option lets you add a standard HOSTS txt file for a list of IPs to scan.
Monitored Devices Selecting this option displays the Select Groups button. Clicking the Select Groups button opens a dialog which allows you to select one or multiple groups (multi-select) of currently monitored devices within your WhatsUp Gold, letting you rediscover the devices for Updates.
Cloud Devices You may include cloud-based infrastructure devices when AWS and/or Azure credentials are enabled during discovery. (For AWS, select only the geographic regions where your instances are provisioned for quicker scans).
Exclude This area is similar to the include text box, allowing you to enter single IPs, ranges or subnets you want to exclude from being scanned.
99
IP/MAC Address Exceptions Relating to excluded devices, you can exclude device from merging during the discovery process by entering their IP Address or MAC address. You can find this area under SETTINGS>Discovery Settings>IP/MAC Address Exceptions
Limit This section only appears when running a Seed Address scan. In this area is where you may set it to scan only private, non-routable networks. You may also limit the scan to subnets that you are currently monitoring. To further restrict what IPs to discover, you have a text box similar to the Include and Exclude sections. It will keep WhatsUp Gold from discovering any devices that are not included in the limit area.
Maximum Number of Devices To reduce the time a scan will take, you may determine the Maximum number of Devices. When checked, it allows you to restrict the number of devices discovered. This number is the number of
Devices discovered after all the IPs are merged together.
100
Advanced Settings The last set of configuration options you have is under the Advanced Settings. Most of the options are checked by default but you may change them if needed.
The Data Collection Settings lets you Expand scan to any virtualization environments as well as wireless environments. Letting you discover your VMware and Hyper-V guest and host association. Then it lets you start collecting Wireless information from your Wireless infrastructure. Under the Concurrent Information Collections, you may set the number of Maximum Threads WhatsUp Gold will use during the discovery. Lower the number the slower the discovery will take, but if you raise this number just be aware it could impact your network devices. WhatsUp Gold lets you determine how a device will be named. Under the Device Naming section, you may choose to Resolve Hostnames, which checks with DNS for the Host name and you may use SNMP SysNames to name devices.
If the Host name or SNMP SysNames are not available, the device’s IP address will be used to name the device and host name.
There are three different methods to discover devices under the Advanced Discovery Checks:
Ping Only: The most basic. It will not discover devices with ICMP turned off or blocked by a firewall. It is also the fastest type of scan.
Ping & Credential Port Connectivity Checks (Default): Checks for ICMP response and checks to see if any of the credential ports, 22,23,135,443,1433,5988,5989,9000 to name a few, are open.
Ping & Port Connectivity Checks: This type of scan Checks for ICMP response and other ports are open to attempt to discover devices. This is a full port scan.
101
This is also where you may determine the Timeouts and number of retries for Ping and SNMP. And the timeout for WMI. The default timeouts are already entered in milliseconds.
The last section in the Advanced Settings is the Load Monitored Devices. This contains the automatically update allowed devices option. This will automatically update device details provided:
Monitored Device groups have been selected in the include area of the scan.
The Keep Details Current options is set (Default configuration) in the devices’ properties.
102
Credentials
After you have set up the configuration of your Discovery scan you need to move on to the second task of the configuration; that is deciding what credentials you want to use. You can get to this task by clicking next in the upper right hand sight or just clicking 2. Credentials on the left.
This will display all credentials contained in the WhatsUp Gold Credentials Library. If you do not already have any credentials or you need to add any additional credentials, you may do so by clicking on the Plus icon. You may edit any existing credential by selecting the credential then clicking on the pencil icon.
There are a couple ways to select the credentials to use with the discovery. You may use the “Use all current and future credentials” check box at the top. With this option checked, the discovery will attempt to apply all of the credentials in the Credentials Library in essentially a random order. The “future credentials” comes from if you run the scan again in the future, any new or changed credentials in the library will also be used. If you wish to have the discovery attempt certain credentials before the rest in the library, you may set the priority of the credential using the checkboxes in the list. The priority is set in the order you check them.
The other way is to specify which exact credential(s) you wish to use. You will uncheck “Use all current and future credentials”, then place a check next to the credential(s) you want to use. Only the credential(s) with the checkbox checked will be attempted. To specify an order or priority, you may move them up or down in the list with the list buttons , or use the arrow keys on your keyboard.
103
Schedule After you have optimized the discovery settings for your network, you may schedule it to run periodically. Either click next or 3. Schedule to go to the schedule configuration settings. Each time discovery runs, it detects new devices on your network and checks for changes on existing devices to update. You may also configure email notifications that distribute information about the results of the scheduled discovery.
Once in the Schedule area tab, place a check in the box next to schedule to configure your settings. The scan may be configured to run Daily, Weekly, Monthly, or a custom time frame. Under the daily option it may be configure to run every weekday or recur every so many days. Weekly allows you to determine what days of the week it will run, with the ability to fine tune the scan to run every so many weeks. Monthly allows the scan to run on a certain day every so many
months. The last option, custom, lets the scan to be ran every so many minutes, hours, or days.
The scan may also be configured to expire after a certain date, keeping it from running after that date. In this area there is also the ability to configure the scan to send an email when the discovery is finished. There are 2 buttons letting you configure the Email settings and even test the email.
If you have configured your Email setting under Settings > System Settings > Email Settings, it will automatically fill in the appropriate settings by clicking on the Email settings button.
104
Summary The last step is to review your settings, click next or 4. Summary. This tab allows you to reviews the Settings, Credentials, and Schedule options of the scan. If you need to make changes, click on the
pencil icon to the right of the applicable section. This is also where you may enter a name and a description for the scan.
Run/Save There are 2 options always available any time during the configuration of a discovery scan. These allows the scan to either be Save or Run from a click of a button upper right hand side.
Clicking the Save button will let you save the discovery. Clicking OK in the Save Scan Setting dialog will save and close the scan. It can then run it from the Saved Scan Settings dialog window.
Clicking Run button will open a dialog very similar to the Save button, but it gives an option to save and run, by clicking Yes, or just run the discovery without saving, by clicking No-Just Run.
105
Saved Scan Settings
Under the Discover Menu you have an option labeled Saved Scan Setting (Discover > Saved Scan Settings). By highlighting a saved scan you have a variety of option available to you.
Run Now: Launches the selected scans. You can have up to four scans running at the same time.
New: Create a new scan that starts with the default discovery template.
Modify: Edit existing saved scan. This button will not be active if more than one scan is selected.
Copy: Copies the information from selected scan and put into a new scan with the default name of “Copy of...” Again the button will not be active if more than one scan is selected.
Set as Default: Selected scan becomes the default template when all new scans are created. Like Modify and Copy this Button will not be active if more than one scan is selected
Preconfigured Scans
Scheduled Refresh WhatsUp Gold installs with five preconfigured scans, the first being the Schedule Refresh. This scan goes out and rescans all of the current discovered devices. As long as the devices have the “Keep Details Current” checked, this scan will automatically update any devices being monitored. If it is not checked it will keep the updated information in the discovery portion of WhatsUp Gold. This allows for the ability to update the device manually, at any given time.
So what does this scan update? It looks for new or better information about a device, including but not limited to better fitting device roles, device attributes and device properties.
106
The “Keep Details Current” is checked by default on every device.
Scheduled Discovery The second of the preconfigured scans is the Scheduled Scan. This scan is a seed address scan with a scan depth of 3, using all current and future credentials. This scan is not set to refresh and details of your monitored devices.
Examples Scans The last preconfigured scans are the Example scans.
There is the IP Address Scan Example. As the name implies, it is an IP address scan that includes the local gateway and subnet. This scan is set to default, which means when you click New, this scan is used as the template.
The next is the Seed Address scan example. This scan is set to a seed address with a scan depth of three and includes the local gateway and subnet.
And the final example is the Large Network IP address scan example. This scan is identical to the IP address scan example with the exception of the number of threads which is set to 100 instead of 40.
107
Discovered Network
List View After you start a discovery, or click on Discover> Discovered Network menu, you are taken to the Discovered Network. If this is your fist time using WhatsUp Gold, it defaults to the list view. Once you log out, WhatsUp Gold will remember which page you were on and return to that page/view when you log back in with the same account.
The discovered network displays all devices which have been discovered after running your discoveries. Devices which are not being monitored do not count against your license count. Only those devices being monitored will take points from your license.
The discovered network list view has multiple features:
Filter Tab The Filter Tab is where you can filter the list results, displaying only the devices which match the filter; more about this in the map view section.
Active Scans tab The next tab will show any active scans running. It shows you overall progress of the current scan(s). WhatsUp Gold only allows a maximum of four simultaneous running scans. If you start more than four, the 5th and subsequent scans will be queued and run after one of the other four finishes. You may cancel a scan from here. Canceling a scan does not just stop the scan and everything is lost, cancelling says, don’t go any further, but finish what you are doing and clean up. So it will finish merging devices with multiple IP addresses in to one device and add them to the discovered network. In the list, it shows the progress of the current scan(s) and the current status of the scan on the devices
108
themselves. This is not particular to the active scan tab, the progress and status will show when any scan is
currently running in the list view. Also when you start and or update
monitoring a device, the progress will also show on the active scans tab.
Discovery Legend tab The Discovery Legend tab explains the device Icons.
Unmonitored - Devices discovered but not monitored.
Monitored, Up - This can be green or blue depending on what color the user has set for UP in their user preferences.
Monitored, Up with down monitors – displays a green/blue with a red dot.
Monitored, Down – the device icon is red
Monitored, Maintenance – the device icon displays yellow
Monitored, Unknown – the device icon displays grey
Monitored, Unknown with down monitors – the device icon displays grey with a red dot
109
You may collapse the Tabs by clicking on the collapse arrow and reshow them by clicking on any of the tabs.
When you select a single device in the list view, it will display the
Device Information
on the upper right hand side.
Selecting multiple devices will display the Group Card.
The list view, has an export button allowing you to export the list of devices which are currently displays, in Excel (XML), CSV, or TXT file formats.
Clicking on the Display Map button will take you to the Map view.
110
Map View The discovered network map view has many of the same features as the list view.
Legend The legend on the discovery map is found in the lower left hand corner. It displays the same icons as the list view. The legend can also be minimized by clicking on the down arrow. Click the Up arrow to restore it to full size.
Active Scans The Active scans will show up under the Discovery Legend when any active scan is running. If you are promoting devices to be monitored, the progress of that action will be shown here as well. Again, WhatsUp Gold can run up to four scans or one promotion action at any given time.
Filters WhatsUp Gold allows for applying filters to the map so you can see\select just the devices you need. To access the filter you click on the funnel icon in the upper left hand corner. Once it is selected the menu will appear.
The filter menu is divided into multiple sections.
111
The Filter text, Name/IP Section, Location, or Brand: enter an IP address, Name or a location name to be used
Roles-Dropdown menu: Shows all available roles, default or custom, to filter devices on their role
Credential Types-Dropdown menu: Shows available credentials types that can be applied
Operating system-Dropdown menu: Shows the available Operating systems
Monitored Status-Dropdown menu: Selects desired status; Up, Down, Maintenance, Unknown, etc.…
Discovery Status-Dropdown menu: Select the desired status; Complete, In Progress, Unknown (No Credentials)
Scan Time: Dropdown menu: Select desired time frame; last 60 minutes, Last 24 hours, or Select Time Range
As you type the filter text box WhatsUp will match what is being typed in the appropriate fields. Selecting the filter type will apply the filter. WhatsUp Gold allows for multiple filters to be applied.
As filters are applied, the devices that do not match will remain on the map but are subdued nor are they selectable. All the devices matching the filter will remain normal, non-subdued, and selectable. To remove the filters by clicking the X next to the filter name or click the Clear All to remove all the filters. Filter now filters on ANY IP address on the device was just the default associated with the device but not any of the IP addresses associated with the device.
Selecting Device The Select Tool allow WhatsUp to toggle between pan and select modes. Pan mode allows for moving the map around. In this mode you can select single devices. To select multiple devices, you will need to hold the shift Key down while
selecting each device.
112
When in Select mode you can draw a rectangle around multiple device to “capture” them.
113
Zoom Controls You may increase or decrease the size of the devices on the map view by using the zoom controls located in the lower right corner just above the toggle between pan and select button. Use the Plus sign to zoom in and the Minus to zoom out. The Next Icon is the Zoom to Fit, Forces the entire map to fit inside the displayed area. The Map also allows you to zoom in and out with a simple turn of a wheel mouse. When using the mouse it will center the zoom on the location of the map.
Hiding Devices Hiding devices allows for removing devices from the discover map without permanently deleting them. To hide a device(s), select the device(s) you want hidden and click the eye with a slash icon
in the information card. To unhide any device, Click Hidden Devices
Icon in upper left corner under filters. In Hidden Devices dialog, select device(s) to be unhidden. Then click Show Devices button.
Start Monitoring Once a discovery has been run, any devices in the discover list/map may be promoted
to start monitoring in WhatsUp gold. To promote your device(s), select the device(s) you want to monitor then click Start Monitoring or Start/Update Monitoring in the upper right hand corner of the device or group cards.
If you delete devices out of the Discover Map, any devices that you are currently monitoring will repopulate in the discover map.
Returning to List View
To go back to the list view click Device List at the bottom of the map.
114
Hybrid View You may also view your devices in a hybrid view that will display the map on the top and the device list at the bottom of the screen. Click the single up arrow on the Device list button to show this view. You can return to the map by clicking the X or go to full Device List by clicking the Device list button.
When viewing the list on the Discovered Network map, you may select just one or multiple devices using the check boxes at left, then click Start/Update Monitoring on the information card that appears to begin monitoring or update applicable information for the device(s) on the My Network map view. Selecting devices on the grid also allows you to hide, delete, or rescan connectivity from the information card using the respective icons.
115
My Network
List View If this is the first time logging into WhatsUp Gold or clicking on the My Network button, you are taken to the My Network List view. Again, when you log out of WhatsUp Gold, it will remember which page you visited last and will return you to that same page the next time you log in.
The My Network list view looks and works very similar to the Discovered Network list view with a few major differences. The My Network only displays those devices which are being monitored. The List view has the Monitor Legend tab which displays the monitor legend which consists of UP, Up with down monitors, Down, Maintenance, Unknown, and Unknown with down monitors.
There is the Filters & Overlays tab which has the filter which works exactly as the Discovery List filter but it does not contain any of the filters for discovery because the My Network only displays devices which are being monitored. Overlays are a way to enhance or remove details to the list or map views of the My Network.
There is the Groups tab which shows a list of all of the default or user added groups contained within WhatsUp Gold.
Also, you may click the export button to export the list of devices which are currently displayed, in Excel (XML), CSV, or TXT file formats.
Clicking on the Display Map button will take you to the Map view.
My Network
5
116
Map View WhatsUp Gold 2017 My Network map view is also very similar to the discovered network map; the legend is almost identical, filter, zooming, selecting options, along with returning to the list view as well as a hybrid view of My Network, are identical.
What sets the My Network map view apart from the discovered network map view besides only displaying those devices which are currently being monitored is the use of the Overlays.
Overlays Overlays give the ability to enhance or remove the level of map detail by applying the different overlays. There are five overlay options available:
Device Overlay
Device Connectivity
Dependency and Link Status
Wireless
Virtual You may have anywhere from 1-5 overlays selected. You must have at least one overlay selected (it will not let you remove them all).
Icon Description
Devices Overlay displays monitored devices in your network.
Network Connections and Link Status Overlay displays devices with their network connections, showing what devices are connected to what devices.
Device Dependencies overlay This overlay will also show any decencies links, that have been configured on your devices. The dashed arrow will start on the device and point to the device it is dependent on.
117
Wireless overlay displays the wireless network(s). Showing the virtual connections between the wireless controllers and access points, as well as, the connection from access points and wireless clients. Wireless clients will only show when wireless overlay is selected.
Virtual overlay displays virtual environment(s). This includes virtual devices with both VMWare and Hyper-V, their hosts and guests. When you zoom into the map with the overlay enabled, there are additional icons (called badges), that appear next to the device icons. These badges depict the roll the device has within the virtual environment.
Icon Description
VMWare VCenter
VMWare Data Center
VMWare Cluster
VMWare Host
VMWare Virtual Machine
Hyper-V Host
Hyper-V Virtual Machine
Overlays operate similar in the list view with the exception of the wireless and virtual overlay. Wireless clients do not display in list view nor do the badges nor data centers display.
118
Layout Options
Additional Features Common to both
views
Legend The legend on the My Network views is very similar to the legend on the Discovered Network views. It is found in the lower left hand corner of the map view or Monitor Legend tab in list view. It explains the device icons:
Up
Up, with down monitors
Down:
Maintenance
Unknown
Unknown, with down monitors The legend in the map view can also be minimized by clicking on the down arrow. Click the Up arrow to restore it to full size.
Icon Device Description
A green ring indicates the device is Up. It is operating as expected per the specific active monitors assigned and enabled.
A green ring with a red dot indicates the device is Up, but has one or more active monitors reporting down.
A red ring indicates the device is Down. All active monitors must report down.
A yellow ring indicates the device is currently in Maintenance Mode. The device will not be polled, actions will not be triggered, and activity will not be logged until it is taken out of maintenance mode.
A light gray ring indicates the status of the device cannot be determined because WhatsUp Gold was unable to successfully communicate with and/or gather useful data from the device when polled.
A light gray ring with a red dot indicates the 1st critical monitor is down.
119
Library Icons At top right corner of the map view or list view when one or more devises are selected, there are two icons used to access the most common libraries used for WhatsUp Gold device management, Credentials and Monitors. Clicking on either will open a visual representation of the either library displaying all current credentials or
monitors. With either the credentials or monitors dialog open, click the plus icon to add a new credential or monitor to the respective library. You may only add new from here and may not edit. If you do need to edit a credential or monitor, click the library
icon to open the corresponding library to add, edit, or delete.
To add a credential or monitor, simply select one or more devices in the list or map view, select the credential or monitor, then click the Assign to selected ... button to apply to the device(s). You may only add a single credential from the credentials library or a single monitor from the monitors library to a single or multiple devices using this method.
120
Filters The My Network filters work exactly as they did in the discovered network, except there are not the options to filter on the Discovery Status. To access the filter you click on the funnel icon in the upper left hand corner of the map view, or the Filters & Overlays tab of the list view. Once it is selected the menu will appear.
The filter menu is divided into multiple sections:
The Filter text, Brand, Location or Name/IP Section: You enter an IP address, Name or a location name to be used
Roles-Dropdown menu: shows all default and custom roles
Credential Types-Dropdown menu: Shows available credentials that can be applied
Operating system-Dropdown menu: Shows the available Operating systems
Monitored Status-Dropdown menu: Selects desired status; Up, Down, Maintenance, Unknown, etc…
As you type the filter text box WhatsUp will match what is being typed in the appropriate fields. Selecting the filter type will apply the filter. WhatsUp Gold allows for multiple filters to be applied.
You can apply as many filters as you want until you run out of room on the web page.
In the map view, the devices that do not match will
remain on the map but are subdued nor are they
selectable. All the devices matching the filter will
remain normal, non-subdued, and selectable.
In the list view, only devices which match the filter
are displayed in the list.
To remove the filters by clicking the X next to the
filter name or click the Clear All to remove all the
filters.
121
Map view layout WhatsUp Gold’s My Network map allows for 2 different views. There is an Auto Layout, which automatically arranges devices based on connectivity. Then there is a custom Layout allowing each map to be customized in configuration, shapes and annotations.
Auto Layout Auto Layout is the default view and is the one you see when you first log into WhatsUp Gold. The devices is automatically arranged according to connectivity and other factors. Anytime you re-click the Auto Layout icon the
map will attempt to redraw the map keeping any links lines from overlapping.
This layout gives you the option to view all the devices in subgroups. This option is checked by default. When selected, the view shows devices in the group selected and all of its subgroups, but will not show any groups. When unselected the view shows only what is in the group selected, be it devices and\or groups.
Custom Layout Custom Layout allows for full customization; arrangement of devices, adding of shapes, images and annotations. This layout allows to the
addition of background images/maps then placing each device on the map where it is located.
122
Customizing the Map
Device Groups Using device groups in WhatsUp Gold helps to quickly find and diagnose problems within the network environment. WhatsUp Gold allows for as many device groups as needed to organize the network in a way that is meaningful to the layout of the network and its monitoring needs. When WhatsUp Gold starts monitoring the devices it places them into 2 types of groups.
Physical Groups (non-dynamic)
Dynamic groups
Physical Non-dynamic groups are referred to as “Physical groups,” or simply as “device groups.” When you start monitoring a device, you can select a physical group to place the devices in. By default WhatsUp will place all the device in the physical group “Discovered Devices”.
The Physical Groups icon, will show the worst state of any device with in that group, in the lower right hand corner. This allows you to get an
indication of the status of your devices before even going into the group. Physical Groups also make use a group access rights allowing you to restrict read and write access to the group and devices.
Since the inventory remains static, Physical Groups best used for:
Mapping
Inventory
Dynamic All devices discovered on your network are placed into a single dynamic group named ‘All devices’ by default. Additional groups are created automatically when SQL queries search for devices based on user-specified criteria during discovery. These are referred to as dynamic groups because group membership can change automatically based on the data WhatsUp Gold receives from the devices. There are two types of dynamic groups that exist in WhatsUp Gold:
Layer 2 dynamic groups
WhatsUp Gold dynamic groups. WhatsUp Gold Dynamic groups are created by SQL queries based on user-specified criteria, or by WhatsUp Gold background processes.
123
By default, all devices discovered on your network are placed into a dynamic group named “All devices (dynamic group)” and there are also a number of examples of common devices sorted in a device group named “Dynamic.
Group Examples.” These advanced dynamic groups do not have customizable maps available, but allow you to specify rules for dynamic membership of devices in the group.
As new devices are added to being monitored or updated by WhatsUp Gold, each dynamic group may contain any number of the new devices found by WhatsUp Gold depending on the criteria used by the group, or may contain no devices at all. Dynamic groups can be created for specific device types, device attributes, active monitors, or anything else that is stored for individual devices in the database. They will also update automatically showing the most current results.
The WhatsUp Gold Dynamic Group Icon will not show the worst state of the devices with in the group.
You can find dynamic groups built by other WhatsUp Gold users in the forums. https://community.whatsupgold.com/library/dynamicgroups
Layer2 Groups currently use the same Icon as a physical group and will show the worst state of any device within that group. During the discovery process WhatsUp Gold gathers Layer 2 data: information related to the physical
connectivity between your network nodes. Detailed information about your devices, their interfaces, connection speeds, and addressing is all compiled into a set of results that allow WhatsUp Gold to automatically generate integrated topology maps showing both Layer 2 connectivity and Layer 3 addressing information. With auto-discovery and dynamic mapping, you get accurate up-to-date port-to-port connectivity and topology information at all times. This helps in troubleshooting by making it easier to determine data paths. It also helps ensure compliance with audits, such as PCI DSS, FIPS, and HIPAA, by gathering and storing inventory information about your devices.
You can use Map Devices and Connected Devices to build customized Layer2 Groups. The filtering options allow you to dynamically choose which device types to display on your map, and to do so based on device connectivity data.
124
Layer 2 groups share properties of both Physical and Dynamic Groups. The Graphic below shows the shared aspects.
Physical Groups and Layer2 map groups show the worst state of any device in the group on the Icon; they also make use of access rights to control read and write access to the group.
Layer2 Map Groups and Dynamic Groups are updated automatically to show the most current discovery results, as well as, make use of filters to include and exclude devices.
At any time you can refresh the device details and its connectivity. Just select the device(s) or group click on the Action Menu and select refresh device Details or Refresh Connectivity.
125
Tools WhatsUp Gold allows customization of the My Network map using a suite of drawing tools used to annotate and enhance the level of detail to represent the network work environment more accurately. To begin customizing the map, click the “Custom Layout” icon” to disable the automatic map arrangement defined by WhatsUp Gold. Next click the pencil icon, in the bottom right hand side of the map, to display the map editing tools.
If you are still on “Auto Layout” the pencil will not be displayed
Annotations When in custom layout WhatsUp gold allows for the additional of multiple shapes, images and annotations to the map.
Icon Description Line Segment: Used the mouse to draw a line. Grab the
end of a selected line to rotate the line.
Rectangle: Click on the map for a starting point, then drag the mouse to expand the rectangle. Use the guide boxes to change height and width.
Circle: Click on the map for a starting point, then drag the mouse to expand the circle. Use the guide boxes to change height and width.
Network Cloud: Click on the map for a starting point then drag the mouse to expand the cloud. Use the guide boxes to change height and width.
Image: Opens a dialog box to select an image. WhatsUp Gold will then upload the file for use. Click the mouse at the location for the upper left corner. Use the guide boxes to change height and width.
Text: Click on the map to select a starting point for the text. Type your text in the Sample Text box in the Style area.
You may also select to always show labels. With this option checked, the labels will always show no matter the zoom level of the map. And the Clip device names option. This will truncate long device names to 10 characters long and append ellipsis to the end.
126
Style Style controls allow for changing the options of a selected Shape or text. Many controls can be seen with any shape, while a few are dedicated to certain shapes or Text.
Icon Description Fill: Allows for changing of the fill
color of the shape.
Fill None: Checking the box removes any fill color.
Line Width: Set the boarder width of any shape. When on Text it is similar to Bold increasing the thickness of the line weight.
Stroke: Changes the boarder color of any shape.
Corner Radius: This control is specific to the rectangle shape and will control the radius of the corners.
Bold, Italic, Underline, and Strike Through: These controls are specific when dealing with Text added to the map. Allows the text to be Bolded Italicized, Underline and\or Strike through.
Size: Again specific when dealing with the Text. Let’s you set the font size of any text.
Edit Controls The controls in this area allow the shape, image or text to bring to the front, send to the back, locked, unlocked, cloned, or deleted.
Icon Description
Bring to Front: Brings the selected shape forward.
Send to Back: Sends the selected shape back.
Lock: Groups the selected images together to act as a single image.
Unlock: Separates the grouped images back into individual images.
Clone: Makes a duplicate of the selected shape. This control will not clone a device.
Delete: Deletes the selected shape.
127
Custom Links in a Custom Map Since you can only customize Physical groups and Layer-2 groups, you may have the need to add your own custom link lines between devices or a device and a subgroup.
When you select two devices, a device and a group, or two groups while editing the custom map, you are presented with the custom link button on the group device card.
Clicking the button adds a link between the two and allows naming the link at each device.
You may also, for a devices only (not a group), you may add a monitor to the link which will show the link status.
Clicking the under the link label opens the monitor picker allowing the selection of which monitor to apply to the link at the specified device.
Once a monitor is added, clicking the under the link label will remove
the monitor from the link.
128
Device Information
Information Cards Select any device on either list view or map view to display its Device Information card which displays extensive information about the device. There are multiple sections depending on the device’s role and it’s status. Some information that will show is the devices identity, status, role, Performance monitor’s last polled value, group membership, credentials applied, virtual or wireless information. It also provides controls for accessing dialog screens for:
Device Properties
Device Status Action Menu gives a dropdown or basic actions related to a device.
Choosing an action from this menu performs that action to each selected device.
129
When multiple devices on this map view are selected, the action menu changes to display a dropdown of group management actions.
130
Device Properties
Device properties Dialog Any device on the network will have certain properties associated with it, such as the configuration stored locally on the device and data associated with the device’s hardware and software. In WhatsUp Gold, the concept of device properties encompasses a wide array of information, including generalized data pertaining to name, vendor, serial number, release version, etc. provided by the vendor, as well as IP address, location, contact, etc. configured by the network or server Administrator. In addition, WhatsUp Gold assigns credentials, monitors, tasks, etc., as configured by the WhatsUp Gold Administrator.
Device Properties Interface The Device Properties interface displays available data about the selected device itself and its assignments. Upon accessing Device Properties, identifying information for the selected device as well as its current status and notes about its initial discovery can be seen at the center of the interface.
At the very top of the Device properties dialog is the device picker, actions, and status reports menu.
The device picker allows selecting another device’s properties without closing the dialog window.
The device status button exits the device properties page and takes you to the selected device’s status dashboard.
The action menu allows applying different actions to the device. There are also buttons to take you to the help menu, expand the properties to full screen, and where you exit the device properties.
System Status and Properties The System Status and Properties section just below the menus, is where the host properties, device role classification and status information is displayed. The Device Summary lists basic information about the device. Clicking the link text (Edit or Configure) allows you to edit that area (Display Name, Host Name, IP address, SNMP OID, Role, or Notes).
131
Keep Details Current allows a discovery scan to update the devices automatically when enabled (default setting).
Device Center Monitors Tab
Allows browsing, applying, configuring, or deleting active, passive, and performance monitors to the device. Also contains links to directly access the monitors library and the actions and policies library if a monitor or action/action policy is not available for use with the current device.
Critical monitoring may also be enabled and set up using the Setup Critical monitoring link to access the critical monitor dialog for the device.
Polling tab
The polling tab allows adjusting the polling interval for the device as well as the target IP address and setting up device dependencies for the device. Recurring Maintenance schedule may also be added to the device on the polling tab by clicking the
. You may also edit or remove the maintenance schedule as well.
132
Actions Tab
The actions tab allows adding Action Polices or individual actions to be applied to the device which can send notifications, log events, execute scripts or programs.
Credentials Tab
The credentials tab allows viewing, editing (changing), or deleting credentials associated with the device. Also allows directly accessing the Credentials Library if you require to add a new credential to WhatsUp Gold.
133
Attributes Tab
The attributes tab enables you to view device system and host descriptions, modify some of this information, and populate user defined attributes (such as Contact Information). Most fields are populated at discovery time such as device MAC address, device name, and so on. For example, for a Windows device, Discovery pulls in system and host information (Computer Properties) as attributes.
Other fields, such as contact information, can be auto populated at discovery time using custom role definitions or edited through the Attributes panel.
Roles Tab
The roles tab allows browsing, changing, applying, and removing the roles applied to this device during discovery. Primary Role is considered the main function of the device on your network. Sub Roles are the device’s secondary, tertiary ... functions the device holds in the network.
134
Inventory Tab
The Inventory tab is displays tables of system-specific, host, OS, chassis and layer 2 connectivity data reported by the selected device when discovered/rescanned. The inventory provides complete views of the device management information.
Richness of information depends on credentials available at scan time. Information available depends on device role/type. (Windows devices will
show updates, switches show ARP cache, for example.) Information is read-only from this view. Links Tab
The links tab presents any user-defined URLs associated with the selected device.
135
Tasks
Configuration Management allows you to manage and run scheduled tasks as well as modify and compare configuration archives assigned to the selected device. This option will only be available if you are licensed for Configuration Manager, default with Total
Plus.
136
Application Monitoring
Services and devices running on a network sometimes play a small role in a much larger system, one spanning across multiple servers and appliances and hosting a variety of critical resources. Each of these devices itself makes up a standalone element that can be monitored individually, perhaps using WhatsUp Gold to check the status of that device and to report or alert accordingly. However, this status information is much more insightful when the availability of the entire multi-part system is taken into account. For example, does the entire system rely upon a single resource for connectivity or authentication? What happens if that resource fails: is there a backup already in place, or another method that can be used in the interim? When should the status of the system be considered “Down,” and when should it send a warning of a possible failure? Should redundant systems be verified independently, or as a part of a more complex environment? Answering these monitoring questions is the crux of WhatsUp Gold Application Monitoring.
Application Monitoring (APM) provides you with the logical tools needed to monitor any type of complex network infrastructure where multiple systems or applications are present and the availability of these applications must be verified. APM allows you to dissect an application into its component parts and to monitor these individual components, giving you a detailed view of the overall status of the application by looking at the sum of its elements. The services, processes, software, hardware, and core infrastructure in use by an application can be monitored in a manner that provides not only a detailed view into the status of the application itself, but also the flexibility to group these sub-systems together. APM’s interface provides simplified management of each element and testing of individual components at different physical or virtual network locations. Using a system of actions and policies contained within libraries, you can configure alerts that fire when your resources are unavailable, and track the performance of your applications via management-based component checks.
Application
Monitoring
6
137
Devices in APM Nodes on your network are referred to as devices in APM, a term that is used for all computers, servers, routers, switches, firewalls, appliances and hosts. These networked devices provide the framework for your applications, with each device offering a set of services or resources that might be in use by one or more applications running on the network. When monitoring the elements of each application in APM it becomes necessary to connect to and query these devices for information, and each of these connections is unique according to the type of service being hosted on that device and the role the device fills on the network. Some devices are considered to be Server Devices, and might be monitored for services such as Active Directory, HTTP, SMTP, FTP, or SQL. Other devices are seen as Network Devices and would be polled for interface utilization, interface errors, CPU usage, or the availability of a VPN tunnel. Together, all of these devices work to provide each application the resources and connectivity it needs to fulfill its assigned role(s).
Using APM to monitor the status of an application first requires that any devices in use by the application are available for monitoring within WhatsUp Gold. In the case of an advanced application this could include multiple devices, each providing a critical resource used by the application. These devices are queried for availability, service status, connectivity, and performance, and the worst overall status of all dependent devices and resources then becomes the status applied to the application itself.
Applications in APM Applications within APM are backend network application and not end-user type applications like Microsoft Word or Adobe Reader. The most common type of application that you may encounter is a web application. The most common type of web application is Microsoft’s SharePoint Server. A web application typically consists of a server of some type with a web server service running on it, like Microsoft’s Internet Information Services (IIS) or Apache HTTP Server. A web application also typically has some type of backend database running on another server. WhatsUp Gold, by default, supports the following applications:
Cisco Unified Communications Manager | Microsoft Windows Server
Microsoft IIS | Microsoft Active Directory/Domain Controller
Ipswitch WhatsUp Gold | Microsoft SQL Server
Ipswitch IMail | Microsoft Lync Server
Microsoft Exchange | Microsoft SharePoint
Microsoft Hyper-V Server | Oracle Database Server
138
Definitions Application: An application is made up of one or more programs running on one or more monitored systems
There are three distinct application types leveraged by WhatsUp Gold:
Simple application: A simple application is an application that is not dependent on another application to run
Complex application: A complex application is an application configured to be dependent on one or more applications to run
Discrete application: A discrete application is an application upon which a complex application has a dependency.
Application Profile: An application profile is a blueprint for monitoring a given type of application within WhatsUp Gold. It defines the collection of components and distinct applications that reflect the health and status of a specific type of application
Application Instance: An application instance is a running copy of an application profile that monitors the defined collection of components, distinct applications, and thresholds necessary to define the health and performance of a given type of application. An application instance can extend the application profile by adding components, component groups, or discrete applications. The application profile is not changed when an application instance is extended.
Component: A component is a single data point collected as part of an application profile (e.g., CPU Utilization)
Application States Application States within Application Monitor are similar to the device states used with Active Monitors with some distinct differences. Up in Application Monitor like everything else in WhatsUp Gold meaning your application(s) is/are healthy and responsive. If an application stops responding or responds differently than expected, down. Depending on the severity of the outage it will show a warning, which means that part of the application could be down, but the full application is still running, but needs attention. And there is also a maintenance state.
139
Application Profiles An Application is a group of devices, services, and resources that operate together to perform a specific function on your network. For example, this could be your company web server that hosts an internal wiki site, or a mail server used to interact with your clients. The application itself might rely on a team of authentication servers, database servers, and hardware utilities to host its content, and a disruption in any of these background devices would result in the application becoming unavailable.
These backbone devices may have their own set of dependent hardware and server devices on the network, elements they rely on to operate correctly. Many times, external systems exist separate from the workstations you interact with on the network and the networks hosting applications, making it more difficult and complex to monitor the entire application.
An Application Profile in APM is a template that is used whenever an application of a particular type is created. Every application profile carries with it a set of configuration options, including identification information, functional settings, a version number, and monitored items (called Components).
Usually an Application Profile is made up of multiple components, each with their own unique configuration options. Application profiles are also often grouped by their type, such as displaying all Microsoft applications together, then grouping specific application profiles together according to their settings.
End-to-end monitoring of the Application Server in the diagram above would require connecting to a number of different devices on the network using a variety of connection methods. After gathering data from the Database Server and the Authentication Server,
140
as well as the Application Server itself, the true availability of the application could be verified and displayed within APM. These devices in turn utilize a dedicated Storage Appliance being managed by a Workstation, a system that might be monitored as a standalone application in APM. All of these elements can be grouped into a single Application Profile: a collection of network components used in the monitoring of an application.
Importing and Exporting Application
Profiles Tools found in the APM Application and Profile setup allow you to interact with other APM users by sharing Application Profiles. You are able to connect directly to the WhatsUp Gold Community site from within the APM interface to download Ipswitch and user-created application profiles, and also import an application profile sent to you by another APM user and saved to the local hard drive. In either case, importing a profile allows you to get set up with a new application type very quickly, and to monitor an application identically in two separate installations of APM. Likewise, application profiles can be exported from APM to the local WhatsUp Gold server, allowing you to send a profile to a colleague that has a similar network configuration. You can also publish your application profiles to the WhatsUp Gold Community site for other APM users.
Sometimes it is best to import an application profile to use as a starting point for monitoring of a resource, then to tweak the profile for your particular network configuration after adding it to APM. Using Microsoft’s SharePoint as an example, one network may have a very generic installation of SharePoint, one that would be covered by importing an application directly from the community site to and using it as-is. By importing an application for SharePoint and adding it to APM you can very easily start monitoring this application using options that suit most basic installations of SharePoint that are available, and modifying these settings only when needed, in order to tune the application to your environment.
However, another SharePoint installation on a different network may make use of the more advanced installation options, such as a connection to a remote MS SQL server for data storage, utilization of an IIS web server farm for hosting the web content, and relying on an Active Directory server to verify access to the website. This installation spreads the SharePoint application across multiple devices and makes use of additional resources not covered by the generic SharePoint application profile, so much so that building an application profile from scratch would allow you to direct your monitoring
141
according to that exact installation. This second example would normally require very complex and involved configuration in order to monitor the entire SharePoint application from start to finish, since it relies on a number of dependent (or discrete) applications for functionality. In this example it would be easier to import generic application profiles for any discrete applications used by SharePoint (IIS, SQL, and Active Directory), and to configure these applications as standalone elements in APM. Then, create or import an application profile for SharePoint itself and add the discrete applications to it. You can always modify the SharePoint application profile later by reconfiguring these discrete background applications, and in using this approach you can “re-use” the discrete applications multiple times, such as adding the MS SQL application to a different profile monitoring the WhatsUp Gold system.
Application Instances Once an application profile is created or imported and configured to your liking it can be used to generate individual instances of the application for monitoring in APM. Whereas the application profile is a template of an application on your network, each application instance acts as a unique copy of that application, meaning it can be modified to monitor each application instance on your network more accurately. You can have as many instances of an application profile as required, but remember, licensing in APM is handled at the Component level, so re-using application instances is a smart way to limit the number of component checks you perform. Whenever possible, avoid duplicate application instances, as having them in place not only increases the polling load for APM but also the associated licensing count.
It is always a good idea to test a newly configured application instance before saving it to APM, along with testing each component within. This allows you to identify and work through any connectivity issues or problems with the configuration of the instance, and to verify that the instance will operate as expected. Testing an application instance also shows you the current values for each component and how that compares to the thresholds configured for each component state, allowing you to re-evaluate the default threshold values.
142
Application Discovery Unique application instances can be quickly created, tested, and applied to the network using the Discover Applications utility in APM, which allows you to select a list of devices from the WhatsUp Gold device list and to query each device for the availability of a series of applications. Any time an application is found to be running on a device in your network, that unique Application and Device combination is saved as discovered application instance, allowing you to add instances to your application profiles very easily. This functionality makes it simple to take an existing WhatsUp Gold network and determine which types of applications are running on the network using Credentials and Devices from WhatsUp Gold.
To be discoverable, an application profile must have at least one discoverable component associated with it, and at least one device from the selected device WhatsUp Gold device group must have those that component running. To use your custom application profiles in Application Discovery ensure the “Use in discovery” option is selected when adding or editing its components.
143
Maintenance Mode
As described earlier, an active monitor expects a response from a monitored device, otherwise the monitored device will be considered down. This would create a problem if a device needs to be taken down for maintenance.
Maintenance mode is a feature within WhatsUp Gold to alleviate this situation.
Maintenance Mode Characteristics Any Device placed in Maintenance mode:
Will not be polled
Actions will not be triggered
Actions set up to trigger when going in or out of maintenance mode will trigger
Any activity be logged A device in maintenance will show up in yellow\orange with the wrench, when zoomed in, the wrench will be in the lower left hand corner Maintenance mode also has the ability to set a reoccurring maintenance schedule for a device
Actions
7
144
Are you sure your device or monitor is
responding correctly? You are able to determine the state of your device with Device States these Stage Changes are dependent on a time period.
Down state (not responding - 0): Means it just reported down and WhatsUp continues to poll the device. After 2 minutes there is another state change to down at least 2 min you can also add addition device states
Maintenance Mode we will get into later in the class when we deal with actions but in short it is a way to show the device is in the middle of a planned maintenance window. WhatsUp does not Poll the device and the shapes and colors are still left from previous versions and will not affect the Web Interface in V17.
State Changes are dependent on a continuous time frame regarding if it is up or down. State changes are currently only available to customize through the Admin console; Under Configure > Program Options > Device States
Actions WhatsUp Gold actions are designed to perform a task as a device or an active monitor state change occurs, or a passive monitor condition exists. Actions can try to correct the problem, notify someone of the state change, or launch an external application. As you configure an action, you choose the task it is to perform. Also, when you configure an action, you choose whether to assign it to a device, or to an active or passive monitor.
To check the status of an action, or to cancel an action, in the WhatsUp Gold console go to Tools > Running Actions.
Notification Type Actions Notification type actions are separated into two different catagories:
Audio / visual actions
Messaging actions
145
Audio/Visual Actions Audio / visual actions will play a sound or display a visual notification in the WhatsUp Gold web admin. There are three sound actions that you may apply.
These sound actions will only sound on the WhatsUp Gold server and only if there is a sound card installed.
The default web alarm will display in the WhatsUp Gold web admin. The web admin must be open and logged into for it to display. The default web alarm is persistent, meaning that the alarm will continuously return unless it is dismissed. If the web admin is closed, the web alarm will continue to run in the background until someone logs into the web admin and dismisses it. The default web alarm will also play a sound if the machine where the web browser is being utilized has a sound card installed.
It is recommended that you only use the web alarm if you have someone continually monitoring the web admin.
Messaging Actions Messaging actions include:
Beeper Actions
Pager Actions
Text to Speech
E-mail Actions
Texting actions which are o SMS Action o SMS Direct
146
Beeper and Pager actions may sound old, but they are still applicable in the medical arena. They require a modem to be installed, or some other way of sending a message to them.
The Text To Speech Action plays a message entered as text in the message configuration.
Texting type actions include SMS action and SMS direct actions.
SMS action requires a modem connected to the WhatsUp Gold Server to dial out and send the text to the recipient device.
The SMS direct action utilizes a GSM modem, a specialized type of modem which accepts a SIM card, and operates over a subscription to a mobile operator, just like a mobile phone, to send text messages to the recipient device.
You can set up an email action to send a text message to a mobile device. Almost all cellular providers have an email address, typically <phone number>@provider.com, which does not need a modem or GSM modem.
E-mail Actions allow you to send an email directly through your e-mail server or e-mail provider to the desired recipient(s). E-mail actions are fully customizable. You may customize the Subject line and the body of the message. The body can be sent in either plain text or in HTML. To utilize HTML, you would
select the HTML radio button, then enter your HTML tags you wish to use to make the email as robust as you want. E-mail actions are also customizable by utilizing WhatsUp Gold Percent variables. Percent variables pass information about the device or monitor to the action. You may use them in other actions and not just email actions.
147
A complete listing of all WhatsUp Gold percent variables are listed in the help files. (http://docs.ipswitch.com/NM/WhatsUpGold2017/03_Help/1033/index.htm?42503.htm?zoom_highlight=Percent+variables?toc.htm)
Executable Actions Executable type actions are those that can execute some other type of action like running a script or launching a program. There are two types of script actions:
Active Script Actions
PowerShell Script Actions
Active Script Actions allow you to write either VBScript or JScript code to perform a customized action. If the script returns an error code, the action failed. This script has a context object you can use to get specific information about the context of the action.
PowerShell action delivers a robust and flexible environment to the experienced user for developing custom actions through direct access to script component libraries, including the .NET Framework. For more information, see PowerShell script examples.
The other type of executable actions is the program action. Program Actions can be defined to launch an external application. You provide the full path to the executable, the running directory, and any program arguments you need to launch the program.
148
Logging Actions Logging Actions are used to send log information to various resources. Logging Actions Include:
Log to Text File
Syslog Action
Windows Event Log Action
Log to text file action will write a custom log message to a text file. You will specify the full path of the location of the log to write. An option to append to an existing file or overwrite an existing file. The log message that will be written to the file supports percent variable.
Syslog Action will send a Syslog message to a host that is running a Syslog server. You will enter the IP address and port number, typically UDP port 514, of the Syslog server. The message will be your custom syslog message which may include percent variables. The Syslog message box limits input to 511 characters. If notification variables are used, then the message that actually gets sent is limited to 1023 bytes,
in order to comply with the Syslog protocol. Non-visible ASCII characters such as tabs and line feeds are replaced by space characters.
Windows Event Log action allows you to configure log messages to post to the Windows Event Viewer. You must specify the source, which is the origin of messages logged to the Windows Event Viewer. The default source is the Ipswitch WhatsUp Log Action. You must also enter an event ID, select a level for the message, and the log message that displays
in the Windows Event Viewer which supports percent variables.
149
Management Actions Management type actions consist of
Configuration Management Actions
VMWare Actions
Configuration Management Action creates a new action or configures an existing action in the WhatsUp Gold Actions Library.
Configuration Management is available only in Total Plus
Proactive or Self-healing Actions Proactive actions or self-healing actions are actions are actions that can be applied to try to correct a situation or be proactive in fixing a situation where an active or passive monitor has tripped.
Service Restart Action starts a previously stopped service. The service restart utilizes WMI credentials only. It has a command option that will allow stopping as well as starting a service on a device.
Recurring Actions Recurring actions (SETTINGS menu > Scheduling Activities > Recurring Actions) enable users to fire Actions stored in the Actions Library based on a regular schedule, independent of the status of devices.
Recurring actions can perform tasks such as sending checkpoint messages through email or SMS text letting users know a system is up and running.
150
Blackout Schedule and
Policies
Blackout schedules and policies suspend specific actions they are applied to during a scheduled period of time.
Weekly Blackout Schedules Weekly blackout schedule is the blackout period assigned to individual actions. They are stored along with the individual action and are applied only to that action.
To add a blackout schedule to an action.
Select Device
Click Monitor Setup
Select Monitor which has the action applied / to be applied and edit
In the Setup Actions For Monitor State Changes dialog box o Add or Edit action to apply blackout schedule
In the action builder dialog click Blackout Schedule button
The Weekly Blackout Schedule dialog appears. o Set the times for which you want the blackout to occur.
151
Blackout Policy
Blackout Policies are applied to Application Monitoring actions or Alert Center notifications. Blackout Policies are stored in a shared library between the two. If you create a blackout policy for an Application Monitoring action, the same blackout policy may be applied to an Alert Center notification policy or visa-versa. To add a blackout policy:
From either Application Monitoring Action Policies (SETTINGS > Application Monitoring > Application Monitoring Actions and Policies) or Alert Center Libraries (SETTINGS > Alerts & Actions > Alert Center Libraries) dialog
o At the bottom click on Blackout Policies to expand.
Click Add button o The New Blackout Policy Dialog appears
Enter the appropriate information: o Name. Enter a unique name for the blackout policy. o Description. Enter additional information about the blackout
policy.
Click and drag to select the blackout periods you want to create.
Click Save
152
Application Monitoring Actions and
Action Policies Application monitoring has its own set of actions. You may apply many of the same actions are you can with standard WhatsUp Gold actions. Application Monitoring actions include: Active Script, E-mail, Log to file, PowerShell Script, Program, Service Restart, SMS, SMS Direct, SSH, Syslog, VMWare, and Windows Event Log actions.
Application monitoring actions have their own set of unique percent variables. This provides the means to include information about your applications, devices, and the Application Monitoring system in your alerts. These variables are used to send detailed statistics about the outage or as a way to provide device and application data to a proactive action like a PowerShell script.
The main difference between standard WhatsUp Gold actions and Application monitoring actions is that you cannot directly apply application monitoring actions directly, they must be applied in an Action Policy.
153
Application Monitoring Actions
Application Monitoring has its own set of actions which are accessed under:
Settings>Application Monitoring>Application Monitoring Actions and Policies
This is going to open up the library where you can add, edit, and delete the actions. There are no default actions within Application Monitoring, so you have to add all actions that you want to use.
All of the action types available for Application Monitoring are the same as the actions that can be applied to devices or monitors, except there are fewer types available
Application Monitoring has its own unique set of percent variables which provides the means to include information about your applications, devices, and the Application Monitoring system in your actions.
With Application monitoring, you may not directly apply actions to an application, profile, or component like WhatsUp Gold actions may be applied directly to the monitor or directly to the device. You must use an action policy to apply an action.
154
Action Policies The main reason why an action could not be directly applied, is because the state changes within Application Monitoring are handled differently than how they are with WhatsUp Gold active monitor states.
WhatsUp Gold Active Monitors go from UP to DOWN, DOWN to UP, Maintenance to UP ... Application Monitoring has the WARNING state as well.
In the Action Policy, there are four tabs, one for each of the state changes of UP, DOWN, Warning, and Maintenance.
Each tab if configurable for going into that state from the other four states, which includes Unknown. Which means there are 256 possible state changes that can be configured. And each of the four states per tab is configurable for a time period of minutes, hours, days, weeks, or months to determining the duration of the state change or how long the component remained in the previous state.
Once a state change has occurred it is up to you to decide which actions to fire as a result of that outage. This is done by defining Action Rules and applying those rules to application states. By configuring certain actions to fire only for a very specific set of
circumstances, and configuring a delay in the actions defined for a given state, you are able to make use of an
unlimited number of
configuration options
covering every avenue of alerting. As important as the severity of the issue is the duration: an application staying in the Warning state for a number of hours before going Down is less severe than an application only showing the Warning state for a few minutes, or one going immediately from Up to Down. For this reason, consider the amount of time a state change persists whenever you are creating a new action policy. You may want to wait a number of minutes before sending an email to make sure the device is really
155
unavailable, or set a certain amount delay before alerting a higher-up, giving you a chance to fix the issue first. Then, using the option to repeat an alert, you can make sure notifications are being sent until the issue is fixed.
156
WhatsUp Gold Action Policies Just like in Application Monitoring, you may group multiple WhatsUp Gold actions together creating an Action policy to use with your WhatsUp Gold Devices or Monitors. Action Policies are a time saver when assigning multiple actions to devices. The actions can be assigned on the same or different state changes within the policy. You may assign your action in a sequence to create an escalation policy. This is done by assigning different actions on different state changes. For example:
- Firing an Email action when a device has been down for 2 minutes, with the email going to a small list of “on-call” personnel.
- Sending a second Email to the on-call personnel at down for 5 minutes, in addition to an SMS Action to the Systems Administrator.
- Notifying the on-call team, the Systems Administrator, and the IT Manager at the down for 20 minutes state if the problem has not been resolved.
Once this action policy is created and applied to your devices, you can very easily revamp the policy at a later time to include more actions or reconfigured settings and immediately have that change propagated to all devices configured to use the action policy.
Once this action policy is created and applied to your devices, you can very easily revamp the policy at a later time to include more actions or reconfigured settings and immediately have that change propagated to all devices configured to use the action policy.
The Implicit Action policy automatically assigns actions to all devices in your database. You cannot opt out of the Implicit Action policy and it only assigns actions at the device level.
157
Alert Center Alerts
WhatsUp Gold Alert Center lets you receive alerts for performance monitors, Wireless data, the WhatsUp Gold system, Network Traffic Analysis, and Configuration Management. This notification system operates independently
of the actions and action policies configured in WhatsUp Gold for active and passive monitors.
Alerts are triggered based on a thresholds you set. Thresholds are set up using: Number of items occurring, Item reaches a certain %, MB or GB, Reaches a certain level for a least a given amount of time, or when a specific condition occurs.
Alert Center Thresholds, Notification Policies, Notifications, and Blackout Polices are found under SETTINGS>Actions and Alerts>Alert Center Libraries.
When a device’s or devices’ monitor(s) go out of threshold, Alert Center can send an alert. To distinguish the differences between Actions/Action Policies for Active Monitors or Passive Monitors and Alerts/Notification Policies in Alert Center, the two are completely separate and independent from each other.
Actions and action policies trigger on state changes for Active monitors or trigger on single events for Passive monitors which are all based on the current polling of your Devices. Alerts and Notification Policies in Alert Center scan existing data in the database for Performance monitors and Passive monitors and trigger when thresholds set by you are exceeded.
158
Actions and action policies have multiple action types that can be applied, like the executable
action types, the proactive action types, and the
notification action types. Alerts and
notification policies have
only notification
type alerts and only
include; SMS, SMS Direct, and Email alerts.
With actions and action policies, notification actions are completely user customizable because the messages are send in plain text or HTML. Alerts and notification policies notifications are very limited in what you can customize because the information being sent in a preformatted HTML tables.
Notification Policies To add a notification to an Alert Center threshold, it must belong to an Alert Center Notification policy. A notification policy consists of up to three phases or steps. At each step, you may configure, select, whichever email or SMS actions you wish to send. Between each step, there is a configurable timeline, so you may determine how much time could elapse between them.
In addition, you may set a repetition interval for the final step. Step 1 of the notification policy begins as soon as an item falls out of threshold. You may
specify when steps 2 and 3 begin in the Escalation Steps section of the dialog. You will specify how many minutes, hours, or days steps 2 or 3 will start after step 1 begins.
159
Thresholds Alert Center has five major types of thresholds available out of the box: Performance, Passive, Network Traffic Analyzer (When licensed for it), System, and Wireless. Each category includes a number of different thresholds shown below:
- Alert Center Performance thresholds notify you about performance monitors that have exceeded or dropped below threshold limits. These thresholds make use of data collected by your default and custom performance monitors and saved to the WhatsUp Gold database.
- Alert Center Passive thresholds notify you when passive monitors fall out of the parameters of the thresholds you configure. This threshold type looks at the passive monitors that have been logged by the various Passive Monitor Listeners.
- Alert Center Network Traffic Analysis thresholds notify you on WhatsUp Gold Network Traffic Analysis aspects that fall out of the parameters of the thresholds you create. These thresholds make use of standard and custom filters available in Network Traffic Analysis.
- Alert Center System thresholds alert you on aspects of your WhatsUp Gold system health according to the threshold parameters you configure. Blackout summary, Hyper-V, and VMware thresholds are also shown as System thresholds.
- Alert Center Wireless thresholds relate to your wireless devices and aspects of these devices that fall out of threshold, including wireless access point and client data.
160
Alert Center Dashboard
The Alert Center dashboard can be found under ANALYZE>Dashboards>Alert Center. It provides a centralized location of all thresholds within Alert Center. You can see what notifications are running; select which thresholds to view: either all, out of threshold, or in threshold; filter your alerts by type: performance, passive, network traffic analyzer, system, or wireless; sort by: items out of threshold or threshold names.
161
Dashboards and Reports
Overview Reports are an essential part of network management and are an invaluable for many network operations. They help in daily operations, by displaying alerts, state changes, load utilization, as well as quality of service. They are also used in scheduled and periodic audits, because they automatically gather, audit, and analyze information about your devices. In addition they track performance, status, and utilization of your devices and lastly aid in troubleshooting potential issues with the network, a group of devices, or a single device.
WhatsUp Gold dashboards and reporting are available under the Analyze menu.
There are actually three types of Reports:
Dashboards: Multiple reports on the same screen giving access to perform critical device management, troubleshooting and forensic tasks.
Full-page reports: Display performance and historical data collected during the operation of the application. You can use these reports to troubleshoot and monitor your network and devices. Monitor reports give you a broad data view that can be modified to display data for a given time frame, which is useful in pinpointing the time an event occurred or when viewing multiple graphed items.
Log reports: Display system-wide information and information about the WhatsUp Gold server, and typically do not focus on a specific device nor a specific device group. For example, the Action Log displays all actions for all network devices.
Dashboards
and Reports
8
162
Dashboards A dashboard puts multiple reports all on a single page.
The first type of dashboard is the Home dashboard, Analyze -> Dashboards -> Home Dashboard. The Home Dashboard includes views containing a range reports that survey common performance, availability, and system auditing scenarios. You can also add your preference of reports from the Reports Library to the default Home Dashboard views or to custom views you create.
Those included views with their default reports are:
- Getting Started. Reports for built-in monitors. Good place to check after
you enable monitoring on a device.
o Poller Health. Status of polling service(s) for WhatsUp Gold
management environment.
o Devices with Down Critical Monitors. Status of devices with down
monitors.
o Actions Fired. History of notifications and corrective actions
chained to monitoring outcomes.
o Completely Down Devices. List of monitors that are in down
state.
o Down Active Monitors. Devices with active monitors in down
state.
o Down Interfaces. Down monitors associated with network
interfaces.
- Top 10. Ranked top n list of built-in performance as well as active monitor
(ping) reports.
o Interface Errors. Ranked list of network interfaces reporting
errors.
o Interface Discards. Ranked list of network interfaces discarding
packets.
o Interface Utilization. Ranked list of network interface capacity
utilization.
o Interface Traffic. Ranked list of network interface traffic totals.
o Ping Availability. Ranked list of responses to ICMP echo ("ping")
requests.
o Disk Utilization. Ranked list of storage capacity utilization.
o CPU Utilization. Ranked list of CPU capacity utilization/CPU Idle.
o Memory Utilization. Ranked list of RAM capacity utilization.
163
- Actions & Alerts. Operational summary for monitored devices including
device health, active monitor status, and triggered notifications, actions,
and scripts.
o Actions Fired. Devices that satisfied a policy condition that caused
WhatsUp Gold to invoke an action (corrective action, notification,
backup, and so on.)
o Completely Down Devices. Devices that due to monitor
precedence and policy are considered down.
o Down Active Monitors. Devices with active monitors in a down
state.
- Wireless. Access point performance, traffic, and summaries. Client
volume per wireless segment and rogue accounting.
o System Summary. Remote station (client) inventory, client types,
radio parameters such as SNR and RSSI.
o Bandwidth. (Inbound and outbound wireless traffic comparison).
o Bandwidth Summary. Average total input and output utilization.
Top client station MAC address.
o Client Count. Highest number of wireless clients observed.
o Rogue Count. Remote stations that are not yet identified.
o RSSI. Radio frequency signal strength for given device(s).
o Signal to Noise Ratio. RF signal to noise ratio.
164
Device Status The Device Status dashboard provides a complete system summary and performance survey for a single device. There are multiple ways to get to the device status dashboard; from the device information card, from device properties, or from the Analyze Menu > Dashboards > Device Status.
Device Status dashboard includes the following views and their default reports:
- General. Custom and polled system information and links
o Device Attributes. Table of attribute values, labels, and
descriptions that characterize a single device.
o Device Notes. Notes field associated with the current device.
o Device Custom Links. Add frequently used or critical hyperlinks
by device to dashboard.
- Disk/CPU/Memory. Performance, capacity utilization, and availability.
o CPU Utilization. CPU load metrics.
o Memory Utilization. Memory usage metrics.
o Disk Utilization. Storage usage metrics.
o Ping Response Time. Ping response time for the current device.
- Router/Switch/Interface. Network capacity utilization.
o Interface Utilization. Network traffic across one or more network
interfaces for each device or device group you specify.
- Monitoring. Monitor status, summary, and logs.
o Down Active Monitors. Active monitors reporting a down state.
o Device Active Monitor States. Active monitor health for the
current device (at a glance)
o All Down Interfaces. Interfaces with all monitors or critical
monitor in down state.
o Tail of State Change Log. Last n device state changes recorded.
o Monitors Applied. Monitors configured and applied to the current
device.
o Tail of Action Activity Log. Last n actions recorded and logged to
the activity log.
165
Wireless The Wireless Monitoring dashboard reveals both end-station and access point wireless traffic and Radio Frequency (RF) performance measurements for the selected interval.
The Wireless Monitoring dashboard includes the following views and their default reports:
- Wireless Infrastructure
o Bandwidth. (Inbound and outbound wireless traffic comparison).
o Bandwidth Summary. Average total input and output utilization
and Top client station MAC address.
o System Summary. Remote station (client) inventory, client types,
radio parameters such as SnR and RSSI.
o RSSI. Radio frequency signal strength for given device(s).
o Signal to Noise Ratio. Radio frequency signal to noise ratio.
- Clients and Rogues
o Client Count. Highest number of wireless clients observed.
o Rogue Count. Remote stations that are not yet identified.
- CPU and Memory
o CPU Utilization. CPU capacity usage on the wireless access point.
o Memory Utilization. Memory capacity utilization on the wireless
access point.
166
Virtual Virtual Monitoring Host Details dashboard is a built-in dashboard that reveals data for an individual VMware or Hyper-V host. Use the source selector to choose the host device. While it is in Dashboard format it acts more like a report, meaning you cannot add, remove or modify the dashboard. To create a customized version of this dashboard, create a new view and add, arrange and configure these reports or others individually.
The virtual dashboard consists of two columns, all reports on the left-hand column are for the virtual host and the right-hand for the virtual guests.
The following reports are in the left-hand column:
- Virtual Host Attributes. Host machine characteristics and info.
- CPU Utilization. Host machine VM CPU capacity usage.
- Memory Utilization. Host machine VM capacity usage.
- Disk Utilization. Host machine disk capacity usage.
- Interface Utilization. Host machine interface usage.
The following reports are in the right-hand column:
- Virtual Machines CPU Utilization. VM CPU capacity usage.
- Virtual Machines Memory Utilization. VM memory capacity usage.
- Virtual Machines Disk Activity. VM read/write metrics.
- Virtual Machines Interface Utilization. VM network bandwidth utilization.
Hyper-V and VMWare virtual devices report memory statistics differently.
- When reporting usage, VMWare displays active memory and Hyper-V
displays assigned memory.
- When reporting allocation, VMWare displays consumed memory and
Hyper-V displays memory demand.
- When reporting maximum, VMWare displays granted memory and Hyper-
V displays maximum memory.
167
Application Monitoring Application Monitoring includes a range of reports that allow you to view the performance status for monitored applications on your network. You can also add your preference of reports from the Reports Library to the default Application Monitoring views or to custom views you create.
The Application Monitoring dashboard includes the following view and its default reports:
- Application State Summary. Reveals application status based on profile
type, customized profile, or a specific application instance.
- Running Action Policies. Reveals actions invoked or pending as part of an
application policy implementation.
- Status over Time. Charts application or service availability.
- Application Availability Summary. Reveals application instances, their
current state, and provides quick access to monitor status for a given
instance.
- Application State Change Log. Records transitions in application
monitoring states. By default, it displays the last n events.
- Application Resolved Items Log. Displays a record of the action policies
previously acknowledged in the Running Action Policies report.
- Application Action Log. Records actions, triggers, recorded activities, and
their associated policies.
168
Network Traffic Analysis Network Traffic Analysis Dashboards dashboard enables you to view, analyze, and share observed traffic patterns as well as current and historic network performance data by way of both built-in and custom dashboards.
The Traffic Analysis dashboard provides three
operational views, each with its own suite of reports, charting, graphing along with endpoint, application, and keyword filtering.
- Home. Top n traffic, connections, and bandwidth utilization reports at a
glance.
- Senders and Receivers. Top n interfaces ranked by incoming and outgoing
traffic, geo location, and Internet domain.
- Troubleshooting. Top concurrent connections received/initiated, half-
open or failed connections received/initiated, and traffic hitting non-
standard ports.
Traffic data metrics are collected from any network devices that support:
- flow export
- NetFlow
- NetFlow-Lite
- sFlow
- J-flow
- IPFIX
- SNMP: Returns traffic totals when flow source export is not enabled or
for sampled flow
You manage flow source configuration and collection status from the NTA Sources Library (SETTINGS > Network Traffic Analysis > NTA Sources).
The NTA Source Library provides a table view of:
- Flow sources detected on your network.
- Flow sources you configured manually or automatically using NTA Device
Configuration.
- Devices polled for NBAR traffic totals.
- Groups or individual interfaces providing SNMP or flow statistics.
169
You can use the Potential NetFlow Sources dialog (Settings > Network Traffic Analysis > NTA Device Configuration) for the following:
- View results of flow
export sources
configured and
already advertising
on your network.
- Identify devices that can be used for NetFlow export.
- Status for flow monitor sources already exporting.
- Configure flow monitor sources directly from WhatsUp Gold (click the
Configure button) for those sources that support remote configuration
MIBs.
Note: When WhatsUp Gold has the necessary read/write credentials to access target source devices using SNMP, you can use the Configure button to check if MIB objects needed to perform remote configuration for NetFlow are present in the device's MIB registry
Full Page Reports Full page reports are split into four categories under the Analyze menu; Performance, Network, Device, and Inventory. Many full-page reports are the same reports viewed on dashboards but shows full screen. Full page reports may be filtered on a group of devices or down to a single device.
The data in reports may be exported to a PDF file, a formatted CSV or text file, Microsoft Excel (XML) file, or a PDF. You may also email reports in the same formats, or
send them on scheduled intervals
170
Logs WhatsUp Gold has an extensive array of different log reports found under the Analyze > logs. Logs can be split into 5 different categories.
- System executable and application logs
o Activity log
o Action applied and action
activity logs
o Discovery Scan log
o General Error log and
Logger Health messages
o Poller health
o Web User Activity Log
- Managed device platform logs
o Syslog (tail of syslog)
o Windows event log (tail of
Win EV)
o Vmware and Hyper-V logs
- Monitor logs
o Performance monitor and passive monitor
error logs
o SNMP Trap log
o Action Log
o Down active monitors
- Configuration Management logs
o Start –vs- Run
o Policy Audit
o Task Log
- Network traffic logs
o Network Traffic Analysis log
o Unclassified Traffic Log
o Wireless Log
171
Predictive Trending The Predictive Trending Report displays a suite of reports that present historical and average statistics for common performance measures so you can better anticipate how the selected device or devices will perform in the future. This allows you to take action before there is a problem if a metric is trending toward a critical limit.
Predictive trending provides the following five individual dashboard reports:
- CPU Utilization. Reports average CPU utilization percentage for each
individual processor.
- Memory Utilization. Reports both physical and virtual memory capacity
and usage.
- Disk Utilization. Reports disk utilization percentage for individual drives.
- Interface Utilization. Reports measurements for network traffic across
network interfaces.
- Ping Response Time. Reports minimum, maximum, and average response
times.
Please note, this dashboard is completely static. Additional reports cannot be added and the five default reports described previously cannot be removed. Only
the device(s) displayed ( ), reporting time frame ( ), and applied business
hours ( ) may be modified.
172
Report Configuration and WhatsUp
Gold Database Data is stored in the WhatsUp Gold database to populate all of the various reports that are available in the application, and yet the storage available to WhatsUp Gold is limited. Therefore, consideration must be given to managing the growth of that database. This database size and growth is controlled by settings relating to the retention of data saved by WhatsUp Gold.
Retention Policy: Each data type in WhatsUp Gold (performance, passive, and active) has a specific setting available for how long you would like to keep the data in the database overall. Performance data can also be controlled in a more precise manner, giving you the option to roll up performance monitor data at different intervals. These settings are available in SETTINGS > System Settings > General Settings.
Controlling the size of the database: By default, data is kept for 365 days for performance, active and passive monitor data, and also for NTA data. Data older than 365 days is marked as “expired” in the database, and is cleaned up automatically by WhatsUp Gold over time. Any time a monitor is removed from a device, or when a device or monitor is deleted, the data associated with that element is also marked as expired.
An expired record is defined as a record which is marked as to be overwritten, but has yet to be overwritten by a new record. Typically, the percentage of expired records to total records is small (less than 10%); if a large configuration change is made, the ratio of expired records may be different. In practice, we recommend this ratio not exceed 25% for any database table. You can purge all expired records for a given table from the Table Maintenance property page in the Database Tools dialog.
For example, when WhatsUp Gold collects large quantities of unnecessary or unwanted passive monitor data, a very large table can result. The first step is to ensure that WhatsUp Gold is only collecting data for passive monitors you have explicitly configured for your devices. To do this, ensure that both the SNMP Trap Listener and the Syslog Listener are not accepting unsolicited messages. After setting WhatsUp Gold to collect data from only passive monitors that are assigned to devices, all data present because of the old settings is marked as expired at once, which can result in a large number of expired rows. The next step is to clear the unneeded data from the database using the utilities available in the Database Tools dialog in the WhatsUp Gold Console Admin, Tools > Database Utilities > Tools.
173
Alert Storm and Dependencies
Alert Storm What is an alert storm? An alert storm is where you have notification action(s) / action policies applied to all of your devices at either the device or monitor level within WhatsUp Gold. Then you have a failure or one of your network devices, maybe a core switch or something similar, goes down or stops all network traffic from
passing it. Because of the random device polling order, WhatsUp Gold will start reporting or sending notifications for all of the devices that it does not receive a response from due to the loss of network connectivity. What starts out as a couple of devices reporting down, will soon turn into a flood or storm of notifications/alerts filling up your inbox or phone text messages.
Eliminating Alert Storms How are Alerts Storms prevented? The best way is to not have a single point of failure in your network. You will want to use redundant switches, routers, gateways, or use clustered / high-availability servers. However, these might not always be possible or financially feasible.
WhatsUp Gold does give you options to help prevent them:
- First, set up notification actions on devices that are important or critical,
and apply blackout policies to non-critical devices during non-business
hours.
- Use Alert Center and set up thresholds over time
- Try using proactive/self-healing actions before sending alerts
- Use maintenance mode for devices you are purposely taking off-line
The best thing to do is to set up Device Dependencies
Alert Storms
9
174
Device Dependencies Device dependencies determine if a dependent device is to be polled based on the state of another device. The state of the other device is determined by the state of one or more of its active monitors.
There are two types of device dependencies:
- Up Dependency
o The device is polled only if the selected active monitors on a second device are in the up state.
o Can be thought of as being “behind” the device to which it has a dependency.
o Polled only if the device "in front" of it is up.
- Down Dependency
o The device is polled only if the selected active monitors on a second device are in the down state.
o The device can be thought of as something is “in front of” the device to which it has a dependency.
o The dependent devices in front will not be polled unless the device further down the line is down.
You may set a device as the Dependency Root. The dependency root sets the device as the center or root device which all connected devices will have an up dependency set on that device. All subsequent devices will cascade outward with an up dependency set on the previous connected device(s).
175
Critical Monitoring Critical active monitoring, also known as intra-device dependencies, allows you to define a specific polling order for a device's active monitors. For example, you can make one monitor dependent on another monitor on the same device, such as making an HTTP monitor dependent on the Ping monitor, so that you are not flooded with multiple alerts on the same device if network connectivity is lost.
In a critical monitor polling path, critical monitors are polled first. If you specify more than one critical monitor, you also specify the order in which they are polled.
Critical monitors are "up" dependent on one another; if critical monitors return successful results, non-critical monitors are polled. If any of the critical monitors go down, all monitors behind it in the critical polling order are no longer polled and are placed in an unknown state for the duration of the polling cycle. If, at the start of the next polling cycle, the critical monitor returns successful results, polling of successive critical monitors and non-critical monitors resumes.
When critical monitoring is enabled, and you specify a critical polling order, you now receive only one alert when a device loses its network connectivity, instead of an alert for each down monitor on the device.
Only monitors that you specify as critical follow a specific polling order; non-critical monitors are not polled in any specific order. Additionally, if multiple non-critical monitors fail, all associated actions fire.
176
Configuration Management Configuration Management enables automated management, compliance, and periodic auditing of device configurations —the most critical aspect of your network and application infrastructure. Leveraging templates, archives, and automated configuration management actions provided by Configuration Management libraries and tracked by WhatsUp Gold dashboards, reporting, and logging yields better network performance, frees valuable time, and provides transparency to all stakeholders.
Overview Managing your devices with configuration manager is a multi-step process:
- First, you should make an initial backup
of the configuration of your devices.
This will be used as a starting point, and
a reference for future backups. Going
forward, each incremental backup will
be used to…
- Compare device configuration, either
from one device to another or the
previous configuration of a device to its
current configuration.
- You can also run audits on your devices
in an effort to identify devices that already have unauthorized settings in
place.
- Any time an audit fails, or when a device configuration is changed, you can
receive alerts letting you know exactly which devices, which configuration
settings, and which individual line items failed your audit or task.
- This information can then be used to develop configuration templates and
to update the configuration of your device configuration, as well as to
manage passwords and credentials assigned to your devices.
- Finally, after updating each device to be in compliance, you can generate a
new baseline configuration backup, and start the process over again.
Configuration
Management
10
177
Network Device Configurations Most network devices depend upon detailed configuration settings in order to operate correctly. Items like IP addresses, routing tables, interface/VLAN configuration, usernames, passwords, and security settings are critical to setting up and maintaining a functional network and losing these configuration settings can lead to widespread network outages.
These configuration settings are stored on the network device in configuration files, which come in two types:
- Startup Configuration: the configuration settings used when the network
device starts up from a powered off state. This configuration can be
thought of as the default configuration of the device.
- Running Configuration: this configuration includes Startup
Configuration File settings in addition to any settings that have been
changed since the last startup. This configuration file can be thought of as
a running list of changes made to the device.
When making configuration changes to a network device the changes are first stored to the Running Configuration, and must be manually saved to the Startup Configuration or they will be lost if the device loses power. Therefore it is important to save any recent changes to the Startup Configuration if you wish them to be a permanent setting on the device. However, saving improper or incorrect configuration settings to the Startup Configuration can have disastrous results; because of this it is VERY important to make backups of the configuration files of your network devices before making any changes (either to the Running or Startup Configuration).
178
Comparing Configurations Backing up either the startup or running configuration are two of the default scripts available when adding a task within Configuration management that can be scheduled or run on demand. Once the configurations are backed up, you can compare the configurations side-by-side with the Archive Compare. It allows you to step though each of the differences that may appear between the two.
Auditing Devices Device configuration is often a part of compliance, with many organizations requiring that devices only have secure configurations in place. If any of these items that are found in your device configuration could potentially cause you to fail an audit, for example:
- An active Telnet login
- A “public” SNMP community
- SNMPv2 community strings in general
- Simplistic usernames and passwords
The Configuration Management Policy Library contains many default audit policies which cover items such as; PCI, HIPAA, SOX, and FISMA. You may also create your own policies: which check for; Message of the day, banner messages on login, Custom login pages and warnings, or settings that all devices should have (IP and hostname settings, for example)
Policies may be checked on demand, and also added as a part of your standard task scheduling and alerting.
179
Alerting Every schedulable task has an option for a separate Alert Center threshold. You may alert on:
- Successes – send alert if a task succeeds
- Failures – send alert if a task fails to run correctly
- Changes – send alert if changes in configuration exist
- Policy – send alert if one or more policies fail
You may send any standard Alert Center Notification Policy with the threshold. You may also choose to send an email with the configuration changes which are detected in a configuration file.
Other Management Tasks Configuration management is not only to schedule backups and compare them. You have the ability to change devices on your network using a few different tasks and utilities:
- You may manually restore a configuration file to a device.
- Save a configuration file as a template, which can then be used to restore
the configuration to a different device.
- Run a Password Task to update usernames and passwords on a device
from the credentials library from within WhatsUp Gold.
- You may create custom tasks to upload a configuration to a device via
TFTP or standard Telnet/SSH access.
180
Assigning Tasks You may apply tasks in a few distinct ways, which will ultimately affect the functionality of the task at run time. You may add multiple devices to a single task which allows you to backup or update all of your devices at the same time; this is very useful for wide-sweeping changes that should result in every device sharing the same settings.
You may run a task on a device-to-device basis from right within device properties, which allows you to be selective in choosing devices to update.
You may only schedule tasks that backup the Startup or Running configuration by default. Any tasks that restore a configuration file or those that update passwords may not be scheduled; they may only run on demand. However, with custom scripts, ANY task may be scheduled successfully.
When creating the schedule, you may choose the frequency of your backup task(s) and the number of incremental backups that you save to the database.
Customizing There are times when managing your network and the devices that it is comprised of, requires a custom solution.
Configuration Manager allows you to create specialized tasks that can fulfill virtually any requirement you have when dealing with manageable devices.
- When any devices that are brand new to market, or ones that were added
to the network a long time ago, can require a script not included in the
default System Script Library.
- In certain situations you may want to manage a device through a non-
traditional connection method, or a device that does not use configuration
files in a traditional sense (such as a Telnet connection sending commands
to a Unix server)
- Any time you need to schedule a task that restores a configuration file to a
device or to change credentials on a scheduled basis, you must create a
custom script with a task to run the script.
- Finally, current and future integration between products in the WhatsUp
Gold suite will rely on scheduled tasks as a way to monitor your devices
and alert on network issues.
These are all critical areas of network management that usually require a very hands-on approach. You can limit the time it takes to manage these areas by utilizing scripting with your configuration manager.
![WhatsUp Gold v16 - Ipswitch · WhatsUp Gold v16.3 Database Migration ... See Executing SQL statements against the WhatsUp Gold database ... EXECUTE [sys]. [sp ...](https://static.fdocuments.net/doc/165x107/5b31f8547f8b9adf6c8bb1ed/whatsup-gold-v16-ipswitch-whatsup-gold-v163-database-migration-see-executing.jpg)
