Upload
spiceworks
View
829
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Break Out Session 2
Monitor Your Network & Receive Alerts
Francis SullivanCTO & Co-founder, Spiceworks Inc.
Session Overview
• kinds of alerts and monitors
• default configuration
• advanced topics
• futures
• Q&A
What Can Be Monitored?
AntiVirus: Keep your machines up and running with current antivirus software. Is not up-to-date: Be alerted when virus definitions need updating. Has > 1 installed: Be alerted if more than one antivirus program is installed.
Having more than one antivirus program installed can slow down the performance of a machine and actually leave it more vulnerable to an attack.
What Can Be Monitored?
What Can Be Monitored?
Device: A device is any computer connected to the network. You can monitor a specific device, or monitor them all by typing "Any Device". Is online: Be alerted if a device goes online. Is offline: Be alerted if a device goes offline. Is discovered: Be alerted if a new device is discovered on the network.
What Can Be Monitored?
Device: A device is any computer connected to the network. You can monitor a specific device, or monitor them all by typing "Any Device". Is online: Be alerted if a device goes online. Is offline: Be alerted if a device goes offline. Is discovered: Be alerted if a new device is discovered on the network. New - offline for a time period
What Can Be Monitored?
Disk: Find out if there are issues with any disk on your system. You can keep an eye on every disk on your system by typing "Any Disk", or pick one particular disk. Was added: Be alerted when a hard drive is added. Was removed: Be alerted when a hard drive is removed. Is < x% free: Be alerted when diskspace falls below a certain percentage. Choices are 5, 10, 15,
20, and 25%. Has < x MB/GB free: Be alerted when diskspace falls below a certain value. Choices are 50,
100, 250, 500 MB and 1, 5, 10 GB.
What Can Be Monitored?
Software: Stay on top of software issues with this monitor. You can designate a specific program to be monitored, or choose to monitor all software by typing "Any Software". Is installed: Be alerted when programs are installed. Is uninstalled: Be alerted when program are removed. Is not compliant: Be alerted if too many copies of a program are installed.
What Can Be Monitored?
Service: A service is a program that runs in the background of a computer to keep everything else working right. You can monitor a specific service, or monitor them all by typing "Any Service". Is uninstalled: Be alerted when a service is uninstalled. Is installed: Be alerted when a service is installed. Is stopped: Be alerted when a service has stopped. Is started: Be alerted when a service has started.
What Can Be Monitored?
Hotfix: A hotfix is a patch that is downloaded to fix a program. You can decide to monitor all hotfixes by typing "Any Hotfix", or choose to monitor one individual hotfix. Is uninstalled: Be alerted when a hotfix is uninstalled. Is installed: Be alerted when a hotfix is installed.
What Can Be Monitored?
User Account: Keep track of the user accounts on your network. You can monitor one specific account or monitor them all by typing "Any User Account". Is removed: Be alerted when a user account is deleted. Is created: Be alerted when a new user account is added.
What Can Be Monitored?
Printer Supply Level: Keep track of your printer supplies so you don't have to drop what you're doing when you're out of toner. Is < x%: Be alerted when the ink or toner in your network printers drop below a certain
level. Choices are 2, 5, 10, 20, 30, 40, and 50%.
What Can Be Monitored?
Event: You can find out when an event of your choosing happens such as a certain ID logging in. Or you can monitor all events by typing "Any Event". Is triggered: Be alerted when an event is triggered.
What Can Be Monitored?
IT Service: Keep track of how long you have until an IT service end date. Is < x Days: Be alerted when an IT service end date is approaching. Choices are 10,
30, and 60 days.
Where Alerts Show Up
»On Inventory Summary
Where Alerts Show Up
»On Inventory Summary
Where Alerts Show Up
» On Group Summary (new in 3.5)
Where Alerts Show Up
» On Group Summary (new in 3.5)
Where Alerts Show Up
»email notification
Where Alerts Show Up
»email notification
Where Alerts Show Up
»email notification
Where Alerts Show Up
»on the device
Where Alerts Show Up
»on the device
Default Configuration
• pre-configured monitors
• changing thresholds
• email configuration
Default Out-of-the-box Monitors
Changing Thresholds
Changing Thresholds in 3.5
e-mail configuration
e-mail configuration
e-mail configuration
Advanced Topics
behind the scenes:
•online/offline checking
•network health check
•network scanning
Sqlite DB
scannerSpiceworks Main App
IT Admin
Spicedesk
http
Online/Offline Checking
Sqlite DB
scannerSpiceworks Main App
IT Admin
Spicedesk
http
Network Health Check
Sqlite DB
scannerSpiceworks Main App
IT Admin
Spicedesk
http
Network Scanning
Sqlite DB
scannerSpiceworks Main App
IT Admin
Spicedesk
http
Network Scanning
Futures
• timed actions
• activities
• tricks with email
• APIs
Nagios Example
Nagios Example
Nagios Example
Nagios Example
Nagios Example
Nagios Example
Nagios Example
Nagios Example
Alert API’s - Web REST Interface
POST /api/alerts.json?title=AlertTitle&hostname=HOST&...- create a new external monitor alert
GET /api/alerts.json - array of all monitor alerts
GET /api/alerts/{id}.json - details for the alert with the specified id
GET /api/alerts.json?data_monitor_id={id}- array of all monitor alerts for the data monitor with the specified id
Alert API’s - Web REST Interfacefiltered
GET /api/alerts.json?filter=active- array of all active monitor alerts
GET /api/alerts.json?filter=recent- array of all alerts generated in the last 7 days
GET /api/alerts.json?filter=recent&date=2008-10-20- array of all alerts generated since the specified date
GET /api/alerts.json?filter=external- array of all external alerts
Questions?