- 1 Welcome to Vunetrix Network Monitor+
- 2 Quick Start Guide+
- 3 Installing the Software+
- 4 Understanding Basic Concepts+
- 5 Ajax Web Interface—Basic Procedures+
- 5.1 Login
- 5.2 SSL Certificate Warning
- 5.3 General Layout
- 5.4 Sensor States
- 5.5 Review Monitoring Data
- 5.6 Compare Sensors
- 5.7 Historic Data Reports
- 5.8 Similar Sensors
- 5.9 Object Settings
- 5.10 Alarms
- 5.11 Logs
- 5.12 Tickets
- 5.13 Working with Table Lists
- 5.14 Object Selector
- 5.15 Priority and Favorites
- 5.16 Pause
- 5.17 Context Menus
- 5.18 Hover Popup
- 5.19 Main Menu Structure
- 6 Ajax Web Interface—Device and Sensor Setup+
- 6.1 Auto-Discovery
- 6.2 Create Objects Manually+
- 6.3 Manage Device Tree
- 6.4 Root Group Settings
- 6.5 Probe Settings
- 6.6 Group Settings
- 6.7 Device Settings
- 6.8 Sensor Settings+
- 6.8.1 List of Available Sensor Types
- 6.8.2 Active Directory Replication Errors Sensor
- 6.8.3 ADO SQL Sensor
- 6.8.4 Amazon CloudWatch Sensor
- 6.8.5 AVM FRITZ!Box WAN Interface Sensor
- 6.8.6 Cisco IP SLA Sensor
- 6.8.7 Citrix XenServer Host Sensor
- 6.8.8 Citrix XenServer Virtual Machine Sensor
- 6.8.9 Cluster Probe Health Sensor
- 6.8.10 Core Health Sensor
- 6.8.11 Dell PowerVault MDi Sensor
- 6.8.12 DHCP Sensor
- 6.8.13 DNS Sensor
- 6.8.14 Enterprise Virtual Array Sensor
- 6.8.15 Event Log (Windows API) Sensor
- 6.8.16 Exchange Backup (Powershell) Sensor
- 6.8.17 Exchange Database (Powershell) Sensor
- 6.8.18 Exchange Mailbox (Powershell) Sensor
- 6.8.19 Exchange Mail Queue (Powershell) Sensor
- 6.8.20 Exchange Public Folder (Powershell) Sensor
- 6.8.21 EXE/Script Sensor
- 6.8.22 EXE/Script Advanced Sensor
- 6.8.23 File Sensor
- 6.8.24 File Content Sensor
- 6.8.25 Folder Sensor
- 6.8.26 FTP Sensor
- 6.8.27 FTP Server File Count Sensor
- 6.8.28 Google Analytics Sensor
- 6.8.29 HTTP Sensor
- 6.8.30 HTTP Advanced Sensor
- 6.8.31 HTTP Apache ModStatus PerfStats Sensor
- 6.8.32 HTTP Apache ModStatus Totals Sensor
- 6.8.33 HTTP Content Sensor
- 6.8.34 HTTP Full Web Page Sensor
- 6.8.35 HTTP Push Count Sensor
- 6.8.36 HTTP Push Data Sensor
- 6.8.37 HTTP Push Data Advanced Sensor
- 6.8.38 HTTP SSL Certificate Expiry Sensor
- 6.8.39 HTTP Transaction Sensor
- 6.8.40 HTTP XML/REST Value Sensor
- 6.8.41 Hyper-V Cluster Shared Volume Disk Free Sensor
- 6.8.42 Hyper-V Host Server Sensor
- 6.8.43 Hyper-V Virtual Machine Sensor
- 6.8.44 Hyper-V Virtual Network Adapter Sensor
- 6.8.45 Hyper-V Virtual Storage Device Sensor
- 6.8.46 IMAP Sensor
- 6.8.47 INI File Content Check Sensor
- 6.8.48 IP on DNS Blacklist Sensor
- 6.8.49 IPFIX Sensor
- 6.8.50 IPFIX (Custom) Sensor
- 6.8.51 jFlow V5 Sensor
- 6.8.52 jFlow V5 (Custom) Sensor
- 6.8.53 LDAP Sensor
- 6.8.54 Microsoft SQL Sensor
- 6.8.55 MySQL Sensor
- 6.8.56 NetFlow V5 Sensor
- 6.8.57 NetFlow V5 (Custom) Sensor
- 6.8.58 NetFlow V9 Sensor
- 6.8.59 NetFlow V9 (Custom) Sensor
- 6.8.60 Oracle SQL Sensor
- 6.8.61 Packet Sniffer Sensor
- 6.8.62 Packet Sniffer (Custom) Sensor
- 6.8.63 Passive Application Performance Sensor
- 6.8.64 PerfCounter Custom Sensor
- 6.8.65 PerfCounter IIS Application Pool Sensor
- 6.8.66 Ping Sensor
- 6.8.67 Ping Jitter Sensor
- 6.8.68 Pingdom Sensor
- 6.8.69 POP3 Sensor
- 6.8.70 POP3 Email Count Sensor
- 6.8.71 Port Sensor
- 6.8.72 Port Range Sensor
- 6.8.73 Probe Health Sensor
- 6.8.74 QoS (Quality of Service) One Way Sensor
- 6.8.75 QoS (Quality of Service) Round Trip Sensor
- 6.8.76 RADIUS Sensor
- 6.8.77 RDP (Remote Desktop) Sensor
- 6.8.78 SCVMM Host Sensor
- 6.8.79 SCVMM Virtual Machine Sensor
- 6.8.80 Sensor Factory Sensor
- 6.8.81 sFlow Sensor
- 6.8.82 sFlow (Custom) Sensor
- 6.8.83 SFTP Secure File Transfer Protocol Sensor
- 6.8.84 Share Disk Free Sensor
- 6.8.85 SIP Options Ping Sensor
- 6.8.86 SMTP Sensor
- 6.8.87 SMTP&IMAP Round Trip Sensor
- 6.8.88 SMTP&POP3 Round Trip Sensor
- 6.8.89 SNMP APC Hardware Sensor
- 6.8.90 SNMP Cisco ADSL Sensor
- 6.8.91 SNMP Cisco ASA VPN Connections Sensor
- 6.8.92 SNMP Cisco ASA VPN Traffic Sensor
- 6.8.93 SNMP Cisco ASA VPN Users Sensor
- 6.8.94 SNMP Cisco CBQoS Sensor
- 6.8.95 SNMP Cisco System Health Sensor
- 6.8.96 SNMP Cisco UCS Chassis Sensor
- 6.8.97 SNMP Cisco UCS Physical Disk Sensor
- 6.8.98 SNMP Cisco UCS System Health Sensor
- 6.8.99 SNMP CPU Load Sensor
- 6.8.100 SNMP Custom Sensor
- 6.8.101 SNMP Custom String Sensor
- 6.8.102 SNMP Dell Hardware Sensor
- 6.8.103 SNMP Dell PowerEdge Physical Disk Sensor
- 6.8.104 SNMP Dell PowerEdge System Health Sensor
- 6.8.105 SNMP Disk Free Sensor
- 6.8.106 SNMP GSA System Health Sensor
- 6.8.107 SNMP Hardware Status Sensor
- 6.8.108 SNMP HP LaserJet Hardware Sensor
- 6.8.109 SNMP HP ProLiant Logical Disk Sensor
- 6.8.110 SNMP HP ProLiant Memory Controller Sensor
- 6.8.111 SNMP HP ProLiant Network Interface Sensor
- 6.8.112 SNMP HP ProLiant Physical Disk Sensor
- 6.8.113 SNMP HP ProLiant System Health Sensor
- 6.8.114 SNMP IBM System X Logical Disk Sensor
- 6.8.115 SNMP IBM System X Physical Disk Sensor
- 6.8.116 SNMP IBM System X Physical Memory Sensor
- 6.8.117 SNMP IBM System X System Health Sensor
- 6.8.118 SNMP interSeptor Pro Environment Sensor
- 6.8.119 SNMP LenovoEMC Physical Disk Sensor
- 6.8.120 SNMP LenovoEMC System Health Sensor
- 6.8.121 SNMP Library Sensor
- 6.8.122 SNMP Linux Disk Free Sensor
- 6.8.123 SNMP Linux Load Average Sensor
- 6.8.124 SNMP Linux Meminfo Sensor
- 6.8.125 SNMP Linux Physical Disk Sensor
- 6.8.126 SNMP Memory Sensor
- 6.8.127 SNMP NetApp Disk Free Sensor
- 6.8.128 SNMP NetApp Enclosure Sensor
- 6.8.129 SNMP NetApp I/O Sensor
- 6.8.130 SNMP NetApp License Sensor
- 6.8.131 SNMP NetApp Logical Unit Sensor
- 6.8.132 SNMP NetApp Network Interface Sensor
- 6.8.133 SNMP NetApp System Health Sensor
- 6.8.134 SNMP Poseidon Environment Sensor
- 6.8.135 SNMP QNAP Logical Disk Sensor
- 6.8.136 SNMP QNAP Physical Disk Sensor
- 6.8.137 SNMP QNAP System Health Sensor
- 6.8.138 SNMP RMON Sensor
- 6.8.139 SNMP SonicWALL System Health Sensor
- 6.8.140 SNMP SonicWALL VPN Traffic Sensor
- 6.8.141 SNMP Synology Logical Disk Sensor
- 6.8.142 SNMP Synology Physical Disk Sensor
- 6.8.143 SNMP Synology System Health Sensor
- 6.8.144 SNMP System Uptime Sensor
- 6.8.145 SNMP Traffic Sensor
- 6.8.146 SNMP Trap Receiver Sensor
- 6.8.147 SNMP Windows Service Sensor
- 6.8.148 SNTP Sensor
- 6.8.149 SSH Disk Free Sensor
- 6.8.150 SSH INodes Free Sensor
- 6.8.151 SSH Load Average Sensor
- 6.8.152 SSH Meminfo Sensor
- 6.8.153 SSH Remote Ping Sensor
- 6.8.154 SSH SAN Logical Disk Sensor
- 6.8.155 SSH SAN Physical Disk Sensor
- 6.8.156 SSH SAN System Health Sensor
- 6.8.157 SSH Script Sensor
- 6.8.158 SSH Script Advanced Sensor
- 6.8.159 SSH VMWare ESX(i) Disk Sensor
- 6.8.160 Syslog Receiver Sensor
- 6.8.161 System Health Sensor
- 6.8.162 TFTP Sensor
- 6.8.163 Traceroute Hop Count Sensor
- 6.8.164 Virtuozzo Container Disk Sensor
- 6.8.165 Virtuozzo Container Network Sensor
- 6.8.166 VMware Host Hardware (WBEM) Sensor
- 6.8.167 VMware Host Hardware Status (SOAP) Sensor
- 6.8.168 VMware Host Performance (SOAP) Sensor
- 6.8.169 VMware Virtual Machine (SOAP) Sensor
- 6.8.170 WBEM Custom Sensor
- 6.8.171 Windows CPU Load Sensor
- 6.8.172 Windows IIS 6.0 SMTP Received Sensor
- 6.8.173 Windows IIS 6.0 SMTP Sent Sensor
- 6.8.174 Windows IIS Application Sensor
- 6.8.175 Windows Last Update Sensor
- 6.8.176 Windows Logged In Users Sensor
- 6.8.177 Windows MSMQ Queue Length Sensor
- 6.8.178 Windows Network Card Sensor
- 6.8.179 Windows Pagefile Sensor
- 6.8.180 Windows Physical Disk Sensor
- 6.8.181 Windows Print Queue Sensor
- 6.8.182 Windows Registry Sensor
- 6.8.183 Windows Scheduled Task Sensor
- 6.8.184 Windows System Uptime Sensor
- 6.8.185 Windows Updates Status (Powershell) Sensor
- 6.8.186 WMI Custom Sensor
- 6.8.187 WMI Custom String Sensor
- 6.8.188 WMI Event Log Sensor
- 6.8.189 WMI Exchange Server Sensor
- 6.8.190 WMI Exchange Transport Queue Sensor
- 6.8.191 WMI File Sensor
- 6.8.192 WMI Free Disk Space (Multi Drive) Sensor
- 6.8.193 WMI HDD Health Sensor
- 6.8.194 WMI Logical Disk Sensor
- 6.8.195 WMI Memory Sensor
- 6.8.196 WMI Microsoft SQL Server 2005 Sensor (Deprecated)
- 6.8.197 WMI Microsoft SQL Server 2008 Sensor
- 6.8.198 WMI Microsoft SQL Server 2012 Sensor
- 6.8.199 WMI Process Sensor
- 6.8.200 WMI Remote Ping Sensor
- 6.8.201 WMI Security Center Sensor
- 6.8.202 WMI Service Sensor
- 6.8.203 WMI Share Sensor
- 6.8.204 WMI SharePoint Process Sensor
- 6.8.205 WMI Terminal Services (Windows 2008) Sensor
- 6.8.206 WMI Terminal Services (Windows XP/Vista/2003) Sensor
- 6.8.207 WMI UTC Time Sensor
- 6.8.208 WMI Vital System Data (V2) Sensor
- 6.8.209 WMI Volume Sensor
- 6.8.210 WMI Volume Fragmentation Sensor
- 6.8.211 WMI Windows Version Sensor
- 6.8.212 WSUS Statistics Sensor
- 6.9 Additional Sensor Types (Custom Sensors)
- 6.10 Sensor Channels Settings
- 6.11 Sensor Notifications Settings
- 7 Ajax Web Interface—Advanced Procedures+
- 7.1 Toplists
- 7.2 Arrange Objects
- 7.3 Clone Object
- 7.4 Multi-Edit
- 7.5 Create Device Template
- 7.6 Geo Maps
- 7.7 Notifications+
- 7.8 Libraries+
- 7.9 Reports+
- 7.10 Maps+
- 7.11 Setup+
- 7.11.1 Account Settings—My Account
- 7.11.2 Account Settings—Notifications
- 7.11.3 Account Settings—Schedules
- 7.11.4 System Administration—User Interface
- 7.11.5 System Administration—Monitoring
- 7.11.6 System Administration—Notification Delivery
- 7.11.7 System Administration—Core & Probes
- 7.11.8 System Administration—User Accounts
- 7.11.9 System Administration—User Groups
- 7.11.10 System Administration—Administrative Tools
- 7.11.11 Vunetrix Status—System Status
- 7.11.12 Vunetrix Status—Auto-Update
- 7.11.13 Vunetrix Status—Activation Status
- 7.11.14 Optional Downloads and Add-Ons
- 7.11.15 Chrome Desktop Notifications
- 7.11.16 Support—Contact Support
- 8 Enterprise Console+
- 9 Other User Interfaces+
- 10 Sensor Technologies+
- 10.1 Monitoring via SNMP
- 10.2 Monitoring via WMI
- 10.3 Monitoring via SSH
- 10.4 Monitoring Bandwidth via Packet Sniffing
- 10.5 Monitoring Bandwidth via Flows
- 10.6 Bandwidth Monitoring Comparison
- 10.7 Monitoring Quality of Service and VoIP
- 10.8 Monitoring Email Round Trip
- 10.9 Monitoring Backups
- 10.10 Monitoring Virtual Environments
- 10.11 Monitoring Databases
- 10.12 Monitoring Syslogs and SNMP Traps
- 11 System Administration Tools+
- 12 Advanced Topics+
- 12.1 Active Directory Integration
- 12.2 Application Programming Interface (API) Definition
- 12.3 Filter Rules for xFlow, IPFIX and Packet Sniffer Sensors
- 12.4 Channel Definitions for xFlow, IPFIX, and Packet Sniffer Sensors
- 12.5 Define IP Ranges
- 12.6 Define Lookups
- 12.7 Regular Expressions
- 12.8 Add Remote Probe+
- 12.9 Data Storage
- 12.10 Using Your Own SSL Certificate with Vunetrix's Web Server
- 12.11 Calculating Percentiles
- 13 Appendix+
Vunetrix Manual: Remote Probes and Multiple Probes
Upon installation, Vunetrix creates the first probe automatically, called the Local Probe. It runs on the same machine as the Vunetrix core server and monitors all devices from this system, using the sensors you have configured. Working with only one local probe should suffice for Local Area Network (LAN) monitoring and if you want to monitor one location only.
Scenarios Requiring Remote Probes
However, there are several situations making it necessary to work with Remote Probes in the same LAN or in remote locations. Among these situations are the following:
- You have more than one location and you need to make sure that services are available from all locations.
- Your network is separated in several LANs by firewalls, and the local probe cannot monitor specific services across the firewalls.
- You need to monitor systems in a Virtual Private Network (VPN) across public or in-secure data lines.
- You want to sniff packets on another computer.
- You want to monitor NetFlow data on another computer.
- You experience performance issues with CPU intensive sensors like packet sniffer or NetFlow sensors and need to distribute the load over more than one PC.
The following chart shows an example for a remote probe scenario.
Monitoring a Distrubuted Network with Vunetrix (Illustration Also Available as Video Tutorial)
The Vunetrix core server inside the Corporate LAN (bottom right) is able to monitor:
- Services inside the Corporate LAN using the Local Probe.
- Services behind a firewall in the Corporate LAN using Remote Probe 1.
- Secured services inside the Branch Office (top left) using Remote Probe 2.
- Secured services on Mail Server and Web Server using Remote Probe 3 and Remote Probe 4 installed directly on these servers.
- Public services on the internet using any of the probes.
As soon as a probe is started, it automatically connects to its core server, downloads the sensor configuration, and begins its monitoring tasks. The core server sends new configuration data to a probe as soon as the monitoring configuration is changed by the user. Probes monitor autonomously and send the monitoring results back to the core server for each check they have performed.
If the connections between core and probe fails for any reason (for example, a reboot of the computer running the core server) the probe continues its monitoring and stores the results. During a connection loss a buffer stores a maximum of 500,000 sensor results in RAM memory of the remote probe system (up to 50 - 200 MB). This means that for 100 sensors with one minute interval the monitoring results of up to 3 days can be buffered (or 52 minutes for 10,000 sensors with one minute interval). The probe automatically reconnects to the core as soon as it is available again and transmits all monitoring results gathered during the connection loss.
The connection between probe and core is initiated by the probe, secured using Secure Sockets Layer (SSL). This means that the data sent back and forth between core and probe is not visible to someone capturing data packets. The core server provides an open TCP/IP port and waits for connection attempts from probes. If a new probe connects for the first time, the administrator will receive a ToDo ticket and will then see the new probe in the device tree.
As a security precaution, the probe must be manually acknowledged by the administrator in the device tree before any sensors can be created and monitored. The administrator can also deny a probe which will then be disconnected. No further connection attempts will be accepted and the probe IP is added to the Deny IPs list in the probes system settings (see System Administration—Probes section). This ensures that unauthorized probes cannot connect to a core server.
Because the probe initiates the connection, you must ensure that a connection can be established from the outside world onto your core server. For example, you may need to open any necessary ports in your firewall and you may need to specify a Network Address Translation (NAT) rule for your network. The process is the same as if you wanted to allow access to the web server provided by the Vunetrix core server via port 443, for example. Usually it is sufficient to open or forward TCP port 23560 (default) on the machine that runs the core server; on probe side it is not necessary to open any port in most cases.
Whenever a new version of Vunetrix is installed on the core server, all remote probes will automatically download and install the updated version of the probe as soon as they reconnect to the updated core installation.
The local probe has already been updated during the core installation. All remote probes are automatically downloading the new binaries using the SSL-secured probe/core connection. The download of the 4 MB file takes between a few seconds (in a LAN) and a few minutes (via internet connections), depending on the available bandwidth. As soon as the update has been downloaded the probe disconnects, installs the update and reconnects to the core server. This takes between 20 and 100 seconds. Please note that during the update phase the monitoring of the local probe can be affected due to the bandwidth required for the downloads.
Keywords: