Monitoring Policies define how Enterprise Networks should be monitored.
Monitoring Interval (Seconds)
This controls the monitoring interval for various types of server/devices.
Argent Framework Infrastructure nodes include Control Center, Domain Observer, Segment Inspector and servers with Argent Advanced Technology components.
The rule of thumb is the infrastructure nodes and switches should be monitored more frequently then other nodes.
Argent Product Baseline Parameters
- Minimum Free Disk Space – This checks the product installation disk only.
- Maximum Space Used by Logs – This alerts when an Argent product generates too many logs or user does not setup rollover interval in the product setting.
- Maximum DB Space Used – This is checked only when the Argent product uses SQL Server as its SQL backend. The likely cause for an alert is the user did not setup an archiving policy for Argent Predictor data or console events.
- Maximum DB Log Space Used – This is checked only when the Argent product uses SQL Server as its SQL backend. The likely cause for an alert is the user did not setup SQL backup checkpoints properly.
ICMP Ping Parameters
Argent Enterprise uses ICMP Ping extensively to check server/device online/off-line status. Control Center and remote Domain Observer does ping tests ONLY for the nodes within the same Network Domain. The only exception is when the Control Center pings a remote Domain Observer as well.
Ping Timeout – This is self-explanatory. The range is (3, 60). The default value is 3.
Ping Retry – The range is (1, 10). The default value is 1.
Maximum Concurrent Thread Count – This is the thread pool size performing the ICMP Ping checking. The range can be (1, 100). The default value is 30.
Exclude Nodes From Ping Test – Sometimes pings are blocked by the firewall. Users can specify the blocked nodes here to avoid false alarms
Monitor CMDB-X Objects Only And Infrastructure Nodes
If this option is not checked, ALL nodes in the topology database should be checked. By using this option, users can limit the checking to infrastructure nodes and nodes in CMDB-X. It makes a lot of sense if the user keeps only the nodes he is interested in within the CMDB-X.
Automatically Restart Stopped Vital AT Services
This option allows Argent Enterprise to automatically restart Argent AT services that are stopped. It is no longer necessary to install Argent Guardian Ultra only for monitoring other services of other Argent AT products.
Save Response Time of All Nodes To Argent Predictor
By default, only the response time of the Argent Enterprise Infrastructure nodes are saved into Argent Predictor data. If the user is interested in saving data for other ordinary server/devices, this option can be checked
Enable Automatic Exporting Argent Enterprise Monitoring Policy
By default, this option is enabled. Control Center exports the Argent Enterprise Monitoring Policy when a change is made to the control information, and if no new changes have been made in the past five minutes. This avoids constant exports when the user is configuring a product.
Users can always disable this option and use the manual option listed below.
Export Master Control Information
Users can use this button to manually export out the Argent Enterprise Monitoring Policy.
Monitoring The Main Network And Remote Network Domains
Control Center Motors
Control Center is responsible for monitoring the Main Network.
Control Center motors can be installed for Argent Non-Stop Monitoring. For the first motor, it can be either installed fresh using an option in the SETUP program, or promoted from an installed Control Center via the context-menu in the GUI
For installed Argent Enterprise Control Center motors, it is easy to disable some motors or set up a Disaster Recovery (DR) Backup Engine combined with SQL Server mirroring.
One or multiple Motors can be designated as Backup (DR) Engines. They stay in warm mode when ordinary motors are running. They kick in only if ALL ordinary motors are off-line. Backup (DR) Engines can be configured to use mirrored SQL Backend only. This makes sense when the mirrored SQL Backend resides at the same location as the Backup (DR) Engines.
Remote Segment Inspector
The Main Network or a remote Network Domain may have multiple network segments, or some nodes in the DMZ that cannot be accessed from the Intranet. In this case, remote Segment Inspectors can be installed to monitor the specific network segments or IP ranges.
To install a remote Segment Inspector, run SETUP on the installing machine.
Note: If users can access the installing machine from the Control Center, he can easily push out a local Segment Inspector.
For Segment Inspectors, its “Main Engine” should point to either the Control Center or a remote Domain Observer depending on where this Segment Inspector is installed.
The “Use TCP/IP Communication Only For Trusted Agents” option controls whether the installed Segment Inspector is a remote one or local one. If the installing machine is in the DMZ, this option should be used. In this case, the remote Segment Inspector communicates with the Control Center or a remote Domain Observer through the Argent Transport Backbone (ATB), which communicates using pure TCP/IP.
In a few minutes, the remote Segment Inspector should contact the Control Center or Domain Observer, and it should show up in the GUI.
There is a ‘Network Segments’ field in the Control Center, Domain Observer and Segment Inspector definition screen. By default, it has a value of ‘*’, which means matching any network segments.
Without configuring the fields, the newly installed Segment Inspectors simply becomes load distributors for monitoring tasks.
Referring back to the DMZ case, we need to make sure the Segment Inspector is installed within the DMZ, so the DMZ monitors the DMZ only, while the Control Center or Domain Observer monitors nodes in the Intranet.
For example, W2008DEV-32 is in the DMZ, its IP address is ‘192.168.2.129’. The Intranet address is 192.168.2.x. Field ‘Network Segments’ can be configured as follows:
- Segment Inspector ‘W2008DEV-32’ has a value of ‘192.168.2.129’
- Control Center has a value of ‘~192.168.2.129;192.168.2.*’.
The logic to determine if an IP address should be monitored by the component goes as follows:
Remote Network Domain
The first step to monitor a remote Network Domain is to create the Network Domain in the Argent Enterprise Infrastructure.
Then user should configure the newly created Network Domain. The properties directly relevant to a remote Network Domain are as follows:
- Center Contacting Interval – Default value is 60 seconds. It should be in range of (10, 300). It is the interval that Domain Observers at the remote Network Domain should communicate with Control Center to download any new control information, upload any new monitoring results.
- Additional Device Dependencies Of Connection To Control Center – They are usually the firewalls for Main Network and remote Network Domain. Because the firewall or gateway can presents two IP addresses depending on which way user sees it, the route IP addresses can be different for incoming and outgoing routes.
Next step is to install the Domain Observer on the remote Network Domain. Simply use the SETUP program to do so.
The newly installed Domain Observer does not know which remote Network Domain it should belong to. As a result, in a few minutes, it should show up in the folder of NOT-CONFIGURED.
Right click on the screen, and do ‘Assign To A Remote Network’.
As a result, the Domain Observer should move to the correct folder under the selected Network Domain.
The information of newly assigned Network Domain should communicate back to Domain Observer engine when it contacts next time. The Domain Observer process will restart after this important configuration is set. If user checks the service log for Domain Observer, he should see lines like:
Next step is to scan the topology of a remote Network Domain. This can be done easily from the main GUI at the Control Center. Select the folder ‘Domain Topology’ under the Network Domain, then do scanning.
The progress is shown on a popup console.
The topology of remote Network Domains should be imported properly at this point. Users can continue pruning or crafting with manual options:
With topology information in place, the control information including this newly discovered topology should be automatically or manually exported. When the Domain Observer downloads the information, the monitoring should start on the remote Domain Observer.