How to Monitor Windows Services with Nectus

Quick Start Guide

Step 1: Login to the Nectus portal, Add the WMI Account for accessing the Windows Servers.

Go to Settings -> General Settings -> WMI Integration.

Click on the Add button in the WMI Integration Modal.

 

Step 2: Provide Windows Domain/Server information with user credentials and click on the Test button.

 

Step 3: Now, let’s create a WMI group and add the Windows Server into that group.

Go to WMI Servers and right click to Add a Group.

 

Step 4: Give a valid name for the WMI Group and enable the monitoring.

Assign a Monitoring Profile to the group.

 

Graphical user interface, text, application Description automatically generated

Step 5: Click Edit profile and go to the “Services” Tab and check the necessary alerting checking boxes.

Step 7: Add the Service information by clicking the Options button.

Here, we added the “Print Spooler” Service to monitor and enable the checkbox to start the Service, if it had stopped.

Add the Service name in the text box by pressing “+” button.

Graphical user interface, text, application, email Description automatically generated

Save settings to monitoring profile.

Step 8: Now, we had successfully applied the Monitoring Profile. Click on “Ok” button.

Graphical user interface, application Description automatically generated

Step 9: Now, add the Windows Server to the group we created.

Right click on the created group and select the Add New WMI Server option.

Graphical user interface, text, application, chat or text message Description automatically generated

Step 10: Provide the IP address, select the appropriate WMI Monitoring Profile Group and WMI Account for access.

Click on the “Test” button to test the server access.

 

Graphical user interface, application Description automatically generated

Graphical user interface, application Description automatically generated

Step 6b: Now we’ll see the newly added server in the below screenshot.

Graphical user interface, text, application, chat or text message Description automatically generated

 

 

How to monitor the status of Windows Processes.

Quick Start Guide

Step 1: Login to the Nectus portal, Add the WMI Account for accessing the Windows Machine. Go to Settings -> General Settings -> WMI Integration.

Click on the Add button in the WMI Integration Modal.

Graphical user interface, text, application, email Description automatically generated

Step 2: Provide Windows Domain/Server information with user credentials and click on the Test button.

Graphical user interface, application Description automatically generated

Step 2a: With the valid credentials and connectivity, we should get the success message as displayed in the test modal.

Graphical user interface, text, application, chat or text message Description automatically generated

Step 3: Now, let’s create a WMI group and add the Windows Server into that group.

Go to WMI Servers and right click to Add a Group.

Graphical user interface, text, application Description automatically generated

Step 4: Give a valid name, enable the monitoring to select the appropriate Monitoring and ICMP profiles.

Step 4a: We can also create a new monitoring profile by clicking the “+” icon.

Check the required boxes based on your monitoring requirements.

For any processes alerting, Go to Processes Tab, then select alert option to check the process state.

Step 4b: Add the process information by clicking the options button.

Consecutive Reading options helps monitor whether process is running or not running for defined range [1-256] consecutive times.

It helps to reduce the false alerts.

Add the process name in the text box by pressing “+” button.

Graphical user interface, text, application, email Description automatically generated

Graphical user interface, text, application, email Description automatically generated

Step 5: Now, add the WMI Server information which has to be monitored.

Right click on the created group and select the Add New WMI Server option.

Step 6: Provide a valid name, IP address, select the appropriate WMI Monitoring Profile Group and WMI Account for access.

Click on the Test button to test the server access.

Graphical user interface, text, application, email Description automatically generated

Step 7: Now we had enabled the monitoring for the Windows processes on Nectus.

Whenever the condition satisfies, then alerts get generated. We can view the alerts under Alerts -> Alert log.

We’ll also get the alerts in email form by enabling email alerts option with proper SMTP configuration.

Graphical user interface, text, application Description automatically generated

Graphical user interface, application Description automatically generated

Congrats, now we have successfully created a monitoring profile to monitor the process in a Windows Server.

 

Importing WMI Servers from CSV file to Nectus

To import a list of Windows Servers from CSV file to Nectus prepare a CSV file with only single column containing list of IP addresses of Windows Servers.

No other information is required.

File format example in Excel.

To start import, right-click on WMI Server Group that you want to import servers into and select “Import  WMI Servers from CSV file” option

 

 

Select CSV File that you prepared.

 

 

Press “Start” button

 

Nectus will import each server individually and collect basic Server information via WMI Interface.

 

Configuring WMI Integration in Nectus

Nectus uses WMI Interface in several of its modules.

List of modules that depends on WMI Integration:

  1. Windows Server Monitoring Module
  2. IPAM Module

In Windows Server Monitoring module Nectus uses WMI interface to poll Windows Servers for critical health metrics such as CPU and RAM Utilization etc.

In IPAM Module Nectus uses WMI interface to interact with Microsoft DNS and DHCP servers while Importing and creating reservations.

WMI Integration settings must be complete before Nectus can communicate with Windows Servers in those modules.

To complete WMI Integration go to Settings -> General Settings -> WMI Integration

Click on “WMI Integration” link and complete all the required fields for WMI Service account

that will be used by Nectus connect to Windows Servers via WMI Interface.

WMI Service account should not have password expiration policy to prevent Integration from breaking every time password has to be changed.

Use “Test” button to test Service account credential against any of Windows Servers of your choice.

After connection “Test” is passed WMI Integration is complete.

 

This is the list of WMI System Variables that  can be used in Email and SMS Alerts
“%metric_name%”
“%metric_value%”
“%process_name%”
“%service_name%”
“%unit_name%”
“%wmi_server_ipv4%”
“%wmi_server_hostname%”
“%wmi_server_group%”
“%device_name%”
“%device_id%”
“%filter_name%”
“%event_log_file%”
“%event_type_name%”
“%event_text%”
“%event_source%”
“%event_id%”
“%event_category%”
“%current_time%”
“%time%”

Monitoring Windows Server Storage Utilization with Nectus

In this chapter, you’ll learn how to use WMI to monitor Windows Server Storage Utilization. Nectus lets you create Profiles that specify which Servers to monitor with WMI and to send Alerts related to them. It also provides graphs of Server Utilization over time.

The specific topics we will cover in this chapter are:

  1. What is WMI?
  2. Why Monitor Windows Server Storage Utilization?
  3. Creating a WMI Server Group
  4. Adding a Server to the WMI Server Group
  5. Creating and Configuring a WMI Monitoring Profile
  6. Assigning a Profile to the WMI Server Group
  7. Viewing a Storage Utilization Graph

1. What is WMI?

WMI (Windows Management Instrumentation) is a set of specifications and interfaces that provides information about the status of local and remote computers running Microsoft Windows. In this chapter we look at how Nectus uses WMI to monitor the Storage Utilization on Windows Servers and send Alerts based on that information.

Note: WMI is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) standard and the Common Information Model (CIM) standard from the Distributed Management Task Force (DMTF).

2. Why Monitor Windows Server Storage Utilization?

Monitoring when Storage Utilization goes outside of the expected Thresholds alerts you to various problems. For example, exceeding the Maximum Threshold could indicate that a Server needs a larger disk, or that some other application is using space on the disk. Utilization below the Minimum Threshold could indicate that data is not being received by the Server, or a problem is keeping the data from being written to the disk.

3. Creating a WMI Server Group

To create a WMI Server Group open the WMI Servers Panel on the Nectus Home Screen. Right-click the WMI Servers list. In the menu that appears, click Add New Group.

This opens the “Add New WMI Server Group” dialog box.

Enter a Group Name, then select the Email Groups and SMS Groups that will receive Alerts.

4. Adding a Server to the WMI Server Group

To add a Windows Server to the WMI Server Group right-click the Group and select Add New WMI Server.

This opens the “Add WMI Server” dialog box.

Enter the IP address of the Server you want to add to the Group. Alternately, you can move a Server from its current Group to this Group by right-clicking the Server and using the Move WMI Server to option.

5. Creating and Configuring a WMI Monitoring Profile

To create a WMI Monitoring Profile go to the Nectus Home Screen and select Monitoring -> WMI Monitoring Settings.

This opens the “WMI Monitoring Settings” dialog box.

Click Add Profile -> Disk.

Enter the Monitoring Profile Name and check the Enabled box next to the Disk Used Space metric. Check the types of Alerts you want the Profile to send.

Check the Default Profile box if you want to make this the new default WMI Monitoring Profile.

5.1 Editing Disk Used Space Options

Select the Disk Used Space Options icon to open the “WMI Options – Disk Used Space, %” dialog box.

Set the Alert Thresholds you want to monitor, as well as the number of Consecutive Readings that a Threshold must be exceeded before triggering an alert. Nectus checks the thresholds every 5 minutes, so setting Consecutive Readings to 3 means a value would need to exceed the assigned Threshold for 15 minutes before triggering an alert.

5.2 Editing Disk Used Space Alert Templates

To edit the format of Alerts return to the Disk tab of the “Add WMI Monitoring Profile” dialog box. Click the Disk Used Space Alert Templates icon to open the “Edit Alert Handler” dialog box.

6. Assigning a Profile to the WMI Server Group

In the WMI Servers Panel on the Nectus Home screen, open the WMI Servers list. Right-click the WMI Server Group and select Properties.

This opens the “Edit WMI Server Group” dialog box.

Select the WMI Monitoring Profile to use from the Monitoring Profile drop-down list.

Check the Enable Monitoring box to begin monitoring the Server Group using this Monitoring Profile.

7. Viewing a Storage Utilization Graph

To view a graph of Storage Utilization over time, right-click the Server you want information on and select Disk Used Space Graph.

This opens a “Disk Used Space Graph” which displays the changes in Storage Utilization over time.

 

Monitoring Scope Utilization on Windows DHCP Servers with Nectus

In this chapter, you’ll learn how to use Nectus to enable and configure DHCP Scopes utilization monitoring on Windows DHCP Servers.

Nectus allows network engineers proactively monitor amount of free IP addresses in DHCP scopes and generate E-mail or Text alerts when number of free IP address falls below preset thresholds.

Nectus can also generate alert when number of free IP address exceeds predefined threshold as it may indicate underlying network operation problems when network devices not able reach DHCP server for leases.

Nectus uses basic WMI interface to collect scope and lease statistics from DHCP servers.

The specific topics we will cover in this chapter are:

  1. What is WMI?
  2. Why Monitor DHCP Scopes?
  3. Creating a DHCP Server Group
  4. Adding DHCP Server to Server Group
  5. Creating and Configuring Monitoring Profile
  6. Assigning Monitoring Profile to Server Group

1. What is WMI?

Nectus uses Windows Server WMI interface to collect basic information about DHCP scopes such as total number of IP addresses and current number of active leases.

WMI (Windows Management Instrumentation) is a set of specifications and interfaces that provides information about the status of local and remote computers running Microsoft Windows. In this chapter we look at how Nectus uses WMI to monitor DHCP Scope Utilization  and send alerts based on that information.

Note: WMI is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) standard and the Common Information Model (CIM) standard from the Distributed Management Task Force (DMTF).

2. Why Monitor DHCP Scopes?

Availability of free IP addresses is a critical requirement for modern network. When DHCP scope runs out of addresses users are not able to join your network.

Typical network segments that heavily dependent on DHCP are LAN and Wi-Fi Users.

Several DDOS attack types are specifically targeting DHCP infrastructure and by exhausting DHCP pools with fake lease requests can bring down any network to its knees.

Sometimes regular business growth can cause corresponding grows in IP address utilization and if left undetected can eventual cause an outage and service degradation for DHCP dependent applications.

3. Creating a DHCP Server Group

First step is to create a new Server Group for our DHCP Servers.

Go to the Nectus Home Screen and select WMI Servers -> WMI Servers. In the menu that appears, click Add New Group.

This opens the “Add New WMI Server Group” dialog box.

Complete the fields that define the new Group and set Enable Monitoring.

4. Add a DHCP Server to Server Group

Now we need to define our DHCP Server and add those to Server Group.

To add a Windows DHCP Server to the Server Group right-click the Group and select Add New WMI Server.

This opens the “Add WMI Server” dialog box.

Enter the IP address of the Server you want to add to the Group.

Note: You can move a Server between different Groups by right-clicking the Server and using the Move WMI Server to option.

5. Creating and Configuring Monitoring Profile

Monitoring Profile is a list of Metrics that can be applied to Server Group to tell Nectus which specific metrics must be monitored for given Server Group.

To create new Monitoring Profile to go Monitoring -> WMI Monitoring Settings and press

“Add Profile” button

Monitoring Profile Configuration Interface will appear.

Assign Profile Name and enable “DHCP Scope Usage” check-button on “DHCP” Tab

Configure Max/Max Threshold Values for Alerts by pressing on “Options” button

Note: Monitoring Interval is 5 min therefore 3 for “Consecutive Readings” value will trigger Alert

only if Threshold condition are True for 15 minutes.

6. Assigning Monitoring Profile to Server Group

Next and the final step is to assign Monitoring Profile to the DHCP Server Group that we created.

Right Click on DHCP Server Group in left side panel and Select “Properties”

Select Monitoring Profile from the list of available Profiles and Click on “Enable Monitoring” check-button.

We are all set and ready to start proactive monitoring of your DHCP Infrastructure.

Download the best IPAM    https://www.nectus5.com/download/

 

 

Monitoring Windows Event Log with WMI

In this chapter, you’ll learn how to use WMI to monitor the Windows Event Log. Nectus lets you create profiles that use WMI to monitor specific Events and to send Alerts related to them.

The specific topics we will cover in this chapter are:

  1. What is WMI?
  2. Why Monitor the Windows Event Log?
  3. Creating a WMI Monitoring Profile
  4. Configuring Event Log Monitoring
  5. Assigning a Profile to a WMI Server Group

1. What is WMI?

WMI (Windows Management Instrumentation) is a set of specifications and interfaces that provides information about the status of local and remote computers running Microsoft Windows. In this chapter we look at how Nectus uses WMI to monitor the status of Windows Processes and send Alerts based on that status.

Note: WMI is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) standard and the Common Information Model (CIM) standard from the Distributed Management Task Force (DMTF).

2. Why Monitor the Windows Event Log?

There are many reasons to monitor the Windows Event Log. One of the most important is preventing security breaches. Events that show a configuration change, a failure, or an unexpected login attempt could be triggered by an attack on the server.

3. Creating a WMI Monitoring Profile

To create a WMI Monitoring Profile go to the Nectus Home Screen and select Monitoring -> WMI Monitoring Settings.

This opens the “WMI Monitoring Settings” dialog box.

Click Add Profile -> System.

Create a new Profile by entering the Monitoring Profile Name and checking the Event log monitoring Enabled box. In addition, check the types of Alerts you want to send. See Section 4, “Editing a WMI Monitoring Profile” for details on how to specify which Events you want to monitor and how you want to be alerted.

Check the Default Profile box if you want to make this the new default WMI Monitoring profile.

4. Configuring Event Log Monitoring

To configure Event Log monitoring, open the “WMI Monitoring Settings” dialog box and select the Edit Profile icon for the Profile you want to edit. In “Edit WMI Monitoring Profile” dialog box that appears select the System tab.

4.1 Editing Options

Select the Event log monitoring Options icon to open the “WMI Event Log Filters” dialog box.

Click Add Filter to open the “Add Event Log Filter” dialog box.

Enter the Filter Name and optionally select a specific Event Log File to monitor. Fill out the rest of the fields as necessary to specify the Event you want to monitor. The new filter will appear in the “WMI Event Log Filters” dialog box.

4.2 Editing Alerts and Templates

In the System tab of the “Edit WMI Monitoring Profile” dialog box, check or clear the types of Alerts to send for the Events. To edit the format of the Alerts, open the “Edit Alert Handler” dialog box by clicking the Edit Alert Templates icon.

5. Assigning a Profile to a WMI Server Group

In the WMI Servers Panel on the Nectus Home screen, open the WMI Servers list. Right-click a WMI Server Group and select Properties.

This opens the “Edit WMI Server Group” dialog box.

Check the Enable Monitoring box, then select the WMI Monitoring Profile to use from the Monitoring Profile drop-down list, and specify which groups will receive the Alerts.

The icons to the right of the Monitoring Profile list allow you to edit a Profile or add a new Profile directly from here.

Monitoring Windows Processes with WMI

In this chapter, you’ll learn how to use WMI to monitor Windows Processes. Nectus lets you create profiles that specify which Processes to monitor with WMI and to send Alerts related to them.

The specific topics we will cover in this chapter are:

  1. What is WMI?
  2. Why Monitor Windows Processes?
  3. Creating a WMI Monitoring Profile
  4. Editing a WMI Monitoring Profile
  5. Assigning a Profile to a WMI Server Group

1. What is WMI?

WMI (Windows Management Instrumentation) is a set of specifications and interfaces that provides information about the status of local and remote computers running Microsoft Windows. In this chapter we look at how Nectus uses WMI to monitor the status of Windows Processes and send Alerts based on that status.

Note: WMI is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) standard and the Common Information Model (CIM) standard from the Distributed Management Task Force (DMTF).

2. Why Monitor Windows Processes?

You will normally want a particular set of Windows Processes running on your servers. Nectus can notify you when these Processes run, ensuring you that everything starts properly. You can also watch for specific Processes you don’t want on your servers.

For example, viruses run as Processes. If you know the names of the Processes associated with a specific virus, Nectus can notify you if any of those Processes starts running on one of your servers.

Monitoring for stopped Windows Processes lets you respond quickly to the failure of an important business Process.

3. Creating a WMI Monitoring Profile

To create a WMI Monitoring Profile go to the Nectus Home Screen and select Monitoring -> WMI Monitoring Settings.

This opens the “WMI Monitoring Settings” dialog box.

Click Add Profile -> Processes.

Create a new Profile by entering the Monitoring Profile Name and checking the Enabled boxes next to the metrics you want to monitor. In addition, check the types of Alerts you want to send for each Monitored Metric. See Section 4, “Editing a WMI Monitoring Profile” for details on how to specify which Processes you want to monitor and how you want to be alerted.

Check the Default Profile box if you want to make this the new default WMI Monitoring profile.

4. Editing a WMI Monitoring Profile

To edit a WMI Monitoring Profile, open the “WMI Monitoring Settings” dialog box and select the Edit Profile icon for the Profile you want to edit. In “Edit WMI Monitoring Profile” dialog box that appears select the Processes tab.

4.1 Editing Options

Select the Options icon for the Metric you want to edit to open the “WMI Options” dialog box.

Set the number of Consecutive Readings needed to trigger an alert then click the Add Name button to add the Processes you want to monitor.

4.2 Editing Alerts and Templates

In the Processes tab of the “Edit WMI Monitoring Profile” dialog box, check or clear the types of Alerts to send for each Monitored Metric. To edit the format of the Alerts, open the “Edit Alert Handler” dialog box by clicking the Edit Alert Templates icon.

5. Assigning a Profile to a WMI Server Group

In the WMI Servers Panel on the Nectus Home screen, open the WMI Servers list. Right-click a WMI Server Group and select Properties.

This opens the “Edit WMI Server Group” dialog box.

Check the Enable Monitoring box, then select the WMI Monitoring Profile to use from the Monitoring Profile drop-down list, and specify which groups will receive the Alerts.

The icons to the right of the Monitoring Profile list allow you to edit a Profile or add a new Profile directly from here.

Monitoring of Windows Services with WMI in Nectus

In this chapter, you’ll learn how to use WMI to monitor Windows Services. Nectus lets you create profiles that specify which services to monitor with WMI and how to send alerts related to them.

The specific topics we will cover in this chapter are:

  1. What is WMI?
  2. Why Monitor Windows Services?
  3. Creating a WMI Monitoring Profile
  4. Editing a WMI Monitoring Profile
  5. Assigning a Profile to a WMI Server Group

1. What is WMI?

WMI (Windows Management Instrumentation) is a set of specifications and interfaces that provides information about the status of local and remote computers running Microsoft Windows. In this chapter we look at how Nectus uses WMI to monitor the status of Windows Services and send Alerts based on that status.

Note: WMI is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) standard and the Common Information Model (CIM) standard from the Distributed Management Task Force (DMTF).

2. Why Monitor Windows Services?

Knowing which Windows Services are running lets you spot misconfigured servers easily. You can ensure that all required services such as anti-virus software are running. You can also see if any unwanted services such as a web server are running.

Monitoring for stopped Windows Services lets you respond to the failure of an important service quickly.

3. Creating a WMI Monitoring Profile

To create a WMI Monitoring Profile go to the Nectus Home Screen and select Monitoring -> WMI Monitoring Settings.

This opens the “WMI Monitoring Settings” dialog box.

Click Add Profile -> Services.

Create a new Profile by entering the Monitoring Profile Name and checking the Enabled boxes next to the metrics you want to monitor. In addition, check the types of Alerts you want to receive for each Monitored Metric. See Section 4, “Editing a WMI Monitoring Profile” for details on how to specify which Services you want to monitor and how you want to be alerted.

Check the Default Profile box if you want to make this the new default WMI Monitoring profile.

4. Editing a WMI Monitoring Profile

To edit a WMI Monitoring Profile, open the “WMI Monitoring Settings” dialog box and select the Edit Profile icon for the Profile you want to edit. In “Edit WMI Profile” dialog box that appears select the Services tab.

4.1 Editing Options

Select the Options icon for the Metric you want to edit to open the “WMI Options” dialog box.

Set the number of Consecutive Readings needed to trigger an alert then click the Add Name button to add the Services you want to monitor.

4.2 Editing Alerts and Templates

In the Services tab of the “Edit WMI Monitoring Profile” dialog box, check or clear the types of Alerts to receive for each Monitored Metric. To edit the format of the Alerts, open the “Edit Alert Handler” dialog box by clicking the Edit Alert Templates icon.

5. Assigning a Profile to a WMI Server Group

In the WMI Servers Panel on the Nectus Home screen, open the WMI Servers list. Right-click a WMI Server Group and select Properties.

This opens the “Edit WMI Server Group” dialog box.

Check the Enable Monitoring box, then select the WMI Monitoring Profile to use from the Monitoring Profile drop-down list, and specify which groups will receive the Alerts.

The icons to the right of the Monitoring Profile list allow you to edit a Profile or add a new Profile directly from here.