Computer Monitoring | The Linux Servers

Linux Servers and Techie stuff

Computer Monitoring

What MaxFocus (formerly GFI) offers

I’ve been poking around MaxFocus for awhile now and am impressed by what their MSP’s can do.  Their pricing is highly competitive and the monitoring capability they bring to the table can really level the playing field, enabling better competition between the smaller players and the more established ones.

Here’s what their monitoring software brings to the table:

On-Site Assistance

At times, situations will be encountered where our remote efforts will not work. For example, if you need a new hard drive installed, or a new network card, or some other kind of effort that requires an engineer to be onsite.  In these situations, our preferable method would be to use your “normal guy” for this.  Every company has what is referred to as a ‘break/fix’ guy that they go to for the urgent on-site assistance.  We can add this contact to our alerting so as problems arise, they are aware.

We can also help you with your Search Engine Optimization efforts, identifying where you can do better, where your competition is beating you and coming up with a game plan to improve your Google rankings, so call your favorite Atlanta SEO professionals and give us a chance to help you improve your rankings.

In the absence of such a contact, Watchdog IT Services can send a person onsite at our normal rate or $125.00 per hour.

24×7 Checks

  • Disk Space Check
    • This enables you to set a threshold to send an alert when disk space falls below a defined percentage or free space amount.
    • If you specify an alert when less than 25%, it will alert you when free space remaining falls below 25%
    • If you specify an alert when less than 5 GB, it will alert you when there’s less than 5 GB remaining.
  • Performance Monitoring
    • Server Performance Monitoring available in Agent 6.5 onwards may be used as a form of preventive maintenance to identify any bottlenecks or critical resources on your server before they cause increased delays and other problems allowing you to fine tune or upgrade the system. Through Server Performance Monitoring, data is obtained that may prove useful when diagnosing any problems as well as allow you to build a performance profile of the system which can be used to identify abnormal load.
      • Processor Utilization
      • Process Queue Length
      • Memory Usage
      • Network Interface
      • Physical Disk
    • Ping check
      • The PING Check provides an easy and effective way of testing network device connectivity as it checks every five or fifteen minutes – depending on the frequency you chose – and will alert you when the device fails to respond. This ensures that devices (internal or external) are responding to PING requests.
      • Uses:
        • Ping non-windows hosts such as Linux, Unix or Apple to ensure they are reachable
        • Check to ensure WAN connections are up and remote offices are reachable
        • Check availability of equipment within the local network such as network devices, printer, routers, etc.
        • Ping customer machines and even web servers to ensure they are active
      • TCP Service check
        • The TCP Service Check alerts you to security risks and malfunctioning TCP/IP Services/applications, so you can spot developing problems on the network, and fix them before they become big disasters.
        • The TCP Check monitors a specified port on an IP address or hostname on the LAN, WAN or internet every five or fifteen minutes, and alerts you if it is either open or closed.
        • Uses:
          • Manage security risks on the network – ensuring some ports such as 25 (SMTP), 80(HTTP), 3389(RDP), 1723(PPTP) are not open when they shouldn’t be
          • Ensure Network Services such as DNS, DHCP and Wins are active
          • Be alerted when
            • …the clients mail server is not accepting connections
            • …the client’s database is not accepting connections
            • …required ports on non-Windows machines are not accepting connections
            • …when the clients SMTP gateway is not accepting connections
            • …VPN services are no longer available
            • …specific ports are open when they shouldn’t be
          • Web Page check (although we do not typically support our customers websites, we offer this service and will give you a courtesy call when we determine there is a problem)
            • This checks every 5 or 15 minutes to ensure that the targeted page is serving up text that you would expect to see. For example, you can do a continuous web page check to ensure that the specified text exists.  If it’s not there, you are alerted that something’s amiss with the site.
            • Uses
              • Test for the presence of specific text strings
              • Test to ensure static IP has not changed
            • Windows Service Check
              • The Windows Services Check monitors Windows Services every five or fifteen minutes – depending on the frequency you chose – and alerts if a service has stopped. Configuration of this check allows a “restart” to be attempted when a check finds the service is not started.
            • SNMP Check
              • The Advanced Monitoring Agent queries the SNMP management software and sends the results to the DashBoard, generating an Alert where the returned result does not meet the expected range or value. The Advanced Monitoring Agent itself does not generate any SNMP messages.
            • Bandwidth Monitoring Check
              • Bandwidth Monitoring available in Agent 6.6 and above can be used to identify any network bottlenecks and which devices are hogging available network bandwidth. Resolving network bottlenecks can lead to a superior quality of service for your customers due to reduced network response times as well as helping to minimize costs as hardware and bandwidth provision can be matched to actual requirements. Alternatively, this may provide the opportunity to sell new hardware and increased bandwidth to meet requirements.
            • File Size Check
              • The File Size Check allows you to monitor the size of a group of files, folders (and subfolders) generating an alert when the size of the group is greater or less than the specified threshold.
            • Event Log Check
              • The Event Log Check monitors the Event Logs and can be configured to query a specific Event Log based on the following indicators: “Event ID”, “Event Type”, “Event Source” and “Description”. Alerting where the specified information is, or is not, discovered in an Event Log entry.
                • Event Types can be one or all of the following: “Information”, “Warning”, “Error”, “Success Audit” or “Failure Audit”.
                • Can be configured to check for messages from specific applications as well as messages that contains specific text strings.
              • Script Check
                • The Script Check allows you to upload, deploy and run your own scripts as a 24×7 or Daily Safety Check. User defined script tasks allow you to upload, deploy and run your own scripts as an Automated Task to a specific schedule (daily, weekly or monthly) or when a check fails.

Daily Health Checks

  • Anti-Virus Update Check
    • This checks that your client’s anti-virus pattern file is in sync with the vendor’s latest published version. We receive a feed of this information on every vendor update.  This check compares what’s operating on the server against what the vendor says is the current version.  If a discrepancy exists, you’ll be alerted.
  • Backup Check
    • The Backup Check queries your client’s backup on the days specified to determine the status of the backup, ensuring that in the event of any problems on the client’s server there is a backup to restore from.
  • Drive Space Change Check
    • Alerts you when the data on the disk has grown by more than X% in the past 24 hours, where X is a threshold set by you. This may be an indication of something amiss going on in the server.
  • Exchange Check
    • This check determines the overall size of the Information Store.  When the store reaches this size, the system crashes and time-consuming recovery ensues.  It isn’t pretty. Most of our users make this an every-unit-item so that they never need waste engineering time again to recover from such a situation.
  • Hacker Check
    • This check watches for denied login attempts and alerts you if they exceed a specific threshold.
      • Monitors the following event IDs – if any of them exceed the threshold, an alert is generated:
        • 529 – unknown user name or bad password
        • 530 – account logon time restriction violation
        • 531 – logon failure – account disabled
        • 532 – logon failure – account expired
        • 533 – logon failure – user not allowed to log onto specific computer
        • 534 – logon failure – user not allowed to log onto specific type of machine
        • 535 – logon failure – password expired
        • 539 – logon failure – account is locked out
        • 548 – ?? – MS says no such event ID.
        • 644 – user account locked out due to excessive failed login attempts
        • 672 – Authentication Ticket Granted – successful logon (only included in this calculation when Event Type is “Failure Audit”).
        • 675 – login used valid domain name account but bad password
        • 676 – Win2000 logs when initial login fails for reason other than 675. Win2003 does not log this error.
        • 4625 – Account failed to log on, regardless of logon type, location of the user or type of account
      • Physical Disk Check
        • This check determines if any SMART (Self-Monitoring, Analysis and Reporting Technology) disks are reporting errors to the operating system and alerts you. Note that this check works only with disks that use SMART capabilities. Check with your manufacturer.
      • Critical Events Check
        • This check scans any of the event logs on your client server looking for any critical events during the past 24-hours. This is a good catch-all that may show growing problems on a server and highlight the need for you to investigate.
        • Can be set to either “Alert” mode, or to “Report” mode
          • Alert Mode – sends an alert, posts a red “X” in the Dashboard, fault info available in dashboard and Critical Events Report
          • Report Mode – does not send an alert, posts a green “X” in the dashboard, fault info available in dashboard and Critical Events Report
        • SNMP Check
          • The Advanced Monitoring Agent queries the SNMP management software and sends the results to the DashBoard, generating an Alert where the returned result does not meet the expected range or value. The Advanced Monitoring Agent itself does not generate any SNMP messages.
        • File Size Check
          • The File Size Check allows you to monitor the size of a group of files, folders (and subfolders) generating an alert when the size of the group is greater or less than the specified threshold.
        • Event Log Check
          • The Event Log Check monitors the Event Logs and can be configured to query a specific Event Log based on the following indicators Event ID, Event Type, Event Source and Description. Alerting where the specified information is, or is not, discovered in an Event Log entry.
        • Windows Server Update Service (WSUS) Check
          • The WSUS Check queries the WSUS database for the last synchronization information and reports this back to the DashBoard, along with the number of critical updates that have not yet installed successfully on all computers.
            • Only available on machines with WSUS installed – the WSUS Server.
            • To query on SBS 2008 WSUS machine, the Advanced Monitoring Agent service must be a member of the WSUS Administrators
          • Script Check
            • The Script Check allows you to upload, deploy and run your own scripts as a 24×7 or Daily Safety Check. User defined script tasks allow you to upload, deploy and run your own scripts as an Automated Task to a specific schedule (daily, weekly or monthly) or when a check fails.

Automated Tasks

  • Defragmentation – uses the operating systems Defrag utility
  • Clear Event Log – removes all entries from specified event logs
  • Cleanup – removes unwanted temporary files and logs (temp, cookies, history, etc)
  • Malwarebytes – updates, scan and/or repair
  • Reboot – reboot with timeout and comment to be placed in system event log
  • Service control – start, stop and restart Windows Services using either Service Name or Display Name.
  • Customized Scripts – created and uploaded to the Dashboard, they become choices for Automated Tasks.

Asset Tracking

  • Reports
    • Client Inventory Report
    • Modification Report
    • Software License Report
    • XML or SQL dump format
  • Hardware
    • Drives
    • Motherboard
    • BIOS
    • Graphics card
    • Network Interface Card, etc
  • Licensed Software
    • Name
    • Version
    • Date
    • Software License Groups – shows count of licenses in use against “paid for” license counts
  • All Software
    • Shows all software installed on a device
    • Can be configured to show if “Banned” software is installed. Banned software must first be configured in Software License Groups.
  • Installed Hotfixes
    • Shows all Microsoft hotfixes that have been installed
  • Installed Updates
    • Shows all Microsoft updates that have been installed

Our Services

Watchdog Monitoring and Remote Management Services

At the heart of our offerings is the basic premise that it’s much better to prevent downtime than it is to react to downtime.  In this, we are strongly positioned to provide a comprehensive proactive approach to monitoring and managing your environment, thereby preventing or greatly reducing any unexpected downtime.  This, of course, is highly preferable to a reactive course of action that us usually more expensive in terms of getting somebody onsite as well as the effect on your business.

At a very high level, we provide three areas of service – Remote Monitoring, Remote Management, and On-site Assistance

Remote Monitoring

At Watchdog IT Services, we will monitor over 50 different “pressure points” in your IT infrastructure that can bring your business to a screeching halt if not cared for properly.

  • Backup software: Did your last backup complete successfully?  Are you sure?  If you need to recover data, what is the most recent data that is available for recovery?
  • Anti-Virus: Is your Antivirus software up to date?  Is it running?  Are you sure a worker didn’t turn it off for some reason?
  • Patch Management: What is the status of your patches in your environment?  Did you miss a critical patch?
  • Network functionality: What is the status of your network?  Are you experiencing any outages?  Are you approaching the point where you need more bandwidth?
  • Disk Drives: Are you running daily scans of your hard drives to check for errors or corruption?  Are you aware of any drives that may be filling to capacity?
  • Performance Monitoring: How fast are your systems running?  Should they be running faster?  What’s causing the slowdown?
  • Windows Events: What types of system events are occurring that you’re not aware of?  Some of these are trivial…most in fact, but some can be critical and provide early warning of impending problems.  We’ll look at these on a daily basis for you too.

Remote Management

At Watchdog IT Services, we are able to directly log into your environment to fix problems as they arise, oftentimes before you are even aware that a problem existed. This, of course, is dependent on you granting us authority to do so.  A monthly report will be provided to you to detail every remote login session we initiate for auditing purposes, as we fully understand this kind of work requires trust and tracking.

Resources

We’ve stated that supporting your business is our business and we cannot do that to the best of our ability without sharing important resources with you.  The better educated you are, the better you environment will run.  Of course, we are more than happy to completely monitor/manage your environment, but we also understand some business owners are interested in learning more – so below are some key resources to help you on your way.