Veriato Server Manager Guide

Similar documents
Server Manager Help 10/6/2014 1

SpectorSoft Log Manager Help

SpectorSoft Disk Monitor Help

Network Event Viewer now supports real-time monitoring enabling system administrators to be notified immediately when critical events are logged.

NETWRIX EVENT LOG MANAGER

NETWRIX FILE SERVER CHANGE REPORTER

NETWRIX EVENT LOG MANAGER

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

Legal Notes. Regarding Trademarks KYOCERA Document Solutions Inc.

NetWrix SQL Server Change Reporter

WhatsUp Gold v16.1 Installation and Configuration Guide

Advanced Event Viewer Manual

Copyright 2012 Trend Micro Incorporated. All rights reserved.

QUANTIFY INSTALLATION GUIDE

Vector Asset Management User Manual

Metalogix SharePoint Backup. Advanced Installation Guide. Publication Date: August 24, 2015

NETWRIX USER ACTIVITY VIDEO REPORTER

WhatsUp Gold v16.2 Installation and Configuration Guide

NSi Mobile Installation Guide. Version 6.2

NETWRIX CHANGE NOTIFIER

System Administration Training Guide. S100 Installation and Site Management

LifeSize Control Installation Guide

TSM Studio Server User Guide

Features at a Glance. Interrogation. History. Hierarchical Monitoring. Windows Server Monitoring

WhatsUp Gold v16.3 Installation and Configuration Guide

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

EventSentry Overview. Part I About This Guide 1. Part II Overview 2. Part III Installation & Deployment 4. Part IV Monitoring Architecture 13

Windows Server Update Services 3.0 SP2 Step By Step Guide

Avatier Identity Management Suite

NETWRIX WINDOWS SERVER CHANGE REPORTER

Sage Intelligence Financial Reporting for Sage ERP X3 Version 6.5 Installation Guide

Avalanche Site Edition

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

ATX Document Manager. User Guide

enicq 5 System Administrator s Guide

Kaseya 2. User Guide. Version 1.1

There are numerous ways to access monitors:

Avaya Video Conferencing Manager Deployment Guide

NovaBACKUP. Storage Server. NovaStor / May 2011

Citrix Access Gateway Plug-in for Windows User Guide

Integrating LANGuardian with Active Directory

Installation Notes for Outpost Network Security (ONS) version 3.2

OneStop Reporting 3.7 Installation Guide. Updated:

VERITAS Backup Exec TM 10.0 for Windows Servers

Laptop Backup - Administrator Guide (Windows)

Desktop Surveillance Help

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

Novell PlateSpin Recon

Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Installation Guide for Pulse on Windows Server 2008R2

WhatsUp Gold v16.2 MSP Edition Deployment Guide This guide provides information about installing and configuring WhatsUp Gold MSP Edition to central

Freshservice Discovery Probe User Guide

DiskPulse DISK CHANGE MONITOR

Kaseya 2. User Guide. Version R8. English

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Installation Instruction STATISTICA Enterprise Server

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

XIA Configuration Server

NETWORK PRINT MONITOR User Guide

DOCSVAULT Document Management System for everyone

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

Installation Instruction STATISTICA Enterprise Small Business

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

Copyright 2013 Trend Micro Incorporated. All rights reserved.

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

NetWrix Logon Reporter V 2.0

EventTracker Enterprise v7.3 Installation Guide

Content Filtering Client Policy & Reporting Administrator s Guide

Table of Contents. CHAPTER 1 About This Guide CHAPTER 2 Introduction CHAPTER 3 Database Backup and Restoration... 15

Setting Up a Unisphere Management Station for the VNX Series P/N Revision A01 January 5, 2010

Design Better Products. SolidWorks SolidWorks Enterprise PDM Installation Guide

Installation Guide for Pulse on Windows Server 2012

WhatsUp Gold v16.2 Database Migration and Management Guide

Lepide Software. LepideAuditor for File Server [CONFIGURATION GUIDE] This guide informs How to configure settings for first time usage of the software

LepideAuditor Suite for File Server. Installation and Configuration Guide

Table of Contents. Introduction...9. Installation Program Tour The Program Components...10 Main Program Features...11

NeuralStar Installation Guide

Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2

Secret Server Installation Windows 8 / 8.1 and Windows Server 2012 / R2

Pearl Echo Installation Checklist

Synchronizer Installation

Netwrix Auditor. Administrator's Guide. Version: /30/2015

Release Notes for Websense Security v7.2

IBM Security QRadar SIEM Version MR1. Administration Guide

Installation and Configuration Guide

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

AVG 8.5 Anti-Virus Network Edition

Magaya Software Installation Guide

WhatsUp Gold v16.1 Database Migration and Management Guide Learn how to migrate a WhatsUp Gold database from Microsoft SQL Server 2008 R2 Express

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

LifeSize Control TM Deployment Guide

Liebert Nform Infrastructure Monitoring Software. User Manual - Version 4

Migrating TimeForce To A New Server

NetWrix Server Configuration Monitor

safend a w a v e s y s t e m s c o m p a n y

Tracking Network Changes Using Change Audit

Transcription:

r Veriato Server Manager Guide 2/5/2016 www.veriato.com

Table of Contents Getting Started... 7 Getting Started... 7 About Veriato Server Manager... 8 Client Server Architecture... 9 System Requirements... 11 Screencasts... 11 Upgrade from Disk Monitor... 12 Upgrade from Internet Server Monitor... 12 Upgrade from Log Manager... 12 Licensing and Registration... 12 Application Program Interface... 16 PCI DSS Compliance... 17 Terminology... 19 Tutorials... 20 Tutorials... 20 Configure Server Manager to use MySQL... 20 Configure Server Manager to use SQL Server... 25 Configure Server Manager to use the file system... 28 Conserve Disk Space... 31 Migrate to a New Server... 32 Monitor a Rolling Text Log File (IIS)... 33 Monitor CSV Files... 40 Use Gmail as a Backup Email Server... 44 Management Console... 46 Management Console... 46 Object Explorer... 46 Options... 48 Service Connections... 49 Enable and Disable Objects... 50 Monitor Hierarchy... 51 Registry Explorer... 51 Import a Disk List... 53 Filename Masks... 53 Server Manager Properties... 55 Server Manager Properties... 55 Email Settings... 55 Server Manager Guide 2016 Veriato, Inc., all rights reserved. ii

Database Settings... 56 Active Directory Settings... 59 Syslog Server Settings... 60 Web Server Publishing Settings... 62 Management Server Settings... 64 HTML and Email Template Settings... 65 WMI Settings... 68 Web Proxy Server Settings... 69 SNMP Server Settings... 70 Computers, Devices and Hosts... 71 Computers, Devices and Hosts... 71 Add Computers, Devices and Hosts... 71 Assign Computer, Device or Host... 72 Map Computers, Devices and Hosts... 72 Computer, Device and Host Properties... 73 Assign Logon As Credentials... 75 Copy Assignments... 76 Import a Host List... 77 Search for Computers, Devices and Hosts... 77 Browse Active Directory Dialog... 78 Browse Network Dialog... 78 Templates... 79 Templates... 79 Add Template... 83 Assign Template... 84 Template Properties... 84 Reports... 86 Reports... 86 Add Report... 87 Assign Report... 88 Report Properties... 88 Views... 89 Summary Reports... 89 Account Lockout Reports... 90 Security Event Log Reports... 93 Event Log Reports... 112 Syslog Reports... 115 Text Log Reports... 117 Server Manager Guide 2016 Veriato, Inc., all rights reserved. iii

Duplicate Files Reports... 119 File and Directory Access Permissions Reports... 121 File Extension Reports... 123 Largest Files Reports... 123 Least Accessed Files Reports... 125 Recently Accessed Files Reports... 127 Temporary Files Reports... 129 Schedules... 130 Schedules... 130 Add Schedule... 131 Assign Schedule... 131 Schedule Properties... 132 Day and Time Exclusions... 133 Filters... 136 Filters... 136 Add Filter... 137 Assign Filter... 138 Filter Properties... 139 Import and Export Filters... 139 Actions, Alerts and Notifications... 140 Actions, Alerts and Notifications... 140 Desktop Actions, Alerts and Notifications... 142 Add Action... 143 Assign Action... 143 Action Properties... 144 Database Actions... 144 Action Variable Tags... 145 File Output Options... 157 Tray Icon... 158 Auto Configurators... 161 Auto Configurators... 161 Add Auto Configurator... 161 Auto Configurator Properties... 162 Assign Templates to Auto Configurator... 163 Select Active Directory Organizational Unit... 164 Groups... 165 Groups... 165 Server Manager Guide 2016 Veriato, Inc., all rights reserved. iv

Add Group... 167 Assign Group... 167 Log Management... 169 Log Management... 169 Email Logs... 170 Encrypt and Sign Files... 171 Event Log to Syslog... 173 EVT and EVTX Files... 174 Export Logs... 176 Log Repository Retention Policy... 177 Search for Logs... 178 Log Viewers... 179 Log Viewers... 179 Event Log Viewer... 180 Syslog Log Viewer... 180 Text Log Log Viewer... 181 Windows Service... 181 Windows Service... 181 Assign Service Logon As Credentials... 181 Windows Service Log... 182 Run the Service in Verbose Mode... 183 Syslog Server... 183 SNMP... 185 SNMP Server... 185 SNMP Server... 185 SNMP Trap Viewer... 185 Batch Functions... 186 Batch Functions... 186 Batch Assign Computers, Devices and Hosts to a Group... 186 Batch Assign Logon As Credentials... 187 Batch Assign Templates to a Group... 187 Batch Delete Computers, Devices and Hosts... 188 Batch Update Auto Configurators... 189 Batch Update Computers, Devices and Hosts... 189 Batch Update Reports... 190 Batch Update Templates... 190 Select Multiple Auto Configurators... 191 Server Manager Guide 2016 Veriato, Inc., all rights reserved. v

Select Multiple Computers, Devices and Hosts... 191 Select Multiple Logs... 192 Select Multiple Reports... 192 Select Multiple Templates... 193 Troubleshooting... 194 Troubleshooting... 194 Access Denied Errors... 194 Quota Violation Errors... 196 The RPC server is unavailable Errors... 197 Windows Firewall... 199 About Veriato... 200 About Veriato... 200 Contact Us... 200 Third Party Software Notices and/or Additional Terms and Conditions... 201 Server Manager Guide 2016 Veriato, Inc., all rights reserved. vi

Getting Started Getting Started For new users, we recommend that you get acquainted with how Server Manager works. Here are some introductory topics to get you started: Client Server Architecture Management Console Groups Terminology After completing the Server Manager installation for the first time, there are some required configuration tasks you need to complete prior to configuring Server Manager to monitor and report. Required tasks: 1. If you have already purchased a license, register your license. 2. Follow the Server Manager Configuration Wizard. If the wizard does not automatically open, select Tools > Server Manager Configuration Wizard. The wizard includes the following pages: o Service Credentials o Email Settings o Database Settings Optional tasks: Configure Active Directory Connections Configure Syslog Server Settings Configure Web Server Publishing Settings Configure Management Server Settings Configure HTML and Email Template Settings Configure WMI Settings Configure Web Proxy Server Settings What's next? Add Computers, Devices and Hosts Create and assign Templates Create and schedule Reports Create and schedule Auto Configurators Server Manager Guide 2016 Veriato, Inc., all rights reserved. 7

Related Topics Screencasts Tutorials Troubleshooting About Veriato Server Manager Veriato Server Manager is an enterprise-wide systems and application monitoring software package enabling both small business and large enterprise System Administrators to proactively manage their networks and fulfill compliance requirements. Consolidates, archives and monitors logs such as: o o o Windows Event Logs Syslogs Text Logs Includes Security Event Log Reports such as: o o o o o Object Access Auditing Failed Logons, Successful Logons and Logon Sessions Account Management Account Lockout New Accounts Monitors resources such as: o o o Disk space CPU load over time Memory load over time Monitors and controls applications and services such as: o o o o Websites Email servers Databases Windows services and processes Monitors Internet connectivity and throughput. Includes extensive disk and directory monitoring and analysis functions and Reports. Monitors changes to the Windows Registry. Monitors SSL and digital certificate expiration and validity. And more... Server Manager Guide 2016 Veriato, Inc., all rights reserved. 8

How It Works Server Manager... Installs to a single server then remotely manages computers, devices and hosts. Is configured though a client user interface which can be installed to any supported Windows computer at any location. Is an agentless system that utilizes Windows technologies such as WMI and Windows Networking. Fires alerts and notifications through email, SMS, remote desktop popups, SNMP traps and more. Automatically publishes systems and network status to your web server for remote access via your iphone or Android. Generates Reports to HTML, PDF, text and CSV. Related Topics Getting Started System Requirements Client Server Architecture Management Console Client Server Architecture Server Manager is implemented using client/server architecture. The server, referred to as the Server Manager Service, runs as a Windows service and is responsible for all Monitor and Report execution. The client application, referred to as the Management Console, runs on any supported Windows platform and is responsible for all configuration and management. The tray icon, also a client application, is responsible for desktop notifications (e.g. message box and sound alerts). You can install the console and tray icon on as many computers as necessary. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 9

The client/server interface is implemented using TCP port 6766 by default. The TCP interface authenticates all incoming connections using Windows authentication. Access will only be granted if the user accessing the service belongs to the Administrator group. For secure environments, the TCP interface can be configured to encrypt all packets using private keys. For more information see Management Server Settings. To configure the console or tray icon to connect to a remote service installation, see Service Connections. Server Manager is deployed through a single installer that always installs the service, console and tray icon. If you only plan to use the console and/or tray icon, you can disable the Veriato Server Manager service via the Windows Service Control Manager. Related Topics Management Server Settings Service Connections Server Manager Guide 2016 Veriato, Inc., all rights reserved. 10

System Requirements Supported Operating Systems Windows Server 2012, 2008 R2, 2008, or 2003 Windows 8, 7, Vista, or XP Supported CPUs (64-Bit / 32-Bit) Server Manager is offered in both 64-bit and 32-bit Windows installers. Be sure to install the 64-bit installer when targeting 64-bit hardware as the 64-bit installer includes 64-bit binaries. Memory 4 GBs of available memory, 8 GBs suggested for large networks. Microsoft.NET Framework 3.5 Service Pack 1 The installation detects if the.net Framework 3.5 Service Pack 1 is already installed. If not, the framework is automatically downloaded from Microsoft and then installed. Please note the framework may take a significant amount of time to install. Please be patient while the installation completes. Domain Administrator Account To access and manage remote resources Server Manager requires domain administrator credentials. If off-domain, local administrator credentials. The first time the application is run, you will be prompted to assign administrator credentials to the service. Windows Management Instrumentation (client and server) Many functions within Server Manager utilize Microsoft's Windows Management Instrumentation (WMI) API (e.g. Event Log management, CPU, memory, services, processes, Access Permissions Reports). Optional Components Microsoft's SNMP Service - SNMP traps are exposed through Microsoft's SNMP Service. Screencasts Veriato offers video screencast tutorials to help you learn how to use Server Manager. Introduction to Server Manager Server Manager Actions Server Manager Schedules Server Manager Guide 2016 Veriato, Inc., all rights reserved. 11

Event Log Consolidation and Monitoring using Templates Object Access Reports Ping Monitoring and Reporting Complex Event Log Filtering Related Topics Troubleshooting Tutorials Upgrade from Disk Monitor When installing Server Manager on a server that already has Disk Monitor installed, you will be prompted to upgrade. Server Manager includes an upgrade wizard that automatically imports your license and configurations, and optionally uninstalls Disk Monitor. Upgrade from Internet Server Monitor When installing Server Manager on a server that already has Internet Server Monitor installed, you will be prompted to upgrade. Server Manager includes an upgrade wizard that automatically imports your license and configurations, and optionally uninstalls Internet Server Monitor. Upgrade from Log Manager When installing Server Manager on a server that already has Log Manager installed, you will be prompted to upgrade. Server Manager includes an upgrade wizard that automatically imports your license and configurations, and optionally uninstalls Log Manager. Licensing and Registration Server Manager is licensed by the number of nodes being monitored. A node is defined as a unique IP address and/or hostname that is monitored, scanned, or otherwise managed by the Software. You can apply as many Templates (e.g. CPU, memory, disk space, web content, etc.) to each node as necessary. A simple licensing sample: If monitoring a single physical server called mycompany that hosts a web server (www.mycompany.com) and mail server (mail.mycompany.com), 3 nodes within your license will be required for each of the 3 addressable names: mycompany (e.g. Ping monitor) Server Manager Guide 2016 Veriato, Inc., all rights reserved. 12

www.mycompany.com (e.g. HTTP monitor) mail.mycompany.com (e.g. SMTP monitor) NOTE: If each of the 3 addressable names are on the same IP address, using the IP address instead of the addressable names will reduce the required hosts from 3 to 1. To register your license: 1. After purchasing a license from Veriato, you will receive a serial number via email. 2. If not already installed on the target server, install, then open the Management Console. 3. Select Edit > Server Manager Properties. The Server Manager Properties view displays. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 13

4. Select the Licensing tab then click Register License. The Register License dialog displays. 5. Specify the email address used when purchasing. 6. Paste the serial number you received in your order confirmation email. 7. Click Submit. NOTES: If you are running on an isolated network, you can register your license at: www.veriato.com/support/registernodessm.asp Fill out the license registration form. Once complete a license key file will be automatically emailed to you. When moving this software from one server to another or when waiting for your purchasing department to upgrade an existing license, Veriato offers users the option to register up to 10% over the current number of nodes purchased. Anytime your registered node count exceeds the number of nodes you purchased, you will receive a nightly notification email reminding you to reduce the number of registered nodes. To set the maximum node count: The Server Manager licensing enables you to install the Server Manager Service on multiple servers. For example, if you purchased a 100 node license, you could install Server Manager on three different servers potentially located at 3 different sites then configure each installation to monitor 33 nodes. Finally, a forth instance of Server Manager could be installed in a DMZ to monitor a single server within the DMZ for a total of 100 nodes. To set the number of nodes associated with a specific Server Manager installation: Server Manager Guide 2016 Veriato, Inc., all rights reserved. 14

1. Select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Licensing tab. 3. From the Installed Licenses list, select the serial number to update. 4. From the Registration List, select the Host to update. 5. Click Set Maximum Node Count. The Set Maximum Nodes view displays. 6. Set the maximum number of nodes which you would like to manage. If the target host is another remote installation, the target Server Manager Service will automatically update at midnight or can be manually updated by restarting the Veriato Server Manager Service on the effected server. When moving this software from one server to another or when waiting for your purchasing department to upgrade an existing license, Veriato offers users the option to register up to 10% over the current number of nodes purchased. Anytime your registered node count exceeds the number of nodes you purchased, you will receive a nightly notification email reminding you to reduce the number of registered nodes. To reset your license: If you need to move a license to another computer, you can reset your own license for registration on the new server. 1. Select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Licensing tab. 3. From the Installed Licenses list, select the serial number to return. 4. From the Registration List, select the Host you are no longer using then click Return License. 5. When prompted to confirm to return the license and disable all associated monitors, click Yes. If the target host is another remote installation, the target Server Manager Service will automatically update at midnight or can be manually updated by restarting the Veriato Server Manager Service on the effected server. To renew your maintenance: When your maintenance is about to expire, you can upgrade through the Management Console. 1. Select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Licensing tab. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 15

3. From the Installed Licenses list, select the serial number to renew then click Renew Maintenance. You will be re-directed to your Internet browser where you can then renew online. If the server you are on does not have internet access you can renew at: www.veriato.com/purchase/renewal.asp To upgrade or add more nodes to your license: If your license only provides access to a sub-set of Templates and/or Reports or you would like to add more hosts to your current installation, you can upgrade through the Management Console. 1. Select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Licensing tab. 3. From the Installed Licenses list, select the serial number to upgrade then click Upgrade License. You will be re-directed to your Internet browser where you can then upgrade online. If the server you are on does not have internet access you can upgrade at: www.veriato.com/support/offers.asp?itemid=41 Application Program Interface Server Manager enables users to write custom applications to view monitor history data. For example, a user could create an application that shows ping response times or disk utilization over a period of time. Consumption of history data can obtained when saving history to SQL Server, MySQL or Oracle. At this time there is no API to access file system based history. Server Manager saves each monitor's history to a unique table. The table name for each monitor uses the following format: M[HOST_ID]_[TEMPLATE_ID] Host ID The internal object ID. Template ID The internal object ID. For example: H100_200 To view a Host ID: 1. From the Object Explorer, navigate to the target computer, device or host. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 16

2. Right-click and select Host Properties. The Host Properties dialog displays. 3. The Host ID is listed within the General tab. To view a Template ID: 1. From the Object Explorer, navigate to the target Template or Monitor. 2. Right-click and select Template Properties. The Template Properties view displays. 3. The Template ID is listed within the General tab. PCI DSS Compliance Server Manager provides software solutions to meet PCI DSS compliance requirements as defined in v2.0 section 10 of the PCI Data Security Standard. Section Requirement 10.2 Implement automated audit trails for all system components to reconstruct the following events. Solution Out-of-the-box Security Event Log filters and Reports such as: Failed Logons Success Logons Account Management Logon Sessions New User Accounts Account Lockout Real-time and scheduled monitoring of all Object Access Security Event Log entries. 10.4 Using time-synchronization technology, synchronize all critical system clocks and times and ensure that the following is implemented for acquiring, distributing, and storing time. Note: One example of time synchronization technology is Network Time Protocol (NTP). Pre-installed Synchronize Clocks Template which uses NTP to synchronize clocks on all discovered Windows servers. 10.5 Secure audit trails so they cannot be altered. Pre-installed Event Log File Backup Template which can be scheduled to consolidate to a central log server then encrypt, password protect and digitally sign output files ensuring file integrity. Includes a File Consolidation Template which Server Manager Guide 2016 Veriato, Inc., all rights reserved. 17

can be scheduled to consolidate to a central log server any set of files then encrypt, password protect and digitally sign output files ensuring file integrity. Pre-installed Syslog Backup Template which can be scheduled to archive consolidated Syslog messages to a central log server then encrypt, password protect and digitally sign output files ensuring file integrity. 10.5.3 Promptly back up audit trail files to a centralized log server or media that is difficult to alter. 10.6 Review logs for all system components at least daily. Log reviews must include those servers that perform security functions like intrusion-detection system (IDS) and authentication, authorization, and accounting protocol (AAA) servers (for example, RADIUS). Note: Log harvesting, parsing, and alerting tools may be used to meet compliance with Requirement 10.6. Pre-installed Event Log Consolidation Template which can be scheduled to download Event Logs to a central log server then save to SQL Server, MySQL, Oracle or our own binary file format. Includes a Syslog Server that is pre-configured to save all received Syslog messages. Optionally supports saving messages to SQL Server, MySQL or Oracle. Includes several Text Log Monitoring Templates that can be configured to save all entries to a central log server. Supported output includes: SQL Server, MySQL, Oracle and our own binary file format. Includes: Numerous log viewers that enable users to page through large volumes of data, hide duplicate entries, filter and merge multiple logs into a single view. Out-of-the-box filters. Customizable filters with AND, OR, NOT, criteria nesting and regular expression support. Automated and on-demand Reporting. Related Topics Payment Card Industry (PCI) Data Security Standard Server Manager Guide 2016 Veriato, Inc., all rights reserved. 18

Terminology Term Action Definition A configurable object that executes a function when: A monitor triggers, recovers, errors or completes. A Report is complete or errors An Auto Configurator is complete or errors Auto Configurator Desktop Action Filter Host Log Repository A configurable object used to monitor new servers and workstations. When utilized in large environments, Auto Configurators can be a very powerful tool enabling Server Manager to automatically monitor new and renamed servers without any interaction. Desktop Actions are defined as Actions that are executed within a user's Windows desktop (e.g. message box alerts, sound alerts and optionally interactive file execution) A configurable object used to target or limit specific log entries or computers from real-time and consolidated log views, Monitors and Reports. Filters can also be used when manually searching computers in Active Directory or through an Auto Configurator. Term used to refer to either a computer, a device (e.g. switch, router or firewall) or a hostname (e.g. www.veriato.com). A database or file system location where log entries are saved. Primary Log Repository - Contains the LATEST consolidated log entries. Archive Log Repository - Contains ARCHIVED consolidated log entries previously saved to the Primary Log Repository Auxiliary Log Repository - Contains AUXILIARY or BACKUP consolidated logs. Typically used to view old database backups for auditing purposes. Monitor Report Schedule Management Console The result of a host-template assignment causing the function to execute on a scheduled basis (e.g a ping monitor). A configurable object that enables users to receive summarized data on-demand or on a scheduled frequency. Reports typically output to an HTML file or email. A configurable object that defines the frequency to execute a Monitor, Report or Auto Configurator (e.g. daily at 6:00 AM or every 5 minutes). The client application used to configure the service, view logs and manually execute Monitors, Reports and Auto Configurators. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 19

Server Manager Service Server Manager Tray Icon Template The server application responsible for executing Monitors, Reports and Auto Configurators. The service is implemented as a Windows Service. The client application that enables your Windows desktop to display system status, receive desktop notifications (e.g. message box alerts, sound alerts and optionally interactive file execution) and launch the Console. A configurable object that defines properties for an executable function that is assigned to one or more hosts, host groups, Template groups and Summary Reports. Tutorials Tutorials The following tutorials are available: Configure Server Manager to use SQL Server Configure Server Manager to use MySQL Migrate to a New Server Monitor a Rolling Text Log File Monitor CSV Files Use Gmail as a Backup Email Server Forum If none of these topics help, please see our online forum at: http://spectorlive.com/phpbb3/ Screencasts Veriato offers several video screencast tutorials to help you learn how to use Server Manager. The screencasts can be found at: http://www.veriato.com/products/server-manager/tutorials.asp Configure Server Manager to use MySQL In this tutorial, we walk you through the process of downloading, installing and configuring MySQL. Once completed, we will configure Server Manager to use MySQL when saving history and log entries. Lastly, we will download logs to the MySQL database and verify entries were written to the database. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 20

Step 1: Download and install MySQL Community Server Download and install MySQL Community Server from: http://mysql.com/downloads/mysql/ Step 2: Download and install MySQL Workbench The MySQL Workbench enables you to configure and manage MySQL. Download and install from: http://mysql.com/downloads/workbench/ Step 3: Create new server instance The first time you open the workbench you must add the connection to your database. From the Home page select New Server Instance. Follow the wizard adding in your connection information. Step 4: Create databases 1. From the Home page, under the SQL Developmentcolumn, double-click on the connection to your database. The SQL Editor view is displayed. 2. From the toolbar click the button. The new_schema - Schema tab displays. 3. From the Name text box type CBSM 4. From the Collation drop-down select utf8 - default collation. 5. Click OK. The Apply SQL Script to Database dialog displays. 6. Click Apply then Finish. 7. Create 2 more databases, one for the Archive Log Repository named CBSM_ARCHIVE and the other for the History database named CBSM_HISTORY. Once all 3 databases have been created the MySQL Workbench lists the 3 databases as seen below: Server Manager Guide 2016 Veriato, Inc., all rights reserved. 21

Step 5: Create the database user and assign privileges 1. From the Home page, under the Server Administrationcolumn, double-click on the sever instance. The Admin view is displayed. 2. From the Task and Object Browser view, select Users and Privileges. The Users and Privileges view displays. 3. From the Server Access Management tab, click Add Account 4. Set the Login Name to cbsmuser. 5. Enter a Password then duplicate the password in the Confirm Password text box. 6. Select the Administrative Roles tab. 7. From the Role list check DBA. 8. Click Apply. The MySQL configuration process is now complete. Step 6: Configure the Log Repositories and History 1. From Server Manager, select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Databases tab. 3. Create the Primary Log Repository. 1. Click the button. 2. From the Role drop-down select Log Repository. 3. Specify a Name (e.g. MySQL Primary Log Repository). 4. From the Provider drop-down select MySQL. 5. Specify the Server name. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 22

6. Set the User name to cbsmuser. 7. Specify the Password you set earlier. 8. Set the Database to CBSM. 9. Click the button. The database is automatically initialized. 4. Create the Archive Log Repository. Follow the the instructions above, however; 1. Set the Name to MySQL Archive Log Repository. 2. Set the Role to ArchiveLogRepository. 3. Set the Database to CBSM_ARCHIVE. 5. Create the History database. Follow the the instructions above, however; 1. Set the Name to MySQL History. 2. Set the Role to History. 3. Set the Database to CBSM_HISTORY. Step 7: Test and verify the configuration 1. From the Object Explorer, add a new computer. 2. Assign the sample Event Log Consolidation and Monitoring Template. 3. Right-click on the Monitor you just created under your new computer and select Execute Now (Verbose). 4. The Application, System and Security Event Logs are downloaded and saved to the MySQL Primary Log Repository you just created and configured. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 23

5. From the Object Explorer, expand Log Repositories > SQL Server Log Repository then navigate to the computer you just downloaded the logs from. 6. Expand the computer to find the Event Logs node. 7. Expand the Event Logs to find the Application, System and Security nodes. 8. Right-click on the Application node and select View Top 10000 Consolidated Log Entries. The Select Display Filters dialog displays. 9. Check the Information, Warning and Error options then, if a filter is selected, click the button to clear the filter. Finally click OK. The Log Viewer displays. 10. Verify entries are displayed in the view. 11. From MySQL Workbench, within the SQL Editor, right-click then select Refresh All. The 3 databases you created are now listed. 12. Expand the CBSM > Tables node. Several table display including a table for each consolidated log. 13. You should now see a new table called [servername]_evt_application where [servername] is the name of the server you downloaded the logs from. If you see this table, you have successfully downloaded the Event Log and saved it to your MySQL database, otherwise the Primary Log Repository is not configured to use this database. Check the Server Manager configurations and try again. MySQL Log Repository Schema Defined The Primary and Archive Log Repositories require the following tables: Table level facility priority Description Contains a list of the Event Log levels (Information, Warning, Error, Audit Success, and Audit Failure). Contains a list of the Syslog facilities. Contains a list of the Syslog priorities. event_logs Contains an index of consolidated Event Logs. syslogs text_logs Contains an index of consolidated Syslogs. Contains an index of consolidated Text Logs. Each log file is consolidated to its own table using the following naming conventions: Log Type Table Event Log [host]_evt_[log] Syslog Text Log [host]_syslog [GUID] - Since the only thing that uniquely identifies a text log is the filename and a filename can easily exceed the maximum length of a table name, a GUID is used in place of the filename. The text_logs table maps the consolidated text log s filename to the GUID Server Manager Guide 2016 Veriato, Inc., all rights reserved. 24

enabling the software to identify which table to read and write entries from. Related Topics Conserve Disk Space Database Settings Log Repository Retention Policy View Logs Configure Server Manager to use SQL Server In this tutorial, we walk you through the process of configuring SQL Server. Once completed, we will configure Server Manager to use SQL Server when saving history and log entries. Lastly, we will download logs to the SQL Server database and verify entries were written to the database. Step 1: Create the databases 1. Open Microsoft SQL Server Management Studio. 2. From the Object Explorer, expand Databases. 3. Right-click then select New Database. 4. From the Database name text box type CBSM 5. Optionally, set the autogrowth to 100 MBs then click OK. The database is created. 6. Create 2 more databases, one for the Archive Log Repository named CBSM_ARCHIVE and the other for the History database named CBSM_HISTORY. Step 2: Create the database user 1. From the Object Explorer, expand Security. 2. Right-click then select New Login. The New Login dialog displays. 3. From the Login name text box type cbsmuser. 4. Check SQL Server authentication. 5. Type a password. 6. Un-check Enforce password policy. 7. Click OK. The user is created. Step 3: Assign the user to the databases 1. From the Object Explorer, expand Databases > CBLM > Security. 2. Right-click then select New User. 3. From the User name text box type cbsmuser. 4. From the Login name text box type cbsmuser. 5. From the Select a page view, select Membership. The Database role membership view displays. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 25

6. Check db_owner. 7. Click OK. The user is assigned. 8. Repeat these steps for the CBSM_ARCHIVE and CBSM_HISTORY databases. Step 4: Configure the Log Repositories and History 1. From Server Manager, select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Databases tab. 3. Create the Primary Log Repository. a. Click the button. b. From the Role drop-down select Log Repository. c. Specify a Name (e.g. SQL Server Primary Log Repository). d. From the Provider drop-down select SqlServer. e. Specify the Server name. f. Set the User name to cblmuser. g. Specify the Password you set earlier. h. Set the Database to CBSM. i. Click the button. The database is automatically initialized. 4. Create the Archive Log Repository. Follow the the instructions above, however; Server Manager Guide 2016 Veriato, Inc., all rights reserved. 26

a. Set the Name to SQL Server Archive Log Repository. b. Set the Role to ArchiveLogRepository. c. Set the Database to CBSM_ARCHIVE. 5. Create the History database. Follow the the instructions above, however; a. Set the Name to SQL Server History. b. Set the Role to History. c. Set the Database to CBSM_HISTORY. Step 5: Test and verify the configuration 1. From the Object Explorer, add a new computer. 2. Assign the sample Event Log Consolidation and Monitoring Template. 3. Right-click on the Monitor you just created under your new computer and select Execute Now (Verbose). 4. The Application, System and Security Event Logs are downloaded and saved to the SQL Server Primary Log Repository you just created and configured. 5. From the Object Explorer, expand Log Repositories > SQL Server Log Repository then navigate to the computer you just downloaded the logs from. 6. Expand the computer to find the Event Logs node. 7. Expand the Event Logs to find the Application, System and Security nodes. 8. Right-click on the Application node and select View Top 10000 Consolidated Log Entries. The Select Display Filters dialog displays. 9. Check the Information, Warning and Error options then, if a filter is selected, click the button to clear the filter. Finally click OK. The Log Viewer displays. 10. Verify entries are displayed in the view. 11. From SQL Server Management Studio, within the Object Explorer, right-click then select Refresh. 12. Expand the Databases > CBSM > Tables node. Several table display including a table for each consolidated log. 13. You should now see a new table called [servername]_evt_application where [servername] is the name of the server you downloaded the logs from. If you see this table, you have successfully downloaded the Event Log and saved it to your SQL Server database, otherwise the Primary Log Repository is not configured to use this database. Check the Server Manager configurations and try again. SQL Server Log Repository Schema Defined The Primary and Archive Log Repositories require the following tables: Table level Description Contains a list of the Event Log levels (Information, Warning, Error, Audit Success, and Audit Failure). Server Manager Guide 2016 Veriato, Inc., all rights reserved. 27

facility priority Contains a list of the Syslog facilities. Contains a list of the Syslog priorities. event_logs Contains an index of consolidated Event Logs. syslogs text_logs Contains an index of consolidated Syslogs. Contains an index of consolidated Text Logs. Each log file is consolidated to its own table using the following naming conventions: Log Type Table Event Log [host]_evt_[log] Syslog Text Log [host]_syslog [GUID] - Since the only thing that uniquely identifies a text log is the filename and a filename can easily exceed the maximum length of a table name, a GUID is used in place of the filename. The text_logs table maps the consolidated text log s filename to the GUID enabling the software to identify which table to read and write entries from. Related Topics Conserve Disk Space Database Settings Log Repository Retention Policy View Logs Configure Server Manager to use the file system In this tutorial, we walk you through the process of configuring Server Manager to use the file system to save history and log entries. Lastly, we will download logs to the file system and verify entries were written to the directory. Step 1: Create the directory 1. Open Windows Explorer. 2. Create 3 directories. One for the History, Primary Log Repository and the Archive Log Repository. Step 2: Configure the Log Repositories and History 1. From Server Manager, select Edit > Server Manager Properties. The Server Manager Properties view displays. 2. Select the Databases tab. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 28

3. Create the Primary Log Repository. a. Click the button. b. From the Role drop-down select Log Repository. c. Specify a Name (e.g. Primary Log Repository). d. From the Provider drop-down select FileSystem. e. Specify the Path (e.g. c:\logs\primary Log Repository). f. Choose the Encoding. The default is UTF-8. Use UTF-16 when the primary language requires Unicode (e.g. Japanese). g. Click the button. The database is automatically initialized. 4. Create the Archive Log Repository. Follow the the instructions above, however; a. Set the Name to Archive Log Repository. b. Set the Role to ArchiveLogRepository. c. Set the Path (e.g. c:\logs\archive Log Repository). 5. Create the History directory. Follow the the instructions above, however; a. Set the Name to History. b. Set the Role to History. c. Set the Path (e.g. c:\logs\history). Step 3: Test and verify the configuration 1. From the Object Explorer, add a new computer. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 29

2. Assign the sample Event Log Consolidation and Monitoring Template. 3. Right-click on the Monitor you just created under your new computer and select Execute Now (Verbose). 4. The Application, System and Security Event Logs are downloaded and saved to the SQL Server Primary Log Repository you just created and configured. 5. From the Object Explorer, expand Log Repositories > Primary Log Repository then navigate to the computer you just downloaded the logs from. 6. Expand the computer to find the Event Logs node. 7. Expand the Event Logs to find the Application, System and Security nodes. 8. Right-click on the Application node and select View Top 10000 Consolidated Log Entries. The Select Display Filters dialog displays. 9. Check the Information, Warning and Error options then, if a filter is selected, click the button to clear the filter. Finally click OK. The Log Viewer displays. 10. Verify entries are displayed in the view. 11. From Windows Explorer, navigate to Primary Log Repository directory. 12. From the list view, you should see a file for each consolidated log. 13. You should now see a new table called [servername]_evt_application.elf where [servername] is the name of the server you downloaded the logs from. If you see this table, you have successfully downloaded the Event Log and saved it to your file system, otherwise the Primary Log Repository is not configured to use this directory. Check the Server Manager configurations and try again. Each log file is consolidated to its own file using the following naming conventions: Log Type Table Event Log [host]_[log].elf Syslog Text Log [host].slf [GUID] - A GUID is used in place of the filename. The text_logs.dat file maps the consolidated text log's filename to the GUID enabling the software to identify which table to read and write entries from. Related Topics Conserve Disk Space Database Settings Log Repository Retention Policy View Logs Server Manager Guide 2016 Veriato, Inc., all rights reserved. 30

Conserve Disk Space When saving Event Logs to the Log Repository and using the File System format, new entries are downloaded and saved to a temporary file. Once the download is complete, the previously downloaded entries are appended to the temporary file. If saving data for a long period of time or if a server is generating large Event Logs over a short period of time, such as the Security Event Logs for example, these temporary files may get large (around 20 GB). To optimize Server Manager to conserve disk space: From the Database Settings properties page, configure Server Manager to use SQL Server. Use Range Schedules to evenly distribute Event Log downloads over time. The end result is a process that regularly downloads Event Logs rather than a process that fires off 90 downloads all at once. The default Event Log Consolidation Template uses an Hourly Range Schedule that automatically distributes Event Log downloads every hour. Limit the log retention policy to a manageable period. For example, save entries for 15 days in the Primary Log Repository and another 45 days in the Archive Log Repository for a total of 60 days. Every month at the end of the month make a database backup of the Archive Log Repository and save it to your organization's archives. When using an Event Log Consolidation and Monitoring Template, limit Post Consolidation Filter use. Instead, use Reports to access data on a daily basis rather than using post consolidation filters, which can result in frequent emails. Related Topics Database Settings Filters Log Repository Retention Policy Schedules Server Manager Guide 2016 Veriato, Inc., all rights reserved. 31

Migrate to a New Server When necessary, Server Manager can be moved to a another server. To move your installation of Server Manager to another server: 1. Install the latest version of the software on the current server. a. From the server the Server Manager Service is installed, ensure the latest version of Server Manager is running. From the local Console, select Help > Check for Update. b. Once you have verified the latest version is running, backup the current configuration. From the local Console, select Tools > Backup Configuration. The Browse for Folder dialog displays. c. Select the diretory to backup the current configuration files too. 3. Choose a directory you can access from your new server. 2. a. Click OK. 4. Return the license. a. After purchasing a license from Veriato, you will receive a license key or set of keys via email. b. Install and run Server Manager. c. Select Edit > Server Manager Properties. The Server Manager Properties view displays. d. Select the Licensing tab then click Register License. The Register License Key dialog displays. e. Specify the email address used when purchasing and the license key you received via email. f. Click Submit. 5. Install, register and import the backed up configuration files on the new server. a. From the new server, download and install the latest version from http://www.veriato.com/support/downloads.asp?itemid=41. b. Select Edit > Server Manager Properties. The Server Manager Properties view displays. c. Select the Licensing tab then click Register License. The Register License Key dialog displays. d. Specify the email address used when purchasing and the license key you received via email. e. Click Submit. f. If you were previously using local databases to store history and/or log entries, use your database tools to restore the databases to the new server. g. Select Tools > Restore Configuration. When prompted to confirm to overwrite the current configurations, click Yes. The Browse for Folder dialog displays. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 32

h. Select the folder that contains the configuration files you previously backed up. i. Click OK. j. If you were previously using local databases to store history and/or log entries, select Edit > Server Manager Properties. The Server Manager Properties view displays. Select the Databases tab. From the Databases drop-down, select each database then click Test Connection. If the test fails, verify the settings and try again. Monitor a Rolling Text Log File (IIS) Many applications such as Internet Information Services (IIS) Manager, log to a daily log file. Each day the application creates a new file that contains the date within the name, for example ex100625.log or 2010 June 25th. This format is simple to implement and enables system administrators to easily archive log files. This tutorial shows you how to monitor rolling text log files by configuring Server Manager to monitor IIS logs. After verifying the requirements, check the location the log files reside on the IIS server, then configure the Text Log Consolidation Template in Server Manager. Requirements: Server 2012 Internet Information Services (IIS) version 8.x To check the log file location on the IIS server: 1. Logon to the target server. 2. From the Start menu select Administrative Tools > Internet Information Services (IIS) Manager. 3. From the left pane, select the target web site. 4. From the right pane, double-click Logging. 5. The log file path is listed within the Directory text box. By default the path is: %SystemDrive%\inetpub\logs\LogFiles, which expands to: c:\inetpub\logs\logfiles. IIS writes the log files to a sub-directory called: W3SVC1 This is the directory you want to monitor. Now that you have the location, you need to configure Server Manager to monitor the directory. To configure the Text Log Consolidation Template: 1. Select File > New > Template. The Select Template Type dialog displays. 2. From the menu tree, expand Log Management > Text Log Management. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 33

3. Double-click Text Log Consolidation. The Template Properties dialog displays. 4. From the General tab, set the Name to IIS Log Monitor. Use the default settings. 5. Select the Logs tab. 6. From the Servers/Workstations drop-down, select the server where IIS is installed. 7. From the Available Files tree, select the directory where the log files are located. The path displays in the text box below. 8. From the text box, append: \u_ex>yymmdd>.log 9. Click. The software checks the target directory for the existence of a file that matches the current date. If a file is not found, verify IIS is running, a daily log file exists and the mask has been entered correctly. If found, a prompt displays listing the discovered file: Server Manager Guide 2016 Veriato, Inc., all rights reserved. 34

10. When prompted to add the mask, click Yes. The mask is added to the Assigned Files list. 11. Select the Function tab. 12. Use the Logical Name tab to specify a logical name which to consolidate all discovered log files. If you do not specify a Logical Name, each discovered file is saved to a unique database table. Automated Text Log Reports and Log Repository Retention Policy Templates require masked directory monitors to consolidate to a logical name. 13. Check Use logical filename then type: u_ex.log 14. Use the Entry Pattern tab to define how Server Manager decyphers unique log entries. Since IIS log entries are limited to a single line, leave the Enable entry pattern recognition option disabled. 15. Use the Read Method tab to define how each file is read the first time the file is discovered or updated. Use the default option Beginning of file. This read method will read all current entries in a newly discovered/monitored files, then consecutively read from the last known position. 16. Use the Consolidation, Filters and Actions tab to apply a consolidation filter, Log Repository Retention Policy Template and post consolidation Filters and Actions (e.g. to trigger an email alert when a specific entry is read). Create a filter that passes all "HTTP GET" requests and assign an action. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 35

a. Click Add. The Assign Filter and Action dialog displays. b. Click. The Create New Filter dialog displays. c. Set the Name to HTTP Get Requests. d. Click New Criteria. e. From the Value text box, type GET. f. Check Match case. g. From the Criteria control group click Apply. The criteria is added to the Group and Criteria Tree. h. Click OK. The Filter is assigned. i. From the Action drop-down, select Actions > Email > Send an Email. j. Click the Edit action button. The Action Properties dialog displays. k. Verify an email address is assigned. If one is not, add a valid email address. Click OK. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 36

l. Click OK. The Filter and Action are added to the Post Consolidation Filter and Actions list. 17. Click OK. The Template is created and assigned to the localhost. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 37

18. Verify the monitor is running. a. From the Object Explorer, expand Computers, Devices and Hosts. b. Locate and expand your localhost. The IIS Log Monitor node displays. c. Right-click and select Explore. The Monitor Detail view displays. d. This view should show the monitor is running and every minute a new history line item should be added showing the monitor's results. e. From the Object Explorer, expand Log Repositories. f. Locate and expand your localhost. The u_ex.log node should now display. If the node is not visible press F5. If the node is still not visible, verify the IIS log contains data and the Log Repositories have been configured correctly. 19. Test the Monitor, Filter, and Action. a. Open your Internet browser then navigate to: http://localhost. b. At the top of the next minute, Server Manager should trigger an email alert that contains the targeted log entries. If the Action fails to email, check your Email Settings and try again. Server Manager Guide 2016 Veriato, Inc., all rights reserved. 38

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information