2.08k likes | 2.3k Views
CA Nimsoft Monitor 6.0 N imsoft System Administrator Training. 211 – Day 3. Daily Agenda. Morning Probe Integrations NAS Setup NAS Auto-Operators Notification Options Afternoon Event Correlation LUA Fundamentals Nimsoft LUA API Functional LUA Examples. Day 3 Review / Q&A.
E N D
CA Nimsoft Monitor 6.0Nimsoft System Administrator Training 211 – Day 3
Daily Agenda • Morning • Probe Integrations • NAS Setup • NAS Auto-Operators • Notification Options • Afternoon • Event Correlation • LUA Fundamentals • Nimsoft LUA API • Functional LUA Examples
Probe Integrations Lesson 1
Probe Integrations • SYSLOG’ing • snmpget/snmptd/snmpgtw • adogtw • Various ServiceDesk integrations • cmdbgtw / cmdb_lookup • HA
Syslog Checking • Syslog Checking within Nimsoft takes place using 3 key components within Nimsoft • Setup the Sysloggtw probe on a Hub in your environment • Setup an Attach Queue on the Hub to capture messages with a specific subject • Setup a profile in Logmon to look for Errors, Warnings, or other Important Keywords
sysloggtw Disable this
SYSLOG-OUT and Repository setup • Set a destination for relaying SYSLOG messages • SYSLOGGTW auto-creates a subscriber queue for SYSLOG-OUT messages • Sending log messages to file for storage can be accomplished directly through the probe’s logging facility • $date or $logsource as name • Rotate on size or date range • Set Retention limit as well
Exercise 1 | Exercise Companion Day 3 Exercise 1 – Syslog Checking
SNMPGET • Configure Agent Profiles for each Host to check • Checkpoint groups can be added for grouping • Apply Checkpoints to the Profiles (or groups) • Create Templates of Checkpoints for quick and easy deployment • Supports Drag & Drop from rtf for adding
Adding OIDs • First select the Add MIB option if you need to upload a new MIB • Next Launch the MIB Browser to walk the MIB and place the ROOT OID in the text box before choosing a full Browse and hitting GO • Select OIDs and either drag or hit the Green Plus ‘+’ sign to add • OIDS may be added manually if desired
Adding OIDs • First select the Add MIB option if you need to upload a new MIB • Next Launch the MIB Browser to walk the MIB and place the ROOT OID in the text box before choosing a full Browse and hitting GO • Select OIDs and either drag or hit the Green Plus ‘+’ sign to add • OIDS may be added manually if desired
Adding OIDs • First select the Add MIB option if you need to upload a new MIB • Next Launch the MIB Browser to walk the MIB and place the ROOT OID in the text box before choosing a full Browse and hitting GO • Select OIDs and either drag or hit the Green Plus ‘+’ sign to add • OIDS may be added manually if desired
SNMPTD • Configure to accept SNMP Traps from hosts and convert them into NM Server Alarms with Custom Messages • Same as SNMPGET, upload new MIB’s and reload upon finish prior to adding if doing through Browser or Add manually • Also allows for Listening through Trap Monitor interface and Security Management of C-Strings
Setting a Wildcard profile • You can create an Enterprise specific trap type with trap number of * to easily achieve a Generic filter for the MIB • Select: • Default/Standard SNMP Traps, ChooseNew • Set: • Generic trap type: Enterprise specific OID • Specific trap number: *
Exercise 2 | Exercise Companion Day 2 Exercise 2 – Create a Wildcard Profile in SNMPTD
SNMPGTW • SNMPGTW allows for SENDING SNMP traps out from Nimsoft to other systems • Uses a structure of 1.3.6.1.4.1.4055.X Where X = <SubSystem-ID> • Fields sendable by the SNMP trap gateway: • Level • Subsystem • Message • Suppression key • Probe ID • Source (host) • User Tag 1 / 2 • Origin • Arrival • Tz Offset • Nim ID Robot • Domain
SNMPGTW • Add profiles mapped to the other systems • Use existing or Right-click to add new profiles • Map Alarm or Message Levels appropriately
ADOGTW • Like sql_response, adogtw allows for accessing ANY SQL compliant Database and: • Alarm – send alarms • Publish – send messages • QoS – send QoS • Subscribe – Insert Messages • When PULLING Info: • Set Thresholds/QoS for Resp Time, Size, or Value • Set the form and shape of messages from the dataset • When PUTTING Info: • Choose to Subscribe to a type of message and insert
ADOGTW Tips The query - There are some rules that you should follow when you create a query: • Use column names in the query. • E.g. SELECT a, b FROM table1. • Try to limit the number of rows that is returned by the query. It is not funny getting 12432 alarms every 5 minutes. • Use selects like this one if possible: SELECT a, b FROM table1 WHERE somedate < DATEADD(n,-10,GETDATE()) • Use queries that returns one row if you can. E.g. SELECT count(*) as rows FROM table1 • Remember that each row returned by a query results in one alarm or on message. Using column variables • It is possible to use variables in most fields in Alarm and Publish profiles. The number of variables available depends on the select statement used in the query. Always use column names in the query. • E.g. SELECT a, b FROM table1. This makes it easier to determine the variables available in the profile. In this case $a and $b. • The example above could in an Alarm profile result in a Message definition like this: $a contains $b. Each variable will be replaced with the corresponding value from the select. Using message variables • This applies to the Subscribe profile only. When you create a table that you are going to use to insert Nimsoft messages try to use the same name on the columns as the variables used in the message (PDS). You can use a sniffer tool (the hub) to find out what the message contains.
Service Desk Integrations • Nimsoft ServiceDesk – NSDGTW • CA Service Desk – CASDGTW • HP OpenViewServiceDesk – HPOVSDGTW • BMC Remedy – REMEDYGTW • Unicenter – TNGGTW • Service Now – SNCGTW* • FrontRange Heat – HEATGTW* • Salesforce – SFDCGateway • Other Platforms – email, API, etc
Nimsoft Service Desk Integration • Implement the probe • Obtain from Archive • Create the Linkage Mechanism • Create an User ID and link within the probe • Configure the connection • Make sure you ENABLE the right ID in NSD and have the right IP • Map the dependencies • Configure which CCTI’s should be fed from the alarm info • Test the functionality • Plan out Auto-creation • Use NAS Auto-Operators to route alarms to tickets automatically instead of relying on manual assignment process
CMDBGTW • Allows for Scheduled exporting of System Table contents into Configuration Management DB’s (CMDB) to maintain lists of monitored elements • WHAT is exported is configurable but an XSLT is required for translating SLM DB output into XML • Predefined Template and intake XSLT is provided for NSD integration (see site) • CCTI elements must still be configured ahead of time
Alarm Enrichment • Alarm Enrichment is used by service providers (and large enterprises) to gain more control over the assignment of alarms, dashboards and reports to customers. • It does this by dynamically changing the origin field on alarms and qos_data, based on lookup tables retrieved from any SQL/JDBC compliant CMDB. • It also changes (lowers) the severity of alarms for devices that are undergoing maintenance. • Main Problems addressed • Multi-tenancy • Maintenance
What’s the problem? • Multi-tenancy • Based on “origin” field • Configured at Hub or Robot level • But some customers need multi-tenancy at probe or profile level • Examples: • Customer needs to monitor urls for multiple customers from same robot • Customer has switches on which interfaces belong to different customers
What’s the problem? • Maintenance • NM Server “Maintenance mode” works at Robot level • Suspends all probes on that robot • But some customers want to put a “device” or an “application” in maintenance • Examples: switch, database, website, …
Alarm Enrichment functionality • Corrects origin value on alarms and QoS • Looks up correct value in a user-defined db table • If not found in table, alarm origin is not changed • Suppresses alarms or lowers severity for objects under maintenance • Looks up what’s under maintenance in a db table
How does it work? - BEFORE NAS alarm Hub qos_message Data engine DB
How does it work? - AFTER NAS alarm2 Alarm Enrichment alarm Hub sql qos_message Data engine DB
Alarm message interception Before After
HA options • Standard Windows cluster • “Any” software can run in a cluster • Nimsoft is software • HA probe • Built-in Nimsoft failover functionality
Nimsoft failover issues • WhenHubgoesdown, robots failoverautomatically • Butwhathappenstothemessages? • Alarms • QoS • And the SLM components? • Whathappensto off-boardmonitoringonthehub? • Net_connect, interface_traffic, etc. • And whataboutautomatednotifications? • AO profileslike Email, SMS, etc.
HA probe functionality • When the primary hub goes down, the HA probe will: • Start / stop queues • Stop forwarding queues from secondary to primary • Start attach queues for local probes • Start / stop probes • NAS (?) • SLM components • Central off-board monitoring (but!) • Start / stop AO profiles
SQL DB HA Watchdog Normal operation Primary hub Secondary hub Post QoS messages NAS replication
SQL DB HA Watchdog After failover Primary hub Secondary hub Post QoS messages NAS replication
Exercise 3 | Exercise Companion Day 3 Exercise 3 – Explore the HA Probe
NAS Setup & Status Lesson 2
NAS Setup & Status • Explore the basic parameters that make NAS work the way it does • See how the Status tab can be used for effective Post-mortem analysis • See how scanning timely Hot Spot reports can illuminate problem monitors or subjects