How To setup Windows centralized Monitoring

Article created 2005-04-21 by Hamid Ali Raja
Last Updated 2005-08-02 by Timm Herget.

Windows NT/2000/XP/2003 systems monitoring is really important for all small to large sized enviroments. MonitorWare line of products helps to accomplish this important task. This article is to help you establish a small setup to monitor your Windows NT/2000/XP and 2003 systems.

This article is strictly task focused. It does not describe why the systems should be monitor nor does it provide any further background. Please see the respective backgrounders or each of the products documentation on this. This article is a step-by-step description of what you need to do in order to centrally monitor your Windows NT/2000/XP and 2003 systems.

This article has been extracted from the MonitorWare Agent documentation. Please be sure to check the MonitorWare Agent online help if a newer version is available.

Centralized Event Reports

In this step-by-step guide, MonitorWare Agent is configured to work together with Adiscon’s MonitorWare Console to automatically generate event summaries for the monitored servers and other devices.

This guide focuses on a typical small to medium business topography with a single geographical location and 5 Windows clients and a central hub server. All systems are well connected via a local Ethernet. Event reports from all machines should be stored in a database. The administrator shall receive daily consolidated event reports.

What you need

In this guide, I am focusing on building a solution with Adiscon's MonitorWare Agent and MonitorWare Console. This combination allows you to centralize all your event logs and report events from them. Free 30 day trial versions are available at the respective product sites (links below), so you can try the system without the need to buy anything.

You need to run the following products:

• one MonitorWare Agent for each system that is to be monitored. In our scenario, this means 6 copies, one for each client and one for the central hub server to be monitored.
• one MonitorWare Console to generate consolidated reports based on the gathered log data.

• To deliver MonitorWare Console's reports, you need a local web server (for example Microsoft's IIS or Apache) and a mail server capable of talking SMTP (most modern servers support this)

You need administrative privileges on each of the machines. This is required both for installation and configuration. Make sure you log on with a sufficiently privileged user account.

Step 1 - Download Software

As you read the MonitorWare Agent manual, you most probably downloaded the MonitorWare Agent. If you haven’t, please visit www.mwagent.com/en/download to do so. In addition to the agent, you also need MonitorWare Console. A free, full-featured 30 day trial is available at http://www.mwconsole.com/en/download/.

Step 2 - Install MonitorWare Agent

Run the MonitorWare Agent setup program on all systems that should be monitored. This means you need to run it on all 5 clients and the central hub server. Take a note of the central hub server IP address or host name. You’ll need this value when configuring the agents on the client machine. For our example, we assume this system has an IP address of 192.168.0.1.

For larger installations (with many more servers) there are ways to set it up in a simpler fashion, but in a scenario like ours, it is faster to install it on each machine manually. You can install it with the default settings. When setup has finished, the program automatically is configured to operate as a simple syslog server. However, it does not yet create the log in our database we need. So we will go ahead and change this on each of the machines or by launching it on one machine and remotely connecting to the others. It is your choice. In this sample, I use the MonitorWare Agent on each machine (it is easier to follow).

Step 3 – Create a RuleSet for Forward by SETP

The steps to configure the agents are as follows (repeat this on each of the 5 client machines). This step needs not to be done on the central hub server!:

1. Start the application.

2. Selected language is English.

3. Then define a new rule set, right click "Rules". A pop up menu will appear. Select "Add Rule Set" from this menu. On screen, it looks as follows:

4. Then, a wizard starts. Change the name of the rule to whatever name you like. We will use "Forward SETP" in this example. The screen looks as follow:


Click "Next". A new wizard page appears.

5. Select only Forward by SETP. Do not select any other options for this sample. Also, leave the "Create a Rule for each of the following actions" setting selected. Click "Next". You will see a confirmation page. Click "Finish" to create the rule set.

6. As you can see, the new Rule Set "Forward SETP" is present. Please expand it in the tree view until the action level of the "Forward SETP" Rule and select the "Forward by SETP" action to configure.

7. Now, type the IP address or host name of our central hub server in the "Servername" field:

8. Make sure you press the "Save" button - otherwise your changes will not be applied.

Step 4 – Create a RuleSet for database logging

This step needs only to be done on the central hub server!

1.Start the Application.

2. Again, you can select the language to use. And again, I suggest using English, as this makes the guide easier to follow.

3. Then define a new rule set, right click "Rules". A pop up menu will appear. Select "Add Rule Set" from this menu. On screen, it looks as follows:

4. Then, a wizard starts. Change the name of the rule to whatever name you like. We will use "Database Logging" in this example. The screen looks as follow:

5. After above steps you will see that the new Rule Set "Database Logging" is present. Please expand it in the tree view until the action level of the "Database Logging" Rule and select the "Database Logging" action to configure.

6. Now click on the Data Sources (ODBC) button to open the ODBC Data Source Administrator. Then choose the "System DSN" tab and click the "Add" button to add a new System-DSN (Select the Microsoft Access driver like in the screenshot below).

8. In the next step, click the "Select button" and go to the application installation directory (Usually C:\program files\instalationfolder\) and choose the sample database called sample97.mdb. After that name the new DSN with "MyDatabaseDSN" like in the following screenshot and press OK.

9. Now close the ODBC Data Source Administrator and switch back to the application client and insert "MyDatabaseDSN" in the DSN field. Leave all other settings in their default and save the changes.

Step 5 – Create an Event Log Monitor Service

The steps to configure the MonitorWare Agents are as follows (repeat this step on each of the 5 client machines and the central hub server!):

1. First, right click on "Services", then select "Add Service" and then "Event Log Monitor".


Once you have done so, a new wizard starts.

2. Again, you can use either the default name or any one you like. We will use "My Event Log Monitor" in this sample. Leave the "Use default settings" selected and press "Next".

3. As we have used the default, the wizard will immediately proceed with step 3, the confirmation page. Press "Finish" to create the service. The wizard completes and returns to the configuration client.

4. Now, you will see the newly created service beneath the "Services" part of the tree view. To check its parameters, select it:


As you can see, the service has been created with the default parameters.

If you want to generate reports (using MonitorWare Console) on the data via this service i.e. EventLogMonitor, then you have to uncheck the "Use Legacy Format" option. This is recommended. If you don't uncheck this option then meaningful reports aren't generated (i.e. reports are not properly consolidated by MonitorWare Console).

Now, if you click Advanced Options button, you will see a pop up window as shown below:

If you want to generate reports (using MonitorWare Console) on the data via this service i.e. EventLogMonitor, then you have to uncheck the "Use Legacy Format" option. This is recommended. If you don't uncheck this option then meaningful reports aren't generated (i.e. reports are not properly consolidated by MonitorWare Console).

Now you must differentiate between clients and central hub server. In clients use the "Forward SETP" RuleSet we have created in Step 3, select it as rule set to use. In central hub server select the "Database Logging" RuleSet we have created in Step 4. Leave all other settings in their default.

Finally, save the change.

Step 6 – Create a SETP Server Service

The steps to configure the agents are as follows (only central hub server!):

1. First, right click on "Services", then select "Add Service" and the "SETP Server".



Once you have done so, a new wizard starts.

2. Again, you can use either the default name or any one you like. We will use "My SETP Server" in this sample. Leave the "Use default settings" selected and press "Next".

3.As we have used the default, the wizard will immediately proceed with step 3, the confirmation page. Press "Finish" to create the service. The wizard completes and returns to the configuration client.

4. Now, you will see the newly created service beneath the "Services" part of the tree view. To check its parameters, select it:



As you can see, the service has been created with the default parameters.

5. To use the "Database Logging" RuleSet we have created in Step 4, select it as rule set to use.

6. Last, save the change and then restart the application. This procedure completes the configuration of the SETP server.



Application cannot dynamically read changed configurations. As such, it needs to be restarted after such changes.

Step 7 – Preparing Web Server for MonitorWare Console

MonitorWare Console publishes its reports through the local web server (central hub server). To avoid confusion, we recommend creating a separate directory on the web server for MonitorWare Console. Let us assume that you use Microsoft Internet Information Server and run it with the default configuration. Then, your web pages are stored in the c:\inetpub\wwwroot directory. Create a subdirectory "MonitorWareConsole" directly under this directory.

Step 8 – Installing and Configuring MonitorWare Console

• MonitorWare Console 2.1 - Installation and Configuration Steps

Step 9 – Generating Reports with MonitorWare Console Manually

This section explains how the reports can be generated with MonitorWare Console manually. Since "System Status" Report is most comprehensive report that tells a detailed description about the network, in this section I will explain this report only. Please note that, the procedure for generating any report is almost the same.

• How To Generate Reports with MonitorWare Console 2.1 Manually

Step 10 – Scheduling the Generation of Reports with MonitorWare Console

This section explains how the reports can be generated with MonitorWare Console automatically using Job Manager. With Job Manager, you can generate all the reports based on a pre-defined schedule and ask it to either store it in some location on the hard disk or send it to specified recipient via email. Once again, I will explain the scheduling of System Status Report in this section. Please note that, the procedure for scheduling any report is the same.

• How To Schedule Reports with MonitorWare Console 2.1

You are done!

Well, this is all you need to do to configure the basic operations. Once you are comfortable with the basic setup, you can enhance the system with local pre-filtering of event, enhanced logging and alerting (with MonitorWare Agent) and changing report options (with MonitorWare Console).

I hope this article is helpful. If you have any questions or remarks, please do not hesitate to contact us at support@adiscon.com.