EventSentry v2.93.1 – Part 1

We are excited to announce the availability of EventSentry v2.93.1, the latest release of our award-winning log, system health and network monitoring solution. This is the first post in a series of articles that will explain the new features and changes of EventSentry v2.93.1 in detail.

This post will provide a high-level overview of the new functionality available in EventSentry, subsequent posts will go into more details on the individual enhancements.

The main new features in EventSentry are:

  • Easier setup & deployment with new installer & built-in database
  • Vastly improved Performance Monitoring
  • Additional packages for performance monitoring
  • Support for USB-only temperature/humidity sensors
  • Improved hardware inventory for DELL & HP servers
  • Warranty expiration information for DELL, HP & IBM servers
  • Improved monitoring engine
  • Usability enhancements in management console
  • Increased throughput for Heartbeat monitoring

Easier setup & deployment with new installer & built-in database

In version 2.93 we switched to a new installer software and added a built-in database to EventSentry. Up until version 2.92, we utilized an MSI-based installer, which turned out to not be a good choice for EventSentry. While MSI is a powerful technology with many benefits, it caused more problems than it solved for us, so we switched to a “traditional” installer. The new installer software allows us to create non-Windows installers as well, something we’re already utilizing in the installation of the next-generation web reports beta.

The new installer automates a lot of tasks with IIS (Internet Information Services) which previously needed to be done manually, this results in a much better user experience overall. We also introduced a new “Configuration Assistant”, which configures and upgrades EventSentry components on your behalf.

Another major improvement is the newly added support for PostgreSQL, which is also bundled as an embedded database now. This makes the initial setup of EventSentry significantly easier for users who don’t already have a database setup, or who don’t have much database experience. When selected, the installer sets up an isolated PostgreSQL database instance just for EventSentry, no PostgreSQL knowledge and/or installation is required. If you already have PostgreSQL in your environment, you can utilize an existing database server as well.

Of course we still support other databases as well, including MS SQL Server, MS SQL Server Express, MySQL and Oracle.

For users utilizing a Non-MS-SQL Server database, deployment of agents has been significantly improved. The EventSentry management console now automatically deploys the ODBC drivers for PostgreSQL or MySQL to the remote hosts when a PostgreSQL and/or MySQL database is configured (since Windows only ships SQL Server ODBC drivers by default).

All these improvements combined result in a vastly improved setup and deployment of EventSentry, which will be particularly useful for new installations.


Improved Performance Monitoring

Performance Monitoring has always been one of the most popular features in EventSentry; not surprising since it’s an extremely powerful and flexible feature. We improved the following:

  • Alerts now show additional information, including the counter description
  • Added support for floating point counters
  • Improved the user interface
  • Combine two performance counters into a single performance counter
  • Added trend detection
  • Added automatic alert suppression
  • Added wildcard support for instance exclusion
  • Added support multiple databases
  • Significantly improved the speed of the performance status page

Secondary Counter: Divide a performance counter by a secondary counter, to calculate dynamic performance values that are otherwise not directly available through existing performance counters.


Trend Detection: EventSentry can now attempt to detect leaks in performance counters, especially useful for counters that indicate the current memory or handle count usage of a process (but of course useful for other counters as well). This can help detect problems in early stages, before they cause disruption on the monitored server.

Alert Supression: EventSentry can keep track of historical performance counter values, and can suppress performance alerts if the current counter value matches a pattern. For example, if the CPU usage of a processor is always high on Thursday between 8pm and 10pm, then, after a baseline is established, EventSentry will check the (continously evolving) baseline and suppress alerts.


The user interface has improved, and shows the current counter value of a counter, and also show active instances of a counter (if available), for easier exclusion of those instances.

Additional Packages for Performance Monitoring

Version 2.93.1 also ships additional system health packages out of the box; templates for Exchange Server, Hyper-V, SQL Server and others help new users setup performance monitoring with just a few clicks. The following default performance monitoring packages are now available:

  • Microsoft Exchange Server 2010 (7 packages)
  • Microsoft Exchange Server 2003
  • .NET
  • Active Directory
  • Hyper-V
  • IIS
  • Sharepoint
  • SQL Server


Part 2 will explain the remaining new features in detail, click here to continue.

A Better & Faster Ping

The fping.exe utility has been part of the NTToolkit for a few years, with the “f” standing for “fast”. As you may have guessed, the purpose of the tool was to offer a faster way to ping remote hosts. The tool was inspired by Linux (and other Non-Windows Operating Systems), where pinging a remote host (especially one that is online) is lightning fast. Back then I wrote fping as part of an exercise to get a better handle on ICMP and network programming as well. The original fping utility uses raw sockets to send (and receive) ICMP packets, without utilizing any external networking libraries.

Using raw sockets has a few disadvantages however, as it requires administrative access, and on Vista and later an elevated (=administrative) command prompt – often an inconvenience. I decided erase those inconveniences and also add a few new options to the tool while I was at it – in order to make fping even more useful for IT pros.

Introducing fping v1.2 with the following new functionality:

  • 1. Administrative rights or elevated command prompt no longer required
  • 2. Play sound (4 built-in sounds supported) on success and/or failure
  • 3. Supports simple Solaris-like mode
  • 4. Fully customizable, and stores presets


Play Sound
Now you may wonder why on earth you would want your ping utility to play sounds, other than to annoy your coworker(s). I often find myself in a situation where I’m rebooting a server remotely, which more often than not takes longer than I’d like it to. So rather than stare at the fairly monotonous ping output, wouldn’t it be nice if you could just let your ping utility run in the background and “hear” when the server is back up? That’s exactly what this feature is designed for (unless, of course, your coworker(s) NEED to know when you ping a host). You can tell fping when to play a sound either when a ping was successful, or when a packet was lost – so it works either way. So if you’re troubleshooting or monitoring an unstable link, you can tell fping to “ding” when a packet is lost.

For those who like choice, there are 4 built-in sounds to choose from.

Simple Output
More often than not I just want to know if a host is up or not. I don’t need to send 4 packets and I don’t need to know the average, minimum and maximum round-trip time. Simple mode does just that, it tells you whether a host is up or not. Solaris(c) systems do that by default, and it’s a nice feature. You can also use the /u switch with the brief output.


Most ping utilities (including fping) are very customizable. You can control the number of packets, the packet size, sound, display mode and the delay. But everybody uses tools differently. Some people like to send 2 packets, others 6. Some people want details, some people like it simple. With fping, you simply set your preferences (e.g. 2 packets, 64 bytes, small delay, verbose output, sound on success, etc.) and store it as the default. Now every time you run fping again, it will use those defaults – no reason to remember command line switches. Want to divert from the defaults? No problem: Anything you specify on the command-line will override the default(s), or you can clear the defaults with one simple switch.

This latest version of fping.exe is not yet included in the official NTToolkit installer and is only available in the nightly NTToolkit zip folder. You can download it from the Free Downloads section at, just look for “Nightly Download”. This zip file contains the latest stable versions of all NTToolkit utilities.


As always, let us know if you have any suggestions for fping, or any of the other NTToolkit utilities.