EventSentry can be easily configured using Event Log, Log File, Health and Tracking packages. Packages contain one or more monitoring objects and are either assigned globally, to computer groups or to individual computers. EventSentry ships with a number of pre-configured packages which mostly exclude unwanted events from being sent to your email notifications. These packages are constantly under development and can be downloaded from within the management application. Packages contain information such as:
- Event log filters which instruct EventSentry to forward one or more events to a notification (e.g. email)
- Log File rules which instruct EventSentry how to consolidate and process log files (flat files)
- Disk Space Monitoring settings (e.g. alert when disk space is below 500Mb on C drive)
- Service Monitoring settings (e.g. alert when any of the IIS services is not running)
- Performance Monitoring settings (e.g. which counters to monitor and their respective alert settings)
- Logon Tracking settings (e.g. track all logon information)
The collector is a central component which enables a 3-tier architecture in EventSentry and sits between the remote agents and the service (usually the database or email service). In a nutshell, it provides the following benefits:
- Agents only communicate with the collector over a single port
- All traffic can be encrypted and compressed
- Database connection details do not need to be stored on the agents
- All collected data is cached on the agents if and while the collector is unreachable
- Configuration & Agent updates can be deployed automatically
- Mobile clients can continue to securely transmit logs and other metrics over the Internet without interruption
The collector service supports Windows-based clients and is included at no additional cost.
Remote Update allows you to easily administer and update monitored computers running the EventSentry agents. With the multi-threaded remote update feature you can push out the latest agents (e.g. after an update or a patch installation) but also send the latest configuration to the remote computers quickly and easily. Remote update supports managing servers and workstations from different domains.
The remote update procedure can also be completely automated using the command-line Remote Update utility, which can be scheduled to run at regular intervals (e.g. twice a day) through the Windows scheduler and will ensure sure that:
- All agents have the latest configuration
- All computers have the latest agent installed
- All computers have the agent installed and running
If one or more of your computers groups are linked to an Active Directory OU or group then the Remote Update Utility can also automatically install the agent on computers that were added to the linked OU or group.
Hosts can be added to the management console in a variety of ways:
- Added manually
- Imported from a text file
- Imported from a network (IP) scan
- Imported from an Active Directory OU or group
- Imported from the legacy Windows network neighborhood
In addition, groups can also be linked to an Active Directory OU or Active Directory group
, making the management of the group completely effortless. The computers are now synced with Active Directory and automatically refreshed every time a remote update action is performed or the remote update utility is executed.