While event log monitoring can relay certain alerts from the operating system, it is unfortunately insufficient for accurately monitoring and tracking a computers health. EventSentry's system monitoring fills this gap, by natively monitoring all core components of the operating system. System Health Monitoring not only raises alerts for immediate problems, but also collects historical information for later analysis, trend prediction and real-time overview.
Monitors services and/or drivers, and notifies you when their status changes or when services/drivers are added or removed. Service controlling ensures that selected services are always in a requested state (running, stopped).
Compliance: EventSentry's service monitoring helps with PCI requirement 6.4.
Continuous alerts generate alerts until a service is running again. Service monitoring can also keep a log of all service changes in the database.
Issues alerts when the available disk space or directory usage is below a certain minimum (absolute or percentage) and detect changes in disk trend usage. You can also collect disk space information in a database and view comprehensive charts (includes disk space charts, disk reports and directory reports) through the web reports. Directory monitoring can monitor selected directories, and large file detection will discover the largest 250 files on a volume to aid with any disk space cleanup task.
Performance monitoring lets you monitor your servers' system and application performance to detect immediate performance issues and analyze performance trends over time.
You can monitor any performance counter available on the monitored system and either be alerted when a counter exceeds a preset threshold or log counter data in the EventSentry database.
Monitors processes (including command line) to make sure the required number of processes is running at all times. Process Monitoring also provides these additional benefits:
Managed security & health validation scripts continuously compare critical settings on your monitored hosts with our baseline, immediately indicating potential risks. These checks identify a wide variety of potential risks, such as:
With the tray app “EventSentray”, your end users can submit support tickets to many common ticketing systems via email or HTTP requests right from the tray with a customizable link. And the best part? Support tickets created by the app not only include pertinent system information (current CPU %, host name, uptime, …) but can also include a current screenshot.
The EventSentray application also provides admins easy access to information like:
Monitors and inventories scheduled tasks from the Windows® Task Scheduler. The inventory capability makes all installed tasks (including tasks nested in sub categories) searchable, including configured actions and triggers. Changes to scheduled tasks are logged to the database and can trigger immediate alerts.
File Integrity Monitoring allows you to be notified and track changes to critical system and user files. File monitoring detects when files are added, deleted or changed (SHA checksums are also supported).
Compliance: EventSentry's file integrity monitoring helps with PCI requirement 11.5.
For every directory you monitor, you can specify which types of changes you are interested in. When a change occurs, you can either have an event logged to the event log (and subsequently receive an alert) and/or log the change to the EventSentry database.
The application scheduler allows you to extend EventSentry's functionality, by integrating your own applications and/or scripts (e.g. batch files, Powershell, VBScripts, Perl Scripts) into EventSentry. Scripts can be embedded into the EventSentry configuration, integrating the deployment of scripts into EventSentry's update process. Your scripts can be scheduled to run at fixed intervals or specific times. Output from command-line scripts can be captured by EventSentry and sent directly to a notification, such as email. This makes troubleshooting failed scripts easy, since any debug output is immediately captured and available to the reviewer.
EventSentry monitors and inventories all installed software (32-bit and 64-bit), patches & updates on all monitored hosts. This provides the user with a software inventory that can be used for licensing purposes, patch management/verification and more. (Un)Installed software is detected in near real-time, and alerts can also be generated when software is installed.
In Hyper-V and VMWare® ESXi environments, EventSentry can inventory all virtual machines and their current status.
On supported network switches, EventSentry will tell exactly on which switch and port a particular device is plugged into, so you never have to manually parse ARP tables or follow cables anymore.
EventSentry also captures basic hardware information, including OS Version, OS features as well as hardware (installed memory, NICs, disk controllers) and more.
EventSentry uniformly alerts you about hardware issues liked failed drives, high temperature and other pertinent issues by forwarding events from the event log(s) via email or other alert types (respective vendor management software / drivers must be installed).
On DELL® and HP® hardware EventSentry also collects data about redundant power supplies, fan speed, temperature, remote access cards as well as installed hard disks and RAID configuration and statuses.
Uptime Monitoring logs the current uptime of a monitored host to the database in a specified time interval. This feature primarily reports the current uptime, but also keeps a history of all recorded uptimes across multiple reboots, which can help isolate problematic servers that are rebooted often. Uptime Monitoring also records the longest uptime ever recorded on any given host.
You can use EventSentry to backup and optionally clear event logs at preset intervals. You determine when to backup which event log and whether the event log should be cleared as well. You can also clear event logs without backing them up.
Compliance: Automated event log backups help with PCI requirements 10.2, 10.3 and 10.5.
You can also configure EventSentry to automatically compress event log backup files (.evt and .evtx) in ZIP format to conserve disk space.
EventSentry can both verify and synchronize the local time with a RFC 1769 and RFC 1305 NTP server (up to version 3), either in addition to an existing time synchronization (e.g. Active Directory) or as the sole mechanism to synchronize time on all monitored servers and workstations.
Compliance: EventSentry's NTP monitoring helps with PCI requirement 10.4.
When the time between a monitored host and the NTP server is out of sync, then EventSentry will attempt to synchronize the time (if configured) and can also log a message to the event log, reporting the detected time difference.
The highly customizable EventSentry Dashboard shows you the overall health status of your network at a glance with easy to read status and historical tiles. The dashboard shows you the following information: