You can export and thus backup the EventSentry configuration by selecting Export from the Home menu of the EventSentry management application. This will save the entire configuration from the registry in a .reg file. Alternatively you can also open up the registry editor e.g. regedit.exe and export the HKEYLOCALMACHINE\SOFTWARE\W...
You can optimize the performance of your database by setting the initial database size to a large number for example 2Gb. Please see the additional link for detailed instructions.
The heartbeat monitoring agent is designed to be installed only on a small number of hosts usually one. It is not necessary and recommended to install the heartbeat agent on multiple computers. The heartbeat monitoring agent will ping and monitor all configured computers from one central location. If you have a large number of computers t...
You can remove information from the EventSentry database using the Maintenance Wizard from the web reports. The maintenance wizard can be found in the MAINTENANCE menu of the web reports. Please see the additional links below for more information.
In order to function correctly the EventSentry agent needs the following: Working configuration in registry Installed Service Installed service executable 1 Export a working configuration from another server running the agent and save it to a file. In our example this file will be called ESAGENT.REG. 2 Copy the following file...
NOTE: Patches can only be applied to the same version the patch was designed for. For example a patch for version 2.90 cannot be applied to a 2.81 installation. Please follow these steps to install a patch and ensure that all computers in your network get the latest executables: DoubleClick the patch and follow the instructions. You sh...
Access to the web reports can be restricted or extended by changing the NTFS permissions of the actual ASP files by default located in \Program Files\EventSentry\Web. To change the permissions navigate to the \Program Files\EventSentry folder using explorer and then rightclick the Web Reports folder. This folder contains all the ASP fil...
By using the 39Embedded Scripts39 feature and the 39Application Scheduler39 feature you can create a script that will write the disk defrag information to your local event logs on a regular basis. 1. Create the following embedded script: defrag.exe Systemdrive a v This should have a BAT or CMD extension so it is run...
Scheduling reports is possible with the nextgeneration web reports which are available at no charge to participants of the EventSentry beta program. The nextgeneration web reports are under active development and new features are adding on a regular basis. The web reports are installed with a separate installer and can be installed along...
You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when the size of a file exceeds a configurable limit. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. You can configure the file with the FILENAME variable and the maximum size of the fi...
You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when a file has not been updated in X seconds. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. You can set the filename with the FILETOCHECK variable and the longest acceptable time the...
You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when a web site or other component e.g. SMTP in IIS is stopped. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. vbscript 39 Lists the state of all IIS web sites configured on th...
The Syslog daemon rsyslog on Ubuntu is configured through the /etc/rsyslog.d/50default.conf configuration file. Follow the steps below to send all Syslog messages from an Ubuntu machine to EventSentry. 1. Open the file /etc/rsyslog.d/50default.conf in an editor. 2. Append the following line to the bottom: . eventsentryserver:514...
In order to monitor a different subnet with the ARP component of the network services first install the network services on a host in the subnet which needs to be monitored: KB275 Once completed install the WinPcap drivers which are required by the ARP daemon. The WinPcap drivers can either be downloaded from the web https://www.wi...
Run the following commands in the terminal: Update all packages: sudo aptget update Install SNMP: sudo aptget install snmpd Next we need to configure multiple entries in the snmpd.conf file there is a manual page located here link to http://netsnmp.sourceforge.net/docs/man/snmpd.conf.html which contains information for additiona...
Run the following commands in the terminal: Update all packages: sudo yum checkupdate Install SNMP: yum y install netsnmp Next we need to configure multiple entries in the snmpd.conf there is a manual page located here link to http://netsnmp.sourceforge.net/docs/man/snmpd.conf.html which contains information for additional conf...
Slack integration can be accomplished with the HTTP action. You can integrate the webhooks api by going to: https://YOURTEAMNAME.slack.com/apps/A0F7XDUAZincomingwebhooks Then Add Configuration you can choose which channel you want the webhook JSON payload to appear on. Once the Slackbot webhooks integration is configured in Slac...
Yes NETIKUS.NET provides a free tool called CheckURL that may be scheduled with the builtin Application Scheduler to confirm the website is displaying the intended content and/or notify you when a particular website has changed. This tool is included as part of the EventSentry SysAdmin Tools. CheckURL can: verify that a web page exist...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Services Locate the appropriate package Services by default expand it and click on Services Add the service that should be excluded to the list. Save the configuration Excluding a service this way ...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Disk Space Locate the appropriate package Disk Space Error or Disk Space Warning depending on the severity of the alert expand it and click on Disk Space Adjust the alert thresholds under Limits Save ...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Disk Space Locate the appropriate package e.g. Database Purge for alerts regarding the PostgreSQL database size expand it and click on Disk Space Click the Directory Monitoring tab Locate the correct ...
File monitoring aka as File Integrity Monitoring FIM monitors directories to detect changes to files as well as files being added and removed from directories. By default EventSentry monitors all files with the .exe and .sys extension in the SYSTEMROOT\system32 as well as SYSTEMROOT\syswow64 directories on x64 systems to ensure that...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Network Time Sync Locate the appropriate package expand it and click on Network Time Sync NTP Adjust the interval tolerance event severity and/or NTP server list Save the configuration To disable N...
EventSentry monitors all scheduled tasks on a system by default and will generate an alert when a scheduled task is added removed or changed. Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Scheduled Tasks Locate the appropriate package expand it and cli...
If you are getting diskspace alerts about a specific drive that is expected to have little or no disk space available such as the destination for a backup then you can create a customized rule to disable alerts on that particular drive. Open the management console Expand Packages and click System Health Click Add on the ribbon to add a...