Knowledge Base

How To'sKnowledge BaseVideosFAQ
  1. Explain the real-time use case of alarm escalation
  2. Explain the use case of Workflow
  3. When to create a device template?
  4. Monitoring Disk I/O performance for application slowness
  5. AD Monitors show N/A
  6. Notification issues in the iOS mobile application
  7. MSSQL 2000/2005 not working - Shows N/A
  8. What are the Troubleshooting Steps for PgSQL 14?
  9. Enabling SNMPv3 on Windows 2003
  10. Enabling SNMPv3 on ESX Server
  11. Installing OpManager as a Linux service
  12. Registering OpManager License
  13. Extending trial license
  14. What is a .ppm file?
  15. Prerequisites for monitoring WAN RTT
  16. Prerequisites for MSSQL as backend DB
  17. Prerequisites to view detailed traffic reports from NFA in OpManager
  18. What to do if the VMware devices are not displayed under the Virtual Devices map?
  19. Why should I install VMware Tools?
  20. What is CIDR?
  21. What is a seed device?
  22. What leads to the error "Interface associated with this link does not exist in OpManager"?
  23. Can't draw a network map! Encounter the message: "No switch links found for this device. Please select different seed device." Why?
  24. Configuring SNMPv3 on a router
  25. Interfaces are not shown in the router maps
  26. Color-coding to show interface status
  27. Monitoring Cisco Routers temperature
  28. Monitoring a specific route or next-hop address of a router
  29. Difference between SNMP Traps and SNMP Monitors
  30. Problem in Switch Port Mapper
  31. What is an SNMP Trap?
  32. What are 'Authentication Failure'  alarms?
  33. What is meant by Rearm Value' in the threshold settings?
  34. Traps not received in OpManager.
  35. Receiving traps on different ports.
  36. Will the layer2 maps work only for Cisco switches?
  37. What is the algorithm Used in OpManager to find the Network Connectivity?
  38. Which IP SLA  should be enabled – udp jitter or RTP or both. What is the difference?
  39. Does OpManager monitor real-time SIP and RTP traffic?
  40. What are the prerequisites for configuring VoIP monitors in OpManager?
  41. Can OpManager monitor LUN on VMware?
  42. What are 'unknown' devices?
  43. What are the different Availability states and their meaning in OpManager?
  44. What is VoIP Codec?
  45. Why is the source router field empty when configuring the VoIP monitor?
  46. Why is incorrect disk space reported for the datastore on an VMware ESX?
  47. Why is 'Disabling interface failed' error message encountered when trying to disable an interface on a Cisco ASA 5500 firewall?
  48. Unable to delete a WAN RTT Monitor.
  49. When moving the database to another SQL server, what kind of permission does it require?
  50. What are the specific default ports that should be open for a server to be monitored by OPManager?
  51. How is traffic utilization calculated in OpManager?
  52. When logging into OpManager with correct credentials, the login page continues to prompt the user with "Please enter the user name". Why?
  53. Error message "Please enter a valid number" is encountered when configuring discovery. Why?
  54. When the WMI disk queue length monitor is enabled in OpManager, what disk is it providing data for? Is it possible to specify which disk it is monitoring?
  55. When configuring script monitors, what is the ideal 'Timeout' to be configured?
  56. What is the minimum monitoring interval configurable for script monitors?
  57. I need to report on IFCIRCUITID and IFALIAS for Discard or Error alerts.
  58. Error: Device already present in the system and Some stray entries found for this device.
  59. Unable to load the Cisco ENVMON MIB. Why?
  60. What is the difference/relationship between the monitoring interval configured for the device category vs that of the monitored interval for a specific monitor?
  61. Applying device template to a device manually classified into a category, the monitors from the template are not associated to the device. Why?
  62. Why does opmanager have to run as root under linux?
  63. What do the different severity levels in OpManager mean?
  64. The database tables in OpManager storing performance data for reporting.
  65. Why does Hyper-V discovery and rediscovery fail sometimes?
  66. Why does data collection fail even though valid credentials have been provided?
  67. Why is OpManager not able to monitor a certain set of URLs?
  68. How can I automate actions like copying, deleting and moving files/folders in a device ?
  69. What would be the possible reason(s) if my agent is not able to contact OpManager server?
  70. What is the difference between Clear, Acknowledge and Delete in Alarms?
  71. What is a BGP Trap?
  72. "Event 10028 - DCOM was unable to communicate with the computer" - Why does this error occur?
  73. How to enable HTTPS in OpManager?
  74. What if the host name used does not match the SSL certificate?

Explain the real-time use case of alarm escalation

Alarm Escalation Rule:

Let us consider a server X which is running a crucial application to the business. When the CPU utilization of server X exceeds 60%, a critical alarm is raised to report the status of the server.

If the alarm is unattended

  • It could result in the unavailability of the server X
  • Unavailabilty of server X will result in business losses

So the following alarm escalation rules are configured for the server X running the business application.

  • Server X has generated a critical alarm and the alarm is unattended for 30 minutes
  • Alarm will be escalated to the Product Head through mail and SMS

Corrective actions will be taken by the Product Head to troubleshoot the issue.

Explain the use case of Workflow

Workflow is a framework offered by OpManager through which tasks can be automated, ensuring ease of network management. Workflow is based on if...else condition. It executes tasks based on conditions, variables and actions defined by the user.

For example, let us consider Server A which runs a crucial business application. When the CPU Utilization of Server A exceeds 60%, a critical alarm is generated. Stopping the MSSQL processes on Server A will reduce its CPU Utilization.

So a workflow can be created based on the same condition. if the CPU Utilization of Server A exceeds 60%, an alarm is triggered and STOP MSSQL PROCESSES - action is executed automatically, ensuring uptime of Server A.

When to create a device template?

The device templates in OpManager contain predefined rules based on which a device is categorized and relevant monitors are associated soon after discovery. The ability to define custom templates for new device types or modify an existing template to accommodate yet another device type in the same template provides great flexibility to administrators.

That said, as an administrator, you will be able to make the best out of this feature if used to its full potential. For instance, some might end up defining a template for every variant of a device type instead of creating one template that can encompass all the variants.

Ideally, defining device templates before you initiate discovery helps in proper classification. Over 650 device templates are available out of the box. If SNMP is enabled on the monitored devices, and if proper credentials are configured in OpManager, most devices fall into the correct category. Modify an existing template or create a new one based on need.

1. When should I modify/update an existing template?

Assume you have purchased a new Cisco 805 router and you would like to monitor it using OpManager. OpManager already has a device template for Cisco 800 series routers with few sysOIDs in these series updated in the template. All you need to do is edit this template to include the sysOID of Cisco 805 router if it is not present already.

2. When should I create new templates?

Scenario 1

Let us now assume you have purchased a Cisco 11000 Series Content Services Switch. OpManager does not have a template yet (this is as of Build no.8721!). Just go ahead and create a new template.

Scenario 2

Assume you have a whole new set of Environment Sensors that are manageable (that supports SNMP). These devices cannot be classified under any of the default categories like servers, routers, switches etc, and deserve a separate category. The managing parameters too differ for this new device type. An ideal situation where you will define a new category view (Eg: Sensors) and define a fresh device template. You can have different models of sensors from the same vendor in a template or even combine Sensors from multiple vendors in the same template.

The steps you'd follow here would be as follows:

3. How to check for SNMP response to sysOID

Even before you proceed to add or modify a template to accomodate a new device type, make sure the device is SNMP enabled and it responds to query from OpManager. Invoke the MibBrowser utility bundled with OpManager to check for response. Let me show you how to check for SNMP response.

1. From OpManager/bin, double-click to execute MibBrowser.bat.
2. In the MibBrowser GUI, enter the device name, the SNMP port, and the read community string (default is PUBLIC).
3. RFC1213 mib is loaded by default. Expand the mib to org->dod->internet->mgmt->mib2 ->system and select sysObjectID from this table.
4. From the toolbar above, click on the Get SNMP Variable icon (7th icon from the left) to see the response in the text area to your right.

Monitoring Disk I/O performance for application slowness

Monitoring basic CPU, Memory and Disk utilization gives a fair indication of where the problem could be, but you need to monitor more than just the resource utilization to actually determine the reason for application slowness.  Multiple system resource parameters or even a single parameter can impact the performance of an application. Let's look at "Disk I/O" - one of key parameters that causes application performance related problems.

Why monitor Disk I/O

The hard disk is one of the slowest components on a server. The hard disk drive bandwidth is around 300 times slower than that of the memory and added to that, memory latency is very low - if you do the math, memory performs around 2000 times faster than that of the hard disk drive. Check out http://nathanaeljones.com/153/performance-killer-disk-io/ for a neat explanation.

So monitoring and keeping the Disk I/O at healthy levels can prevent a lot of application performance hiccups.

Does my server have Disk I/O problems?

Depending on your server, there are different ways of finding Disk I/O. Refer to http://www.performancewiki.com/diskio-tuning.html for the Disk I/O commands on various servers.

Another simple way, and what we recommend ;), is to use OpManager. OpManager monitors Disk I/O out-of-the-box for Windows servers (see screenshot below) and with a few customizations also for Unix-based devices.

Active Directory monitors show N/A

This problem could due to the following reasons:

1)WMI is not configured properly in OpManager (OpManager uses WMI credential to monitor AD servers).
2)Required Monitors are not associated to the device  in OpManager.
3)WMI might not be responding to the OpManager WMI request
4)WMI is not working properly on the device itself.

1)WMI is not configured properly in OpManager (OpManager uses WMI credential to monitor AD servers).

Configure WMI for multiple devices at a time:

1.Go to Admin --> Credential Settings
2.Click New
3.Configure the following parameters and click Add to add the credentials:

Credential Type: Windows
Name: Configure a name for the credential and also provide the description.
Configure the Domain NameU ID and the password (Example:- TestDomainTestUser Testpassword) > Click on "Add".

Associate the above credential using Quick Configuration Wizard to multiple devices:

1. From the Admin tab, select Quick Configuration Wizard.
2. Select the option Associate a credential to several devices and click Next.
3. All the available Credentials are listed. Select the Credential (the one you created above ).
4. Select the devices to which you want to assign the credential from the left column  and move them to the right.
5. Click Finish. The Credential is associated to the selected devices.

Configuring WMI credential using device snap shot page(Single device):

Go to device snap shot page > Click on "Click here to change" option besides Passwords >select "Use the below credential for the device" option >Type in the username (Ex:domainnameuame)  and Password > Click on Test credential (make sure its gets passed) and then Ok to save it.

In case OpManager itself is hosted on the AD server, then leave the username and password blank and click OK,  as local host does not require the credentials.

2)Required Monitors are not associated to the device  in OpManager.

Solution: Adding monitors for AD Monitors:-

Make sure the Category is selected as Domain controller  to have the AD monitors associated automatically to the device.

In case if the monitors are absent go to spacer Active Directory Monitors section of the device snapshot page and add the required AD monitors (Network Monitors ,Database Monitors NTFRS Process Monitors , System Monitors, Performance Counters Monitors and LSASS Process Monitors ).

3)WMI might not be responding to the OpManager WMI request

Solution:Use the wmiadap utility to update the WMI performance classes from the performance libraries. Running wmiadap updates all the performance classes. The /f switch in the below command  forces an update of the WMI classes from the performance libraries.

Step 1:

1. Go to the monitored device.
2. Click Start-->Run,
For Windows 2000 winmgmt /resyncperf' command.
For Windows XP and 2003 'wmiadap /f' command.
3. After running this command about 4 times, wait for an hour and check whether  AD monitors shows data.

Step: 2

1. Go to the monitored device.
2. Click Start-->Run-->services.msc
3. Restart WMI service

4)WMI is not working properly on the monitored device.

Solution: Still if you do not see the counter values, verify  whether OpManager server is able to pull up AD counters information  by executing the following queries.If you are able to pull the information for the following queries OpManager should be able to show the information in the dashboard.

If some of the below query gets the output and some of them not then the respective counters information associated with the non working classes will not be shown on the dash board.

1. From OpManager command prompt go to <OpManagerconfapplicationscripts>
2. Execute the following commands and make sure we get the output from the device.

cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_PerfRawData_PerfNet_Server"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_Processor"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_PerfRawData_PerfOS_System"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_PerfRawData_PerfOS_Memory"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_PerfRawData_NTDS_NTDS"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_PerfRawData_PerfProc_Process"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_OperatingSystem"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_LogicalDisk"
cscript wmiget.vbs devicename domainnameuame password "ROOTCIMV2" "SELECT * from Win32_PerfRawData_PerfOS_Processor"

If you are getting "Invalid class" error message for the above queries then either the corresponding wmi classes are absent or corrupted on the AD server.

Please refer the link below to re-register or rebuild the WMI classes.

http://windowsxp.mvps.org/repairwmi.htm

Notification issues in the iOS mobile application

The OpManager iOS mobile application uses Apple Push Notification service (APNs) to receive remote notifications. The APNs acts as a portal between OpManager and your iOS device. To establish a connection between OpManager and the APNs, we use OPM_APNS_Cert.p12 in OpManager which is available under /OpManager/lib directory.

The existing APNs certificate in OpManager has some issues. This might cause problems with notifications in OpManager iOS mobile application.

Solution:

Step 1: Download the new certificate from this link. (Please note: The MD5Sum Value for the download file is: facc21986f5a99850b1d7be9fae097e0)

Step 2: Stop OpManager service.

Step 3: Under OpManager > lib in the installation directory, replace the existing OPM_APNS_Cert.p12 certificate with the downloaded certificate.

Step 4: Restart OpManager service.

Note: The MD5Sum Value for the download file is: facc21986f5a99850b1d7be9fae097e0

MSSQL 2000/2005 not working - Shows N/A

This problem could due to the following reasons:

1)WMI is not configured properly in OpManager (OpManager uses WMI credential to monitor MSSQL servers).
2)Required Monitors are not associated to the device  in OpManager.
3)WMI might not be responding to the OpManager WMI request
4)WMI is not working properly on the device itself.

1)WMI is not configured properly in OpManager (OpManager uses WMI credential to monitor MSSQL servers).

Solution: Configuring WMI for multiple devices at a time :

1.Go to Admin --> Credential Settings
2.Click New
3.Configure the following parameters and click Add to add the credentials:

  • Credential Type: Windows
  • Name: Configure a name for the credential and also provide the description.
  • Configure the Domain NameU ID  and the password  (Example:- TestDomainTestUser  Testpassword) > Click on "Add".

Associate the above credential using Quick Configuration Wizard to multiple devices:-

1. From the Admin tab, select Quick Configuration Wizard.
2. Select the option Associate a credential to several devices and click Next.
3. All the available Credentials are listed. Select the Credential (the one you created above ).
4. Select the devices to which you want to assign the credential from the left column  and move them to the right.
5. Click Finish. The Credential is associated to the selected devices.

Configuring WMI credential using device snap shot page(Single device):

Go to device snap shot page > Click on "Click here to change" option besides Passwords >select "Use the below credential for the device" option >Type in the username (Ex:domainnameuame)  and Password > Click on Test credential (make sure its gets passed) and then Ok to save it.

In case  OpManager itself is going to be MSSQL server then leave the username and password blank and click OK as we do not require credential for the local host.

2)Required Monitors are not associated to the device  in OpManager.

Solution: Adding monitors for MSSQL Monitors:-

Here are the steps to associate the MSSQL monitors to a device:

1.Go to the snapshot page of a device.
2.Scroll down and select the Monitors tab.
3.Click on Performance Monitors. The monitors are listed on the right.
4.Click the Add Monitor button on the right. A list of monitors is displayed.
5.Click the MSSQL Monitors button on top of this list. The monitors of all the MSSQL parameters are displayed.
6.From this list, select the required MSSQL Monitors and click on  Add > List of MSSQL databases will be listed for which you want to associate Monitors
7.Check mark all the required databases and click on OK , Now you will get a dash board for MSSQL and data will be populated after some time.

3) WMI might not be responding to the OpManager WMI request

Solution:Use the wmiadap utility to update the WMI performance classes from the performance libraries. Running wmiadap updates all the performance classes. The /f switch in the below command  forces an update of the WMI classes from the performance libraries.

Step 1:

1. Go to the monitored device.
2. Click Start-->Run,
For Windows 2000 winmgmt /resyncperf' command.
For Windows XP and 2003 'wmiadap /f' command.
3. After running this command about 4 times, wait for an hour and check whether MSSQL monitors shows data.

Step: 2

1. Go to the monitored device.
2. Click Start-->Run-->services.msc
3. Restart WMI service

4)WMI in the device is not working properly.

Solution: Still if you do not see the counter values, verify  whether OpManager server is able to pull up MSSQL counters information  by executing the following queries.If you are able to pull the information for the following queries OpManager should be able to show the information in the dashboard.

If some of the below query gets the output and some of them not then the respective counters information associated with the non working classes will not be shown on the dash board.

1. From OpManager command prompt go to <OpManagerconfapplicationscripts>
2. Execute the following commands and make sure we get the output from the device.

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerBufferManager "

Example:OpManagerconfapplicationscripts>cscript wmiget.vbs MSSQLSERVER1 TestUame Password  ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerBufferManager "

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerCacheManager "

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerPlanCache "

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerDatabases"

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerGeneralStatistics "

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerReplicationAgents "

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerLocks"

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerMemoryManager"

cscript wmiget.vbs <Devicename or IP> <DomainnameUame> <Password> ROOTCIMV2 "Select *  from Win32_PerfRawData_MSSQLSERVER_SQLServerGeneralStatistics"

If you are getting "Invalid class" error message for the above queries then either the corresponding wmi classes are absent or corrupted on the MSSQL server.

Please refer the link below to reregister or rebuild the WMI classes.

http://windowsxp.mvps.org/repairwmi.htm

PgSQL 14 Troubleshooting Steps

Problem 1

While applying a service pack (.ppm file) upgrade in a Windows system (For versions 12.7.000 and above) with PostgreSQL as the backend, the following error message is shown:

Troubleshoot PGSQL 14

Identifying the problem:

Command to identify whether dll missing problem exist:

where /r %SystemRoot%\System32 api-ms-win-crt-stdio-l1-1-0.dll api-ms-win-crt-string-l1-1-0.dll api-ms-win-crt-runtime-l1-1-0.dll
where /r %SystemRoot%\SysWOW64 api-ms-win-crt-stdio-l1-1-0.dll api-ms-win-crt-string-l1-1-0.dll api-ms-win-crt-runtime-l1-1-0.dll

Output if dll is missing:

C:\Program Files\ManageEngine\OpManager->where /r C:\Windows\System32 api-ms-win-crt-stdio-l1-1-0.dll api-ms-win-crt-string-l1-1-0.dll api-ms-win-crt-runtime-l1-1-0.dll
INFO: Could not find files for the given pattern(s).

C:\Program Files\ManageEngine\OpManager->where /r C:\Windows\SysWOW64 api-ms-win-crt-stdio-l1-1-0.dll api-ms-win-crt-string-l1-1-0.dll api-ms-win-crt-runtime-l1-1-0.dll
INFO: Could not find files for the given pattern(s).

Output if dll exists:

C:\Program Files\ManageEngine\OpManager->where /r C:\Windows\System32 api-ms-win-crt-stdio-l1-1-0.dll api-ms-win-crt-string-l1-1-0.dll api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\System32\downlevel\api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\System32\downlevel\api-ms-win-crt-stdio-l1-1-0.dll
C:\Windows\System32\downlevel\api-ms-win-crt-string-l1-1-0.dll
C:\Program Files\ManageEngine\OpManager->where /r C:\Windows\SysWOW64 api-ms-win-crt-stdio-l1-1-0.dll api-ms-win-crt-string-l1-1-0.dll api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-stdio-l1-1-0.dll
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-string-l1-1-0.dll

Solution:

For the above error traces, check the below files present under \System32 and/or \SysWOW64 folders.

  • api-ms-win-crt-stdio-l1-1-0.dll
  • api-ms-win-crt-string-l1-1-0.dll
  • api-ms-win-crt-runtime-l1-1-0.dll

If the above dll files are missing in the above mentioned file path, the Universal C Runtime in Windows should be updated.

Enabling SNMPv3 on Windows 2003

In Windows 2003 Server, SNMP service is available which supports onlySNMP version v1 and v2c. If you want to add SNMPv3 support, you need toinstall snmpv3 supported agent. Download the Net-Snmp Agent tosupport the same.

Please follow the below steps to install snmpv3 agent.

1. First Download the Active Perl from the below link
http://downloads.activestate.com/ActivePerl/Windows/5.10/ActivePerl-5.10.0.1002-MSWin32-x86-283697.msi

2. Install the Active perl first. Also you need to install the OpenSSL.

3. Download the exe of NetSnmp Agent from the below link
http://sourceforge.net/project/showfiles.php?group_id=12694&package_id=162885

4. Install the Net-Snmp Agent.

5.After installing the netsnmp agent. Herewith I have attached the conffile, Please rename the snmp.conf.txt as snmp.conf and snmpd.conf.txtas snmpd.conf. Copy the the snmpd.conf and snmp.conf under thedirectory c:utcsnmp

6. Then register the agent by executing registeragent.bat file and run the below command in command line to start the agent.
net start "net-snmp agent"

7. Now the agent is started at port 8001.

Releated Links:

http://www.netadmintools.com/art487.html

Enabling SNMP on ESX Server

To enable SNMP on ESX Server version 3.5:

1. Login as root
2. Edit the snmpd.conf file and add "rocommunity xxxx" where xxxx is your read-only community string). The file is uusually located in /etc/snmpd.
3. While you're editing the snmpd.conf file, also add "dlmod SNMPESX /usr/lib/vmware/snmp/libSNMPESX.so"
4. Restart the SNMP daemon - /etc/init.d/snmpd restart

In some cases, you may also need to edit the firewall settings on the ESX server to allow the SNMP traffic through. To do this:

Login as root and issue the following commands:
2. esxcfg-firewall -e snmpd
3. chkconfig snmpd on
4. service snmpd start

For more information, visit the VM Ware page on how to configure SNMP on the ESX Server.

Installing OpManager as a Linux service

You can run OpManager as a Unix Service.


Follow the steps mentioned below to install OpManager as a service on a linux box.

1. Copy the content given in blue below to a text file and save it to /etc/init.d directory as opmanager.

#!/bin/bash
#
# Startup script for the pmagent
#

# chkconfig: 345 99 02
# description: Run the OpManager 5 program

INITLOG_ARGS=""

prog="opmanager"
progname="AdventNet ManageEngine OpManager"
RETVAL=0
# Edit the following to indicate the 'bin' directory for your installation
MDIR=/usr/local/OpManager/bin
PRG=$MDIR/opmanager


if [ ! -d "$MDIR" ]
then
echo "Invalid directory $MDIR"
exit 1
fi

start()
{
mv -f /var/log/opmanager.log /var/log/opmanager1.log
echo "Starting $progname"
cd $MDIR
nohup sh StartOpManagerServer.sh >/var/log/opmanager.log 2>&1 &
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/OpManager
}

stop()
{
echo "Stopping $progname"
cd $MDIR
sh ShutDownOpManager.sh admin admin >>/var/log/opmanager.log 2>&1
}

case "$1" in
start)
start
;;
stop)
stop
;;
*)
echo "Usage: $prog {start|stop}"
exit 1
;;
esac

exit $RETVAL



mv /etc/init.d/opmanager.txt /etc/init.d/opmanager

2. Edit the MDIR variable in this file which should point to the bin folder of OpManager Installation directory. Typically, the default installation folder on a Linux box will be /root/ManageEngine/OpManager/bin. Hence the value for MDIR will be

MDIR=/opt/ManageEngine/OpManager/bin

3. Provide executable permissions for this script using

chmod 755 /etc/init.d/opmanager

4. Use chkconfig command to add opmanager as a service

chkconfig --add opmanager

You can start OpManager in the nohup mode so you don't have to worry about the service being terminated when the console is closed. The service will continue to run in the background. Make these changes in the start and stop script files of OpManager:

in start
nohup /opt/ManageEngine/OpManager/bin/StartOpManagerServer.sh

in stop
nohup /opt/ManageEngine/OpManager/bin/ShutDownOpManager.sh

You might encounter errors such as 'command not found'. Its possible that few relevant library files are not available on the system on which you are trying to install OpManager. Install the packages and proceed with OpManager installation. For instance, if you encounter such an issue in Ubuntu, here is what you need to do:

 

$ apt-get install libnewt0.51
$ ln -s /usr/lib/libnewt.so.0.51 /usr/lib/libnewt.so.0.50
$ wget http://www.tuxx-home.at/projects/chkconfig-for-debian/chkconfig_1.2.24d-1_i386.deb
$ dpkg --force-all -i chkconfig_1.2.24d-1_i386.deb

Source : http://ubuntuforums.org/archive/index.php/t-20583.html

Registering OpManager License

1. In the Client window, click Register link on the menu bar.

2. Browse and select the Registered License file (AdventNetLicense.xml) provided to you and click Register.

3. Verify the licensing details displayed in the page and click Close.

If you are applying the Registered License after expiry of the evaluation license then do the following:

1.Start the server. You will see the message "Trial Period has Expired".

2. Click OK to enter the License details.

3. Browse and select the Registered License file (AdventNetLicense.xml) provided to you and repeat the steps mentioned above.

Extending trial license

You need to procure the extended trial license from Manageengine. This is provided purely on discretion. Send an email request to sales@manageengine.com 

What is a .ppm file?

It is an abbreviation for Package for Patch Manager and has nothing to do with Perl. The File with .ppm extension is known to work with the Update Manager tool which is bundled with AdventNet Products. This tool helps to upgrade to the newer version keeping the data intact. In OpManager,you can access this tool using Start -> Programs ->ManageEngine OpManager -> Update Manager. Alternatively, you canalso invoke the tool from /opmanager/bin/UpdateManager.bat/sh.

Prerequisites for monitoring WAN RTT

The OpManager WAN RTT Monitor monitors the latency between two locations usingCisco's IP-SLA, therefore either of the locations should have the Cisco router enabled with IPSLA agent which will act as a source and the target can be any IP in the other location(Need not be a cisco router).

Prerequisites for MSSQL as backend DB

OpManager can create a database and its tables only if the MSSQL account has DBOwner privilege.  It connects to MSSQL server using SQL username and password.  So have to enable SQL authentication.

For default MSSQL instance,port number will be 1433.
http://msdn.microsoft.com/en-us/library/ms177440.aspx
http://support.microsoft.com/kb/823938
For named instance, DB host should be entered as hostnameinstancename

Prerequisites to view detailed traffic reports from NFA in OpManager

To view the detailed traffic report from Netflow Analyzer, the prerequisites are,

  1. Netflow Analyzer must be up and running in your network
  2. The interface whose traffic you would like to monitor must be discovered in both, OpManager and Netflow Analyzer.
  3. The NetFlow Analyzer settings must be configured properly in OpManager

What to do if the VMware devices are not displayed under the Virtual Devices map?

If the device has been added successfully, but not displayed under the Virtual Devices map, search for that device. Go to its snapshot page and look for the device type. If it is mentioned as ‘unknown’, wrong credentials might have been provided or it is not reachable during discovery. Provide the correct credentials and click on ‘Rediscover Now’ under Actions tab in the snapshot page, to discover it as an ESX host.

Why should I install VMware Tools?

OpManager, with the help of installed VMware Tools, identifies the IP address of the VM and maps it to the host. In case the VMware Tools are not installed, OpManager discovers it using VM's entity name. You can assign the IP address for such VMs in the host snapshot page (screenshot of the same is given below). Click on the 'No IP Address' link corresponding to the VM to assign the IP address for that VM. Similarly, you can click the assigned IP address to choose another one as the primary IP for that particular VM.

What is CIDR?

CIDR, short for Classless Inter-Domain Routing, is a replacement for the older Classful network addressing architecture that was in use since 1981. CIDR was introduced in 1993 to address the issue of IP address shortage.

The CIDR method divides the address space for Internet Protocol Version 4 (IPv4) into five address classes. Each class, coded in the first four bits of the address, defines either a different network size, i.e. number of hosts for unicast addresses (classes A, B, C), or a multicast network (class D). The fifth class (E) address range is reserved for future or experimental purposes. Now, IPv6 is fast replacing IPv4 allowing huge expansion for more users and devices on the internet.

What is a seed device?

A seed device is the core switch in your network. The switch must have SNMP-enabled so that OpManager is able to query the device and draw the links automatically, showing the connectivity of all the devices on your network. As changes happen to the networks frequently, OpManager allows you to configure an interval (in days) to re-draw the map. For instance, if a change happens once in a week, you can configure OpManager to re-draw the map every seven days.

What leads to the error "Interface associated with this link does not exist in OpManager"?

After layer 2 discovery and mapping, whenever a link on the map is clicked, the error "Interface associated with this link does not exist in OpManager", pops up.

The interface link connected between the two network devices may not be added in OpManager. Hence the pop up message.  for instance, lets say Router1 is connected to Router2 through interface Ethernet0/0 of Router1.  In case the Ethernet0/0 interface is not added in Router1, you will encounter the above error. Once you add the interface in Router1 by rediscovering the interfaces and try to draw the map, you will get the interface traffic details in the pop up message.

Can't draw a network map! Encounter the message: "No switch links found for this device. Please select different seed device." Why?

This error is encountered when configuring a seed file for Layer2 mapping.

In order to get the networks map, the switches should support SNMP protocol. The mibs that are used to find the connectivity between network devices are given below,

i) BRIDGE-MIB
ii) RFC-1213-MIB
iii) CISCO-CDP-MIB.

Most other vendors switches support Bridge MIB. So for non-Cisco-devices, we can get the connectivity details from this mib. If you still encounter the error, it is due to OpManager using RFC1213 and ipRouteTable to create the maps. This RFC has been deprecated and has been replaced by RFC2096 and ipCidrRouteTable. This can be replicated with Mib Browser. Try to see if your device is compliant with RFC1213 or RFC2096. There should soon be a patch from the team to ensure that all devices are mapped correctly.

Configuring SNMPv3 on a router

Here are the steps to configure SNMPv3 on arouter. Lets configure a privileged User called Henry with the relevant details below.

  • username : Henry
  • authProtocol : MD5
  • privProtocol : DES
  • authPassword : authUser
  • privPassword : privUser
  • contextname : priv

Configure the user in router using the following commands,

1. First telent the router .

2. Check whether the engineID is already configured or not using the below commands

show snmp engineID

If it shows engineID details so there is no need to issue the belowcommands. If the above command gives empty result, issue the belowcommand.

snmp-server engineID local 8000063000100a1ac151003

3. Create the view for read / write / notify.

snmp-server view readview internet included

snmp-server view writeview internet included

snmp-server view notifyview internet included

4. Create the user

snmp-server user Henry privGroup v3 auth md5 authUser priv des56 privUser

5. Map the user with group.

snmp-server group privGroup v3 priv read readview write writeview notify notifyview

Thats all.. Snmp V3 is correctly configured in that Router.

Now to check whether its done properly do a snmpwalk using the following command

snmpwalk -d -v 3 -a MD5 -A authUser -l authPriv -u Henry -x DES -X privUser <TargestHostName>:<TargetPort> system

Ex: snmpwalk -d -v 3 -a MD5 -A authUser -l authPriv -u Henry -x DES -X privUser proto-test3:161 system

If you can see some reply in the command line it really works Smile

For Detailed information on SNMP v3 configuration on Routers please check the below link

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html

Now add a new Credential in OpManager under Admin --> CredentialSettings with those relevant details and add a new device to OpManagerand then check whether it helps. Do let me know how it works.

Interfaces are not shown in the routers map.

Some users experience the issue of 'missing interfaces' when viewed in the Infrastructure view. Understanding how discovery of interfaces happens in OpManager will make the reasons easier to understand.

OpManager queries the ifTable and ipAddrTable of RFC1213-MIB with configured SNMP  parameters for that device in OpManager. For the ifIndexes(OID: .1.3.6.1.2.1.2.2.1.1) present in ifTable , if there is an ipAdEntAddr(OID: .1.3.6.1.2.1.4.20.1.1) in ipAddrTable then that will be added as an interface in SnmpInterface table along with its properties like speed, index, description, phyMedia, phyAddress and parent-device. If the address is pingable then the interface will be a managed one otherwise added as unmanaged interface. If the ifType is loopback or the ipAdEntAddr is 127.0.0.1 that interface will not be added. In OpManager the number of indexes present in ifTable are taken . If the interfaces don't have an IpAddress, then OpManager adds them in the format IF-<primary ip address of Router>-index along with its properties.If the device has more than two interfaces and ipForwarding(OID: .1.3.6.1.2.1.4.1) is enabled then that will be categorized as Router.

However,for devices other than Router, the unnumbered interfaces,the interfaces that have an ifIndexe but does not have an ipAddrEntAddr in ipAddrTable, will not be added.

If the Router is misconfigured, like two addresses hold same index in ipAddrTable then last one will be added while first one will not be added and so will be missing from the Router view.This limitation is because for us index is a key so no duplication is entertained in that.

To resolve this issue, check if is there anything wrong with the routers IOS if duplication of indexes is there and fix those issues.  Following this, delete and re-add the device.

Color-coding to show interface status

Admin Operational Status Colour coding
Down Up/Down Critical Red
Up Up Clear Green
Up Down Trouble Orange
Up Dormant(Ready to receive/ transmit packets) Clear Green
Up Not Present /Unknown/testing Attention Yellow

If the Admin and Operational status are UP, and also the threshold is violated for any of the monitor in the interface, the port will be moved to the trouble state (Orange color).

Monitoring Cisco Routers temperature

If the SNMP Agent responds to the Temparture OID from the Cisco-ENVMON MIB, then you can monitor the Cisco Router Temperature in OpManager

Monitoring a specific route or next-hop address of a router

First,we need to make sure that the route to be monitored is in the Routing table of the router.To check this,please run the show IP route in the privileged mode.

For example :

cisco2811#show ip route

Gateway of last resort is 192.168.118.2 to network 0.0.0.0

C 192.168.118.0/24 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 192.168.118.2

As seen above,the route for network address 192.168.118.0 exists in the routing table (in this case it is directly connected)

If the next-hop address for the network address 192.168.118.0 is known we can monitor this route.

In Default RFC-1213MIB,we have the OID IPRouteNextHop (.1.3.6.1.2.1.4.21.1.7) this will provide the entire routing table information.

ipRouteNextHop.0.0.0.0:-->192.168.118.2
ipRouteNextHop.192.168.118.0:-->192.168.118.23

As seen in the above output,the next-hop address is 192.168.118.23 which is the expected behavior.

In order to monitor this specific route of 192.168.118.0,we can append the network address with the above mentioned OID i.e. 1.3.6.1.2.1.4.21.1.7. 192.168.118.0

So,for this OID (.1.3.6.1.2.1.4.21.1.7. 192.168.118.0) the Output in MIB will be the IP of the next hop.

Once you find the OID of the Specified Route, you can easily monitor the Route by adding custom SNMP monitor.

Add the IP address as a string OID by unchecking the Numeric box.

If the next hop does not contain this IP address(192.168.118.0) it can be set as the threshold value and you will get the alarm. If it contains this IP address (192.168.118.0) it can be set as the rearm value where there is no alarm or alarm is cleared.

Now associate the monitor to the device.

Difference between SNMP Traps and SNMP Monitors

S.No SNMP Monitors Traps
1 Pull Model: OpManager sends SNMP request to the SNMP agent running on the monitored device and receives the response. Push Model: Monitored device(SNMP agent) sends messages in the form of traps to the trap destination(OpManager)
2 Communication: both ways(UDP 161) One way. Only from device to trap destination (UDP 162)
3 SNMP requests can be scheduled using monitoring intervals. Traps are spontaneous. They will reach the destination as soon as they are generated.
4 Custom SNMP monitors can be created for the non default metrics. These monitors convert the raw SNMP response into a meaningful metric with unit. Custom SNMP Trap processors are can be created for the new trap messages. They process the trap messages and convert them into meaningful alarms.
If there is no trap processor, traps will be dumped under Alarms-->Unsolicited traps.
5 SNMP community string is mandatory to get a SNMP response Community string is not mandatory to receive the trap message.

Problem in Switch Port Mapper

Switch Port Mapper does not display the MAC Address and the IP Address fully.
The Router input may not be specified or the ARP cache may not be updated.

1. The Router input is not specified. Enter the Router name to map the MAC Addresses to IP Addresses. The Router should be in the same subnet as that of the devices connected to the switch.

2. If the router input is not given, the information is obtained from the ARP cache of the switch. A cache file is also maintained locally to store this information. Perform a ping scan of the subnet to update the cache and then perform Switch Port mapping. This will improve the MAC to IP resolution.

If the above things are correct, please do the steps below

1. Open the MIB Browser from <OpManager>\\Bin Folder
2. Host Name ( Switch Name )
3. provide the community String of this device
4. Click on Load MIB and load the BRIDGE.MIB
5.Now try to query these values  BRIDGE.MIB -->> mib2-->>.iso -->> org -->> dod -->> internet-->> mgmt-->> mib-2 -->> dot1dBridge -->>dot1dTp -->>dot1dTpFdbTable -->> dot1dTpFdbEntry -->>dot1dTpFdbAddress

Try to query these values. If you get repliesalong with the MAC Address thenthe values will be displayed in the SWITCH PORT MAPPER.

What is an SNMP Trap?

Traps are cryptic messages of a fault that occurs in an SNMP device. SNMP traps are alerts generated by agents on a managed device. These traps generate 5 types of data:

  • Coldstart or Warmstart: The agent reinitialized its configuration tables.
  • Linkup or Linkdown: A network interface card (NIC) on the agent either fails or reinitializes.
  • Authentication fails: This happens when an SNMP agent gets a request from an unrecognized community name.
  • egpNeighborloss: Agent cannot communicate with its EGP (Exterior Gateway Protocol) peer.
  • Enterprise specific: Vendor specific error conditions and error codes.

What are 'Authentication Failure' alarms?

Authentication failure alarms are raised due to some monitoring system trying to access the device with wrong community strings. It may be opmanager or some other monitoring system installed in your network sending snmp queries with wrong community strings.

Configure the correct community strings. In Opmanager it is under Configure--> Passwords. Also check other installations of opmanager or third party monitoring applications for wrong community strings.

If you need to know a clear picture on this issue, like which device sends the wrong SNMP community string. Install a packet sniffer software(www.ethereal.com) on the device which sends the authentication traps and capture packets. By analyzing the capture packets, you can find the device which sends the SNMP query with wrong community string. Send us the captured packets for analysis along with IP address of OpManager server and from device which youre getting authentication traps.

What is meant by Rearm Value' in the threshold settings?

Rearm value is the value which the determines the monitor has restored to normal condition. For instance, the threshold condition for a memory monitor is selected as greater than [>] and the threshold value is configured as 75. The monitored memory value of that device is 80. Now alert is raised and the monitor is in violated condition. At the next poll the monitored value is 72. An alert for returning to normal condition is generated. At the next poll again the monitored value goes to 80. Again a threshold violation alert is generated. In order to avoid this, enter the rearm value. Only if the monitored value reaches the rearm value the monitor goes to the normal condition and a normal alert is raised. Note: If you select threshold condition greater, then the rearm value should be lesser than the threshold value and vice versa.

Traps are not received in OpManager

Check below for the possible reasons for not receiving the traps and its corresponding resolution.

1. Trap port might be occupied in opmanager server. ---> Make sure the that trap port of OpManager is not occupied by trap service of Operating System (ie) port 162 should be free. If not free it and restart opmanager.

2. Device might not be monitored in OpManager. --> Device should be added in OpManager to receive the traps from that device.

3. Trap destination might be wrong --> OpManager server should be the trap destination for the device which sends traps.

If the issue persists, follow the steps below to check whether the trap is received properly on the OpManager server.

1. Stop OpManager. Make sure the port 162 is not occupied.

2. Open the file MibBrowser.bat located under \OpManager\bin folder.

3. Go to View --> Trap Viewer and check whether the traps are received properly.

4. If the traps are not received in the trap receiver, the traps are not reaching the OpManager server and you can sort that problem which will make OpManager receive the traps.

5. If you are receiving the traps on the trap processors and not on OpManager, contact Support.

Receiving traps on different ports

Edit the file "trapport.conf" under /OpManager-Home/conf. Change the port from 162 to the one you wish.  Restart OpManager for the changes to take effective.

Will the layer2 maps work only for Cisco switches?

No, Layer-2 maps work for non-Cisco devices as well. You might sometimes encounter the error,"No switch links found for this device. Please select different seed device" when trying to draw network maps for non-Cisco devices. To get the Layer-2 maps for other vendor switches, it must meet the following criteria:

  • the switches must support SNMP protocol
  • must have the BRIDGE-MIB implemented (most vendoes support this MIB)

If you still encounter the error, it is due to OpManager using RFC1213 and ipRouteTable to create the maps. This RFC has been deprecated and has been replaced by RFC2096 and ipCidrRouteTable. This can be replicated with Mib Browser. Try to see if your device is compliant with RFC1213 or RFC2096. There should soon be a patch from the team to ensure that all devices are mapped correctly.

What is the algorithm Used in OpManager to find the Network Connectivity?

There are many mechanisms available to find the network connectivity. OpManager uses the general algorithm to find out the connectivity between switches, routers and network devices using SNMP. Layer 2 network connectivity falls under the category as mentioned below.

i) Router to Router connectivity.
ii) Switch to Switch connectivity.
iii) Switch to Network devices such as Router, Firewall, Access Point connectivity.
iv) Router to subnet connectivity.
v) End devices connected to a switch.

Router to Router connectivity / Router to subnet connectivity :

The routing algorithm is configured on all the routers and routing table details can be fetched from the router by querying ipRouteTable of RFC1213-MIB. The ipRoutable table contains an entry for each route present in the router.

The oids that we query are,

This routing table contains both direct and indirect routing path from a particular device. This implies that the router interface is directly connected to another router interface without intermediate switch or hub.

ipRouteDest - The destination IpAddress of this routing path may be network address or a router ip address.
ipRouteIndex - The interface through which the next hop of this routing path should be reached.
ipRouteNextHop - The ipaddress of the next hop of this routing path. It contains either source ipaddress i.e same ip address in case it is connected to a network or connected router ip address.
ipRouteType - The type of this routing path ( direct, indirect, invalid etc).

If routing type is direct it implies that we can reach the subnet which is specified in the ipRouteDest through this interface and the next hop contains the same ip address of this router. The interface can be identified by the route index value. So we will obtain the router to subnet connectivity as switch link object. The switch link object is formed in such a way that source --> destination along with connected interface.

If routing type is indirect, it means that the router is connected to another router.  We have the source router and remote router ip address, which is obtained in the next hop node, and the interface index. So we will determine the router to router connectivity.

For example,  Router 192.168.112.7's iproutingTable output,

The router 192.168.112.7 is connected to 192.168.116.12 via 192.168.112.7's interface 2.   Also the subnet 192.168.112.0 is reached via this router.

Switch to Switch Connectivity

The management information base (MIB) objects required to find the switch connectivity is as follows:

OpManager implements the Topology discovery algorithm which is explained in "Ip Network Topology Discovery using SNMP" ( Click the link). To find the switch to switch connectivity OpManager uses the values in the above table. The Bridge mib  dot1dTpFdbTable contains MACAddress of the device which is reachable via this switch as well as port  and status info. The dot1dTpFdbStatus can  be in one of the five states- other ( 1 ) , invalid ( 2 ) , learned ( 3 ) , self ( 4 ) , mgmt ( 5 ). The type learned refers to active device connection. OpManager considers this type alone to find out the connectivity. This table has macaddress with port relationship and its corresponding ifIndex is obtained by querying the dot1BasePortTable.  This gives only mac address of the device, so ipaddress of the device is obtained by querying RFC1213-MIB's ipNetToMediaTable.

The main algorithm is

1. Switch set = Filter the L2, L3, L4, and L7 switches that support Bridge MIB
2. Switch pair set = Make pairs of switches; if there are n switches there will be n2 sets
3. For each switch pair set, for ex: { Si, Sj}
a) Get the set of MAC for Si i.e., {Mia..Mil} from ifPhyaddress
b) Get the set of MAC for Sj i.e., {Mja..Mjk} from ifPhyaddress
c) If AFT of one of the dot1dBasePortEntry (Pi and Pj) of Si and Sj has at least one MAC address Mil and Mjk of each other

then

i) Get the mapping of Pi and Pj with the ifIndex Ifi and Ifj
ii) Set the connectivity of Si and Sj for interface Ifi and Ifj
iii) Store the connectivity information in database.

Switch to network device connectivity using CDP

Cisco Discovery Protocol (CDP) is propitiatory data link layer protocol which is developed by Cisco system. It is used to share information about directly connected Cisco devices. The above details are obtained by querying the tables below:

  • cdpCacheIfIndex - The interface by which the device is reached i.e ifIndex of the cisco device.
  • cdpCacheAddress - IpAddress of the device which is connected to this cisco device.
  • cdpCacheDevicePort - The connected device's interface or port description.

When the above table is queried, OpManager forms the switch link between the cisco device and the connected devices. This is because this table has the ip address of the connected devices as well as the details of interface through which it is connected.

Which IP SLA should be enabled – udp jitter or RTP or both. What is the difference?

You need to enable UDP jitter.

UDP Jitter Operation Vs RTP VoIP Operation

UDP Jitter is an operation that sends a stream of UDP test packets specially crafted for performance measurement. There is another operation called "RTP VoIP". There are fundamental differences between the two:

RTP VoIP sends a real RTP stream, while UDP Jitter sends a simulated stream. Both looks the same from the outside, but RTP VoIP packets contains a real RTP stream.

RTP VoIP uses and requires at lease one hardware codec to run. It needs DSP resources and voice interfaces to run on.

RTP VoIP will compute the MOS score based on the delay and number of DSP frames lost. UDP Jitter provides IP-based metrics, while RTP VoIP provides DSP-based metrics.

RTP VoIP is an operation that is very specific for VoIP, and UDP Jitter is more generic.

RTP VoIP is not designed to be deployed at large scale, while UDP Jitter is.

It is recommended to use UDP Jitter as much as possible, and it will be enough for the large majority of the cases. When more detailed information is needed, or for troubleshooting purposes, an RTP VoIP operation can be triggered on demand at specific time and location. RTP VoIP is not meant to replace UDP Jitter.

Courtesy: Info sourced from here:
http://docwiki.cisco.com/wiki/IOS_IP_SLAs_UDP_Jitter_Operation_Technical_Analysis

Does OpManager monitor real-time SIP and RTP traffic?

OpManager uses IP SLA's UDP jitter operation  to determine the connection jitter, round-trip-time, packet loss and latency. It therefore uses this synthetic traffic to simulate traffic close to the real time traffic and does not monitor it real time. The function of IPSLA is to identify quality issues proactively by simulating the real time environment.

The need to use synthetic traffic can best be illustrated with an example. Let us assume that a call is scheduled for your CEO with a prospective client at 3.00 PM on a particular day. For some reason, the VoIP connectivity breaks at around 2.30 PM and the concerned people are not aware.  Imagine you or the CEO discovering the issue just when the call commences! This is a situation a VoIP administrator would dread to be in. This is where, the method of sending synthetic traffic over the same WAN link through which traffic flows real time, helps.. You would have identified the packet drop much earlier and could have worked around the bottleneck much earlier.

What are the prerequisites for configuring VoIP monitors in OpManager?

OpManager primarily relies on Cisco's IP-SLA for monitoring the VoIP QoS metrics between two locations, therefore both the locations should have Cisco Router enabled with IPSLA agent. From IOS Version 12.3(14)T all Cisco routers support monitoring of VoIP QoS metrics

When you want to test a link from your office to another location, you need  a Cisco router enabled with IPSLA agent ( IOS version 12.4 or later )  at each end.

Can OpManager monitor LUN on VMware?

Yes, OpManager has extensive disk monitors, with graphical reports for the following:

  • Disk I/O usage
  • Disk Read Speed
  • Disk Write Speed
  • Disk Read Requests
  • Disk Write Requests
  • Disk Bus Resets
  • Disk Read Latency
  • Disk Write Latency

OpManager pulls the details via the API, so make sure you configure the VMware credentials properly. You can access the monitor details from the host snapshot page and can see the reports on per VM basis too. Here's a screenshot for reference:

What are 'unknown' devices?

To start with, it is important to understand how OpManager categorizes the devices into servers, routers, switches etc. OpManager relies on industry standard protocols like SNMP, CLI, and WMI to 'identify' the devices. SNMP is the standard protocol across all device categories while CLI is specific to Unix-based servers, and WMI is specific to Windows environment.

A device is grouped under 'Unknown' devices view due to the following reasons:

  • Does not have one of these protocols enabled.
  • In-correct user name and password or a user does not have the required privilege. For instance, WMI expects the user to have domain administrator's privilege.
  • An antivirus or a Firewall does not allow OpManager to access.
  • Network configuration that restricts access to some information on the systems in your network.
  • Few security settings in case of Windows environment that dis-allows access.

Devices classified under 'Unknown' category

So, even if OpManager is able to ping and discover the device successfully, it does not know where to put the device and therefore classifies it under 'Unknown'! If you find any of your servers or other infrastructure device missing in the relevant category map, select the Maps --> Unknown category view and check if it is present here. You can move such devices to the relevant category, or rediscover them after enabling the SNMP/ CLI/WMI protocol and configuring the credentials.

What are the different Availability states and their meaning in OpManager?

Here are the Availability STATE information:

1. ACTIVE = 1 corresponds to the Device in UP state.

2. DOWN = 2 corresponds to the Device in DOWN state.

3. DEPENDENT_UNAVAILABLE = 3 corresponds to the DEPENDENCY DEVICE's down state.

4. ON_HOLD = 4 corresponds to the state when the Device is UNMANAGED ( like via Actions -> UnManage )

5. ON_MAINTENANCE = 5 corresponds to the device state when it is part of a DOWNTIME SCHEDULE that is in progress

6. PARENT_DOWN = 6 corresponds to the interface state when the parent ( device on which the INTERFACE is present) is down

7. PARENT_UNMANAGED = 7 corresponds to the interface state when the parent ( device to which the INTERFACE is present ) is UNMANAGED

In the database,this STATE column is present in the ManagedObject Database table

What is VoIP Codec?

Codecs (Coder/Decoder) serve to encode voice/video data for transmission across IP networks. The compression capability of a codec facilitates saving network bandwidth and it is therefore appropriate that you choose the correct codec for your IP network. Here is a quick reference to the codecs with the corresponding packets size and bandwidth usage:

Codec & Bit Rate (Kbps) Operation Frequency Default number of packets Voice Payload Size Bandwidth
MP or FRF.12
(Kbps)
Bandwidth
w/cRTP MP or FRF.12
(Kbps)
Bandwidth
Ethernet
(Kbps)
G.711a/u
(64 Kbps)
60 msecs by default. You can specify in the range of 0 - 604800 msecs. 1000 160 + 12 RTP bytes 82.8 Kbps 67.6 87.2
G.729
(8 Kbps)
1000 20 + 12 RTP bytes 26.8 Kbps 11.6 31.2

Why is the source router field empty when configuring the VoIP monitor?

In order to monitor VoIP between two locations, you need to specify the links that you want to monitor using OpManager, that is, specify the source and target. The source router (Cisco router with IP SLA agent enabled) must be discovered in OpManager first. Only if this router is discovered in OpManager with valid SNMO read and write community strings configured, you will see the router listed as a source device and you will be able to pick so that you can successfully add a VoIP monitor.

Please follow these steps to discover a source router in OpManager

1. Go to the source router telnet session and enable snmp read and write communities.

2. Go to Admin -- Credential Settings -- New
Enter valid read and write communities which is enabled in the source device.

3. Go To Admin --Add Device
Enter the name or IP address of the source device, select the newly added credential and then click on Add Device.

4. Go to VoIP Monitors -- Settings
Select newly added source router and proceed with the configuration.

Why is incorrect disk space reported for the datastore on an VMware ESX?

Connect to that ESX host via vSphere client and do a refresh datastore.You can infact automate this refresh to happen every 5/10 minutes by creating a cronjob. Here is the procedure as cited by one of OpManager users in our forums- a nice workaround:

1. Connect to your ESXi with SSH or Telnet
2. Open your root file in your crontabs directory with the vi editor:
vi var/spool/cron/crontabs/root
3. Edit the file and put the following line in it:
*/5 * * * * /bin/vim-cmd /hostsvc/datastore/refresh <your_datastore_name>
4. Save the file
5. Restart the cron daemon
6. Be happy

Now the datastore you configured at <your_datastore_name> will be refreshed every 5 minutes.

Why is 'Disabling interface failed' error message encountered when trying to disable an interface on a Cisco ASA 5500 firewall?

This message is encountered when trying to turn interfaces on and off using the Interface Enable/Disable button (drill down to the interface level). To perform this action, OpManager requires the write community to be enabled for the device in OpManager. Whenever you enable or disable any interface of the device in OpManager, it will write them on the router or switch using the write community.

So, check if you have configured the correct write community on the device in OpManager and give a try again.

Unable to delete a WAN RTT Monitor.

When trying to delete a WAN RTT monitor, the following error is encountered:

[Exception in:/webclient/common/jsp/PageNavigation.jsp] null

A possible corruption of the Cisco RTT MON MIB could cause this error when trying to delete a WAN RTT monitor.
Copy  this MIB to the \OpManager\mibs folder replacing the original file and restart OpManager service. You must be able to delete the monitor now.

When moving the database to another SQL server, what kind of permission does it require?

OpManager accepts only SQL Authentication credentials with DB Owner & DB Creator rights.

What are the specific default ports that should be open for a server to be monitored by OPManager?

By default OpManager uses the following ports to monitor devices ..
SNMP-161
SNMP Traps - 162.
WMI - 135 & 445
Telnet - 23
SSH - 22
ICMP ping

How is traffic utilization calculated in OpManager?

32-bit counters:

Ref mib: RFC-1213-MIB

Ref tables: ifraw(raw data), ifhourlysum(Sum up collected raw data for every hour and stored in this), ifhourlyrate, ifdailysum,ifdailyrate

In Traffic(bps) : InOctets*8*1000/deltatime ()

Out Traffic(bps): OutOctets*8*1000/deltatime

In Packets per sec: (INUCAST+INDISCARDS+INERRORS+INUNKNOWNPROTOS+INNUCAST)*1000/deltatime

Out Packets per sec: (OUTUCAST+OUTNUCAST)*1000/(DELTATIME)

In Bytes: INOCTETS

Out Bytes: OUTOCTETS

In Util(%) : (InTraffic/Inspeed)*100 = (InOctets*8*1000*100/deltatime*inspeed)

Out Util(%):(OutTraffic/OutSpeed)*100 = (OutOctets*8*1000*100/deltatime*Outspeed)

Total util(%): (Inutil+outUtil)/2

64-bit Counters:

Ref mib: RFC-1213-MIB,IFMIB

Ref tables: ifhcraw(raw data), ifhchourlysum(Sum up collected raw data for every hour and stored in this), ifhchourlyrate, ifhcdailysum,ifhcdailyrate

In Traffic(bps) : InOctets*8*1000/deltatime

Note: we will poll for .1.3.6.1.2.1.31.1.1.1.6.ifIndex to get In Traffic. Sometimes agent may implement 64-bit counters partially for interfaces. In that case query to .1.3.6.1.2.1.31.1.1.1.6.ifIndex oid will give zero values. At the time we will take 32-bit counter value. We will query to .1.3.6.1.2.1.2.2.1.10.ifIndex

Out Traffic(bps): OutOctets*8*1000/deltatime

Note: we will poll for .1.3.6.1.2.1.31.1.1.1.10.ifIndex to get In Traffic. Sometimes agent may implement 64-bit counters partially for interfaces. In that case query to .1.3.6.1.2.1.31.1.1.1.10.ifIndex oid will give zero values. At the time we will take 32-bit counter value. We will query to .1.3.6.1.2.1.2.2.1.16.ifIndex

In Packets per sec: (INUCAST+INDISCARDS+INERRORS+INUNKNOWNPROTOS+HCINMCAST+HCINBCAST)*1000/deltatime

Out Packets per sec: (OUTUCAST+HCOUTMCAST+HCOUTBCAST)*1000/(DELTATIME)

In Bytes: INOCTETS

Out Bytes: OUTOCTETS

In Util(%) :(InTraffic/Inspeed)*100 = (InOctets*8*1000*100/deltatime*inspeed)

Out Util(%):(OutTraffic/OutSpeed)*100 = (OutOctets*8*1000*100/deltatime*Outspeed)

Total util(%): (Inutil+outUtil)/2

When logging into OpManager with correct credentials, the login page continues to prompt the user with "Please enter the user name". Why?

You may experience this if there is some issue in the database or if there is an issue with AD authentication. Please try restarting OpManager and check if it works. Else, email the Support information file for analysis.

Error message "Please enter a valid number" is encountered when configuring discovery. Why?

Opmanager might throw this error when there is a dot(.) in the IP Address. If this is not the case, email  the exact IP and the netmask  to our support to help reproduce and resolve the error.

When the WMI disk queue length monitor is enabled in OpManager, what disk is it providing data for? Is it possible to specify which disk it is monitoring?

The inbuilt monitor for WMI based Disk Queue length is for all disks(ie "_Total"). If you want this for a  specific disk, use custom WMI monitor.

Performance Monitors--Add Monitors--->WMI monitors

This will list all the available classes. When you select disk queue length, you can see the partitions as instances. Select the partition and add monitor. Note that the disk queue length monitor is found under the WMI-based Disk Monitors.

When configuring script monitors, what is the ideal 'Timeout' to be configured?

It depends on the job done by the scripts. Use the Test script option to determine the approximate timeout period. If the scripts perform very basic operations, 10 seconds would suffice.

What is the minimum monitoring interval configurable for script monitors?

Every time, the script content is written to a file in disk and this takes some time. Monitoring interval also depends on the number of script monitors associated. (though we haven't determined the exact number yet!).  We suggest that you configure a 10 min monitoring interval for local scripts and 15 mins for scripts running on remote machines.

A custom query joining snmpinterface table and alert tables to report on IFCIRCUITID and IFALIAS for Discard or Error alerts. (this was a user request on our forums)

A sample query:

(SELECT al.*,si.ifalias,si.ifcircuitid FROM IntferrorThreshold idt INNER JOIN ManagedObject mo ON idt.id=mo.moid INNER JOIN SNMPInterface si ON mo.name=si.name INNER JOIN Alert al ON al.entity=CONCAT("IF_ERROR_",idt.id))
UNION
(SELECT al.*,si.ifalias,si.ifcircuitid FROM IntfdiscThreshold idt INNER JOIN ManagedObject mo ON idt.id=mo.moid INNER JOIN SNMPInterface si ON mo.name=si.name INNER JOIN Alert al ON al.entity=CONCAT("IF_DISCARD_",idt.id))

Error: Device already present in the system and Some stray entries found for this device.

These errors occur because of stray entries for these devices in the database from their previous discovery. This is resolved by cleaning up the entries from the relevant tables. Here is how you do it:
 

- Extract the enclosed Zip file to the OpManager installation directory. This will create a new folder "RemoveDBEntires" and 4 files will be kept under that folder.

- Run the script RemoveDBEntries.bat(RemoveDBEntries.sh for Linux) both using IP Address and Device name. Make sure the server is running, when you execute the script. Thisscript will remove the partially added entries from the database.

- RemoveDBEntries script accepts the device name and ip address as argument.

cmd> cd [OpManager Home]/RemoveDBEntries
cmd> RemoveDBEntries.bat IPaddress
cmd> RemoveDBEntries.bat <devicename>
 

Example:

\\OpManager\\RemoveDBEntries>RemoveDBEntries.bat 192.168.12.34
\\OpManager\\RemoveDBEntries>RemoveDBEntries.bat opman.zohocorp.com

This script will remove the partially added entries from the database.

- After executing the script, please restart OpManager service and add the device.
 

Note: It may take couple of minutes to view the newly added device.
 

OS: Windows 2000 and above / R.H. Linux 7.2 and above.

Attachment : RemoveDBEntries.zip for Version 7 and above

2006_11_8_12_34_26_RemoveDBEntries.zip for Version 6

RemoveDBEntriesNew.zip for OpManager 8030 & above (till build 8052)

RemoveDBEntriesNew-8720.zip for OpManager build 8700 & above

Note 1: Use RemoveDBEntriesNew.zip only for OpManager build 8030 and above (till build 8052 ) , here the zip file will create a folder in the name of RemoveDBEntriesNew instead of RemoveDBEntries while extracting. Follow the same steps above from the cmd> cd [OpManager Home]/RemoveDBEntriesNew directory instead of cmd> cd [OpManager Home]/RemoveDBEntries.
 

Note 2: Use RemoveDBEntriesNew-8720.zip only for OpManager build 8700 & above , here the zip file will create a folder in the name of RemoveDBEntriesNew instead of RemoveDBEntries while extracting. Follow the same steps above from the cmd> cd [OpManager Home]/RemoveDBEntriesNew directory instead of cmd> cd [OpManager Home]/RemoveDBEntries.
 

Attached Files :
 

2006_11_8_12_34_26_RemoveDBEntries.zip

RemoveDBEntriesNew_9010.zip

RemoveDBEntries.zip 

RemoveDBEntriesNew-8720.zip

RemoveDBEntriesNew.zip

Unable to load the Cisco ENVMON MIB. Why?

This can happen if a dependent mib is missing. Please download the attachment, place it under OpManager\mibs folder and try again.

CISCO-SMI.mib

What is the difference/relationship between the monitoring interval configured for the device category vs that of the monitored interval for a specific monitor?

Settings -> quick configuration wizard -> Monitoring Intervals => Device availability monitoring using ping. Is done at the interval configured here.

Monitor specific interval => Data collection interval for that metric alone(WMI/SNMP/CLI). Irrespective of the device availability monitoring interval, the particular performance parameter is monitored at the interval specified here, at the monitor level.

Both are necessary for overall device health monitoring.

Applying device template to a device manually classified into a category, the monitors from the template are not associated to the device. Why?

Let us assume you have manually classified a  device into Windows2008 category and then go on to apply the Win2008 template to the device to associate monitors.. The template is not applied properly for the following reasons:

1. If you are running OpManager on Linux and the template has WMI-based monitors.

2. If you have installed on Windows, but have not configured the WMI authentication credentials for the monitored device (in this case, the win 2008 device)

3. If the device has SNMP and you have not provided the SNMP credentials for the device.

Configure the credentials for the device and proceed with applying the template.

Why does opmanager have to run as root under linux?

OpManager has an in-built MySQL and TOMCAT which needs lot of changes to run as non-root user. So we didn't provide this option. It is the same for all our ManageEngine products.

What do the different severity levels in OpManager mean?

OpManager has four different severity levels for the alarms.  Severity levels of device down alarms (availability monitoring) are already predefined

Here is the list with the severity and the events which will trigger the alarms with these severities

1)Service Down: When is service down and URL monitor is down

2)Attention: When the device is down for the 1st poll in availability

3)Trouble: When the device is down for 3 consecutive polls in Availability

4)Critical: When the device is down for 5 consecutive polls in Availability. This is the highest severity in OpManager.

5)Clear: At any stage if an alarm is cleared.

As you can see, the severity will automatically change for the device down alarms based on the number of missed polls.

Similar to device down alarms, Interface down alarm severity(Trouble) is also predefined.

But for other alarms like threshold violation, Traps and event logs, user can configure any severity(Attention or Trouble or Critical) and the severity will be the same even if the alarm is repeated.

The database tables in OpManager storing performance data for reporting.

The details of the tables are:

The performance data tables in OpManager 7 are quite distributed, enabling better reporting. Here is a quick summary of the tables that you will need to take custom reports

1. ElementsAvailabilityHourly - Every day device availability reports are taken from this table.
2. ElementsAvailabilityDaily - This table is queTried for availability reports for over a week. Has data archived every 24 hours.
3. IfRaw_<date> - This table has data of interface traffic, errors, discards etc
4. IfHourly_<date> - This has values archived every one hour for all the interface data
5. IfDaily_<date> - This has values archived every 24 hours

OpManager archives the above performance tables after the row-count exceeds apprx 250,000 rows. So, to know the date of the table to be queried, query the table METATABLE. This lists all the perforformance tables. The current performance tables (the names of which are mentioned above) will have the value as -1 for ENDTIME field.

Each element/device is a managed object and has a unique ID, which you can retrieve using MOID field in the ManagedObject table. The value of this MOID is the same as ElementID field in the above tables. So, you can use a join between these two tables to create custom reports.

Besides the above tables, the host resources data such as that of CPU, Memory etc are persisted in the following table:

1. Statsdata<current date>: This stores the current or raw data. That is, the data as and when collected. This table is created every 24 hours. New table is created at 12.00 midnight.

2. Statsdata_hourly: Which has values archived every one hour. Hourly data is stored for a period of 15 days by default and can be set to a maximum of 90 days.

3. Statsdata_daily: Which as values archived every 24 hours. Daily data is stored for a default period of 1 year and can be set to store for a max of 10 years.

For additional information refer to DatabaseSchema.conf located under OpManager/conf folder

Why does Hyper-V discovery and rediscovery fail sometimes?

If Hyper-V discovery/rediscovery fails, try troubleshooting your Hyper-V resources as below.

  1. To begin with, check if you have the credentials with the necessary permissions. It is better to have credentials with root-level access to your Hyper-V server.
  2. Checking the Caption/Build Number of the Hyper-V host:
    1. Test whether the Hyper-V server can be pinged from the OpManager-installed server.
    2. Open "wbemtest" application from OpManager-installed server (you can do it using Run command) and fill in the username and password of the HyperV-Host that you want to check for issues.
    3. Provide the namespace as "\\<hostName>\root\cimv2" and execute a WMI query as follows: select caption,BuildNumber from win32_operatingsystem
    4. Double-click on the first row, click on 'Show MOF' and take a screenshot of the displayed info (Caption and buildNumber).
  3. Checking if you can connect to the root directory of the Hyper-V server:
    1. From the "wbemtest" application, provide the username and credentials of the Hyper-V host with issues.
    2. For the 'Namespace' field, use "\\<hostName>\root\virtualization" if your version of Hyper-V is upto 2008. If it is after 2008 (beginning from 2012), provide the value as "\\<hostName>\root\virtualization\v2". Click 'Connect' once you've filled the applicable Namespace value.
  4. Retrieving data on available VMs from the server:
    1. Click on the 'Execute Query' button and type in the following query - "select * from msvm_computersystem". Make sure you take a screenshot of the number of rows returned. Also, double-click on any of the rows, click on 'Show MOF' button and take a screenshot of the response.
    2. Once again, go to the 'Execute Query' window and enter this query - "select IPAddresses from Msvm_GuestNetworkAdapterConfiguration". Make sure you follow the same process as above to get the screenshots of the responses.
    3. If the received response has some entries, it means that there are some VMs present in the host. Try re-discovering in OpManager with the same credentials you provided here.
    4. If the response has only one entry that belongs to the host, it means that there are no VMs under that host.
  5. As an alternative to Step 4, you can try running the following script from OpManager.
    1. Open Command Prompt as Administrator and navigate to <OpManagerHome>\conf\OpManager\application\scripts
    2. If the version of the host is upto 2008, run "cscript HyperV2-VirtualSystemsInfo.vbs <hostName> <userName> <password>" in the Command Prompt window. Else if it is 2012 or later, enter this command: "cscript HyperV-VirtualSystemsInfo.vbs <hostName> <userName> <password>".
    3. If there are any VMs present, you can view it in the output.

For our team to troubleshoot this, it's essential that we have the necessary logs of discovery/rediscovery of the Hyper-V host (with debug enabled).

Why does data collection fail even though valid credentials have been provided?

Even if the right credentials have been provided, data collection could fail for a number of reasons.

  1. Timeout: When providing timeouts for a credential, latency also has to be taken into account. If not, the connection would timeout even before the data is fetched from the device.
  2. User permissions: The user profile that is used to make the request might not have the necessary permissions for all the classes/metrics (for WMI) or table/OID (for SNMP).
  3. Partial response: The request made could trigger a partial response from the device, resulting in data not being received for certain metrics.
  4. Also, for WMI devices, the requested class/metric might not exist in the device, providing an empty response to OpManager.

Why is OpManager not able to monitor a certain set of URLs?

Some cipher suites are not supported by Java owing to security reasons. Since OpManager also uses Java, URLs that use some of the weakly encrypted algorithms cannot be monitored using OpManager. The latest version of OpManager uses Java 8.

For example, the cipher suite TLS_DH_anon_WITH_AES_256_GCM_SHA384 is not supported by Java, therefore URLs using this suite for encryption cannot be monitored using OpManager.

To find the cipher suite used by a particular URL:

  • Open the URL in a browser of your choice.
  • Follow the steps mentioned below, depending on the browser you use:
    • Chrome: Click on the Lock Icon next to the URL in the URL bar, click on 'Certificates'. In the popup that is opened, click on 'Details' and scroll down to the field that says 'Signature algorithm'.
    • Firefox: After you click the Lock button, click on the 'Connection secure' button → More information. You can find the cipher suite used under 'Technical details'.
    • Internet Explorer: Right-click inside the page or open the Page drop-down menu, and click 'Properties'. After the new window is opened, go to the 'Connection' section. There you can find the encryption details of the URL.

To know more on supported cipher suites in Java 8, visit Oracle's Java Cryptography Architecture documentation on Java 8.

How can I automate actions like copying, deleting and moving files/folders in a device ?

You can use Workflows to automate actions like moving, copying or deleting files/folders in your device.

  • In OpManager, go to Workflows → New Workflow.
  • In the LHS tree, you can click on the 'File' section to view file-related actions. For workflow actions concerning folders, you can click 'Folder'.
  • These are the workflow actions available for Files and Folders in OpManager.
  • Devise a suitable workflow for your files/folders, and then click 'Next Step'.
  • In the next window, select the devices that you want to associate the workflow to. You can filter devices based on Business Views, Groups and Categories. Once you've selected them, click 'Next'.
  • In the next tab, select the trigger to execute that workflow. You can provide a wide range of triggers from VMware events and threshold violations, to alerts raised in OpManager. You can also choose the severity for which you wish to raise alerts.
  • After providing the trigger info, provide a suitable name for the Workflow profile, provide the necessary delay trigger options and click 'Save'.

What would be the possible reason(s) if my agent is not able to contact OpManager server?

If there's no communication between the agent and OpManager server, first check if you can ping the OpManager-installed device from the agent-monitored device.

  1. If you're not able to ping the device, these might be the reasons:
    1. Your firewall settings might not allow communication from the agent to OpManager: In that case, you'll have to add a rule in your firewall to allow outward communication from the agent to the OpManager server.
    2. Both devices are in different networks: Your end device might be in a network that is different from the one OpManager is running in. Try reconnecting the device to the same network.
    3. Improper proxy configuration: If you use a proxy between the agent-monitored device and OpManager, make sure it is properly configured to allow communication. You can check the proxy details in the agent by clicking the OpManager Agent Tray Icon and selecting 'Proxy Configuration'.
  2. If you're able to ping the device but there's no communication with the OpManager server:
    1. Check server details in the agent: In the device, open OpManager Agent from the Tray and click 'Server Configuration'. Check if the latest details of OpManager server have been updated in it.
    2. The agent might have become non-responsive/crashed: Try restarting the Agent Service in the device, and then check if OpManager is able to contact the device.

What is the difference between Clear, Delete and Acknowledge in Alarms?

Alarms in OpManager are raised to notify a user. When an alarm is raised, the user can deploy any of the following actions: Clear, Acknowledge/UnAcknowledge and Delete based on the requirement.

Clear:

The Clear option in Alarms is used to resolve an alarm. Generally a user can define the threshold values for monitors associated to devices based on various severity levels. The severity levels available in OpManager are:

  • Attention threshold - low severity
  • Trouble threshold - medium severity
  • Critical threshold - high severity
  • Rearm - restore back to normalcy

When a device violates, say, the critical threshold value of a monitor, then OpManager would send an alarm notification with red colour. Likewise, the alarm notification raised for a particular threshold violation is different from the other.

The Rearm value of a monitor associated to a device indicates that the device has returned back to normalcy.

Once the alarm attains the Rearm value, OpManager will automatically clear the alarm raised for the particular device. Users can also clear an alarm at any stage manually.

Acknowledge

The Acknowledge option in alarms is used to denote whether an alarm has been attended or not. Once if an admin/operator clicks on the Acknowledge option on the OpManager for an alarm, the user details will be updated on the alarm. Until someone acknowledges an alarm the particular alarm will stay unassigned.

Delete

Users can delete alarms in OpManager and the difference between deleting and clearing is that when an alarm is cleared, the record of the alarm wil be retained and available in the All Alarms page in OpManager. But, when an alarm is deleted the details of the alarm will be completely erased from OpManager.

How to Clear/ Delete/ Acknowledge alarms in OpManager?

Alarms can be cleared, deleted or acknowledged in three ways in OpManager.

Alarms page

  • Click on Alarms tab.
  • Select the required alarms.
  • Once you select the alarms, the options to Clear, Acknowledge, UnAcknowledge and Delete will appear on the top right corner.
  • Click on the action you want to execute.

Alarms snapshot page

  • Navigate to Alarms
  • Click on a particular alarm.
  • In the Alarms snapshot page on the top right corner you will find the options: Clear/Acknowledge/UnAcknowledge/Delete, among all other options.
  • Choose the action that you intend to perform.
  • After you choose, a success message will appear on the top of the OpManager's UI.

Device snapshot page

  • Navigate to Inventory--> Devices.
  • Click on a particular device.
  • Click on the bell icon on the top right corner.
  • On the alerts page select the alarms which requires any of the following actions: Clear/ Acknowledge/ Unacknowledge/ Delete.
  • Once done, a success message will appear on the top in OpManager's UI.

What is a BGP Trap?

Border Gateway Protocol (BGP) is used to check the connecting signals from the router. Whenever the signal from a particular router is down, a BGP trap will be sent to the monitoring tool.

What are Flaps?

A BGP trap is sent to the OpManager when the connecting signal from the router is either up or down and a flap is the combination of an up and a down signal.

For instance, say a signal from Router A is lost for a few seconds, this status will be taken as 'down; when the signal again comes back alive, the status will be taken as 'up'. This combined pair of a down and an up constitutes one flap.

Flap count in OpManager

OpManager would raise an alarm when the specified value of flap count is violated. By-default, there are two severity levels associated with flaps in OpManager: Critical and Clear.

When more than 5 flaps occur within the time duration of 1 hour, then the severity level is considered as Criticlal and an Alarm is raised.

On the other hand, if less than 5 flaps occur in a time duration of 1 hour, then the Alarm will be cleared, as it attains the Rearm value.

"Event 10028 - DCOM was unable to communicate with the computer" - Why does this error occur?

The 10028 Event will be created when the WMI request to the remote device failed due to wrong credentials.

Sample message:
Event 10028 DCOM was unable to communicate with the computer xx.xx.xx.xx using any of the configured protocols; requested by PID yyyy.

How can I troubleshoot this 10028 error?

  1. First, make sure the credentials provided for the corresponding device(s) is valid.
  2. Connect to wbemtest from the OpManager-installed server to the device (using its DNS name/IP address), and ensure if the connection is established properly. (Refer this KB article for more info on how to perform the wbemtest action)
  3. Perform a 'Test credential' action, and make sure that the WMI credentials pass the test and are working normally.

If all of these conditions have been satisfied, the event will be stopped automatically.

Establishing a secure Probe-Central connection

The communication between the Central and a Probe of OpManager Enterprise Edition can be configured via HTTP or HTTPS. Although users have the liberty to choose one type of protocol over the other, it is advisable to configure and communicate via HTTPS for enhanced security.

Enabling HTTPS in OpManager Central

When the communication protocol configured in both the Central and the Probes is HTTP, OpManger Central notifies the user to convert to HTTPS with the following message.

"The ongoing communication between the Central and all the Probes connected to it is established via HTTP. Convert to HTTPS for enhanced security."

To convert HTTP into HTTPS,

  • Navigate to Settings--> General Settings--> Security Settings and enable the SSL configuration in the Central.
  • Restart the Central server to put the configuration changes (HTTP to HTTPS) into effect.
  • In the Probe, navigate to Settings-->Configuration-->Central Details, and update the Protocol to HTTPS.

Enabling HTTPS in Probes

The following message appears in OpManager Probes when the communication between the Probes and the Central is via HTTP.

"Probe is currently communicating with the Central via HTTP. Please convert to HTTPS for secured communication."

The communication between a Probe and the Central occurs via HTTP due to either of the following reasons.

  • When SSL is not configured in the Central. (or)
  • When the protocol configured in the Central is HTTPS and that configured in the Probe is HTTP. (In this case, to enable HTTPS communication, navigate to Settings--> Configuration--> Central Details page in the Probe and update the Protocol to HTTPS.)

Host name verification for URL access

Host name verification is done to ensure that a client communicates with a valid and trusted server. For example, you use a browser (client) to access a website (web server). The browser sends a request to the website to verify its credibility.

The website in turn sends the SSL certificate details and the client checks whether the website name used in the browser's URL field matches the Common Name (CN) or Subject Alternative Name mentioned in the SSL certificate. If there is a match, then secure communication is established between the client and the server.

Impacts of failed host name verification

An SSL certificate ensures a secure data transaction between the client and the server. All the information transacted between the two entities happens in an encrypted channel. But, when the host name does not match the one specified in the SSL certificate, then it may indicate that the contacted server is false and the user may end up sharing personal or sensitive data to a fraudulent server

Recommended practice in OpManager

In OpManager, you have to specify URL address for few functionalities such as URL monitoring, third party integration using webhooks or while configuring SMS server settings. Wherever URLs are involved, it is highly recommended to specify the exact hostname as given in the security certificate to ensure a secure connection.

I still have some questions which needs clarification!

If you have any questions about OpManager, feel free to raise a support request and we’ll get back to you.

 
 Pricing  Get Quote