Best Practices: How Network Monitors Should Monitor

What is a Monitor?

When it comes to network monitoring, people often refer to sensors or sometimes elements. But Network Monitor is the main term and is exactly as it sounds – they look at something on your network and either track it, instigate an action, or report on their findings. It is all about visibility.

Monitors come in three different flavors — at least within WhatsUp Gold: Active monitors vs. Passive monitors vs. Performance monitors.

Active Monitors

Active monitoring is, again, very much what it sounds like: a monitor applied to a device that emulates actual user behavior. Active Monitors simulate performance data and pings parts of your network to spot potential issues, problems, or if something's simply not working properly. Active Monitors are particularly important to apply to newly integrated hardware, so IT knows if it's working in the first place. 

Active Monitors are polling devices that drive specific metrics and cover a wide range of devices. They test and measure availability, including application availability or service availability. With advanced network monitoring solutions, you can use application interfaces such as Rest API to apply queries to specific devices for reports.

Active Monitors can:

  • Actively poll specific metrics like MIB values ​
  • Test and measure service and application availability ​
  • Apply queries​
  • Exercise APIs

Active Monitoring Tips and Best Practices: File properties is a neat one to monitor. Say you want to know if a file's been modified within a day, or maybe the last hour. You could point this particular monitor to that UNC path of that file and WhatsUp Gold will check that for you.

The HTTP Content Monitor points at any website (or your website) and looks at specific content on that page. Based upon whether that content is found or not, it determines whether the page is up and running. 

Another popular one is the SSL Certificate Monitor. In this case, you point at the URL and it tells you, for example, if the certificate expires within the next 30 days. If so, you can have WhatsUp Gold trigger a down status if that criteria is met.

Passive Monitors

Passive Monitors are also as they sound – they don’t actually do anything except sit there and collect information from a device or whatever you're applying that Passive Monitor to. It's not simulating anything but rather collects actual user data.

Passive Monitors study or analyze the data that's going through the network and collect large amounts of performance data which IT can track for trends or ongoing analysis. They offer a more holistic view of what's happening on your network as opposed to a test injection and simulated view.

Passive Monitors again, aren't polling. They're effectively running as background processes. In the old days, you'd call that a Terminate and Stay Resident.

Not only are they not polling, but they’re also not testing or injecting data. They just watch what's going through. The most common function of Passive Monitors are SNMP Traps. Here they look for a preset event or threshold that gets exceeded or triggered, and report their findings or track logs. WhatsUp Gold tracks Windows event logs, which are of course applied to all Windows devices, as well as Syslogs, which can be used on Linux, UNIX, or other network devices.

Passive Monitors can:

  • Run as background processes (OS-level logging, SNMP traps etc.) on the monitored device​
  • Passive Monitors are not initiated like Active Monitors​
  • Windows event log – perform log for windows device​
  • Syslog – platform log for Linux/UNIX and other network devices​
  • SNMP Trap – trigger/predicate that denotes an event/threshold 

Passive Monitoring Tips and Best Practices: Passive Monitors passively listen in the background for events such as Windows Events, which is a very good monitoring option. You don’t necessarily need to poll your Active Directory Server every 60 seconds, but the Passive Monitor listens for event IDs or tracks something related to a specific user.

Once you have your conditions in place, you can define and assign the monitor. With WhatsUp Gold, whenever those events are triggered, WhatsUp Gold takes whatever action you've assigned to it. Maybe there's some critical warnings or errors that you're tracking via Syslog. WhatsUp Gold can take that action.

You can also listen to a number of SNMP Traps. Perhaps you want to know when a link goes up or a port going active on a switch. When these occur, the network monitoring solution will let IT know.

Performance Monitors

Performance Monitors are specialized monitors that determine how well or how fast applications are working, and provide performance metrics showing the results. Performance Monitors generally only apply to applications, though they can also measure traffic. Instead of simply showing whether a service or app is up or down, these Monitors capture response and return times.

Performance Monitors collect performance metrics on devices over time, tracking availability including ping time, lag, delay, and even jitter. Performance Monitors determine whether things are working as quickly as desired based on thresholds IT sets up. 

Performance Monitors visualize trends, track overall performance, and calculate items such as averages. These Monitors drive reports, such as how often particular applications are under heavy load, and peak usage times for these applications. That helps network pros architect exactly what the organization needs, and what resources must be available for specific applications.

Performance Monitors can:

  • Return health and performance metrics over time ​
  • Leverage WhatsUp Gold reporting for calculating averages, visualizing trends, and tracking

Performance Monitoring Tips and Best Practices: Both interface utilization and CPU memory are default monitors. Any device, a switch, a router, or even a Windows server can have multiple Performance Monitors assigned. Default items tracked include CPU, DIS, ping response, latency, and so on. 

Network and IT pros can create most any kind of custom Performance Monitor. An example of a basic monitor is an APC UPS battery Output Monitor, which simply collects the battery output on your APC devices.

WhatsUp Gold also monitors or integrates with AWS Cloud Watch, as well as Azure Performance Monitoring.

You can even do a SQL query which will connect to Microsoft SQL, MySQL, or Oracle databases and extract numbers or values. And of course, you have your WMI monitoring or Windows monitoring specifically for Windows Operating Systems.

 

The Four Step Monitoring Process

Progress recommends a four-step process for setting up monitors.

Number One: Look at your device and see exactly what monitors are already there. It's likely monitors have been applied out of the box or set up by someone in the organization. WhatsUp Gold can add new devices and apply roles as they're added or discovered. Those roles include a variety of different monitor setups. 

Number Two: Assign your monitors, including configuring or reconfiguring existing monitors and setting up new ones including custom monitors. Monitor assignment is all based on need and the information you plan to gather. What do you want to know about a device and why? What information is most important?

Number Three: Make sure the monitors you've applied are switched on (if you need them on at this time), which is often done by default.  As mentioned, some monitors are switched on by default, such as interface utilization, which serves as a bandwidth heat map. That's switched on by default for devices, but you in fact might not want it switched on if you have other priorities.

Number Four: Check the monitors. Check the stats and the utilization of the device and check which Performance Monitors are assigned to it. That's it.

A Quick Monitor Refresher

To summarize active vs. passive monitors, Active Monitors check whether a device is up or down. The Passive Monitors let you know what's going on in terms of events. Performance Monitors provide performance metrics. If you apply all these monitor types, you will be in a much better place, able to determine exactly what's going on with a device such as a switch or the application on that device.

When to Use Monitors? It May Depend on Licensing Model

So, when do you use monitors, which do you use and when? The answer is a bit of a cop out – you want to use all of them and use them simultaneously. They're all important in their own way. Don't be shy about using monitors. You can apply as many monitors as you want, to any device – at least with WhatsUp Gold. We differ slightly from the concept of a monitor or a sensor which can each come with their own license cost when sold by other network monitor vendors. In WhatsUp Gold, we license individual devices – not monitors themselves. 

What monitors to use and when:

  • Use all 3 simultaneously!
  • Active, Passive and Performance are all important in their own way​
  • Active Monitors check for Up/Down status of the monitors. ​
  • Passive Monitors serve to set alerting on Events on Windows and Network devices.​
  • Performance monitors provide health and performance metrics

​ With WhatsUp Gold, there are a certain number of devices you've paid to monitor. Whether it's a four-port router or 128-port switch or anything else, that's one device. You can apply as many monitors to that device as you wish. 

With a 48-port switch, you can monitor all 48 ports. You can monitor the CPU. Many of our competitors charge by either the sensor or the monitor. Given that licensing model, you might not want to monitor all 48 ports of that switch as it costs extra money.

We want you to be freer with your monitors, to apply whatever you want, whenever you want. The more information you have, the better off you're going to be. We don't see a reason to limit that.

 

Get Started with WhatsUp Gold

Subscribe to our mailing list

Get our latest blog posts delivered in a monthly email.

<p class='-pt2 -m0'>Thanks for subscribing!</p> Loading animation

Comments
Comments are disabled in preview mode.