Professional Documents
Culture Documents
00
Reviewers Guide
Contents
Welcome! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Management of Microsoft Windows Servers . . . . . . . . . . . . . . . . . . . . . . 3
Installation Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
PATROL Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Installing the Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Server Operating System Availability with Quick Value Statistics . . . . . 9
Advanced Features and Functionality. . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Alarm Thresholds. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Automated Recovery Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Combination Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Custom Views and Graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Event Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Microsoft Performance Counters and PATROL Monitoring . . . . . . 18
Process Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Registry Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Services Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Text Log Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Environment-Specific Functionality. . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Active Directory/Domain Management . . . . . . . . . . . . . . . . . . . . . . 23
Cluster/Network Load Balancing Management. . . . . . . . . . . . . . . . 23
Datacenter Server Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Microsoft Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
MTS/COM+ Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
MSMQ Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Helping You Maintain Advantage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
About BMC Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Welcome!
This reviewers guide outlines step-by-step instructions for you to quickly
install, configure, and evaluate the PATROL for Microsoft Windows
Servers product in a Microsoft Windows NT or Microsoft Windows 2000 test
environment.
The installation procedures in this guide assume that the product will be
installed locally on a single computer that does not already have PATROL
installed. For more advanced PATROL installations, including upgrades from
previous versions and remote installations, please consult the PATROL for
Microsoft Windows Servers Getting Started guide.
Installation Requirements
Before installing PATROL for Microsoft Windows Servers, check that the
requirements listed in Table 1 have been met.
Table 1
Resource
Minimum Requirements
Platform
Intel
Operating system
RAM
Comments
32 MB for an agent
Disk space
48 MB for a console
20 MB for an agent
(without components and KMs)
50 MB for a console
(without components and KMs)
PATROL Terminology
The core components of PATROL include the PATROL Agent, which collects
data, the KMs or Knowledge Modules, which contain the application-specific
monitoring knowledge (they tell the agent what to monitor), and the PATROL
Console (the user interface). The PATROL Agent and several Windows
Knowledge Modules (KMs) are components of the PATROL for Microsoft
Windows Servers product. The console is a separately licensed product.
The console includes a tree view that you can expand to view the four levels
of monitoring provided by PATROL (Figure 1 on page 5). Traditionally,
under the PATROL main map, you can see these four monitoring levels:
Each object has a menu of actions (menu commands) that you can view by
right-clicking the object in the tree or icon view.
Annotated data points in PATROL are data points in a PATROL graph,
represented by an asterisk, that provide additional details when an item is in
an alarm state. One example is an annotated data point for peak CPU usage.
By clicking on this annotated data point, you can see a list of the top ten
processes that were running at the time the CPU usage peaked.
Figure 1
PATROL window showing the expanded tree view with the four levels of monitoring.
Note:
act as part of OS
debug programs
increase quotas
log on as service
log on locally
profile system performance
replace a system token
1. Insert the PATROL for Windows Servers CD into the CD-ROM drive
2. The installation procedure begins automatically by using the Microsoft
Windows auto-run functionality.
Note:
The installation procedures in this guide assume the product will be installed
locally on a single computer that does not already have PATROL installed.
For more advanced PATROL installations, including upgrades from previous
versions and remote installations, please consult the PATROL for Microsoft
Windows Servers Getting Started guide.
Your first task is to decide which products to install on which machines. For
evaluation purposes, you can install all components and products on a single
test machine. In a production environment, you install the KMs and PATROL
Agents on all computers to be managed (Managed Systems) and install the
console components only on the few computers that will provide the
PATROL user interface (Console Systems).
By launching auto-run from a CD install, or by double-clicking on the
setup.exe file, you can begin the install program. As it launches, it displays in
a Web browser interface.
1. Click Next on the welcome screen.
2. Read the license agreement and select Accept, then click Next.
Note:
3. From the Select Type of Installation window, select Typical and click Next.
Note:
4. In the Specify Installation Directory window, enter the location where you
want to install PATROL or accept the default directory and click Next.
5. From the Select System Roles window, select Console Systems and
Managed System, then click Next.
6. Expand the PATROL Solutions for Microsoft Windows - QuickStart
Packages tab and select Manage Microsoft Windows Servers and click
Next.
7. Enter a valid Windows account log-in name with administrator privileges
and then type the password twice as requested and click Next.
8. On the PATROL 3.x Product Directory window, specify a subdirectory
location or accept the default directory and click Next.
9. Select the option to start the PATROL Agent automatically, then click
Next.
10. Review the installation summary screen, and click Start Install.
11. After successful installation, click Next.
12. To exit the install utility, click Finish.
13. Click OK, then Yes to close all browser windows.
To add the host (computer) that you want to monitor to the PATROL console,
2. Select Hosts => Add from the PATROL console main menu.
3. Next to Host Name, type the name of the local machine.
4. Type the Windows user name and type the password twice as requested.
Note:
5. Click OK.
Note:
When you selected the Typical install option, the minimal set of
monitoring parameters were automatically configured for you.
However, to do some of the advanced functions in this reviewers
guide, you need to load additional KMs.
Save your KMs so that PATROL automatically loads the selected KMs the
next time you start the PATROL Console.
To do so, select File => Save KM from the PATROL main menu. You are now
ready to monitor with PATROL.
To immediately view data (instead of waiting for PATROLs next scheduled
monitoring interval),
1. Right-click your computers (host) name in the PATROL tree view (right
under PATROL Main Map).
2. Select KM Commands => Utilities => Patrol => Force Discovery.
Note:
1. Expand the PATROL MainMap icon in the top left corner of the console.
2. Expand the computer name and then expand Windows Operating System.
3. To view data for any item represented in Table 2 on page 10,
double-click the item in the tree view of the PATROL console
.
Table 2
Parameter Name
by Application Class
This high level container includes a few of the most critical statistics
you need to monitor on each server
NT_PERFMON KM
This KM is used to create new custom KMs from any existing set of
Microsoft Performance Counters available on a server.
NT_CACHE
CACcachCopyReadHitsPercent
CACcachCopyReadsPerSec
NT_CPU
CPUprcrInterruptsPerSec
CPUprcrPrivTimePercent
CPUprcrProcessorTimePercent
CPUprcrUserTimePercent
NT_EVENTLOG
NT_LOGICAL_DISKS
LDldDiskQueueLength
10
Table 2
Parameter Name
by Application Class
LDldDiskTimePercent
the percentage of elapsed time that the selected disk drive is busy
servicing read or write requests
LDldFreeMegabytes
LDldFreeSpacePercent
NT_MEMORY
MEMmemAvailableBytes
MEMmemPageFaultsPerSec
MEMmemPagesPerSec
the number of hard page faults for the processor; the value often
determines whether or not your system needs more RAM
NT_NETWORK
NETniPktsOutboundErrors
NETniPcktsPerSec
the rate that packets are sent and received on the network
NT_PAGEFILE
PAGEpgUsagePercent
NT_PHYSICAL_DISKS
PDpdDiskQueueLength
PDpdDiskTimePercent
the percentage of elapsed time that the disk spends servicing read
or write requests
Good disk performance enhances virtual memory performance and
reduces the elapsed time required to load programs that perform a
large number of I/O requests.
NT_PROCESS
The next four parameters are displayed after you configure specific
processes for monitoring. See Process Monitoring on page 19.
PROCPageFaultsPerSec
PROCPageFileBytes
the current number of bytes this process has used in the paging file
PROCProcessorTimePercent
PROCStatus
11
Table 2
Parameter Name
by Application Class
NT_REGISTRY_GROUP
Total_UpdateFrequency
NT_SECURITY
SECsvrErrorsAccessPermissions
SECsvrErrorsGrantedAccess
SECsvrErrorsLogon
NT_SERVER
SVRsvrServerSessions
SVRsvrSessionsErroredOut
NT_SERVICES
ServiceStatus
NT_SYSTEM
SYSobjProcesses
SYSobjThreads
SYSsysSystemUpTime
the time, in seconds, that the computer has been up and running
12
Alarm Thresholds
PATROL monitors server activity and sends alerts to the PATROL console
based on predefined threshold ranges. This procedure uses an example to
show you how to change these ranges to settings specific to your
organization.
1. Switch from the desktop to the KM tab on the console (tabs are at the
bottom of the tree view).
2. Once in the KM view, expand the Knowledge Module icon, then expand
the Application Classes folder.
3. Expand the NT_LOGICAL_DISKS application class.
4. Expand the Global folder.
5. Expand the Parameters folder.
6. For this example, double-click on the LDldFreeSpacePercent parameter.
The Parameter Properties are displayed.
7. Select the Alarm Ranges tab.
Alarm 1 is for alarms. Alarm 2 is for warnings. You can select Enable for
either or both alarm ranges and set the minimum and maximum ranges
for when an alarm should be sent to the console. Notice that
out-of-the-box PATROL gives you a warning when your free space gets
below 10 percent. Then it will go into alarm when the free space is below
5 percent.
13
Combination Parameters
With PATROL, you can combine several individual parameters into a single
parameter (composite parameter) to see how events are correlated. For
example, you can create a composite parameter to alarm only when both
CPU and memory exceed predefined thresholds.
To create a composite parameter,
1. Right-click on the NT_CompositesColl application class, and select KM
Commands => Create Expressions.
2. Create a name for the new parameter. For this example, type MemCPU,
and click Create.
14
3. On the initial Edit screen, accept the default values and click Wizard.
4. Select Patrol KM parameter and click Continue.
5. Select NT_CPU and click Continue.
6. Select CPU_Total and click Continue.
7. Select CPUprcrProcessorTimePercent and click Continue.
8. Select Greater than or equal to and click Continue.
9. Select Constant value and click Continue.
10. Type 10, and click Continue.
You have now finished the first half of the procedureto set the alarm when
CPU utilization exceeds 10 percent. The following portion of the procedure
guides you through setting the limit for available bytes.
11. Click More, select And, and click Continue.
12. Select Patrol KM parameter and click Continue.
13. Select NT_MEMORY and click Continue.
14. Select MEMmemAvailableBytes and click Continue.
15. Select Less than or equal to and click Continue.
16. Select Constant value and click Continue.
17. Type 100 and click Continue.
18. Exit the remaining open windows by clicking the appropriate buttons in
this sequence: Done, Done, Save, OK, and Done.
You now have a new object that alerts only when both criteria are
metCPU greater than 10 percent and available bytes less than 100 MB.
15
16
Event Monitoring
By default, PATROL for Microsoft Windows Servers monitors all Microsoft
event logs including
System Log
Security Log
Application Log
DNS Server
Directory Service
File Replication Service
PATROL can monitor all event levels including informational, warning, and
error. Howeverby defaultPATROL alarms only on errors. PATROL, also
by default, forwards all Windows error events to the PATROL event window.
You can forward additional filtered events to the PATROL console based on
event source, event type, text strings, users, event categories, and event IDs.
To view the PATROL event window, select Tools => Event Manager from the
PATROL main menu.
For this evaluation, use the example of monitoring the Windows application
log for a specific event source.
To create a new monitoring item (instance) that represents a particular source
in the Windows application log:
1. Double-click the NT_EVENTLOG application class in the tree view of
the PATROL console.
2. Right-click the Application icon in the display pane on the right.
3. Select KM Commands => Instances => Defined by Template.
4. Create a name for your new monitored object and type it in the Instance
Name box (for example, type MyEvents).
5. Select Create, then click Apply.
A screen is displayed where you can select different properties for event
filtering.
6. In the From Sources drop-down box, select an event source. For this
example, select DrWatson and select Add next to the source.
7. Change the annotation option to Yes so that any events that are found will
include the event details when they are forwarded to the PATROL event
window.
17
18
5. Click Open.
Process Monitoring
PATROL monitors processes out of the box by reporting on the top ten
processes consuming resources (PROCTopProcs). You can also customize
PATROL to view continuous historic usage for a specific process or group of
processes.
19
Registry Monitoring
PATROL can monitor for any changes in the Windows registry on the local
machine. This ability alerts administrators to changes that could negatively
affect the performance of their servers.
To begin monitoring a group of registry keys, you will need to create a
registry group monitoring object (instance) in PATROL.
To create a registry group monitoring object,
1. Right-click the NT_REGISTRY application, and choose KM
Commands => Define Registry Group.
2. Create a name for your new monitored object and type it in the Instance
Name box.
3. Select Create and then click Apply.
4. Select the item that you want to monitor from the Select Root Key
drop-down list (for example, HKEY_LOCAL_MACHINE to capture all
registry changes on the local machine).
5. Leave all the other options in their default states.
6. Click Apply, then click Close twice to exit.
20
Services Monitoring
By default, PATROL monitors availability of all services that are running on
the managed server. This functionality helps administrators ensure the
availability of their critical applications. You can customize this list of
monitored services to add services that are not yet running or to exclude
services that are of less concern. Also, PATROL will restart any services that
go down if they are configured to start automatically.
In addition to the default availability monitoring, you can customize
PATROL to monitor how much memory and CPU a service consumes.
To monitor memory and CPU for a specific service,
1. Right-click the NT_SERVICES application and choose KM
Commands => Service Executable Monitoring.
2. Select the name of the service that you wish to include for more detailed
monitoring.
3. Select Include Selected.
4. Click Apply and click Close.
21
6. Type in the full name and path of the file that you want to monitor (for
example, C:test.txt) in the File Name box.
7. Type the maximum acceptable size for this file in Size Limit (Bytes).
Note:
PATROL alarms if the file grows beyond the size that you set.
8. For the automated recovery action, you can leave the default, No Action,
selected for now.
9. Click Apply, then Accept and Close to exit.
To search for a specific text string in the log file, go back to the TextLogs
icon in the display panel.
1. Right-click on TextLogs, and select KM Commands => Edit Search
Template.
2. Select Add, and click Apply.
3. Create a name for the new template you are creating (for example,
FindXYZ), and type XYZ for the Search String.
4. Select the name of the file to search for in the text string (c:test.txt).
5. Change the Alert Severity to 3 Alarm, then click Apply.
6. On the resulting Confirm screen, click Accept.
7. Click Cancel to exit.
You will now have a PATROL alert each time the text string XYZ is found in
the sample log file.
22
Environment-Specific Functionality
Environment-Specific Functionality
The following sections give information about functionality that is available
for PATROL for Microsoft Servers under specific environments.
23
Microsoft Certification
Microsoft Certification
BMC Software has earned Microsoft's approval to carry the Certified for
Microsoft Windows 2000 Server logo on BMC Software's PATROL for
Microsoft Windows Servers. BMC Software was the first enterprise systems
management vendor to earn this certification for Microsoft Windows 2000
Servers.
Certification assures our customers that PATROL will run predictably on
Microsoft Windows 2000 Servers, Advanced Servers and Datacenter Servers,
thereby reducing the overall time and cost spent implementing Microsoft
Windows 2000.
MTS/COM+ Management
PATROL monitors and manages Microsoft Transaction Server (MTS) by
monitoring processes, transactions, and events, and helping to manage
multiprocessing services for higher scalability and availability.
The PATROL for Windows Servers product provides functionality to monitor
the run-time environment for Microsoft Transaction Server (MTS) on a
Microsoft Windows NT 4.0 server and Microsoft COM+ (COM+) on a
Microsoft Windows 2000 Server.
24
MSMQ Management
The PATROL for Microsoft COM+ product performs the following actions
for Microsoft Windows 2000 servers:
MSMQ Management
PATROL monitoring of Microsoft Message Queue (MSMQ) enables
administrators to monitor and manage sessions, messages, and queues,
thereby ensuring the delivery of messages. The Microsoft MSMQ round-trip
time metric tracks round-trip message time of each use.
Reporting
PATROL provides easy-to-use, canned reports on performance and
availability of Microsoft Servers and applications. You can easily generate
customizable, business reports using Microsoft Excel. For more advanced,
enterprise-wide summary reports, you can install the PATROL Service
Reporting component.
25
26
27