SolutionBase: Keep a close watch on your network with IP Sentry alerts

Learn to configure IP Sentry to monitor your network and send alerts.

Have you ever been in a restaurant and witnessed several people around you abruptly leave their table to check their multitoned pagers? With IP Sentry and a pager, you can be one of those pager-checking people too. This is not necessarily a bad thing because when IP Sentry pages you, that means there's something wrong with your network that needs your immediate attention. Here's how you can configure IP Sentry to monitor events and send you a message alerting you to problems.

What's IP Sentry?
IP Sentry is a freeware utility by RGE Inc. It will help you monitor devices on your network such as servers, routers, hubs, or just about any IP device. You can even monitor services running on NT servers. For more information about IP Sentry, see the article entitled "TechRepublic Guided Tour: Monitor your network with IP Sentry".

Configuring modem access in IP Sentry
You'll need to start by configuring IP Sentry to dial out to your pager. Start IP Sentry and click Edit | Options. The Modem Settings tab, displayed in Figure A, will allow you to configure your server's modem to send out a page to a device, which may not be e-mail enabled. This can also be a handy feature if you need to be notified that your e-mail server is down, and you do not have multiple servers to send out an e-mail notification.

Figure A
Configure modem settings on this page.

To set IP Sentry up to use a modem, which should be detected when the software is launched, simply check the Modem Communications Enabled check box. You'll then configure your PC's telephony settings on the Modem Settings tab. Click the Properties button. You'll then see the Properties page shown in Figure B.

Figure B
Set the connection properties here.

Here you'll configure things like the phone number of your pager, the modem to use when dialing, and whether or not it should dial an area code. If you are not using a modem to dial a pager, the phone number will be displayed as *Ignored*. The telephony settings button will open the Windows configuration options for your modem; this is the same set of options presented when configuring a modem in dial-up networking.

Configuring the machines to monitor
The most essential part of configuring IP Sentry is to tell it what to monitor on your network. You'll do this on the Server/Machine Monitoring tab, shown in Figure C.

Figure C
Configure what to monitor and how to send alerts from this tab.

If you are looking to monitor things like Servers and Windows NT Services, then this tab is for you. Keep in mind that IP Sentry monitors the majority of network devices via ICMP ping. This will allow any device that can handle an IP connection to be monitored by IP Sentry.

To demonstrate the simple setup for servers and services, I will monitor a file server for uptime and also monitor a Windows NT service. Let’s begin with the Server. To add items to be monitored, click the Add button on the Server/Machine Monitoring tab. This will bring you to the Details screen shown in Figure D.

Figure D
The details of each monitored item can be configured here.

As you can see, the options to add devices are plenty. From within this dialog box you can configure how the service handles each device, what it monitors, as well as alerts and logs created when a monitored event happens.

The following section will outline the options available when monitoring equipment. As shown in Figure D above, IP Sentry allows the monitoring of network devices, drives, services, and add-ins.

Depending on the selection you make in the Type box, the choices you will be able to configure will lock and unlock. As many of the items selected from this page are very straightforward, I have selected the Network type and the NT Service type for this demonstration. I will touch on the Add-in type later.

The Network type, selected by default when the dialog is opened, provides the following configurable options:
  • Name: A name for this monitored device
  • Description: What the device is and why it might be monitored
  • IP Address: The IP address of the device to be monitored
  • Data to Send: Data sent to the monitored device after a connection is made
  • Data to Receive: Data received from a device after the connection is made
  • Port: The port on this device that IP Sentry listens on
  • Reverse Alert: Check this box to be notified when a device is available
  • Suspend Sentry: Pause the checking of this device by IP Sentry
  • Poll Frequency: The number of times that IP Sentry will skip a monitoring cycle
  • Timeout: The length of time a monitoring job will wait before it stops trying

There is another section on this tab for dependencies, the Depends On drop-down box. This portion of the form allows you to specify other servers or services on your network on which this monitored device may depend. For example, if your Web server has a custom service installed on it that requires it to send an e-mail via your SMTP host, the Web server could have a dependency on the mail server or the SMTP service on the IIS box, if you allow Internet Information Server to relay mail directly. To configure dependency, enter the name of the dependent machine or service name in the combo box.

The Current Dependencies box displays devices or services which directly or indirectly depend on this machine. To add dependencies, click the Add button and list the IP addresses that depend on this machine.

One at a time
When adding a dependency, one that this particular device depends on to succeed or fail, you are only allowed one dependency per configured job. The workaround to this is to configure more than one monitoring job for devices that rely on several devices.

The Sync Failure Count check box, following dependency setup, keeps the attempt/failure count among dependent devices equal. This will ensure that a device with a dependency doesn’t have a false positive because there is lag between a server and its dependents.

The last four buttons on the server setup screen are the Copy From, Order Alerts, Test, and Schedule.

The Schedule button, at the top right hand side of the dialog, will allow you to schedule when IP Sentry checks this device. This way, if you only want it to be checked while no one is in the office, you can schedule it to be checked after hours and on weekends.

The Copy From button allows for some admin latency in setting up alerts. This will make the setup process quite efficient. You can copy an entire configuration from a machine that has already been set up and add it to another machine. This could be very handy if you are adding nodes to a cluster and want those servers to be monitored individually. Any time you are adding identical configurations to your network, you can use Copy From to configure monitoring for these machines.

The Order Alerts button will display a list of all the configured alerts in the order in which they are going to fire when they run next. Remember the default pause time is 5 minutes. From this list you can reorganize your alerts so that they fire in an order that is more suited to your liking. Perhaps keeping all the alerts for one server device bundled together would help keep everything organized.

The Test button will allow you to test fire this monitor. It will run to see that the item is monitoring correctly and fire an alert if there is one configured. It is helpful to test a monitor rather than wait for the next event to fire to find out if the monitor is working ok.

What's that red mark?
You will notice that each new event that is configured will appear with a red mark next to it as soon as it is added to the list. This is only because the timed event hasn’t fired yet. Once the monitor begins to work—for example, at the next five minute mark—the new event will be tried, and if successful, the red mark will be removed from the list of monitors.

Now that I've covered all the options for adding monitored devices, you can complete the form and save your first device to the list. For this example, I will complete the form as shown in Figure E. It will monitor a network device called Production Server 1. Since I will be testing for uptime in this example, no port or data is needed. The default action is to send an ICMP packet to the device and see if it can respond; this works exactly as a ping would.

Figure E
Completing the monitor Add screen to watch a network device

I filled in the IP address to the address of my laptop; this device can be anything you choose, however. Since I do not have any other specifics to fill in for this particular portion of the configuration, I can move on to the alerts triggered once this event is saved.

To configure the monitor to sound an alert when an issue occurs, click the Audible tab, shown in Figure F, and set the enabled option to yes. All of the alert types remaining can be configured to an Enabled, Disabled, or Default state.

Figure F
The Audible alerts tab

The default choice will allow this alert to take its settings from the general alert template for this monitor. To be 100 percent sure that things are working, or if this is a mission critical piece of equipment, set Enabled to Yes. That way, it will fire as expected.

On the Audible tab you can specify the wav audio file to use when the device is up and another wav file to use when the device is down. This will play these sounds through the audio devices where IP Sentry is running.

Also on the Audible tab and all the remaining alert tabs, you can specify how many times the alert will sound by setting the following fields in the Alert Schedule box:
  • 1st after x failures: x is the number of times you want the device to fail before sounding the alarm the first time
  • Every x failures: x is the number of failures you wish to wait before sounding the alarm again
  • Max of x failures: x is the maximum number of times to sound the alarm.

On the Pager tab, shown in Figure G, you can enter pager information to allow your PC to dial your pager and send alerts that way. Figure H shows the Add Pager Alert screen.

Figure G
The Pager alert tab

Figure H
Adding pager information to the Pager alert tab

When adding a pager, you will need to specify the Pager Type. The Pager Type corresponds to the pager you have, the modem access method (direct to COM port or TAPI device), as well as the number to dial and pager access id. Following these settings, you can also specify a message to be displayed or a callback number, depending on which method of paging your device supports.

When the SMTP/Email pager option is selected, all but the Email Delivery tab are grayed out. If you enter the name or IP address of your SMTP server along with your authentication credentials for that server and the e-mail address of your paging device, you can receive alerts via pager or e-mail-enabled cell phone.

The default message simply alerts you that your equipment is down. By default, the machine address, name, and status are displayed in the message. You can also enter a From address and a subject for each particular alert. That way, when a message comes in, you will know immediately that there is an issue with a certain piece of equipment.

The last options to set on the e-mail options portion of the paging screen are the maximum length, which is the number of characters your paging device will accept, and the Force Uppercase check box, which will put all the text sent to your device in uppercase.

On the E-mail screen, shown in Figure I, you can configure the same options as those used to send e-mail to a pager, however, you can only specify one address, or group of e-mail addresses on this tab. Typically this will be used in conjunction with the paging alert to send a notification to the administrator's e-mail address. The Paging tab will allow you to stagger the pager addresses used so that you can allow for shift rotation between members of your staff.

Figure I
E-mail settings, to allow the notifications to be kept in your inbox, just in case

On the Launch Application tab, shown in Figure J, you can set IP Sentry to start an application when an event triggers the alert. For example, you could execute a batch file on your Web server to ping the server running IP Sentry every time an event fired.

Figure J
You can have IP Sentry kick off any application when an event fires, whether it’s a pinging batch file or the desktop holiday lights app.

The next alert type available is X10. This alert type can set off X10 applications or remote cameras and automation. This will, for example, allow IP Sentry to trigger the lights in the server room or an X10 Web cam to monitor the server room if a certain event is triggered. The configuration page is shown in Figure K.

Figure K
You can run x10 automation if certain events occur.

The Sys Log tab will allow you to configure all events or failures triggered in IP Sentry to be written to a log file so that all actions, good or bad, are noted. When this setting is enabled, you can specify the IP address of the sys log server and the port to be used in logging events. The default message logged is a generic error message. The Sys Log tab is shown in Figure L.

Figure L
Logging options for any events that are triggered can be configured here.

Figure M shows the Add-In Alerts tab. This option is for configuring IP Sentry specific add-ins. You can purchase devices to use in conjunction with IP Sentry, such as a temperature monitor for monitoring tanks of liquid or other heated elements used in your organization.

Figure M
Add special add-ins to IP Sentry

One final note
The configuration of monitoring jobs is very straightforward and can be extremely helpful if something goes awry with your company’s information systems. This article was written to show you all the options available with IP Sentry, a relatively inexpensive way to monitor your company’s systems. Keep in mind that all the options discussed in this piece can be arranged in any combination to monitor almost any device and that the alerts for each job should be configured on a per-job basis.