EventSentry is a Windows versatile monitoring suite that monitors event logs, log files, system health, Active Directory and NetFlow. The application consists of the following main components:
•Management Console •EventSentry Agent •Heartbeat Agent |
•Network Services •Collector •Web Reporting |
Management Console
The management console does not perform any monitoring and is only used to install, setup and configure the agents on the local and/or remote machines. The management application can be installed on as many machines as you obtained licenses, although one or two installations per network are usually sufficient. You can also launch the management application any computer by running the eventsentry_gui.exe file. Click here for an overview of the Management Application.
Event Log, Log File, System Health & Compliance Agent
The EventSentry agents run as a Windows service and are not dependent on the management console. Once the agent is configured by the management console it will run silently in the background as a service, and will monitor the event logs and system health according to your configuration.
Figure 1
|
When monitoring Windows-based hosts, then the agent must be installed on every computer that is being monitored. |
Heartbeat Agent
The EventSentry heartbeat agent monitors the availability of remote hosts through ping (ICMP) and TCP connections as well as the status of the EventSentry event log agents. The heartbeat agent also polls Non-Windows devices via SNMP GET requests to obtain SNMP counters.
Network Services
The "EventSentry network services service" includes the Syslog, SNMP trap, Netflow and ARP watch daemon. Non-Windows hosts (e.g. Unix, Linux) and network devices send Syslog messages and SNMP traps to this service.
Collector
The collector service enables a 3-tier architecture between an action (e.g. database, email server) and the EventSentry agents, which allows the remote agents to transmit all data securely and reliably. The collector supports compression and secure data transmission via TLS encryption. The collector is optional, without it the agents communicate directly with the respective actions (e.g. database).
EventSentry ADMonitor
Monitors a Active Directory domain (and optionally sub domains) for all object and Group Policy changes and provides a list of all user accounts as well as password reminder emails. ADMonitor also includes additional tools to query AD data natively without requiring the web reports.
Web Reports
The web-based reporting provides a visual interface to the collected log and system health data. It provides:
•A variety of dashboards and network status overview pages
•Summary views of all collected data (Event log, log files, compliance data, ...)
•Detailed search pages
•Trend graphs for performance, disk space and environment data
•Software and hardware inventory pages
•Scheduled reporting with HTML, PDF, CSV and other output options
