What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Number of failed login retry for Enterprise Console.

Votes:

0

We have a number of users in our office. Each of them uses their AD credential to log on to PRTG. each months as their AD password expires, the infrequent users often do not remember to update their EC credential which triggers overload protection. we have spent a bit too much time to check the log and chase people to get them to update their password or even request the user to uninstall / stop EC start up on boot. I am wondering if we can limit EC console for a number of attempt login by default. this will increase our script performance and eliminate the need of chase users to update their password. Thanks.

enterprise-console overload overload-protection

Created on May 4, 2015 6:31:55 AM



Best Answer

Accepted Answer

Votes:

6

Hello, we had the same problem so here is my solution:

First you have to create a BATCH-File under "PRTG-Network-Monitor/Custom Sensors/EXE" with the following code: for /f "delims=" %%i in ('dir /b /a-d /od "Q:\Logs (Web Server)\*.log"') do set "LatestModifiedFile=%%~i" copy "Q:\Logs (Web Server)\%LatestModifiedFile%" "C:\weblog\log.log" echo "1:Successfully" You have to edit the Paths.(Q:\Logs (Web Server)\*.log, Q:\Logs (Web Server)\%LatestModifiedFile% and C:\weblog\log.log)

This script searches in the first line for the recent modfied Webserver Log-File and saves the value in the LatestModifiedFile variable. The second line copys the most recent Webserverlog and saves it in a temporary folder. The third line just echoes "Successfully" for PRTG.

The next Step is to create a "Program/Script"-Sensor in PRTG under youre PRTG-Core-Server. In the Sensor Settings you choose under "Program/Script" the created BATCH File. Then you can choose how often do you want to check for failed logins. I recommend every 30 minutes.

So to crawl the copied most recent Weblog we create a "File Content"-Sensor under the PRTG-Core-Server. With the following Settings:

  • Filename: path to the copied weblog (line 2, the second path)
  • Term: login_failed Then save the sensor and set the polling intervall to the same as in the "Program/Script"-Sensor.

I hope this solution fits youre problem.

Created on Jul 7, 2015 9:33:32 AM



4 Replies

Votes:

0

Sorry, there's no way to do that. The only thing you can do is to increase the update interval under File > Options > System (the highest value is 3600 seconds).

Since the overload protection can't be disabled, you might want to consider switching to the webinterface :/

Created on May 5, 2015 1:35:16 PM by  Stephan Linke [Paessler Support]



Votes:

0

What if EC console is programmed to default to attempt connection at # of retry. It seems pointless for the application to retry till the end of days when the password is incorrect and affect production system in such way.

Created on Jun 10, 2015 1:30:10 AM



Votes:

0

I'll bring that up in the next meeting. You're right, the behavior is kinda stubborn and the EC should stop trying after some attempts. I'll let you know!

Created on Jun 10, 2015 7:34:26 AM by  Stephan Linke [Paessler Support]



Accepted Answer

Votes:

6

Hello, we had the same problem so here is my solution:

First you have to create a BATCH-File under "PRTG-Network-Monitor/Custom Sensors/EXE" with the following code: for /f "delims=" %%i in ('dir /b /a-d /od "Q:\Logs (Web Server)\*.log"') do set "LatestModifiedFile=%%~i" copy "Q:\Logs (Web Server)\%LatestModifiedFile%" "C:\weblog\log.log" echo "1:Successfully" You have to edit the Paths.(Q:\Logs (Web Server)\*.log, Q:\Logs (Web Server)\%LatestModifiedFile% and C:\weblog\log.log)

This script searches in the first line for the recent modfied Webserver Log-File and saves the value in the LatestModifiedFile variable. The second line copys the most recent Webserverlog and saves it in a temporary folder. The third line just echoes "Successfully" for PRTG.

The next Step is to create a "Program/Script"-Sensor in PRTG under youre PRTG-Core-Server. In the Sensor Settings you choose under "Program/Script" the created BATCH File. Then you can choose how often do you want to check for failed logins. I recommend every 30 minutes.

So to crawl the copied most recent Weblog we create a "File Content"-Sensor under the PRTG-Core-Server. With the following Settings:

  • Filename: path to the copied weblog (line 2, the second path)
  • Term: login_failed Then save the sensor and set the polling intervall to the same as in the "Program/Script"-Sensor.

I hope this solution fits youre problem.

Created on Jul 7, 2015 9:33:32 AM




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.