New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


Making all monitored Windows servers a remote probe

Votes:

0

Your Vote:

Up

Down

PRTG can monitor Windows servers via WMI or SNMP.

We don't want to use SNMP on Windows Servers because: - It's deprecated - It's insecure

I'm having a lot difficulty getting WMI to behave in a consistent manner. VMs that are on the same subnet and are configured almost exactly the same, with the same admin groups and firewalls turned off are not being auto-discovered consistently. Some VMs show 8 discovered sensors and others show as 4 even though they all have the same hardware (cloned VMs). WMI also has a limit of how many WMI connections can be initiated a given time from a probe perspective.

In order to maybe solve the issue of security and WMI limitations, I feel like going the route of making all Windows Servers a remote probe. I think this is crazy, but I also think that this is the best way for WMI discovery/polling to be consistent and fast. Each remote probe is just in charge of polling it's own WMI. No worries about permissions and windows/external firewalls. Just open one port for remote-to-core traffic. This is kind of a hack-around for a agent-based monitoring solution.

Deployment can be scripted out and PRTG probe updates can be managed by Shavlik. So I'm not worried about that those things. I've just never seen this mentioned on kb.paessler and maybe there's something glaring that I could missing for this kind of deployment (max remote probe limits, management of multiple remote probes is a headache in PRTG, etc).

Any thoughts on this design?

remote-probe windows wmi

Created on Jun 2, 2015 7:43:22 PM by  milagrofrost (30) 1



4 Replies

Accepted Answer

Votes:

0

Your Vote:

Up

Down

It kind of depends on how many systems you are planning to monitor with this model but we have seen customers do this exact thing and have ran over 400 remote probes without issue. If you really need reliable WMI stats and you are having issues with it in your environment, this may be the way to go. There is no limit on remote probes and in some cases setting up your monitoring in this fashion will take a lot of load off the core so it may work well for you.

Created on Jun 4, 2015 12:21:36 PM by  Greg Campion [Paessler Support]



Votes:

0

Your Vote:

Up

Down

There is also no need to manage PRTG probe updates by Shavlik, PRTG automatically pushes updates to the remote probes when the core gets updated.

Created on Jun 4, 2015 12:38:51 PM by  PRTG Tools Family [prtgtoolsfamily.com] (12,915) 3 4



Votes:

3

Your Vote:

Up

Down

Awesome, thanks Greg. Makes me feel better I'm not the only one.

I'm building out some scripts to help with the installation and management of the remote probes. Just wanted to share what I have so far.

We're currently running version 15.1.15.2022

This script below installs the PRTG remote probe software on the computer the script runs on.

Some things you need:

- PRTG_Remote_Probe_Installer.exe in the same directory as the script.

- Replace <IP> wtih the IP (or DNS name?) of the PRTG server

- The reg key for "Password" needs to be looked up on an existing, working remote probe's registry and applied to this script. The reg password string is your PRTG access key but in a different (dword?) format.

@echo off

"%~dp0PRTG_Remote_Probe_Installer.exe" /SILENT /HIDDEN

net stop PRTGProbeService

reg add "HKLM\SOFTWARE\Wow6432Node\Paessler\PRTG Network Monitor\Probe" /v Server /t REG_SZ /d "<IP>"

reg add "HKLM\SOFTWARE\Wow6432Node\Paessler\PRTG Network Monitor\Probe" /v ServerPort /t REG_SZ /d 23560

reg add "HKLM\SOFTWARE\Wow6432Node\Paessler\PRTG Network Monitor\Probe" /v Password /t REG_DWORD /d <string>

reg add "HKLM\SOFTWARE\Wow6432Node\Paessler\PRTG Network Monitor\Probe" /v Name /t REG_SZ /d %computername%

net start PRTGProbeService

After the program installs you'll need to go into PRTG and approve the remote probe in the GUI. I didn't find any way to approve remote probes in the API unfortunately so that has to be done manually.

After the remote probe is approved, then the next process for me is to run a discovery on the probe to pull in data for CPU, memory and disk size. After that we rename the remote probe from the name "Remote Probe" to the Group name (which we had set to the remote probe's computer name). That makes alerts a little more descriptive. Otherwise alerts com in as "Remote Probe" and you ask yourself, "Which one?" when all your other remote probes are named "Remote Probe".

This uses the PRTG API using Powershell.

Just need to change the <IP> to your PRTG IP/DNS name.

####################### Ignore HTTPS errors ########################

add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

######################## Intro ###############################

Write-host @"
**********************************************
*                                            *
*   This script issues a 'discover now' to   *
*   all remote probes named Remote Probe     *
*   It then renames all remote probes        *
*   that are named "remote probe" to the     * 
*   actual name of the server the remote     *
*   remote probe is on.  Remote Probe.       *
*                                            *
**********************************************


"@

$serverip = <IP>

######################### Password check ################################

$pwd = Read-host "Password for prtgadmin please"

$error.clear()
iwr -Uri "https://$serverip/api/table.xml?&content=devices&output=csvtable&columns=group,objid,device&username=prtgadmin&password=$pwd" | Out-null
if ($error)
     { 
     Write-Host -ForegroundColor yellow "Password/credentials are incorrect.  Please enter the correct password"
     pause
     exit
     }
     else
     {
     Write-host -ForegroundColor Green "Password is valid"
     }

########################## Display results ################################

$toberenamed = iwr -Uri "https://$serverip/api/table.xml?&content=devices&output=csvtable&columns=group,objid,device&username=prtgadmin&password=$pwd" | Select -expand Content | convertfrom-csv | select group,id,device | where {$_.device -match "Probe Device"} 

if ($toberenamed -eq $null)
    {
    write-host -fore yellow "No remote probes are named Remote Probe. Or there is an error. Try again next time."
    read-host "Hit enter to exit"
    exit
    }
    else
    {
    $toberenamed
    write-host -fore yellow "These remote probes will be renamed and discovered."
    read-host "Hit enter to continue"
    }

############################# Start rename #####################################

iwr -Uri "https://$serverip/api/table.xml?&content=devices&output=csvtable&columns=group,objid,device&username=prtgadmin&password=$pwd" | `
    Select -expand Content | convertfrom-csv | select group,id,device | where {$_.device -match "Probe Device"} | `
    ForEach {
    $id = $_.id
    $newname = $_.group
    $id
    $newname

    iwr -Uri "https://$serverip/api/discovernow.htm?id=$id&username=prtgadmin&password=$pwd" | Select -expand Content 

    iwr -Uri "https://$serverip/api/rename.htm?id=$id&value=$newname&username=prtgadmin&password=$pwd" | Select -expand Content 

    }


$pwd = $null

This is a very brief description of the process so far, but hope this helps any one that may be in the same situation as us.

Created on Jun 4, 2015 1:58:31 PM by  milagrofrost (30) 1



Votes:

0

Your Vote:

Up

Down

We're actually considering moving from SCOM (too complex, too much work) to PRTG, but our network design/policy won't allow WMI or SNMP, luckily I found this thread.

milagrofrost did you implement this in your enviromnent, are you satisfied with the setup, any new scripts, information that you can share?

We have around 50 Windows servers that we'd like to monitor in addition to all the network equipment.

Created on Sep 20, 2017 9:58:59 AM by  CypherBit (10) 1



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.