Device Roles are used for monitoring specifics on a Device. This can range from Services, Ports, Events, Files and even Script Packs. Each aspect of a Device Role will be outlined in this document, including examples of how these can be utilized.
1.0 Configuring a Device Role
A Device Role has been created for this example, please be aware that existing Device Roles can be edited by selecting the green Edit Role icon on the right hand side of the screen, as well as importing a Role that might have been downloaded from the Routine Store.
On the Naverisk Dashboard, navigate to Settings > Device Roles
From top level select New Role, as per the screenshot below:
Once in the Role there are a number of aspects that can be configured, starting with the Name of the Device Role that is being created and a Description. This will make it easier for deployment to the Devices.
1.1 Monitored Services
This section covers monitoring the Services that are running on a Device, to do this:
Select Add under Monitored Services
Select the Source Device to Monitor to populate a list of Services currently running on that Device.
3. Select one of the Services from the list and scroll to the left of the screen to find the option Notify When:
4. Selecting 'Started' will mean that when a Service is started Naverisk will create an Alert. Other options are Stopped, Changed and Restart Failed.
There are also various options that can now be specified once the ‘Notify When’ option has been selected on a Service:
Delay: Set a delay time for when the service has Started, Stopped, Changed State or Restart Failed, meaning that if you select a Delay on a Stopped Notify When, Naverisk will wait 60 seconds before notifying you on the stopped service as per the above screenshot.
Threshold: This option is only available when Restart Failed is selected. This means that when a service has stopped, Naverisk will attempt to restart this service, should the service fail to restart after the specified Threshold, Naverisk will create a Ticket with the SLA class, SLA Status and Reporting Status that is specified.
1.2 Monitored Processes
This section covers monitoring the Processes that are running on a Device, to do this:
Select Add under Monitored Processes
Fill out the desired requirements such as the Display Name, Process Name, SLA Class, and SLA Status.
Using the below example there is an explanation of each parameter to assist in the configuration of the Process Monitoring:
Display Name: This is just the name of the specified software that you wish to monitor the Process of.
Process Name: The correct name of the Process that Naverisk will actively monitor.
Delay Seconds: This is similar to the Delay in the Monitored Services, set a delay time for when the Process has Started, Stopped, Changed State or Stop Failed, meaning that if you select a Delay on a Stopped Notify When, Naverisk will wait 60 seconds before notifying you on the stopped Process as per the above screenshot.
Notify When: Here you can choose under what circumstance Naverisk will raise an alert for the specified Process being Start, Stopped, Changed or Stop Failed.
SLA Class: Choose from Antivirus, Availability, Backup, Performance and Security. Bitdefender Endpoint Security (Antivirus) has been used in the example above so the SLA Class has been set to Antivirus. The SLA Class is used for Billing and Reporting purposes.
SLA Status: The type of alert that will be raised for the Monitored Process. These include; Information, Warning, threat, Failure.
Ticket Trigger Text: This will be where you specify the Subject/Trigger Text of the Ticket Naverisk will create.
1.3 Monitored Ports
This is a good way of doing a basic test to see if a Site is up or down, to check whether or not a Router is online or even a website. Monitored Ports is essentially a Ping test.
To do this:
Select Add under the Monitored Ports section:
** Above Screen Shot to be replaced, as it’s awaiting an update as you must scroll to Add an item currently on the right
Using the below example there is an explanation of each parameter to assist in the configuration of the Port Monitoring:
Address: This can be either an IP address or a URL for the Ping test.
Port: This can be the port you wish to specify Naverisk to send the Ping request over
Interval: This indicates how often you want Naverisk to Ping the specified Address. In this example the interval is set at 60 Seconds, Naverisk will now Ping 18.104.22.168 every 60 seconds.
Failure Threshold: If Naverisk does not receive a reply after the Threshold of 3 (3 Ping attempts), a Ticket will be generated Alerting you that this site is down.
Ticket Trigger Text: This will be where you specify the Subject/Trigger Text of the Ticket Naverisk will create.
2. Once these fields have been filled, please remember to click Save.
1.4 Monitored Events
With the use of Monitored Events, you can monitor any event that gets written to the Windows Event log.
To create a new Monitored Event Select Add under the Monitored Events section
Using the below example there is an explanation of each parameter of this configuration:
Event Source: This will be the Event Source of the Event that is written in the Windows Event Log.
Event Type: The information of what Event Type should be used can be found by looking at the Windows Event log
Event ID: Will be the Event ID corresponding with the Event Source that you have chosen.
Event Description: Use of this field is not compulsory but is recommended should you have Events with the same Event Source and Event ID, for example if you have a success and a success with exceptions. Use of a Wild card can also be used, such as %with exceptions%.
SLA Class: Backup and Antivirus Classes won’t raise Tickets unless the SLA Status is set to use a Failure. To automatically close these Tickets upon a successful Backup or AV Event, setting the SLA Status > Information, then Reporting Status > Success is necessary.
Ticket Group: By specifying a Ticket Group, it is possible to bind different Event Monitors together. For example, if Tickets raised from Alerts raised by Event ID 400 share the same Ticket Group name as those Events of ID 401, then they will only raise 1 Ticket between the 2 of them. To illustrate this, if a failure were raised by Event ID 400 then a Ticket would be opened. However, if a Success was subsequently generated by Event ID 401, then the same Ticket would be Closed.
When adding a Monitored Event, its best practice to reference the Windows Event log of the Event you want to monitor to configure correctly. This will save time and get your Monitored Event Device Role working from the start. Please consider this especially when specifying the Event Source and Event Description.
Please note: The Naverisk agent will monitor all event log categories other than the operational class logs.
1.5 Monitored Files
Under Monitored Files you will be able to monitor either a File or Folder and have the ability to choose under what conditions you would like the Ticket to be raised. For example, you can raise a Ticket if a File gets larger than 500MB, or if a File no longer exists in a particular location.
To create a Monitored File, please select the Add button under the Monitored Files section.
With reference to the below screenshot, each parameter will be explained:
File Path: This can be a used as a Network Share or a File Location on the physical machine.
Comparison: Here it has been set for Doesn’t Exist, which will mean that Naverisk will check this Folder to see if the File I have specified exists or not before raising an Alert.
Value: Should a different Comparison have been chosen, you would be able to choose the Value of the Units that have been selected. For example, if the comparison was ‘Larger Than’, you could then add 500 and choose under Units if that 500 will reference MB or KB etc.
1.6 Monitored Script Packs
Using Monitored Script Packs give you the ability to attach a Script to a Device Role and enable that Script to be run every 30 seconds or so, on that Device. This feature in Naverisk is incredibly useful when you are trying to monitor software that does not write to the Windows Event Log. With the use of a Script you can parse a Log File to search for specific parameters pertaining to an Event and when these parameters are found, the Script can write to the Windows Event Log which you can then monitor under Monitored Events.
To add a Monitored Script, select the Add button in the Monitored Script Pack section:
2. With reference to the below screenshot, each parameter will be explained:
Script Pack: Here you will choose which Script Pack you will be adding to this Device role. If you do not have any Scripts available in this field, this would mean that you do not have any Script Packs loaded on your Naverisk Instance. Please navigate to our Routine Store which is available under Settings for a wide variety of Routines to download and upload into your Naverisk.
Parameters: If the selected Script Pack requires extra parameters to be run, you can input them in this field.
Time to Recheck: This will be how often you want the Script Pack to be run and will also correspond to the Time to Recheck Units. In this example I have chosen 30 seconds, which means that the Script I have chosen will run every 30 seconds on the Device that has this Device Role assigned to it.
2.0 Additional Steps to Take
Note: like with OS Templates, once you have created / configured / modified a Device Role, to make them available to all your clients for Assigning, you will need you to Copy the Device Role down to your Child Clients.
To do this you will need to:
Select Copy Roles from the Device Roles main page:
2. Once selected you will be presented with the below where you can choose the Device Role you have created and Clients you would like to copy this role down to:
3. Selecting Copy/Overwrite will then copy the Device Role down to the Clients you have chosen as well as Overwriting any Device Role you may had previously with the same Device Role Name.
3.0 Deploying Device Roles
Now that you have created your Device Role and copied it down to your sub-clients you will need to deploy your Role onto your Devices for monitoring. This can be done in two ways. Either individually or in bulk, both ways will be outlined below.
3.1 Individual Deployment
If you have a Device that you are either testing or want to ass a Device role individually, you will need to:
Navigate to the Devices tab
Go into the Device you wish to add the Role to
Select the Monitoring tab
Select the '+' symbol under the Device Roles Section
Here you will be presented with all the Device Roles you would have seen under the Device Roles in the Settings Tab:
5. Select a Role that you would like to assign to this Device by ticking the check box on the right hand side corresponding to the Device Role.
6. Select Save Roles to assign the Role/Roles to this Device.
You have now assigned a Device Role to a Device and are effectively monitoring that specific aspect as defined by the Device Role.
3.2 Bulk Deployment
If you have more than one Device under a particular client that has some software that you would like to monitor, you can bulk deploy Device Roles on multiple Devices at once, this can only be done on a per Client basis. This method can also be used for individually deploying Device Roles as well.
Navigate to the Device tab.
Select a Client that you wish to deploy your Device Roles to.
Select the multiple Devices with the use of the check boxes situated next to the Device on the left hand side as per the screenshot below:
4. In the right-hand corner of your Naverisk Dashboard, next to New Device you will see a drop-down menu called Select a task. Click on this drop-down and select Update Roles:
5. You will now be presented with a list of Device Roles that is available for assigning to your Devices:
6. Select the Device Role you wish to assign by ticking the check box corresponding to the Device Role you wish to choose.
7. Click Add Roles.
You have now bulk deployed the selected Device Roles to multiple Devices. You can also bulk remove Device roles with the same method.
4.0 Exporting & Uploading a Device Role
If you wish to join in on the community spirit by adding to our ever increasing supply of Device Roles within our Routine Store, it is a simple process. Simply click the export icon beside the Device Role you wish to share:
And this will generate the appropriate Naverisk file type. Open the Routine Store, and there will be an Upload button displayed in the top right:
which will take you to a brief form where you can upload your routine to share it, and where you can provide context around what your routine does, and how it should be used:
Click on the 'Upload File' button at the bottom when you are done