| Network Equipment Performance Monitor by Nova Software |
|---|
| Local Edition |
| Help for the Courier Management Console |
Courier can be configured and controlled from the command line with a text control file and standard scheduling programs (cron on Unix's, 'at' on WinNT's.) For those who prefer the convenience of a graphical user interface this program, Courier Management Console (CMC) configures and controls Courier thru a web browser. It also adds the ability to manage Courier remotely from anywhere on the network. The CMC installs automatically with NEPM:LE and runs on the same host as the Courier itself. It simplifies configuration, automates scheduling, and will run Courier manually, eliminating direct use of the command line. Command line control of Courier is not affected by the use of CMC: the two methods can coexist.
For further information consult the NEPM User Guide here.
Unix/Linux: cd to the NEPM/LE home directory and type cmc at a command prompt to start the CMC server. Enter the URL shown in a browser's address bar to begin the session. Stop the server with the 'Close CMC' button in the browser window or the 'kill' command. Access the CMC server locally or remotely, as on WinNT systems, observing the cautions about overlapping access and the difference between stoping the server and simply closing the browser window.
| Help for General Settings and Controls |
|---|
When working remotely this entry points to a file on the CMC host machine not on the remote client. Do not use the "browse" button in this case, but rather enter the relative or absolute file pathname of the desired control file on the CMC host into the input box. In other words this entry always selects a control file from the CMC host machine, whether the browser client session is running on the same machine or remotely. With a local session the "browse" button can be used for finding this file, but it cannot for a remote session. This feature allows keeping only one copy of all the control files, in one place, but accessing them from anywhere on the network.
Enter '0' here to use filesystem couriering instead of email, i.e. to have Courier write the compressed log files it captures to a directory for pickup by Builder. This method is useful should Builder and Courier be running on the same machine or both have access to the same network share.
| Help for Individual Capture Line Settings and Defaults |
|---|
NEPM:LE will function satisfactorily with host domain names instead if you prefer (e.g myhost.mynet.myorg) as long as the system hosting the NEPM Courier has access to a DNS resolver that will resolve the name to an IP address.
We discourage using domain names, however, and recommend using only numerical IP addresses because it reduces the delay of the additional lookup step across the network, and avoids having data collection failures due to purely DNS failures.
Login ID
The user ID for telnet login on the target system. The default is set by the default entry and is used when each individual capture line is created unless a value is supplied. This makes it possible to use and easily enter one account for some or all systems if desired. The rest (or all) can be accessed thru their own unique user ID entered in the individual capture section.
WINDOWS TARGET SYSTEMS: Most telnet servers for Windows, including that distributed by Nova Software, require both the Windows domain and userid in the login, separated by '\', thus: your_domain\Your_login_id. Entering the windows domain as a separate entry is not supported in this release of NEPM.
Password
The password for the above user ID. The default is set by the default entry and is used when each individual capture line is created unless a value is supplied.
Prompt after login
Set the command line prompt that the target system issues after login succeeds, in regular expression form. For Unix's (\$\s*)$ is the best choice for the usual user prompt of $. The internal default is [[:upper:]]:(.+>)$ if nothing is entered and works for WinNT's typical > prompt. Other UNIX equivalences are (#\s*)$ for # , (>\s*)$ for > , (!\s*)$ for ! , (:\s*) for : . Keep the prompt regular expression as specific as possible to avoid false matches in log text.
Consult the User Guide here for more detail on prompt equivalences in regular expression form.
If you receive repeated "pattern match timed-out" messages after Courier sends username and password during login check that this value is correct for that target system. A mis-match between the two is most often the cause for such messages.
Select the Telnet Relay option when connecting to the next system from this one in a "relayed" telnet session, rather than connecting to it directly from the Courier. Such relayed sessions make it possible to monitor equipment on isolated networks, such as test labs, through a gateway host with a telnet port accessible from outside. Consult the Users' Guide for more detail.
The telnet server and client components supplied with NEPM or equivalent ones purchased from third parties must be used when relaying on WinNT systems: The MS native Windows telnet client and server will not relay. Select Pragma Telnet Relay for telnet relay in this case. Consult the Users' Guide for more detail.
When capturing data by relay from a system on an isolated network enter a relay line for each host relaying the capture session, ending with a normal capture line for the target system. As many connections as needed may be chained to create a relay session to the target system. Enter a separate capture line with proper OS type to capture from a system also used for relaying. Consult the Users' Guide for more detail.
This entry is ignored on WinNT systems. You must login initially as Administrator if elevated privileges are required.
CRITICAL: Element names must contain only alphanumeric characters (upper and lower case letters and numbers) and underscore, '_'.
For Windows NT systems the Event sub-logs must be specified without any pathname simply as ::EventLog_System, ::EventLog_Application, ::EventLog_Security and ::EventLog_DNS. Use NO extra spaces with this type of log name. This syntax tells the Courier to capture these files with the WNTELC tool included with NEPM, since they are not directly readable while in use by Windows.
Specifiy IIS dated logs with the pathname but use ::DatedLogs at the end in place of the filename, e.g. C:\WINNT\system32\LogFiles\W3SVC1\::DatedLogs. Use NO extra spaces with this type of log name. This syntax tells the Courier to capture the latest two logs in this directory, ignoring the filename, which will change hourly, or daily, etc. , and may also be used with numbered rather than dated logs created by IIS.
On systems using periodic log rotation, such as the standard logrotate on RedHat Linux, list the latest two log names with the oldest one first, on the left. For example, for an Apache web server on Linux this could be |/var/log/httpd/access_log.1|/var/log/httpd/access_log|. You may enter as many log pair names as you need on this line, such as including both system logs and Apache error logs to capture events recorded uniquely in each, i.e. |/var/log/messages.1|/var/log/messages|/var/log/httpd/access_log.1|/var/log/httpd/access_log|/var/log/httpd/error_log.1|/var/log/httpd/error_log|
CRITICAL: Multiple file pathnames within each related subgroup MUST be listed in chronological order, earliest on the left, latest on the right, as in the examples above.
When logs are rotated the latest two log names are required in order to insure capturing events near the boundary between the two logs. See the discussion in the NEPM:LE User Guide here for more detail on this requirement.
Telnet port#
The telnet server port number on the target system, normally 23. The Nova-Software-supplied telnet server for WinNT defaults to port 1023 unless you override the default.
OS (Operating System) type
Select the general type of operating system of the target host: WinNT, Unix, or Cisco IOS and compatibles. WinNT systems include WinNT4.0, Windows2000, Windows2003 and WinXP. (WinNT's prior to 4.0 may function satisfactorily with NEPM but are not directly supported by Nova Software.) Unix's include commercial Unix's such as Solaris, HP-UX, AIX, and IRIX, as well as BSD and Linux variants, and others that use '/' as the directory separator character and include the common Unix commands such as 'ls', 'cat' and 'more'. Select WinNT for any operating system types that use '\' as the directory separator, and that include common Windows commands such as 'dir', 'type' and 'more'. Routers and switches compatible with Cisco's IOS choose IOS.
Delete files after capture
By default the Courier leaves each log file it reads in place after sending a copy to the Builder. Enable this option to have Courier delete each file after transmitting it. Since Builder archives all incoming files in compressed form this option makes NEPM:LE function as your central log archiving system as well. Courier includes safeguards that save a copy of the logs on the Courier host machine in the event that mail to the Builder fails, thereby insuring that no log files are lost. The account that Courier uses on each monitored target system must have write permissions on the log files to delete them.
Privileged mode command
Some systems such as Cisco's IOS only allow log files to be read by a privileged user. Use this command to raise the Courier's privilege level after logging in on such systems. For IOS use 'exec'. For UNIX's use 'su root' to change to an account such as 'root' with privileges to read system logs. Elevated privileges may also be required to use the 'delete after capture' option on some systems.
Privileged mode password
The 'exec' password on IOS compatible systems, or the root password if root privileges are required on UNIX's. Not applicable to WinNT's
Privileged mode prompt
Typically (#\s*)$ for IOS and UNIX systems. Not applicable to WinNT's.
Element names to be captured
Enter a descriptive name for each type of logged sub-system to be monitored on a target machine, such as 'System' for the OS, 'Apache' or 'IIS' for a web server, 'Enet' for an ethernet interface, etc. This name is used for reporting results and can be any name you wish. It is sent along with the captured log files to the NEPM:LE Builder which matches it with an event list identified by this name and the OS type. The events in this list are then extracted from the corresponding captured log files and reported. The name should indicate the general type of sub-system being monitored, but not the specific one, e.g. 'web_server' not 'web_server_1', unless you wish to provide event lists in Builder specialized by individual target system. Include 'System' as part of an element name to use the default event lists for operating systems provided with the Builder. Enter one name per input box. Edit a Courier control file directly and reload it into CMC if you wish to enter more than three element names per capture line.
Element log files to be captured
Enter the list of the log files to be captured for this element, separated by the vertical bar (pipe) symbol, '|'. As many spaces as desired for visual clarity can be inserted AFTER the '|' symbol. Do not put any spaces in front of the '|' symbol. The characters ; : / \ | < > " must not appear within filenames. File pathnames may contain spaces. Do not put quotes around file pathnames with spaces -- this function is provided by the single '|' symbol at the end of each file pathname. The directory separator in pathnames must be that appropriate to the target system, i.e '\' for WinNT type and '/' for UNIX's.
Deleting and Editing existing Capture entries
Each existing individual capture line in your Courier Control File is displayed in an input box. You may simply edit this line directly or delete it if you wish. Your changes are saved to the control file named in your "save as" box at the top when you do a "save all" or "Save and Run". USE CARE WHEN EDITING to preserve the correct syntax for capture lines. Syntax errors will only be detected when the control file is next run. Make a trial run to verify your changes before closing CMC.
Copyright © Nova Software, Inc. 2001-2004 All rights reserved.
www.nova-sw.com
rev. 041128