https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-05-19 12:09:102022-05-19 12:15:01How to monitor the status of Windows Processes
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-04-18 12:36:132022-04-18 12:36:13How to use Nectus API Interface
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-04-16 21:24:532022-04-16 21:24:57How to Add and Configure IP Monitors
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-04-13 14:59:072022-04-13 14:59:07How to Perform Nectus Software Upgrade
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-02-15 14:12:162022-02-15 14:12:59How to Control Access Rights to Network Devices in Nectus
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-02-04 14:58:002022-02-04 14:58:00How to configure HTTP Application monitoring in Nectus
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2022-01-12 11:35:482022-01-12 11:36:01Configuring SNMP OID for Memory utilization Monitoring
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2021-12-22 17:04:342021-12-22 17:04:34How to install additional polling agent
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2021-12-17 19:20:002021-12-17 19:21:45Nectus not impacted by Log4J (CVE-2021-44228) Vulnerability
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2021-12-16 16:27:592021-12-16 16:29:15How to Manually Generate a Process Dump using Process Explorer
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2021-11-29 17:03:112021-11-29 17:03:16How to enable VMware Monitoring in Nectus
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2021-11-22 14:28:312021-11-22 14:29:06How to Enable Meraki API Integration in Nectus
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2021-11-17 13:41:482021-11-17 13:44:30How to discover/add a single device in Nectus (1.64.xx)
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2020-07-07 10:57:382020-07-08 13:15:03NetFlow Configuration Examples for Cisco Routers
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2019-12-31 18:40:052019-12-31 18:40:09Configuring VMware monitoring
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2019-09-16 21:59:352019-09-16 22:04:34How to install SSL Certificate for Nectus GUI
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2019-07-03 09:58:132020-12-14 23:11:30Standalone NetFlow and Syslog VM OVA File (Clickhouse DB)
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2019-05-22 11:16:232019-08-14 05:54:39Configuring Linux Monitoring in Nectus
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2019-05-15 20:33:012019-05-15 20:33:19Device View Auto Population Rules
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
0
0
Web Master
https://www.nectus5.com/wp/wp-content/uploads/2018/02/logo.png
Web Master2019-04-30 13:22:312020-08-29 09:24:22Linux Monitoring Agent Installation
How to monitor the status of Windows Processes
Technical Notes, Windows Server (WMI) MonitoringHow to monitor the status of Windows Processes.
Quick Start Guide
Step 1: Login to the Nectus portal, Add the WMI Account for accessing the Windows Machine. Go to Settings -> General Settings -> WMI Integration.
Click on the Add button in the WMI Integration Modal.
Step 2: Provide Windows Domain/Server information with user credentials and click on the Test button.
Step 2a: With the valid credentials and connectivity, we should get the success message as displayed in the test modal.
Step 3: Now, let’s create a WMI group and add the Windows Server into that group.
Go to WMI Servers and right click to Add a Group.
Step 4: Give a valid name, enable the monitoring to select the appropriate Monitoring and ICMP profiles.
Step 4a: We can also create a new monitoring profile by clicking the “+” icon.
Check the required boxes based on your monitoring requirements.
For any processes alerting, Go to Processes Tab, then select alert option to check the process state.
Step 4b: Add the process information by clicking the options button.
Consecutive Reading options helps monitor whether process is running or not running for defined range [1-256] consecutive times.
It helps to reduce the false alerts.
Add the process name in the text box by pressing “+” button.
Step 5: Now, add the WMI Server information which has to be monitored.
Right click on the created group and select the Add New WMI Server option.
Step 6: Provide a valid name, IP address, select the appropriate WMI Monitoring Profile Group and WMI Account for access.
Click on the Test button to test the server access.
Step 7: Now we had enabled the monitoring for the Windows processes on Nectus.
Whenever the condition satisfies, then alerts get generated. We can view the alerts under Alerts -> Alert log.
We’ll also get the alerts in email form by enabling email alerts option with proper SMTP configuration.
Congrats, now we have successfully created a monitoring profile to monitor the process in a Windows Server.
How to use Nectus API Interface
Nectus Installation, Technical NotesHow to use Nectus API Interface
Quick Start Guide
Step 1: Log in to Nectus Portal. On the home page, select General Settings -> Miscellaneous.
Step 2: Next, we have to generate a new client ID and client secret for creating the token. Go to API Accounts and click on Create.
Step 3: Check the Enable box, enter the Client ID & Secret in the text box, and select the necessary access level (Read-Write or Read-Only) for the modules.
Here, we have given the Client ID as API_USER_1 and Client Secret as Nectus123. Click on the Ok button to create it.
Step 4: Each API Account with the Client’s information obtains a unique ID and gets listed.
We also have the Edit button to modify and the Delete button to remove the existing accounts with ID. Click on the Ok button to close the miscellaneous modal.
Step 5: Now, we have to create the API token with the help of the generated Client ID & Client Secret.
Here, we are using the POSTMAN Application for the sake of the demo. Use the below query and headers to get the access token.
API URL: https://<servername>/token/get
Request Type: GET
Headers: Authorization – client_id=API_USER_1 client_secret=Nectus123
Step 6: Click the Send button to obtain the Status Code with 200 Ok with the token details in the response body.
Step 7: Now, we can use the generated access token for all Nectus API’s.
Let’s try with some API Request.
API URL: https://<servername>/IPMonitor/restAPI/getStatusIPv4Monitor
Request Type: GET
Headers: Authorization – token=<generated-access-token>
After clicking the Send button, we obtain the list of IPv4Monitor groups with the associated IP address and status.
Congrats! We have successfully used the Nectus API interface to access the monitoring data points which will ease the third-party integration with other systems.
How to Add and Configure IP Monitors
Network Monitoring, Technical NotesStep 1: Login to Nectus portal. Then, click on IP Monitors.
Step 2: Right Click on IP Monitors and select Add Group to create a new monitoring group.
Step 3: Provide a unique name to the group and check the “Enable monitoring” option.
If monitoring requires custom ICMP monitoring timers then select optional Custom ICMP Monitoring Profile.
Choose the appropriate Polling Agent (Default is Main Polling Agent) and provide optional physical address.
Click on Ok to create a new IP monitor group.
Step 4: Now, the new group gets added under IP Monitors. The square icon indicates the status and since no device is added in the group, it’s shown in grey color.
Step 5: Right click on the IP Monitor Group to add a new IP Monitor into the group.
Step 6: Under the General Info Tab, provide a valid IP, name and optional physical address.
Then, click on Ok button to Add IP Monitor.
Step 7: To test the reachabilty of IP Monitor, we can use Ping this IPv4 Monitor option. It performs a live ICMP ping test to the IP Monitor.
Step 8: It also provides the options to repeat the test and continue ping tests.
Step 9: To get the current device monitoring information, go to View IPv4 Monitor Info.
Step 10: The General Info provides the basic details about the device.
Alerts tab contains all the monitoring alerts. All alerts can be exported in *.csv format for further drill down. Click on eye icon in each row to get more information about the alert.
Step 11: Right click on the device and Graphs to get a plot based on UP/DOWN state, latencies etc.
Step 12: We can share the polled data from Nectus in several ways.
Step 13: We can share the access to graph using Generate Direct Access URL.
Step 14: Further, we can also export all data points in a *.csv form using Export All option.
Step 15: We can select multiple devices using CTRL + Left Click. Right click on any one to get the available options.
Step 16: Select the Graphs option to obtain the consolidated view of the plots for the selected devices.
Step 17: To edit the added devices, right click on the device and choose properties.
Step 18: Bulk import through a *.csv file can be performed and sample file can be downloaded from Import from CSV modal for quick reference.
Step 19: Post the data import completion, skim through the device information, and select them to save into the database for the monitoring.
Step 20: Additionally, we can select Delete IPv4 Monitor to delete the devices from monitoring.
Congrats! We have successfully explored the lifecycle management of devices for ICMP monitoring using IP Monitor.
How to Perform Nectus Software Upgrade
Nectus Installation, Technical NotesStep 1. Download latest Nectus release from Nectus Support Portal (https://support.nectus5.com)
Step 2. Unzip Nectus distribution archive Nectus xxxxx.zip to any folder on Nectus Server.
For upgrade you should have two files:
Step 3. Right-click on “Nectus Setup” and select “Run as administrator”.
Step 4. The Nectus Installer window opens. Click Next.
Step 5. The License Agreement window opens. Click “I Agree”.
Step 6. The Upgrade window opens. Select the “Upgrade” mode.
Note: “Upgrade” mode (the default mode) preserves the database and all data in it.
!!! “Remove” mode will delete the existing database and all data will be erased!!!!
Click “Install”.
Step 7. The installation begins by saving resources.
Step 8. The old software components are uninstalled.
If desired, click on “Show details”.
Step 9. Show details lists the steps the installer is performing.
Step 10. When the old software components have been removed, the new version will be installed.
Step 11. The installation completes. Click Next.
Step 12. The “Completing Setup” window opens.
How to Control Access Rights to Network Devices in Nectus
Access Right Management, Nectus Installation, Technical NotesIn this article, we will show how to control the access rights to specific network devices visible in Nectus.
We will create a user group “Texas Admins” that have access only to specific subset of SNMP devices “Texas Network Devices” in Nectus database.
Step 1. Create a custom SNMP device view “Texas Network Devices” in Inventory -> Views -> SNMP Device Views
Step 2. The SNMP Devices Views window opens. Click on Create.
Step 3. The Add SNMP Devices View window opens. Give the view a name “Texas Network Devices”.
Select desired devices in the window on the right (Available SNMP devices).
When all are selected, click on the Left Arrow key
to move the selected devices from the Available window to the Selected window.
We selected nine devices.
Step 4. Selected devices move into the Selected SNMP Devices window. Click Save.
Step 5. Looking in the SNMP Devices Views window, we see that the view “Texas Network Devices” has been created and has nine devices.
Step 6. Create Admin User group “Texas Admins” in Settings-> Admin Accounts
.
Step 7. Navigate to Settings → Admin Accounts.
Step 8. The Admin Accounts window opens. Select User Groups, and click Create.
Step 9. The Add Users Group window opens. Enter the Group Name (Texas Admins), select the Access Right (Read Only), click Views.
Step 10. Select desired View “Texas Network Devices” that members of this Admin group can see.
Step 11. Click OK.
Step 12. Create User in “Texas Admins” Group.
Step 13. In the Admin Accounts window, click on User List and click Create.
Step 14. The Add User Account window opens.
Fill in the fields (First Name, Last Name, Email/Username).
Create and confirm password. Assign to group (Texas Admins). Click OK.
Step 15. In Admin Accounts window, verify that new user (Mike Fletcher) now appears with Group Texas Admins.
Step 16. In the Admin Accounts window, click User Groups and click on Texas Admins.
Verify the assigned view for SNMP Devices Views is Texas Network Devices.
Step 17. Logout and log back in as Mike Fletcher.
In the Inventory window under SNMP Devices you should only see the 9 devices assigned to “Texas Network Devices”.
How to configure HTTP Application monitoring in Nectus
Application MonitoringHow to configure HTTP Application monitoring in Nectus
Step 1: Login to Nectus portal. In the home page, click on Applications. Under Applications, we’ll get HTTP, TCP, UDP options.
Step2: First, right click on the HTTP and select on the Add Group.
Step 3: Now, provide unique Group name and check the Enable monitoring & Alerting options.
Click on Ok to create the new application group.
Step 4: Again, right click on the created group and select the Add New Application.
Step 5: Now, provide a valid URL, name, and select the appropriate group, distributed polling agent. Additionally, GPS latitude and longitude gets autogenerated from the given address.
Step 6: Next, click on the Metrics tab, then select the required metrics which has to be monitored. In our case, we are monitoring all the key metrics of HTTP application. Further, we can also edit the global alert template by clicking the Global Alert Template icon. Lastly, click Ok button to add new HTTP application.
Step 6(a): Set the alert template using available variables. Click on the Send Test Email to get the sample email with select subject and email body patterns. Then, click Ok button to apply and close the window.
Step 7: Now, let’s create the type of method [GET, PUT, POST, PATCH, etc.] to monitor in the added HTTP Application. Right click on the HTTP Application (User Info) -> Select HTTP Method
Step 8: Provide the unique and valid name, HTTP method with Path URL. Click on Test button to check
Step 8(a): We have got the Test Success message
Step 9: Next, right click on the created method and select View HTTP Method Info to get the performance information.
Step 10: This window provides the overall performance graphs and status of the URL method.
Step 11: To get the specific metrics graphs, Right click on created method -> Graphs -> Availability Graph, Connection Time Graph, etc.
Step 12: Graphical View based on the selected metrics.
Step 13: Alternatively, we can also enable the HTTP application monitoring metrics from Monitoring -> Application Monitoring Settings -> HTTP.
Congrats! We have successfully enabled the application monitoring for HTTP apps.
Configuring SNMP OID for Memory utilization Monitoring
Network Monitoring, Technical NotesConfiguring SNMP OID for Memory Utilization Monitoring
Procedure
Step 1. Right-click on the device that required RAM utilization monitoring and select View Device Info.
Step 2. The View Device Info window opens. Click on SNMP OID.
Step 3. The SNMP OID window opens. Examine the entries for “platform specific oid memory utilization.” In this case two OID entries have been made. Depending on the manufacturer, one or two entries will be entered.
Step 4. If there are no entries, then SNMP OID need to be entered to enable the memory utilization monitoring.
Step 6. The SNMP OID (memory utilization) window appears.
The manufacturer will tell you how the device reports memory utilization. If the device reports Memory Utilization Percent directly, the OID is entered in that box and provisioning is done. If the device reports separate values for total, free or used, then the OID information for each count need to be entered. Nectus will perform the calculation to arrive at Memory Utilization.
For example, when the device reports Memory Utilization Percent directly, the OID is entered in the first box and provisioning is complete.
In this case, the device reports Memory Used and Memory Free, so the OID for Memory Used is entered in the Memory Used space and the OID for Memory Free is entered in the Memory Free space. Nectus will compute utilization as Memory Used / (Memory Used + Memory Free) * 100.
In this case, the device reports Memory Free and Memory Total, so the OID for Memory Free is entered in the Memory Free space, and the OID for Memory Total is entered in the Memory Total space. Nectus will compute utilization as Memory Free / Memory Total * 100.
In this case Nectus is reporting that Used and Free Memory OIDs are required.
We re-enter the OID information as Memory Used and Memory Free, and click OK.
Testing
Step 1. Click View Device → General to see the results of configuration.
RAM percent utilization is working.
Step 4. Change SNMP Walk to GET.
How to install additional polling agent
Nectus Installation, Technical NotesStep 1: Login to Nectus Portal in the home page. Select Settings -> Global Monitoring Settings.
Step 2: Next, select Distributed Agents to get the list of configured agents. Click on Create button to create a new poller agent.
]
Step 3: Now, provide a valid and unique name to the agent. Here, the Distributed Agent Name is “Regional USA Polling“. Select the enabled checkbox and click on Ok to create the poller object in the main server.
Note: Once the agent installation is complete, the RED changes to GREEN.
Additionally, the status of configured agent can also be checked on home page near the search icon.
Now, let’s start the installation on the Additional Polling Agent Server.
Step 4: After the download is complete, double click on the exe file. Installer window opens up. Click on Next to proceed with the installation.
Step 5: Go through the License Agreement carefully and then click on the Agree button.
Step 6: Select Additional Polling Agent in the Installation Type window and click on the Next button.
Step 7: Select the relevant options. Click on the Next button.
Step 8: Select the destination folder. Make sure, a minimum of 2GB of disk space is available in the selected drive. Click on the Next button.
Step 9: Next, provide the same name in the Additional Agent Name as in step 3. Fill the main polling agent IP address in the textbox and click on the Next button.
Step 10: Warning: Ensure that we open 10167 and 10168 ports between the new and main agent. If not, below error message will pop up.
Step 11: Then, key in a password to integrate the agent with the main server database.
Step 12: Log in to the main server and go to C:\Program Files\Nectus\Web\Apache24\htdocs\protected\config\ path and open database.ini file.
Step 13: Copy the password of vconsole username and paste it on the additional agent installer password textbox and click on the Install button.
Step 14: Once the installation completes, click on Next to proceed further.
Step 15: Finally, click on the Finish button and close the window.
As mentioned earlier, the additional poller status automatically converts to GREEN after successful installation.
Congrats! We have successfully installed the additional polling agent and integrated it with the main server.
Nectus not impacted by Log4J (CVE-2021-44228) Vulnerability
Nectus NewsNectus doesn’t use Apache LOG4J in any of its modules and is not impacted by recent Log4J (CVE-2021-44228) vulnerability.
How to Manually Generate a Process Dump using Process Explorer
Network MonitoringProblem
There may be times where a process dump file (or files) are required to troubleshoot a specific problem. The steps in this document walk through the process of generating a dump file using Process Explorer for IBM Support analysis. While the example used covers the tm1sd.exe process, the same steps can be followed for any process on the operating system. NOTE: You may follow a very similar approach using only Windows Task Manager, however Windows Task Manager will not allow you to choose a dump file location. This step is important if your application consumes a lot of memory and you do not have enough disk space on your Windows drive (C:).
Resolving The Problem
How to enable VMware Monitoring in Nectus
Technical NotesEnable Monitoring of VMware Using Nectus
Step 1. Navigate to Settings → General Settings → VMware VCenter Integration .
Step 4. The Add VCenter Group window opens.
Step 5. Name the Group (MyvCenter). Check Enable Monitoring. Click OK.
Step 8. Click Add.
Step 9. In the Add vCenter Server window, Enter Server name, IP address, Username and Password. Check that correct group is selected. Click Test.
Step 10. Test Connection tests OK (see message Test Connection OK). Click OK in lower right corner of window.
Step 12. In Nectus main menu, on the left, click on VMware vCenter. A drop-down menu appears.
Step 13. Expand the list of ESX Hosts or Datastores to verify import. It may take up to 15 min for all objects to be discovered and loaded to Nectus.
How to Enable Meraki API Integration in Nectus
Network MonitoringHow to Enable Meraki Integration in Nectus
Follow the procedure in the Meraki document to generate the API key. The document may be found at https://documentation.meraki.com. Keep this key secure.
The key is an alphanumeric string of 40 characters.
Sample API key: fffc2def3g34345mn7888u8wz9565b0cde
Step 1. In the Main Menu, go to Settings → General Settings → Meraki Integration.
Step 5. On left side of main window, click Meraki, right click on All Meraki Devices, select Reload Data From Meraki. The Reload Data from Meraki window opens, letting you know that the reload is in progress. Close this window.
Step 7. After a few minutes, the list of Meraki devices will appear.
How to discover/add a single device in Nectus (1.64.xx)
Network DiscoveryHow to discover/add a single device in Nectus
Step 1
In the main window, click on “Tools”, and in the drop-down box, select “Manual Network Discovery”
Step 2
The Discovery Start Window opens
Step 3
In the Discovery Start Window, change “Full Discovery” to “Partial Discovery”.
Step 4
Enter IP address and click “Start”
Step 5
Step 6
Step 7
To check that discovery ran to completion, go to the Main Window and click on “Logs” and then select “Discovery Log”.
Step 8
NetFlow Configuration Examples for Cisco Routers
NetFlow IPFIX CFlow SFlow, Network Devices Configuration BackupCatalyst 4500 Series Switch IOS NetFlow Configuration
——————————————————————-
switch(config)# ip flow ingress
switch(config)# ip flow ingress infer-fields
switch(config)# ip flow-export destination <Nectus IP address> 2055
switch(config)# ip flow-export source Loopback0
switch(config)# ip flow-export version 9
switch(config)# ip flow-cache timeout active 1
switch(config)# ip flow-cache timeout inactive 15
Cisco 3800 Series Router NetFlow Configuration
—————————-
Step 1. Define Flow Record format
router(config)# flow record NECTUS_NETFLOW_RECORD
router(config-flow-record)# description NetFlow record format to send to Nectus Netflow Collector
router(config-flow-record)# match ipv4 ttl
router(config-flow-record)# match ipv4 tos
router(config-flow-record)# match ipv4 protocol
router(config-flow-record)# match ipv4 source address
router(config-flow-record)# match ipv4 destination address
router(config-flow-record)# match transport source-port
router(config-flow-record)# match transport destination-port
router(config-flow-record)# match interface input
router(config-flow-record)# match flow direction
router(config-flow-record)# collect interface input
router(config-flow-record)# collect interface output
router(config-flow-record)# collect counter bytes
router(config-flow-record)# collect counter packets
router(config-flow-record)# collect timestamp absolute first
router(config-flow-record)# collect timestamp absolute last
router(config-flow-record)# collect routing source as
router(config-flow-record)# collect routing destination as
Step 2. Create Flow Exporter (Specify where NetFlow to be sent)
router(config)# flow exporter NECTUS_NETFLOW_EXPORTER
router(config-flow-exporter)# description Export NetFlow to Nectus
router(config-flow-exporter)# destination <Nectus IP address>
router(config-flow-exporter)# source Loopback0
router(config-flow-exporter)# transport udp 2055
router(config-flow-exporter)# export-protocol netflow-v9
Step 3. Create Flow Monitor (Bind Flow Record to the Flow Exporter)
router(config)# flow monitor NECTUS_NETFLOW_IPv4_MONITOR
router(config-flow-monitor)# record NECTUS_NETFLOW_RECORD
router(config-flow-monitor)# exporter NECTUS_NETFLOW_EXPORTER
router(config-flow-monitor)# cache timeout active 60
Step 4. Assign Flow Monitor to Selected Interfaces
Repeat this step for every interface you are interested collecting NetFlow for.
router(config)# interface TenGigE 1/1 (repeat for every interface that you need)
router(config-if)# ip flow monitor NECTUS_NETFLOW_IPv4_MONITOR input
router(config-if)# ip flow monitor NECTUS_NETFLOW_IPv4_MONITOR output
Step 5. Operation Validation
show flow record NECTUS_NETFLOW_RECORD
show flow monitor NECTUS_NETFLOW_IPv4_MONITOR statistics
show flow monitor NECTUS_NETFLOW_IPv4_MONITOR cache
Configuring VMware monitoring
UncategorizedNectus release 1.60 includes with a new VMware monitoring module.
Nectus can monitor following VMware infrastructure elements:
Nectus can monitor and alert on following metrics for all elements:
To set up VMware monitoring go to Inventory/VMware/vCenters (as shown in the picture).
The following page will open. On this page you can create new vCenters groups, edit their settings, delete groups. Create at least one group to be able to add vCenter servers.
After pressing “Edit” button you will see the form as shown in the picture on the right. Here you can enable/disable monitoring for entire group, select an appropriate ICMP monitoring profile, assign email and SMS lists for alerts.
Switch to the next tab of “VMware – vCenters” form to add/remove VMware vCenter servers.
The following window will appear after pressing “Add” button.
Fill out the fields here. The field “Server name” does not affect functioning and may be assigned to any value you like.
Username/Password must represent a valid VMware vCenter account.
Use “Test” button to check if the connection to vCenter may be established using the credentials provided.
After adding all desired vCenters you will see them on the list:
Managing VMware infrastructure
After configuring VMware groups and adding one or more vCenter servers the discovery of VMware infrastructure will start automatically.
You do not need to add ESX hosts, Datastores and Virtual machines manually.
Wait one or two monitoring cycles (5-10 minutes) for VMware entities to appear.
The discovered entities will appear in the Inventory:
After clicking “ESX hosts” you will see the following window displaying ESX host groups:
You can add more groups here (see picture below) or enable monitoring for the Default group.
If you move to the tab “ESX hosts” you can see the list of discovered items:
Warning: it is not possible to delete a non-empty group.
This applies to Datastores and Virtual Machines as well.
Discovered entities will also appear in the left tree of Nectus GUI.
To move an ESX host to another group switch to Groups in VMware combo, right click on the desired host, choose “Move ESX Host to…” and select the appropriate group.
The same applies to other VMware entities: you can view properties, graphs for Datastores and Virtual machines,
move them to other groups either from the tree or from the Inventory/VMware menu.
However, creating new groups is only available at Inventory/VMware menu.
Managing metrics to monitor
To set up metrics to monitor select Monitoring/VMware Monitoring Settings menu.
You will see the window as shown in the picture below.
Switch between tabs of VMware devices and metric groups to enable/disable selected metrics, customize them (see picture below) or to edit alert message templates.
After you have configured the desired metrics, Nectus server will automatically load them and start to monitor.
How to install SSL Certificate for Nectus GUI
Nectus Installation, Technical NotesThis guide explains how to generate the CSR code and install a commercial SSL certificate for Windows Apache so that you could access your Nectus GUI page securely via HTTPS.
It assumes that during Nectus installation, you selected the default location which is C:\Program Files\Nectus.
If you installed Nectus in a different folder, make sure to adjust the commands and locations given in this guide accordingly.
In general, in order to have a website accessible using secure HTTPS connection, the web server must have a pair of public and private keys configured.
The public key must be signed by a trusted Certificate Authority and added to a digital SSL certificate.
To obtain that certificate, you will need to send the certificate signing request (CSR) code to your SSL provider. Please refer to instructions below:
Generating CSR using OpenSSL
2. Enter the following command to run OpenSSL: “C:\Program Files\Nectus\Web\Apache24\bin\openssl.exe”
3. The prompt will change to OpenSSL>. This means we can run the OpenSSL commands now.
To generate a new CSR/Key pair for your future SSL certificate, execute the following this command:
req -new -newkey rsa:2048 -nodes -keyout “C:\Program Files\Nectus\Web\Apache24\conf\yourdomain.key” -out “C:\Program Files\Nectus\Web\Apache24\conf\yourdomain.csr” -config “C:\Program Files\Nectus\Web\Apache24\conf\openssl.cnf”
4. You will be prompted to enter certain information related to your domain.
The commentaries for each field are provided after the // sign.
Country Name (2 letter code) [AU]:US // enter the ISO 3166-2 compliant country code here
State or Province Name (full name) [Some-State]:California // the field for the state
Locality Name (eg, city) []:Los Angeles // the field for the city
Organization Name (eg, company) [Internet Widgits Pty Ltd]:NA // the name of your company. If you do not have a company or do not wish to indicate it, simply put NA
Organizational Unit Name (eg, section) []:NA // a department of your company. NA can be used here
Common Name (e.g. server FQDN or YOUR name) []:example.com // this is the field for your domain
Email Address []:. // this field is not required generally so you can leave it blank
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:. // can be left blank
An optional company name []:. // can be left blank
5. Once done, the C:\Program Files\Nectus\Web\Apache24\conf\ directory will have two new files, the file with the CSR code (.csr) and the file with the private key (.key).
We’ll leave the private key for the time being. The CSR code has to be provided to your certificate vendor — this code is the base for your commercial SSL certificate.
Please contact your SSL vendor for instructions with SSL activation.
6. When the SSL is issued, you should receive at least two files: SSL certificate in a .crt (or .pem, .cer) file, and the CA-bundle (also can be called intermediate CA, root CA certificates) with extensions like .ca-bundle, .crt.
Please note that Apache requires only PEM-encoded certificates, so PKCS#7 or PKCS#12 encoded SSLs won’t work.
Configuring SSL for Apache
7. Upload those files to the C:\Program Files\Nectus\Web\Apache24\conf\ directory.
8. Then, go to the C:\Program Files\Nectus\Web\Apache24\conf\extra folder, and open the httpd-ssl.conf file in Notepad.
9. Find and edit the following directives and make sure that they point to the SSL certificate, Private Key, and the CA-bundle files accordingly:
SSLCertificateFile “${SRVROOT}/conf/yourdomain.crt”
SSLCertificateKeyFile “${SRVROOT}/conf/yourdomain.key”
SSLCACertificateFile “${SRVROOT}/conf/yourdomain.ca-bundle”
Note that the SSLCACertificateFile directive is commented out by default. You need to delete the # sign at the beginning of the string to uncomment the directive.
10. Save the configuration file
11. Return back to the C:\Program Files\Nectus\Web\Apache24\bin folder and double-click on ApacheMonitor.exe
12. The ApacheMonitor app will appear in the system tray at the lower right corner of your screen. Find and click it there.
13. Hit “Restart”
14. Now you can try accessing your Nectus GUI page in the browser via HTTPS: https://yourdomain.com
Standalone NetFlow and Syslog VM OVA File (Clickhouse DB)
NetFlow IPFIX CFlow SFlow, Syslog, Technical NotesConfiguring Linux Monitoring in Nectus
Linux Monitoring, Technical NotesConfiguring Linux Monitoring in Nectus
Nectus Server 1.55 adds feature to monitor some system parameters on hosts running Linux. Enabling this feature for your infrastructure requires two steps:
This guide describes steps for Nectus Server configs. Installing and configuring of Linux remote agents are described here.
Linux monitoring integration
Choose the following menu item from the Nectus GUI to set global Linux monitoring parameters.
This will open the next window:
Click OK to save configured parameters.
Select “Linux Monitoring Settings” from the “Monitoring” menu to configure your monitoring profiles for Linux machines.
Click “Create” to create a new monitoring profile:
In the following form enter the name of your profile and choose metrics you would like to monitor:
Configure the necessary metric parameters like minimal and maximal thresholds, alerting etc.
You can create any number of profiles and assign each of them to different group of Linux machines.
Linux Servers
Select “Linux Servers” from the “Inventory” menu to configure groups and servers to be monitored.
Click “Create new Group” in the next form:
Enter “Group Name” for the new group, select “Enable monitoring” and choose the desired Monitoring Profile for this server group:
Also select the appropriate alert recipients in this form.
You can create any number of monitoring groups if you need to apply different profiles or alert recipients for different server groups.
When you have finished with the groups switch to the next tab “Servers” in the same form and click “Add Server” to add a Linux server to be monitored:
In the next window enter the Hostname (optional, it will be obtained later during the monitoring process), IP address, TCP port of the remote agent’s listening socket (default 5400) and choose the appropriate Group:
You can choose different values of TCP port for different servers according to your network configuration. But note that this value must match the parameter AGENT_PORT set in the agent’s configuration file (see details here).
After clicking “OK” you will see the server in the following list and you will be able to View, Edit and Delete the server (operations are marked with a red square).
After you have added all the desired servers and installed the remote agents the process of monitoring of your Linux hosts will start automatically.
Device View Auto Population Rules
Nectus Installation, Network Monitoring, Technical NotesDevice View Auto Population Rules
Device View is the logical grouping of the devices that can be used in different places within the Nectus application. In the previous versions of Nectus, the user would manually add devices into device views which may become a significant management overhead.
In Nectus version 1.55 we introduced an ability to automatically populate device views based on specific conditions such as device names, types, etc.
User can define a set of conditions which has to be true for Nectus to automatically add devices to device views.
This article will guide you through the process of defining the auto population rules for device views.
To access your SNMP Device Views go to Inventory Views SNMP Device View
To add a new Device View, click Create in the upper right hand corner of the SNMP Devices Views page.
Give a name to your new Device View.
Press Save button to finish creation of Device view.
Open again newly created device view and in the upper right-hand corner, select Edit Rules.
This will open the Devices View Auto Population Rules page.
Select the plus sign to add a new Auto Population Rule.
Add all the required Auto-population rules and press Ok button to Save.
If multiple rules are defined all the rules must be TRUE for device to be automatically added. (Logical AND).
Your rules will be processed daily at 3:00 PM.
If you would like to apply your rules immediately, press the Apply Rules button.
Linux Monitoring Agent Installation
Linux MonitoringLinux Monitoring Agent Installation
Nectus Linux Monitoring Agent is required to be installed on target machine to enable Nectus to monitor Linux system parameters such as CPU and RAM utilization, Storage and Network Utilization.
Agent collects all the required monitoring metrics and reports to the main Nectus Server every 5 minutes.
Step 1: Download Monitoring Agent Package
Download binary package appropriate to your target machine Linux flavor and version from the download page.
Step 2a: Installation for Debian-based systems (including Ubuntu)
After downloading the package run the following installation command:
$ sudo dpkg -i <package-name>
This will install Nectus monitoring agent on your target machine. If everything is OK you’ll see some output like this:
$ sudo dpkg -i nectus-agent-1.0-1.deb
(Reading database … 79643 files and directories currently installed.)
Preparing to unpack nectus-agent-1.0-1.deb …
Unpacking nectus-agent (1.0-1) over (1.0-1) …
Setting up nectus-agent (1.0-1) …
Processing triggers for systemd (229-4ubuntu21.21) …
Processing triggers for ureadahead (0.100.0-19) …
Step 2b: Installation for RedHat, CentOS and Amazon Linux
After downloading the package run the following installation command:
$ sudo rpm -U <package-name>.rpm
You’ll see output like this:
$ sudo rpm -U nectus-agent-1.0-1.el7.x86_64.rpm
Preparing…
################################# [100%]
Updating / installing…
1:nectus-agent-1.0-1.el7
################################# [100%]
Step 3: Configuration
After installation is complete you need to set up the agent’s basic configuration.
Nectus agent configuration file is located at: /etc/nectus/nectus-agent.conf.
Default configuration file content is listed in Appendix 1. Most of the values are set to defaults and don’t require a change except following two parameters:
SERVER_PRESHARED_KEY is used to encrypt messages between the Agent and Nectus Server. Initially it’s set to value <YourSecretKey>.
Edit this parameter to match the key configured in Nectus GUI (Settings->General Settings ->Linux Monitoring Integration).
SERVER_PRESHARED_KEY is a global parameters that is used for all Linux Servers.
AGENT_PORT parameter determines the TCP port used by Agent to listen for incoming connections from the Nectus server. By default the TCP port is set to 5400.
AGENT_PORT is Server specific parameter that can be different on each Linux Server.
Step 4: Generate SSL Certificate (optional)
The Linux Monitoring Agent listens on pre-configured TCP port for incoming HTTPS connection and needs an SSL certificate to operate.
Default location for storing certificate files is /etc/nectus but it’s configurable (parameter SSL_CERTIFICATE_DIR in the configuration file).
You can either use any existing certificate or generate a new self-signed one.
To generate new self-signed certificate run commands:
$ cd /etc/nectus
$ openssl dhparam -out dh.pem 2048
$ openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 10000 -out certificate.pem
The directory pointed by SSL_CERTIFICATE_DIR parameter should finally contain files dh.pem, key.pem and certificate.pem.
Step 5: Open TCP port at the Firewall
If there is firewall between Nectus Server and Linux Monitoring Agent you need to permit connections on TCP port 5400 (Unless it is changed to a different port)
Make sure your Linux internal firewall also permits inbound connections on this port.
Step 6: Start Agent
Restart the agent in order for configuration changes to take effect:
$ service nectus-agent restart
Check it’s status to ensure proper operation:
$ service nectus-agent status
If case of successful start you’ll see some output like this:
$ service nectus-agent status
● nectus-agent.service – Nectus Agent
Loaded: loaded (/lib/systemd/system/nectus-agent.service; disabled; vendor preset: enabled)
Active: active (running) since Mon 2019-04-29 17:55:39 UTC; 4s ago
Process: 10247 ExecStart=/usr/bin/nectus-agent $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 10255 (nectus-agent)
Tasks: 2
Memory: 1.2M
CPU: 14ms
CGroup: /system.slice/nectus-agent.service
└─10255 /usr/bin/nectus-agent /etc/nectus/nectus-agent.conf
Apr 29 17:55:39 ubuntu-16 systemd[1]: Starting Nectus Agent…
Apr 29 17:55:39 ubuntu-16 systemd[1]: nectus-agent.service: PID file /run/nectus/nectus-agent.pid not readable
Apr 29 17:55:39 ubuntu-16 systemd[1]: Started Nectus Agent.
User account
For security reasons it’s not allowed to run Monitoring Agent as root user. If it’s trying to start as ‘root’ then the agent will drop its privileges to the user account set in configuration file
(usually /etc/nectus/nectus-agent.conf) as USER_INSTEAD_OF_ROOT.
Default USER_INSTEAD_OF_ROOT is ‘nectus’.
The agent automatically creates this user account during installation (if this user does not exist already) and provides minimal set of permissions required to run the agent code.
Troubleshooting
Nectus agent runs as a daemon process. You can use the following commands to start, stop restart and check status of the agent:
$ service nectus-agent start
$ service nectus-agent stop
$ service nectus-agent restart
$ service nectus-agent status
If there are any problems with starting the agent first check the agent’s status:
$ service nectus-agent status
Then check the log file (usually /var/log/nectus/nectus-agent.log). If it does not help then you can try to run the agent manually. Usage of the module:
nectus-agent <config-file> [-D]
config-file full path to configuration file
-D debug mode (agent starts not as a daemon but as a usual process)
Locate the executable nectus-agent in /usr/bin and try to run the agent not as a daemon:
$ /usr/bin/nectus-agent /etc/nectus/nectus-agent.conf -D
Check the output and log files at /var/log/nectus.
Upgrade
Upgrade to a new version of the agent is the same as a new installation: download the appropriate package and run either:
> sudo dpkg -i <package-name>.deb
for Debian/Ubuntu systems or
> sudo rpm -U <package-name>.rpm
for RedHat/CentOS/Amazon Linux.
Uninstallation
To uninstall Nectus agent run the following command:
> sudo dpkg -r nectus-agent
for Debian/Ubuntu systems or
> sudo rpm -e nectus-agent
for RedHat/CentOS/Amazon Linux.
Appendix 1. Default Configuration File