Administrator
Handbook |
TOC |
Bulk TCP Poller | ||
The Bulk TCP Poller allows you to monitor network application (TCP ports) availaibility. Network applications are mainly reachable by means of TCP port. From an IP client point of view, an application is available if the application TCP port is available to open a new session with him. This Plugin perform this test for you at regular intervals and sends an alarm if a wrong status is dedected. The power of this Plugin allows you to monitor hundreds of Hosts and for each of them hundreds of TCP ports (application) with various alarm severity. This Plugin could also be useful to check the permissiveness or laxisme of a Firewall and to warns you if an security breach is opened. This Plugin could also be use to detect Troyan horse viruses on hosts. The detection could run either permanently or on-demand. Hereunder, the main windows of the Bulk TCP Poller.
The installation of the Bulk TCP Poller Plugin
is performed in the directory workspace. First, we need to know at least the following information:
We must specify which port we want to monitor. Either we type the Port number (only TCP port number) or choose it in the list.
We should now set the other parameters.
The Alarm number is set to something higher than 10000 and not already assigned. This number will appears in the event manager and allows you to do filtering. The level helps you to define the importance of the event. Highest level of gravity is 10, lowest level is 0 (red in the event manager). The “If Port TCP is” field allows you to select the
status that will generate the alarm. Next step is to set the polling interval to which hosts will be polled. In Global parameter, Polling Interval, select a value. You could also click on the button that opens the WIZARD and select your polling interval from there. We could now select the hosts to which we want to apply the previous defined parameters You could add hosts to the list either manually by setting one by one
the host IP address or you could pick them up in the Directory. The second
way is far most faster an support the shift and Ctrl selection in the
list. When this is done, we could see the hosts in the list.
The Bulk TCP Poller updates the Value field after each polling. If the value field becomes red it means that the Port is not reachable. (Not that an alarm is sent). Alarm sent by this Plugin should appears in your event manager: The above information could also be check remotely if you have started the LoriotPro WEB server (refer to LoriotPro documentation for setting this service). You could access from a navigator your current TCP table. Click on the Bulk TCP poller task (hammer)
|
www.loriotpro.com |
|