Administrator Handbook Table of contents version française LinkedIn social network LinkedIn social network LinkedIn social network LinkedIn social network Share on social media

Sending events and alarms to LoriotPro from Windows

Introduction

Technical reminder

Installing SendEvent

Using SendEvent

Using the Windows XP/2000/2003 Perfmon program to send alarms to LoriotPro

Using the Windows Vista Perfmon program to send alarms to LoriotPro

 

Introduction

The SendEvent program available with LoriotPro makes it possible to send events from any post that works under the Windows environment to a LoriotPro monitoring system.  SendEvent is a non-graphic Windows programme (console) which should be used in a direct command line within a batch or command window. It can be used with all native Windows programs that are capable of calling an external command.

SendEvent.png

An example in this document illustrates how to send an alarm (Event) to a remote LoriotPro once a limit on disc space has been reached by using the Microsoft performance monitor and SendEvent programs.  This document also explains how to send and alarm (Event) to a remote LoriotPro after receiving a Windows Eventlog using the SendEvent program.

Technical reminder

LoriotPro events are notifications or alarms that are proprietary to the LoriotPro solution and which serve to keep the administrator informed.  

LoriotPro is a server in listenning mode to the events on the UDP 5001port. LoriotPro itself is the main source of the events, in fact, it sends events to itself as soon as a condition has been satisfied or an anomaly detected (e.g. an unavailable host). Most of LoriotPro’s internal modules (plug-ins) send events to signal anomalies to the LoriotPro operator. Events can also be generated by remote LoriotPro systems; this makes it possible to have a hierarchy of LoriotPro monitoring systems which can communicate amongst each other by exchanging messages.

Lastly, using the SendEvent program it is possible to directly generate messages from any Windows device to send to LoriotPro.

The events received by LoriotPro are treated using an internal multi-tasking process in a proprietary manner in order to ensure that they are taken care of in the best possible time. The events make it possible to keep a trace (historic files) of the anomalies of your information system as well as to trigger actions (sending mail, sms, visual and audible alarms, scripts etc…..).

Installing SendEvent

Installing SendEvent is very simple, using the exe.  program on a Windows 2000, 2003 server, XP, Vista (32 bits) device will suffice.

Simply copy the Sendevent.exe program present in the repertoire /bin of LoriotPro into the repertoire of your choice and the device of your choice.

In the programs list, SendEvent is represented by this icon SendEventIcon.gif 

Using SendEvent 

Open a console window and select SendEvent

The programme will display the following Help menu:

C:\v5-net\bin>sendevent

SendEvent is a LUTEUS Copyrighted program (2009). Consult www.loriotpro.com

SendEvent is used to send an event packet to a remote LoriotPro snmp manager.

 

SendEvent supports the following syntaxes of arguments

 

        1 - Arguments are all defined on the command line.

        Usage: SendEvent IP-Destination IP-Port EventNumber EventLevel IP-Source IP-Mask Message

        Example:

        SendEvent 192.168.10.2 5001 100220 3 192.168.10.145 255.255.255.255 "Error occurs on server"

 

        2 - Arguments are all defined in an external file.

        Usage: SendEvent Argument_file

        Argument_file -  A file containing the arguments declared in order on a single line

        Example of argument file content:

        192.168.10.2 5001 100220 3 192.168.10.145 255.255.255.255 "Error occurs on server"

 

        3 - Arguments are partially defined in an external file called sendeventarg.txt  but the message is defined on the command line.

        Usage: SendEvent Message

        Example: SendEvent "The file server has low memory ressources"

        Example of sendeventarg.txt file content:

        192.168.10.2 5001 100220 3 192.168.10.145 255.255.255.255

 

The arguments should always be defined in the following order:

IP-Destination The IP address of the remote LoriotPro system.

IP-Port         The UPD port of the event Server on the remote LoriotPro system (You must use 5001 by default).

EventNumber     A unique event number that identify this event (The event should be registered on the remote Loriotpro.

EventLevel      A level of severity, define the color of the event in the event logs. (0 black,1 blue,2 green, 3 yellow, 4 red).

IP-Source       the IP address of the sender, the system where you use the Send Event program.

IP-Mask         A mask use for filtering on the remote LoriotPro, use 255.255.255.255 by default.

Message         the text of the alarm message to send.

Message including space(s) must be enclosed by double quote.

 

SYNTAX ERROR !!!! You must enter 7 arguments on the command line !!!

or use 1 argument of file name type or message!!!

 

 As indicated by the integrated help text, SendEvent may be launched using several different methods.

Method 1  

Enables you to send an event by specifying the parameters in the command line.

IP-Destination 

The IP address of the LoriotPro station to which the event is to be sent.

IP-Port        

The UPD event reception port for the destination LoriotPro station.

By default, the port should be 5001unless you have altered this value in bin/config/loriotpro.ini

EventNumber    

An event number. The event numbers are unique and should be declared in LoriotPro if you want to be able to activate event filters.

Notice: numbers inferior to10000 are reserved for LoriotPro.

EventLevel     

The level of severity for this event. The level defines, among other things, the color of the event the reception display window of LoriotPro. (0 black, 1 blue, 2 green, 3 yellow, 4 red).

IP-Source      

The IP address of the device which is the source of the event from which the SendEvent is executed.

IP-Mask        

A mask which can be used for filtering on the remote LoriotPro station, use 255.255.255.255 by default.

Message        

The Event text. If the text contains any spaces these should be enclosed by double quotation marks.   

 

Here is an example of how to use SendEvent to verify the functional state and parameters  un exemple d’utilisation de SendEvent pour vérifier le fonctionnement et les paramètres passés en argument.

On the Windows system, open a console window and then select your command.

Example: SendEvent 12.1.1.4 5001 10560 1 128.0.0.1 255.255.255.255  « testing SendEvent »

 

In the events reception window you should receive the following:

 Method  2

The second method uses an external file where the sending parameters are defined.

 The parameters are identical to those for method 1and should be defined in the same order.

Example of an external file:

searg1.gif

The execution only identifies the name of the file.

SendEvent  searg1.txt

SendEventMode2.gif

The event is received by LoriotPro. Please note that if the host that is the source of the event is present in the directory the name will appear in the IP Ref.

 

 Method 3

The third method is mixed; it uses an external file for the sending parameters as well as a message on the command line.

The parameters should be pre-defined in the sendeventarg.txt file.

IP-Destination 

The IP address of the LoriotPro station to which the Event is destined.

IP-Port        

The UPD event reception port for the destination LoriotPro station.

By default, the port should be 5001unless you have altered this value in bin/config/loriotpro.ini

EventNumber    

An event number. The event numbers are unique and should be declared in LoriotPro if you want to be able to activate event filters.

Notice: numbers inferior to10000 are reserved for LoriotPro.

EventLevel     

The level of severity for this event. The level defines, among other things, the color of the event the reception display window of LoriotPro. (0 black, 1 blue, 2 green, 3 yellow, 4 red).

IP-Source      

The IP address of the device which is the source of the event from which the SendEvent is executed.

IP-Mask        

A mask which can be used for filtering on the remote LoriotPro station, use 255.255.255.255 by default.

 

Example

The command can then be sent.

Example:  SendEvent « The message to send »

 

Using the Windows XP/2000/2003 Perfmon program to send alarms to LoriotPro

 

Perfmon is a Microsoft program which makes it possible to monitor Windows performance indicators and to position alert levels.

Using Perfmon, it is therefore possible to monitor Windows sytems and to send alarms to the centralized LoriotPro monitor using SendEvent.

Beware, since the monitoring process is conducted by the system itself there are no guarantees that all anomalies will be detected. The most critical case is that of the CPU capacity or maximum memory; once these levels have been reached it becomes impossible for the system to carry out any tasks including sending alarms.  Here is an example of monitoring the disk space ,the CPU and memory of a Windows XP/2000/2003 system.

You must copy the SendEvent.exe program onto the system. SendEvent is available in the /bin repertoire of LoriotPro.

Method 3 of SendEvent is indispensable in this particular case. You must also create a Sendeventarg.txt file in the same repertoire where you copied SendEvent.exe. 

Verify that LoriotPro is receiving messages correctly by opening a command window and typing:  SendEvent « test »

Launch the Perfmon application on the system that is to be monitored.

Perfmon_XP_1.gif

Enter a name for the new alert. We are going to monitor the Processor Time used.

Next, add « counters » by selecting the object « Process » and then the counter « % processor time » and « All instances» toutes les instances

Perfmon_XP_2.gif

Click on (Add) before closing the dialog box.

You should get a configuration similar to the one below.

Perfmon_XP_3.gif

Define the alert level; in our example the condition is superior to (Over) 80%.

In the Action tab, select « Run this programme » and give the access path to the SendEvent.exe program.

The argument is the text of the message that will be sent.

Perfmon_XP_5.gif

In the « Schedule » tab select the manual mode to launch the collect. The configuration is complete. Next, launch the collect.

Perfmon_XP_7.gif

In case the capacity level is surpassed, alarms are generated and LoriotPro displays them.

The most critical indicators can thus be monitored.

Perfmon_Vista_1.gif

Here is a list:

Object

Counter

Instance

Process

 % processor time

All the instances

Memory

% Committed Bytes In Use

 

LogicalDisk

%  Free Space

All the instances

 

Using the Windows Vista Perfmon program to send alarms to LoriotPro 

Here is an example on employing SendEvent with the Microsoft Perfmon monitoring tool available on Windows Vista:

Perfmon makes it possible to define performance variable collects (WMI) and to trigger action on level and threshold

The object is simple; SendEvent is used here to send an alarm that is local to a Windows system, to the LoriotPro monitor tool.

Launch Perfmon then select « User Defined » then « New » to create a new (Data Collector Set).

Assign a name and select the manual mode.

Select the Performance Counter Alert option.

The Basic mode

Select the object and the « counter » of the object that is to be monitored and then the instance. Use the « Add » to confirm.

Define the capacity level with « Alert When » and the limit.

Launch the collect.

Your collection of proprietary data (user defined) is operational.

Proceed in the same manner for all the « counter » WMI objects that you wish to monitor.

 

 

 

 


www.loriotpro.com