Log Sources

System Energy Logserver jest w stanie przetwarzać dowolne dane pochodzące w formacie Syslog, Windows Events oraz plików płaskich. Dzięki temu system zasilają informacje pochodzące z całej infrastruktury teleinformatycznej, w tym:

  • Urządzenia sieciowe - switch, router, IPS, Firewall, PaloAlto, Cisco ASA, Checkpoint, Loadbalancer F5, Forcepoint, Cisco UCS, HP Synergy
  • Netflow
  • Systemy Linux - RedHat Linux Enterprise, Centos, Oracle Linux, Debian
  • Systemy Windows
  • Aplikacje i serwery aplikacyjne - IBM Webshpare, jBoss, Tomcat
  • Baz danych - MsSQL, Mysql, Oracle, Postgress, Hadoop
  • Środowiska wirtualne i kontenery - VmWare, OpenStack, Docker
  • Systemy monitoringu - op5 Monitor, Zabbix, Nagios, Prometheus
  • Urządzenia telekomunikacyjne - centrale, sterowniki, czujniki
  • Komunikacja API

Energy Logserver może współpracować z specjalizowanym agentem Windows pozwalającym na kolekcję zaawansowanych metryk pozwalających na określenie wydajności tej rodziny systemów operacyjnych.

Lista metryk kolekcjonowanych przez agenta dla systemów Windows:

Group Policy Processing

  • Domain controller discovery time
  • GPOs applied during logon
  • Processing time for each active client side extension (CSE), both from Microsoft and third parties. This includes:
    • Registry
    • Folder redirection
    • Offline files
    • Environment variables (preferences)
    • Folder options (preferences)
    • Local users and groups (preferences)
    • Group Policy preferences

Logon Process Performance

  • Process name
  • Process ID
  • Session ID
  • Parent process name
  • Process user account
  • Associated application name
  • Process type (e.g. part of the logon script)
  • Process lifetime duration
  • Commandline
  • Executable path
  • CPU footprint
  • Disk footprint
  • Memory footprint
  • Network footprint

Logon Process Summary

Summary performance data about process activity during user logon:

  • Number of processes started
  • Disk footprint

Microsoft Office Outlook

Outlook plugin load duration and related information:

  • Plugin name, ProgID and GUID
  • Plugin load duration
  • Plugin “load behavior” (state)

PRZEGLĄDARKI INTERNETOWE

Internet Explorer

  • CPU usage
  • RAM usage
  • IO count
  • IO volume
  • IOPS
  • IO latency
  • Network throughput

Google Chrome

  • Browser (main process)
  • Tab (rendering process)
  • Extension (running Chrome extensions)
  • GPU (graphics acceleration)
  • Flash (playing Adobe Flash)
  • Java (running Java apps)

URZĄDZENIA

Machine Performance

  • CPU usage
  • RAM usage
  • GPU model
  • GPU compute usage
  • GPU memory usage
  • Kernel memory usage
  • IOPS (read and write separately)
  • IO volume (read and write separately)
  • IO count (read and write separately)
  • IO latency (read and write separately)
  • Disk utilization in percent
  • Network utilization in percent
  • Number of sessions
  • Number of processes
  • Number of threads
  • Number of handles

Machine Inventory

  • OS name
  • OS type and architecture
  • OS install date
  • Hardware manufacturer
  • Hardware model
  • BIOS version
  • BIOS version
  • AD domain
  • AD site
  • AD OU
  • AD computer distinguished name
  • Citrix farm name
  • Citrix machine catalog name
  • Citrix delivery group name
  • Primary IP address
  • Primary network adapter name
  • Primary network adapter description

SMB Client Performance

  • Share path
  • IOPS (read and write)
  • IO count (read and write)
  • IO volume in MB (read and write)
  • IO latency in ms (read and write)

KOMUNIKACJA SIECIOWA

  • Source process (process sending/receiving data on the machine uberAgent is running on)
  • Target IP address
  • Target name
  • Target port
  • Send count
  • Receive count
  • Connect count
  • Send volume (MB)
  • Receive volume (MB)
  • Send throughput (KB/s)
  • Receive throughput (KB/s)
  • Send latency
  • Send latency count (number of measurements)
  • Protocols used

SESJE

  • Session ID
  • Computername
  • Logon time
  • Logoff time
  • Session duration
  • Protocol (ICA, RDP or console)
  • Connection state (e.g. active, disconnected)
  • User and domain
  • CPU usage
  • RAM usage
  • IO count
  • IO volume
  • IOPS
  • IO latency
  • Network throughput
  • ICA/HDX latency
  • Citrix ICA/HDX client information (name, IP address, version, etc.)
  • VMware RDP/PCoIP client information (name, IP address, etc.)
  • Microsoft RDP client information (name, IP address, etc.)
  • Foreground application name
  • Foreground application version
  • Foreground process name
  • Foreground process ID
  • Foreground application UI latency

APLIKACJE

Application and Process Startup

  • Smss initialization
  • Autocheck (checkdisk)
  • Session 0 initialization
  • Session 1 initialization
  • Wininit initialization
  • Winlogon initialization
  • Autostart services
  • Startup duration
  • IOPS during startup
  • Process name
  • User and domain
  • Is the process running elevated (with admin privileges)?
  • Process ID
  • Parent process ID
  • RDS session ID
  • Parent process name
  • Full commandline the process was launched with

Application and Process Performance

  • User and domain
  • Process name and ID
  • Process command line (optional)
  • Application name and version
  • CPU usage
  • RAM usage
  • GPU compute usage
  • GPU memory usage
  • IO count (read and write separately)
  • IO volume (read and write separately)
  • IOPS (read and write separately)
  • IO latency (read and write separately)
  • Network throughput
  • Network latency

Application UI Unresponsiveness

  • Application name (even for App-V, Java and modern UI / Metro apps)
  • Application version
  • Process name and ID
  • User and domain
  • Unresponsiveness duration
  • Related user session

Application Crashes and Hangs

For every application error the following information is collected:

  • Application name
  • Process ID, GUID, name, path, version and timestamp
  • Process lifetime
  • User and domain
  • Related user session
  • Faulting module name, path version and timestamp
  • Exception code, fault offset,
  • App package full name and relative ID
  • Error type (crash or hang)

Application Inventory and Usage

  • Application name (even for App-V, Java and modern UI / Metro apps)
  • Application version
  • Number of concurrent users (application usage metering)
  • Number of computers the application is run on
  • Number of (ICA/RDP/PCoIP) remoting clients the application was accessed from
  • Inventory (installation information like name, publisher, version, install date)

Software Update

  • Name
  • Install date

APLIKACJE

Computer Startup (Machine Boot)

  • Smss initialization
  • Autocheck (checkdisk)
  • Session 0 initialization
  • Session 1 initialization
  • Wininit initialization
  • Winlogon initialization
  • Autostart services

Boot Processes

  • Process name, ID and parent ID
  • Relative start time and lifetime
  • Commandline
  • IO count (read and write)
  • IO volume (read and write)
  • IO latency (read and write)
  • Associated user session ID

Other On/Off Transitions

  • Suspend
  • Resume
  • Shutdown

On/Off Transition Delays

  • Driver/service/application name
  • Driver/service/application version
  • Total duration
  • Degradation (how much longer it took than normal)

Jesteśmy przekonani, że oferta Energy Logserver stanowi istotne uzupełnienie runku produktów IT w obszarze LogManagement.