Displays the name of the servers being monitored by an Exchange agent instance. | |
Displays the name of the agent instance created for an Exchange server. | |
Displays the name of the Foglight Agent Manager Host assigned to each Exchange agent instance. | |
Displays the number of alarms outstanding for a select Exchange agent. Clicking an alarm opens the Alarms for <agent_name> view, which provides more details about these alarms. | |
Click the Edit icon in this column to update the private agent properties using the Agent Edit wizard. For more information, see Edit private agent properties. | |
Click the Edit icon in this column to open the Shared Properties dialog box and review the properties defined. To enable / disable a powershell cmdlet, select / clear the Monitor check box for that cmdlet. | |
Displays the agent version. A green check mark icon indicates that the agent version is up to date. |
The Agent Setup wizard guides you through the process of adding and configuring Exchange agent instances on one or more servers.
1 |
At the top of the Agent Management view, click Add to launch the Agent Setup wizard. |
2 |
On the Prepare page, carefully read the instructions about the steps that you need to take before proceeding with the wizard. |
3 |
On the Auto-Discovery or Manual page, indicate if you want to manually configure an agent to monitor a single Exchange server, or search your domain and auto-discover Exchange servers and create one or several agents. Click Next. |
• |
• |
4 |
On the Select the Search Domain page, specify the domain to be used to search for Exchange servers where Exchange agent instances are to be created and activated. |
• |
Domain: Type the fully qualified name (myDomain.com) of a domain to search for Exchange servers. |
• |
User Name: Type the user principal name of the account to be used to query Active Directory® on the selected domain.The following formats are accepted for the user principal name: myUser@myDomain.com, myUser, and myDomain.com\myUser. |
• |
User Password: Enter the password associated with the above user account. |
• |
Enable SSL For LDAP: Selecting this check box if security LDAP is required. |
NOTE: 1. When selecting Enable SSL For LDAP, import the root certificate of the monitoring domain into both FglAM and Foglight keystore. 2. Ensure that the Subject Alternative Name of the certificate used by LDAP service includes both server FQDN and Domain name. For detailed information on how to import certificate into both FMS and FglAM keystore in FIPS-compliant mode, refer to Managing certificates for FglAM and Managing certificates for FMS in FIPS-compliant mode . For detailed information on how to import certificate into both FMS and FglAM keystore in non-FIPS mode, refer to Managing certificates for FglAM and Managing certificates for FMS in non-FIPS mode . |
5 |
On the Select Servers page, select one or more Exchange servers that you want to monitor. |
• |
Exchange Server: The name of the Exchange server found on the selected domain. |
• |
Exchange Agent Exists: Indicates whether an Exchange agent instance has already been created for an Exchange server. A green check mark in this check box indicates that an agent instance is already created to monitor the Exchange server. Servers already monitored by other Exchange agents are unavailable for selection in the list. |
6 |
On the Configure Agent Properties page, review the Exchange agent properties, and edit them, as necessary. |
• |
Exchange Server(s): The name of one or more Exchange servers found on the selected domain. |
• |
Domain Controller: The name of the domain controller found on the selected domain. |
• |
Communication Protocol: Selects to run the WMI query through DCOM or WinRM. |
• |
WinRM Port: The WinRM port number on the monitored server. This property only appears if the Communication Protocol is set to WinRM through HTTP or WinRM through HTTPS. |
NOTE: 1. When setting Communication Protocol as WinRM through HTTPs, import the root certificate of the monitoring domain into FglAM keystore. 2. Ensure that the Subject Alternative Name of the certificate used by LDAP service includes both server FQDN and Domain name. For detailed information on how to import certificate into FglAM keystore, refer to Managing certificates for FglAM . |
• |
LDAP Authentication Mechanism: The authentication scheme used to connect to the LDAP server: Simple (default) or Kerberos. |
• |
Enable SSL For LDAP: Indicates if the LDAP connection is secure or not (default). |
NOTE: 1. When selecting Enable SSL For LDAP, import the root certificate of the monitoring domain into both FglAM and Foglight keystore. 2. Ensure that the Subject Alternative Name of the certificate used by LDAP service includes both server FQDN and Domain name. For detailed information on how to import certificate into both FMS and FglAM keystore in FIPS-compliant mode, refer to Managing certificates for FglAM and Managing certificates for FMS in FIPS-compliant mode . For detailed information on how to import certificate into both FMS and FglAM keystore in non-FIPS mode, refer to Managing certificates for FglAM and Managing certificates for FMS in non-FIPS mode . |
• |
Is a Virtual Host?: Indicates if the selected Exchange server runs on a virtual host. If it runs on a physical host, by default the Windows Agent is delegated to collect host metrics |
• |
Virtual Environment: The type of the virtual environment: VMware or Hyper-V. This property only appears if the selected Exchange server runs on a virtual host. |
• |
Enable ActiveSync Collection: Indicates if the collection of ActiveSync Top N users is disabled or enabled. |
• |
IIS Log Folder: The file path to the IIS log on the Exchange Client Access Server. |
• |
ActiveSync Collection Time: The time when the ActiveSync collection task starts. |
• |
Top N Users: The number of top N users for which data is submitted to the Management Server. |
7 |
On the Select the Agent Manager Host page, select the Foglight Agent Manager host to be used for the new Exchange agent instances. |
• |
• |
The Exchange Agent Package Deployed column indicates whether the Exchange agent package is already deployed to the Agent Manager host(s). A green check in this column indicates that the Exchange agent package has been deployed. |
• |
The Windows Agent Package Deployed column indicates whether the Windows agent package is already deployed to the Agent Manager host(s). A green check in this column indicates that the Windows agent package has been deployed. This column is displayed only if the Exchange server runs on a physical host. |
8 |
On the Assign and Validate Credentials page, review the available credentials, and edit them, as necessary. |
• |
To create a new credential, click Add host(s) to a new credential. |
• |
In the Create New Credential and Assign dialog box, create a credential that you want to use to access the monitored resource. Type a new credential name, domain, user name, password, and lockbox, and click Submit. |
• |
To select an existing credential, click Add host(s) to an existing credential. |
• |
• |
To bypass the prerequisites verification, select the Do not check for prerequisites check box. |
9 |
On the Summary page, review the configuration settings chosen for the new agent, and its prerequisite diagnostics, including: |
• |
Exchange Agent: The name of the selected Exchange agent instance. |
• |
Windows Agent: The name of the selected Windows agent instance. |
• |
Success: The agent instance can connect to the monitored Exchange server and collect data. |
• |
Error: The agent instance cannot connect to the monitored Exchange server instance and collect data. Click this link to find out what causes this error. Carefully review the information in the popup that appears in order address the problem. |
The Agent Edit wizard guides you through the process of editing private agent properties.
1 |
In the Agent Management view, in the row containing the agent whose properties you want to edit, click the Private Properties column. |
2 |
In the Agent Edit wizard, on the Configure Agent Properties page, review the Exchange agent properties, and edit them, as necessary. |
• |
Exchange Server(s): The name of one or more Exchange servers found on the selected domain. |
• |
Domain Controller: The name of the domain controller found on the selected domain. |
• |
Communication Protocol: Selects to run the WMI query through DCOM or WinRM. |
• |
WinRM Port: The WinRM port number on the monitored server. This property only appears if the Communication Protocol is set to WinRM through HTTP or WinRM through HTTPS. |
NOTE: 1. When setting Communication Protocol as WinRM through HTTPs, import the root certificate of the monitoring domain into FglAM keystore. 2. Ensure that the Subject Alternative Name of the certificate used by LDAP service includes both server FQDN and Domain name. For detailed information on how to import certificate into FglAM keystore, refer to Managing certificates for FglAM . |
• |
LDAP Authentication Mechanism: The authentication scheme used to connect to the LDAP server: Simple (default) or Kerberos. |
• |
Enable SSL For LDAP: Indicates if the LDAP connection is secure or not (default). |
NOTE: 1. When selecting Enable SSL For LDAP, import the root certificate of the monitoring domain into both FglAM and Foglight keystore. 2. Ensure that the Subject Alternative Name of the certificate used by LDAP service includes both server FQDN and Domain name. For detailed information on how to import certificate into both FMS and FglAM keystore in FIPS-compliant mode, refer to Managing certificates for FglAM and Managing certificates for FMS in FIPS-compliant mode . For detailed information on how to import certificate into both FMS and FglAM keystore in non-FIPS mode, refer to Managing certificates for FglAM and Managing certificates for FMS in non-FIPS mode . |
• |
Is a Virtual Host?: Indicates if the selected Exchange server runs on a virtual host. |
• |
Virtual Environment: The type of the virtual environment: VMware or Hyper-V. This property only appears if the selected Exchange server runs on a virtual host. |
• |
Host Info Provider: Indicates the host metrics collected by the Windows agent or the Exchange agent. |
• |
Enable ActiveSync Collection: Indicates if the collection of ActiveSync Top N users is disabled or enabled. |
• |
IIS Log Folder: The file path to the IIS log on the Exchange Client Access Server. |
• |
ActiveSync Collection Time: The time when the ActiveSync collection task starts. |
• |
Top N Users: The number of top N users for which data is submitted to the Management Server. |
3 |
On the Assign and Validate Credentials page, review the available credentials, and edit them, as necessary. |
• |
To create a new credential, click Add host(s) to a new credential. |
• |
In the Create New Credential and Assign dialog box, create a credential that you want to use to access the monitored resource. Type a new credential name, domain, user name, password, and lockbox, and click Submit. |
• |
To select an existing credential, click Add host(s) to an existing credential. |
• |
4 |
If any monitoring agents are unable to collect data or connect to the monitored Exchange servers, you can inspect the underlying cause using the Prerequisites Diagnostic button on the Agent Management toolbar.
1 |
In the Agent Management view, select the row containing the agent whose prerequisites you want to examine, and click Prerequisites Diagnostic on the toolbar. |
2 |
Review the results in the Prerequisites Diagnostic dialog box. |
• |
Agent Name: The name of the selected Exchange agent instance. |
• |
Monitored Host: The name of the host on which the monitored Exchange server is running. |
• |
Success: The agent instance can connect to the monitored Exchange server and collect data. |
• |
Error: The agent instance cannot connect to the monitored Exchange server instance and collect data. Click this link to find out what causes this error. Carefully review the information in the popup that appears in order address the problem. |
• |
<foglight_home> is a placeholder that represents the path to the Foglight Management Server installation. |
• |
<foglight_agent_mgr_home> is a placeholder that represents the path to the Foglight Agent Manager installation. This can be the location of the Foglight Agent Manager installation on a monitored host, or the home directory of the Foglight Agent Manager that comes embedded with the Foglight Management Server. For example: |
All the certificate-related command line options require that FglAM be up and running.
bin/fglam --add-certificate "user alias 1"=/path/to/certificate/file
• |
FglAM requires the Base64 format. To verify if the certificate file is encoded with Base64, open the certificate with a notepad and the certificate should be similar to the following example: -----BEGIN CERTIFICATE----- XXXXXXXX= -----END CERTIFICATE----- |
NOTE: If the certificate is not Base64 format, use openssl command to convert the certificate file into a Base64 file. Use either of the following commands depending on the source form: openssl x509 -inform DER -in xxx.cer -out xxx.crt or openssl x509 -inform PEM -in xxx.cer -out xxx.crt |
• |
The alias is required and is used in the list and delete operations to refer to the certificate. It can be anything. |
Print out a list of certificates and the aliases that refer to them.
Refer to the example output below:
Remove a certificate referred to by an alias.
bin/fglam --delete-certificate "user alias 1"
Use the keytool utility shipped with Foglight to create, import, or export certificates. This utility can be found at: <foglight_home>\jre\bin\keytool.
There are two FMS running modes:
The KeyStore Foglight used under non-FIPS mode is located at: <foglight_home>/jre/lib/security/cacerts (default password: changeit)
Use the keytool command in FMS JRE located in <foglight>/jre/bin
• |
<alias>: The alias is required and is used in the list and delete operations to refer to the certificate. It can be anything. |
• |
<foglight_home>: The folder path where the Foglight is installed. |
• |
<certificate path>: Your custom certificate path. |
keytool -list -keystore <foglight_home>/jre/lib/security/cacerts -storepass changeit
Remove a certificate referred to by an alias.
The KeyStore Foglight used in FIPS-compliant mode is located at: <foglight_home>/config/security/trust.fips.keystore (default password: nitrogen)
Use the keytool command in FMS JRE located in <foglight>/jre/bin.
• |
<alias>: The alias is required and is used in the list and delete operations to refer to the certificate. It can be anything. |
• |
<Foglight_home>: The folder path where Foglight is installed. |
• |
<certificate path>: Your custom certificate path. |
Prints out a list of certificates and the aliases that refer to them.
Refer to the example output below:
Remove a certificate referred to by an alias.
Issuer: CN=CA, DC=ca, DC=local
Valid from: Sun Jan 06 23:07:06 CST 2019 until: Wed Apr 06 23:07:06 CST 2022
Trust this certificate? [no]: yes
Certificate was added to keystore
To display an agent’s properties page, use one of the following methods:
• |
From the navigation panel, navigate to Dashboards > Administration > Agents > Agent Properties. On the Agent Properties dashboard, select an agent. The Properties panel is displayed, showing the current properties for the selected agent instance. |
• |
From the navigation panel, navigate to Dashboards > Administration > Agents > Agent Status. On the Agent Status dashboard, select an agent from the list and click Edit > Edit Properties. The Agent Status dashboard refreshes, showing the current properties for the selected agent instance. |
For more information on using the Agent Status dashboard to edit agent properties, see the Foglight Administration and Configuration Help.
The following tables describe the properties that can be modified for either an individual or all Exchange agent instances, by clicking Modify the private properties for this agent or Modify the properties of all ExchangeAgent agents links, respectively.
• |
The fully qualified domain name (myServer.myDomain.com) of the target server from which data is to be collected. | ||||||||||
The fully qualified domain name (myServer.myDomain.com) of a domain controller, in the same domain where the Exchange server(s) reside. This domain controller is used to capture Active Directory® related information which Exchange is dependant upon. | ||||||||||
Select the host collector to be used to collect host metrics:
| ||||||||||
Selects to run the WMI query through DCOM, WinRM Through HTTP, or WinRM Through HTTPS. | ||||||||||
Supports both Basic and Kerberos authentication schemes, when connected to LDAP server. | ||||||||||
Defines the IIS log path in the Exchange Client Access Server. | ||||||||||
Determines the number of top N users for which data is submitted to the Management Server |
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center