ELM Standby Server

With the release of version 5.5, ELM now includes disaster recovery support in the form of Standby Server Licenses. Under this model, select "critical" Service Agents can be configured to report to a Standby Server should the Primary (or Home) Server become unavailable. The Standby Server may be another active ELM Server on the network that is servicing its own group of agents (Active-Active), or may be another server on the network with an idle instance of ELM running (Active-Passive). Only ELM Service Agents can be configured to Switchover and Switchback to the ELM Standby Server. Virtual Agents and IP Virtual Agents cannot be configured for use with a Standby Server.

In the Active-Active scenario illustrated below, each ELM Server may be configured as the Standby Server for the other. However, each Service Agent can only have one (1) Home Server, and one (1) Standby Server.

ELM Server A is the Home Server for Workstations 1 and 2 and is acting as the Standby Server for Workstations 3 and 4.

ELM Server B is the Home Server for Workstations 3 and 4 and the Standby Server for Workstations 1 and 2.

How it works
When the ELM Home Server becomes unavailable, the ELM Service Agent caches event and performance data for a specified duration. Once this duration has been met and the ELM Home Server is still unavailable, the Service Agent will initiate a switchover to the ELM Standby Server. After a successful connection, the Service Agent will send its cache file and begin reporting to the Standby Server. As this occurs a new timer starts as well, specifying that the Service Agent not look for the Home Server and continue to report to the Standby Server.

Once that timer expires, the Service Agent will again look for availability of the Home Server. If it is still not available, it will report to the Standby Server and the timer restarts. If the Home Server is available, the Service Agent will switchback to the Home Server (signing off from the Standby Server) and begin reporting data as normal again.

Options & Best Practices

Default settings for timer durations are 1 minute - but can be modified to suit your specific needs

Service Agents can be configured to not automatically switchback to the Home Server. Switchback can be done manually to coincide with a scheduled maintenance window or as desired.

Data collected from the Standby Server is not merged back with the Home Server and vice versa (unless Home and Standby are configured to report to the same Primary Database).

Not all Service Agents need be set to switchover to a Standby Server; only those you specify in a select Agent Category.

Standby Server must have spare licenses to support the total number of agents reporting to it.

Home Server and Standby Server should be always be matching product line and version. (ie. ELM Enterprise Manager 5.5.111 to ELM Enterprise Manager 5.5.111)

Home Server and Standby Server should each have a unique license key.

We recommend working with a TNT Software Support Engineer to configure a Standby Server for the first time.

Interested in learning more?
Contact one of our Sales Account Managers today for more information about a Standby Server license for your ELM deployment!

Results of Last Month's SQL Server 2000 Poll

In last month's newsletter we asked: Is anyone still using Microsoft SQL Server 2000 in a production environment? And as of the publishing of this newsletter here's what you said:

"If it ain't broke - don't fix it"
Even with SQL 2005 and 2008 on the market it appears as if SQL Server 2000 is doing just fine for most based on the responses to this survey question.

Want to see who voted where?
Click on the link below for a state by state comparison response map.

SQL Server 2000 Quick Poll Results

Virtual Server Curiosity Poll

With virtual servers springing up in production environments everywhere, we're wondering:
What virtualization technology are you using?

ELM 5.5 Product Demonstration Schedule for April

April 14, 2009 - Live Overview and Demonstration of Centralized System Monitoring with ELM Enterprise Manager!

Would you like to know more about the centralized system monitoring and automated event log management capabilities ELM can provide your organization? How about a chance to "kick the tires" and take a look under the hood in a non sales pressure environment before downloading or deploying ELM Enterprise Manager?

You're in luck! TNT Software will be giving another live demonstration of ELM Enterprise Manager via Webex on April 14. This one hour overview presentation will introduce you to the architecture, power, flexibility and efficiency ELM can bring to your IT operations.

Areas we will cover include:

Monitoring
Monitor your servers, workstations and other network devices in real-time. Different monitoring features covered include:

Deploying Agents - Virtual & Service Agents for agentless and agent-based monitoring

Setting up Monitor Items - Collectors, Alarms & Monitors

Creating Agent Categories - Apply common monitoring templates across groups of servers

Notifications
ELM includes a rich, robust Notification Engine that enables you to customize notification and corrective action to suit your organizational needs. We'll cover:

Filters - the "criteria" for all notifications

Notification Methods - Email, Scripting, Pager, Desktop Pop-up, SNMP, Syslog & more

Rules - the "connector" between Filters and Notification Methods

Results
The Results container in the ELM Console contains the results of monitoring and management activities that have been configured. We'll take a look at Alerts and Event Views which provide a mechanism for grouping events into a view that match one or more filters. We'll also visit Performance Collectors; and both the customizable and preconfigured reporting options - ELM Editor and ELM Publisher.

Alerts - Open & Closed Status (Agent color coding: Red, Yellow)

Event Views - Default and customization options: include filters, exclude filters and custom date/time ranges

Reports - ELM Editor (custom reporting engine) and ELM Publisher (preconfigured reporting engine)

Demonstration Details
What: ELM Enterprise Manager 5.5 Live Overview and Demonstration
When: Tuesday, April 14, 2009, 8:30am PST / 9:30am MST / 10:30am CST / 11:30am
Where: WebEx On-line Presentation
Duration: 1 hour

How do I attend?

Register by using this link: https://tntsoftware.webex.com/tntsoftware/j.php?ED=107628552&RG=1&UID=0Â

The "ELM 411" - Monitoring for Portable Media Devices

With the prices of portable media or USB storage devices down to about a penny per megabyte (or even less!), its no wonder these little gems of storage are being used all over the place at work, school and home. Transferring and transporting data is easier than ever so knowing when this takes place in your environment may become a critical piece of your security policy.

Although there are many specialized end-point security tools out there, both ELM Enterprise Manager and ELM Performance manager can monitor for portable media devices using the WMI Monitor. Here's how.

Using a WMI Monitor item in ELM Enterprise Manager or ELM Performance Manager allows the administrator to query various objects in the WMI Namespace. The WMI monitor can be configured to look for the addition of portable media devices such as a USB flash drive or an MP3 player. As the WMI query results change (drive added/removed), the monitor item will trigger its action (i.e., Alert, Event Log Message, etc.). The following query utilizes the 'Win32_DiskDrive' Class in the WMI root\CIMV2 namespace:

SELECT Caption, MediaType FROM Win32_DiskDrive

Note: There are many other fields that can be added to the select query above depending on the information you need. On an Agent system named ELM-Agent with two SCSI hard drives configured, the following results would be returned when another Device is added.

Warning WMI Monitor - Win32_DiskDrive ELM-Agent

<+> Caption = SanDisk Cruzer Mini USB Device
<+> MediaType = Removable media other than floppy

root\cimv2
SELECT Caption, MediaType from Win32_DiskDrive

Caption = SEAGATE ST336753LW SCSI Disk Device
MediaType = Fixed hard disk media

Caption = SEAGATE ST336753LW SCSI Disk Device
MediaType = Fixed hard disk media

Caption = SanDisk Cruzer Mini USB Device
MediaType = Removable media other than floppy

As you can see the <+> indicator is to inform the administrator that this was an additional entry to the query results(Drive Added).

When the removable media is removed from the system the action will be triggered because the query result set will have changed again. This time the visual cue is the <-> like the following:

Warning WMI Monitor - Win32_DiskDrive ELM-Agent

<-> Caption = SanDisk Cruzer Mini USB Device
<-> MediaType = Removable media other than floppy

root\cimv2
SELECT Caption, MediaType from Win32_DiskDrive

Caption = SEAGATE ST336753LW SCSI Disk Device
MediaType = Fixed hard disk media

Caption = SEAGATE ST336753LW SCSI Disk Device
MediaType = Fixed hard disk media

The action (event or alert) that this change triggers can be used with any notification method you deem appropriate (email, SMS, etc.).

We hope that you found this article informative and wish you continued success with your ELM deployment!

NOTE: All ELM 411 articles are written based on ELM Version 5.5 and instructions may not be accurate for previous ELM Versions. If you would like assistance upgrading to ELM 5.5 so you can use these tips - please contact support@tntsoftware.com.

Share your own ELM tips!
Have a tip or trick with our ELM products you'd like to share with our newsletter subscribers? Send your ideas and any applicable screen shots to info@tntsoftware.com with "ELM 411" in the subject line. We'll take a look and if usable you'll see it published here in the ELM 411 section of upcoming newsletters!

Not Strictly Business

Easter Egg Time - in technology that is...
Bring back the laughs and amazement with these interesting little "easter eggs" hidden in the technology we use every day!

With any version of the Mozilla Firefox browser type in about:mozilla in the address bar and hit enter. Enjoy the read!

Open notepad editor.
Type â€œBush hid the factsâ€ without quotes.
Save it anywhere with any file name.
Close it and reopen it .
Strange, very strange...

Visit www.yahoo.com and click on the exclamation (!) part of the logo - make sure you have sound and speakers!

Open Microsoft Word and type
=rand (200, 99)
Press enter then see what happens

Try creating a new folder anywhere on your Windows OS based computer and give it one of these names:

CON
PRN
AUX
NUL
LTP1
COM1

What happens? Didn't work? Hmmm... Highlight the white text (hidden) starting on the next line to see why.

The team at Microsoft and a great many others besides know perfectly well why you cannot name a folder â€œCONâ€. â€œCONâ€ and number of other character strings are in fact reserved names that go back to the days of DOS and cannot be used to name folders or files. Reason: MS-DOS device driver names cannot be used as file names.

In Adobe Dreamweaver, open a new .html document.
Switch to Design View and type some gibberish text.
Highlight the text you just typed and go down to the properties panel.
Change the color property from a hexadecimal number to instead be dreamweaver.
Hit enter and enjoy an arcade classic!

Not really an Easter Egg but more of a fun hidden feature...
Open your favorite movie trailer in QuickTime.
Hold down the SHIFT key and double click the movie image (keep holding SHIFT)

Easter Eggs are not quite as widespread as they used to be over the last 8-10 years as software companies have become more concerned they are viewed as "bugs" in the applications and are removed with updates and new releases. However there are still quite a few out there. Searching the internet you will surely find more hidden secrets in the technology you use every day - all you have to do is look!

Sign up to receive our monthly email newsletter here.