Possible functional improvements

Nov 23, 2011 at 7:41 PM

Hi!

I found your QuickMon to be a great and very useful tool. Thank you!

It could (and it should!) be even a more powerful and flexible monitoring

and alerting tool.

So I'd like to suggest few possible extensions in its functionaility (ideas

are not only my own, I presented QuickMon to many of my colleagues).

 

New Collectors:

- shares monitor: detecting availability of specified network shares

- detecting presence of specified machines in network (by their IP/MAC/NetBIOS name)

- netstat-like plugin - monitoring network activity (like presence of specific connections

from/to monitored machine from/to specific ports).

- process monitor - is specified process present in memory?

 

I know that some of above Collectors can be defined using WMI queries,

but not everyone wants to excel in WMI scripting skills.

 

New Notifiers:

HTTP(S) Notifier: It formats notification data in HTTP get request.

and calls some external collecting engine in web, for example,

by calling:

https://myeventlog.myserver.tld/getlog.php?status=MyStatus&Error=LastError&Foo=Boo

In such request predefined variables for storing notification data could be used,

like in such template:

https://myeventlog.myserver.tld/getlog.php?status=%CurrentState%&Collector=%CollectorType%Details=%Details%

EventLog Notifier: It generates Event entry to Windows Event Log database.

 

And for SMTP Notifier, please, add "Sender Name" field - It will make

tagging and filtering mail notifications much easier. Using %variables% in sender name field

could be very helpful, too.

 

Once again thank you for this excellent and useful tool!

 

Kind regards,

Dughtiram

Coordinator
Nov 28, 2011 at 5:11 AM

Hi, thanks for the suggestions. Some of these are already possible - like the detect machine on network - you can use Ping collector. This will work for IP and netbios name (but not for MAC afaik)

Shares collector - I have thought about it - still might implement it some time.

Process collector - that can easily be done using performance counters (see 'Process' category).

HTTP(S) notifier - Interesting idea. Will think about it.

I already have plans for an Event log notifier - just need time to actually implement it. :)

Same with smtp notifier - I'll add a 'sender name' field when I get a chance. These days you have to be careful with playing too much with the sender details as spam filters can easily flag it as spam.

WMI can be very useful but I have found it to be slow and sometimes 'acting up'.

 

Have fun monitoring!

Coordinator
Dec 1, 2011 at 8:32 AM

I've added an Event log notifier now. It is not terribly fancy but does allow you to customize the event source if needed.

Dec 3, 2011 at 9:21 PM
RudolfHenning wrote:

I've added an Event log notifier now. It is not terribly fancy but does allow you to customize the event source if needed.

Thanks! I'm sure it will be useful for many users.

I have new ideas, BTW:

* Generic externall call Notifier: possibility to run any executable file,

with any parameters supplied, as a reaction for given collected event.

For example, someone may want to execute BLAT.EXE mail sender

to post file ERROR.LOG from some directory, detected by FileCount Collector.

* Errorlevel Collector: It runs any selected executable file with any commandline

parameters defined, and receives errorlevel returned.

* Registry Collector: It monitors one OR MORE Registry locations,

and alerts on defined OR ANY change.

* Network port collector: It monitors selected ports, and alerts, if any

connection attempt occurs.

* Conditional notifier execution: For example, all INFO and WARNING states

for given Collector are only logged using log file, but WARNING state triggers

SMTP log sender.

Coordinator
Apr 10, 2013 at 8:33 AM
Hi, just to give some feedback. I'll be looking into the ideas of a 'ErrorLevel' and "Registry' collectors. The conditional notifier idea would require a bit more of a change but it's definitely an interesting idea.
Network port monitoring might be a bit more problematic as it requires constant monitoring (oppose to polling like QuickMon does). This could be potentially done with an in-between agent but that is a whole other story.