How here already this is now the first article on the topic of Exchange Server Monitoring. This article is about the software PRTG from the Paessler company. PRTG has been on the market for quite a long time and I would classify it as a "classic" monitoring tool. PRTG is therefore well suited for monitoring hardware, servers and their services. PRTG already comes with a number of suitable sensors, especially for Exchange Server, and if a special sensor is missing, PRTG can be easily expanded using scripts (e.g. PowerShell).
This article provides an overview of the possibilities of PRTG with regard to Exchange Server and Domain Controller.
Installation
Once the PRTG installation package has been downloaded, installation is completed in just a few steps.
For the installation, only the language has to be selected and the license agreement has to be accepted.
Before the installation begins, an e-mail address can be specified for notification of alarms
The installation will then only take a few moments.
As soon as the installation is complete, a browser window opens. The status of the PRTG initialization is displayed in the browser:
In my test environment, it happened that the "PRTG Core Server Service" was not started automatically. In this case, the service can simply be started manually.
The installation is now complete and you can begin with the configuration.
Configuration
After logging in to PRTG, the overview is usually already somewhat full. PRTG already performs a scan for systems and attempts to create sensors automatically. However, since no login information has been stored for various systems yet, the overview usually provides some alarms. This is what the overview looks like in my test environment, for example:
For the basic configuration, it is first important to set a password and activate SSL. The two options for this can already be found on the right-hand side of the screen:
Once a secure password has been assigned, PRTG can be switched to SSL:
PRTG delivers a self-signed certificate, but the certificate can also be replaced with a valid certificate from a PKI or public CA. The certificate is no longer relevant for this test environment, so I will not replace it here and use the self-signed certificate.
Under the "Devices" tab, you will now find the sensors and devices that PRTG has already created automatically:
PRTG versucht hier auch bereits eine gewisse Ordnung zu schaffen, indem Systeme gruppiert werden. So gibt es beispielsweise bereits die Gruppen “Netzwerksuche”, “Windows”, “Clients” und “Server”. Damit es hier etwas übersichtlicher zugeht, lösche ich die komplette Gruppe “Netzwerksuche”, diese Gruppe enthält alle Systeme die bereits durch die automatische Netzwerksuche gefunden wurden (Rechtsklick –> Löschen“):
After deleting the group, I am now faced with an "empty" PRTG:
As already mentioned, appropriate login information is required so that PRTG can retrieve data from the systems to be monitored, for example via WMI or SNMP. The settings for the login information can be entered in the "Main group". To do this, switch to the "Settings" tab of the main group:
On the "Settings" page, login information can now be stored for various systems (for example, access data for Windows systems, SNMP or ESX Server:
So that PRTG can now also send alarms and warnings, the "Sending of notifications" must be configured. This is done under the "Configuration" -> "System management" -> "Sending notifications" tab:
Mail and SMS notifications can now be configured in the settings. If PRTG is to monitor the company's Exchange server, it makes sense to "Use two SMTP relay servers" (see screenshot above). If the Exchange server fails, the alarm can be sent via an alternative server. Notification via SMS can also be useful here.
The basic configuration is now complete. This is where one of the biggest advantages of PRTG becomes apparent: configuring PRTG to this point takes less than 15 minutes. In principle, you have configured a monitoring system in less than 15 minutes and can now start monitoring servers and services.
Monitoring Exchange Server and Domain Controller with PRTG
Now that PRTG is ready for use, the first servers can be added for monitoring. Before Domain Controller and Exchange Server are added to PRTG, two new groups are created: Domain Controller and Exchange Server. The groups can be added simply by right-clicking on the "Local Probe". Once the groups have been created, the overview looks as follows:
The groups not only provide an overview, but also inherit the settings for login information and check intervals, for example. The group structure should therefore be adapted to your own network.
Exchange servers and domain controllers can now be added to the groups by right-clicking "Add device":
The two new devices now appear in the overview, but they have not yet been assigned any sensors:
The sensors can now be added in the next step (right-click on the device -> Add sensor). First of all, I have added a ping sensor. PRTG pings the device and generates an alarm if the ping fails. The ping sensor can almost always be used, regardless of the device in question. Although a ping does not necessarily say anything about accessibility, it should be the first thing an admin checks anyway when he receives the message "Server down".
The other sensors can now be configured for each device. Although there is also the option of "automatic search", this usually adds a lot of sensors that are not necessarily always useful. I therefore usually configure the sensors that are important to me myself. Here is my list of sensors that I configure for each operating system:
- Ping
- CPU utilization
- RAM utilization
- HDD utilization
- Network load
In the sensor overview for the EX1 device, for example, it looks like this:
The PRTG device overview looks like this when the sensors have been added:
In addition to the basic sensors, there are now the sensors that monitor the service. For a domain controller, for example, the following parameters are important:
- Active Directory services started?
- DNS available?
- Query via LDAP possible?
- Replication error present? (with several DCs)
Here is an example of the sensors for my domain controller in the test environment:
In total, there are only 12 sensors for a domain controller, but they form a pretty good basis for monitoring a DC.
With an Exchange Server there is a bit more to monitor, here are my basic sensors for Exchange Server:
- most important Exchange services started?
- IIS services started?
- SMTP available?
- Certificate OK?
HealthCheck URLs OK?
In the sensor overview of the Exchange Server, for example, it looks like this:
The Exchange HealthCheck URLs can be monitored quite easily with a CustomSensor, here is an article about it:
The PRTG device overview for a domain controller and an Exchange server looks something like this:
This means you have already configured PRTG for a domain controller and an Exchange server. All in all, this may take half an hour if you have a bit of practice.
A brief summary of PRTG
This small environment has 35 sensors (36 with the Exchange Health Check URLs). This is already a good basis. Since 100 sensors are free with PRTG, there is still room to monitor additional devices such as ESX/Hyper-V hosts, switches, routers and firewalls. Once the environment has reached a certain size, there is of course no getting around a paid license. In my opinion, however, the prices for PRTG are absolutely reasonable. The big advantage of PRTG is, in my opinion: The basic infrastructure such as switches, routers, servers, etc, can be monitored very easily with PRTG. Installation and configuration is done in just a few minutes.