This
Use the following menu options to navigate the SL1 user interface:
- To view a pop-out list of menu options, click the menu icon (
). - To view a page containing all of the menu options, click the Advanced menu icon (
).
What is Collection?
Collection is the tool that retrieves policy-based information and Dynamic Application-based information from a device. After a device is discovered, you can define monitoring policies for that device in SL1. For example, if you define a policy to monitor a system process, the collection tool retrieves that information.
SL1 uses the following methods for collection:
- Dynamic Applications use collection processes to collect data.
- Monitoring Policies for devices also trigger collection. These polices include:
- Domain Name policies
- Email Round-Trip policies
- SOAP/XML Transaction policies
- System Process policies
- TCP/IP Port policies
- Web Content policies
- Windows Services policies
- SL1 automatically collects the following about each managed device:
- Device availability and device latency
- Network topology
- File system information, if available
- A list of open ports
- Bandwidth usage
- The SL1 agent automatically collects the following about each device on which it is installed:
- Device availability
- Device performance and configuration metrics
- A list of open ports
- Log information
- System processes
For more information about how SL1 manages devices and collects data, see
What are Monitoring Policies?
For each device in SL1, you can define the following types of monitoring policies:
- Domain Name policies. Monitor the availability and lookup time for a specific domain-name server and a specific record on a domain-name server.
- Email Round-Trip policies. Monitor the amount of time it takes to send an email message from SL1 to an external mail server and then back to SL1.
- SOAP/XML Transaction policies. Monitor any server-to-server transactions that use HTTP and can post files or forms (for example, SOAP/XML or email). Periodically, SL1 sends a request and some data, and then examines the result of the transaction and compares it to a specified expression match.
- System Process policies. Monitor the device and look for the specified system process. You can define a process policy that also specifies:
- How much memory a process can use.
- How many instances of a process can run simultaneously.
- Whether or not to generate an event if the process is running.
- TCP/IP Port policies. Monitor ports for availability every five minutes. If a port is not available, SL1 creates an event. The data gathered by the port policy is used to create port-availability reports.
- Web Content policies. Monitor a website for specific content. SL1 will periodically check the website for the specified content. If the content cannot be found on the website, SL1 will generate an event.
- Windows Service policies. Monitor the device and look for the specified service. You can define a service policy so that:
- SL1 generates an event if the service is not running.
- SL1 generates an event if the service is running.
- SL1 starts, pauses, or restarts the service.
- SL1 reboots or shuts down the device.
- SL1 triggers the execution of a script (script must reside on the device).
You can define these policies from the tab of the Device Investigator, the Device Administration panel, or the pages in the Registry > Monitors section.
What are Collection Processes?
Unlike discovery, collection tasks run at scheduled intervals throughout the day. Collection tasks collect the types of data described below. The interval specified is the default interval and can be modified.
- Device availability and device latency (based on the port through which SL1 communicates), every five minutes.
- CDP relationships between devices, every two hours.
- LLDP relationships between devices, every two hours.
- Critical device availability (if enabled, based on ping to specified port), every 5 seconds, 30 seconds, 60 seconds or 120 seconds (defined by user).
- Critical port availability (if enabled, based on ping to specified port), every 5 seconds, 30 seconds, 60 seconds or 120 seconds (defined by user).
- DNS availability based on DNS-monitoring policies, every five minutes.
- Data specified in Dynamic Applications. Collection tasks retrieve data from each aligned device, at the frequency specified in the Dynamic Application.
- Email round-trip statistics based on Email-monitoring policies, every five minutes.
- File system information, every five minutes.
- File system inventory, every two hours.
- Bandwidth usage on managed interfaces, every minute, 5 minutes, 10 minutes, 15 minutes, 30 minutes, 60 minutes, or 120 minutes (defined by user).
- Layer-3 relationships between devices, every two hours.
- List of all discovered system processes on all discovered devices, every two hours.
- Availability of system processes based on process-monitoring policies, every five minutes.
- List of all discovered Windows services on all discovered devices, every two hours.
- Availability of Windows services based on service-monitoring policies, every five minutes.
- SNMP details for each discovered device, every five minutes.
- Availability of ports based on port-monitoring policies, every five minutes.
- Layer-2 relationships between devices, every hour.
- Virtual machine relationships between devices, every hour.
- Availability of web content based on web content-monitoring policies, every five minutes.
- Web-transaction statistics based on a SOAP/XML-monitoring policy, every five minutes.
- If the SL1 agent is installed, SL1 collects a list of all processes running on a device, every five minutes.
For details on collection processes, go to the tab of the Device Investigator or the Process Manager page (System > Settings > Admin Processes) and look for processes with names that start with "Data Collection".
What Vital Metrics Can SL1 Collect?
The following sections describe the system vitals that can be collected with SL1 and with the SL1 Agent, including definitions of each metric type and the collection methods that are and are not supported for each.
Metric Descriptions
The following table describes the system vital metrics that can be collected with SL1 and the SL1 Agent:
| Metric | Type | Description |
|---|---|---|
| Availability | Performance | The ability to communicate with the managed entity or device. |
| File Systems | Configuration | The configuration of the file systems found within a managed entity that can include attributes like name, size, and type. |
| File Systems | Performance | Time series data associated with file system utilization that can include metrics like free space, size, and usage percentage. |
| Installed Software | Configuration | The software found on a managed entity that can include attributes like name, version, and installation date. |
| Network Interfaces | Configuration | The configuration of the network interface found within a managed entity that includes attributes like MAC address, IP address, position, and speed. |
| Network Interfaces | Performance | Time series data associated with physical memory utilization that includes metrics like inbound and outbound utilization, number of errors, and discard and usage percentage. |
| Physical Memory | Configuration | The configuration of the physical memory found within a managed entity that can include attributes like memory size. |
| Physical Memory | Performance | Time series data associated with physical memory utilization that can include metrics like memory used. |
| Ports | Configuration | The ports discovered on a managed entity. |
| Ports | Performance | Time series data associated with port availability. |
| Ports (Illicit) | Performance | An analysis of ports. When a port from the illicit port list is found on a managed system, the system will trigger an event indicating an illicit port has been found. |
| Processes | Configuration | The processes found on a managed entity that can include attributes like name, process ID (PID), and state. |
| Processes | Performance | Time series data associated with process performance that can include metrics like availability percentage. |
| Processor | Configuration | The configuration of the processor found within a managed entity that can include attributes like number of cores, processor model, processor speed, cache size, and CPU ID. |
| Processor | Performance | Time series data associated with processor utilization that can include metrics like CPU idle time, CPU wait time, and overall CPU time. |
| Restarts | Performance | An analysis of uptime. When uptime is less than 15 minutes, the system triggers an event indicating the system was restarted. |
| SSL Certificates | Configuration | The certificates found on a managed system. |
| SSL Certificates | Performance | An analysis of certificate expiration date. The system will trigger an event when certificates are nearing expiration. |
| Uptime | Performance | The timespan since the managed entity was last initialized. |
| Virtual Memory (Swap) | Configuration | The configuration of the virtual memory found within a managed entity. |
| Virtual Memory (Swap) | Performance | Time series data associated with virtual memory utilization. |
| Windows Services | Configuration | The services found on a managed entity that can include attributes like name and state. |
| Windows Services | Performance | Time series data associated with service performance that can include metrics like availability percentage. |
Supported Data Collection Methods for Monitoring Windows
The following table describes which methods of data collection are supported when running SL1 and the SL1 Agent on monitored Windows systems:
| Metric | Type | Agentless | Agent-Based | |||
|---|---|---|---|---|---|---|
| SNMP | WMI | PowerShell | Gen-01 | Gen-03 | ||
| Availability | Performance | Yes | Yes | Yes | Yes | Yes |
| File Systems | Configuration | Yes | Some | Yes | Some | Yes |
| File Systems | Performance | Yes | Some | Yes | Some | Yes |
| Installed Software | Configuration | Yes | No | Yes | No | Yes |
| Network Interfaces | Configuration | Yes | Some | Yes | Some | Yes |
| Network Interfaces | Performance | Yes | Some | Yes | Some | Yes |
| Physical Memory | Configuration | Yes | Yes | Yes | Yes | Yes |
| Physical Memory | Performance | Yes | Yes | Yes | Yes | Yes |
| Ports | Configuration | Yes | No | Yes | Yes | No |
| Ports | Performance | Yes | No | Yes | Yes | No |
| Ports (Illicit) | Performance | Yes | No | Yes | Yes | No |
| Processes | Configuration | Yes | Some | Yes | Yes | Yes |
| Processes | Performance | Yes | No | Yes | Yes | Yes |
| Processor | Configuration | Yes | Yes | Yes | Yes | Yes |
| Processor | Performance | Yes | Yes | Yes | Yes | Yes |
| Restarts | Performance | Yes | No | Yes | Yes | Yes |
| SSL Certificates | Configuration | Yes | No | No | No | No |
| SSL Certificates | Performance | Yes | No | No | No | No |
| Uptime | Performance | Yes | No | Yes | Yes | Yes |
| Virtual Memory (Swap) | Configuration | Yes | Yes | Yes | Yes | Yes |
| Virtual Memory (Swap) | Performance | Yes | Yes | Yes | Yes | Yes |
| Windows Services | Configuration | Yes | Some | Yes | No | Yes |
| Windows Services | Performance | Yes | Some | Yes | No | Yes |
Supported Data Collection Methods for Monitoring Linux
The following table describes which methods of data collection are supported when running SL1 and the SL1 Agent on monitored Linux systems:
| Metric | Type | Agentless | Agent-Based | ||
|---|---|---|---|---|---|
| SNMP | SSH | Gen-01 | Gen-03 | ||
| Availability | Performance | Yes | Yes | Yes | Yes |
| File Systems | Configuration | Yes | Yes | Some | Yes |
| File Systems | Performance | Yes | Yes | Some | Yes |
| Installed Software | Configuration | Yes | No | No | Yes |
| Network Interfaces | Configuration | Yes | Yes | Some | Yes |
| Network Interfaces | Performance | Yes | Yes | Some | Yes |
| Physical Memory | Configuration | Yes | Yes | Yes | Yes |
| Physical Memory | Performance | Yes | Yes | Yes | Yes |
| Ports | Configuration | Yes | Yes | Yes | No |
| Ports | Performance | Yes | Yes | Yes | No |
| Ports (Illicit) | Performance | Yes | Yes | Yes | No |
| Processes | Configuration | Yes | Yes | Yes | Yes |
| Processes | Performance | Yes | Yes | Yes | Yes |
| Processor | Configuration | Yes | Yes | Yes | Yes |
| Processor | Performance | Yes | Yes | Yes | Yes |
| Restarts | Performance | Yes | Yes | Yes | Yes |
| SSL Certificates | Configuration | Yes | No | No | No |
| SSL Certificates | Performance | Yes | No | No | No |
| Uptime | Performance | Yes | Yes | Yes | Yes |
| Virtual Memory (Swap) | Configuration | Yes | Yes | Yes | Yes |
| Virtual Memory (Swap) | Performance | Yes | Yes | Yes | Yes |
| Windows Services | Configuration | N/A | N/A | N/A | N/A |
| Windows Services | Performance | N/A | N/A | N/A | N/A |