Introduction

Download this manual as a PDF file

Use the following menu options to navigate the SL1 user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

The following sections provide an overview of SNMP and Windows Management Instrumentation (WMI), as well as the PowerPacks you can use to monitor Windows systems SL1:

Monitoring Windows Devices in the ScienceLogic Platform

SL1 can monitor a Windows device using the following methods:

  • Requesting information from the Windows SNMP agent
  • Requesting information by executing a remote PowerShell command
  • Requesting information from the WMI agent
  • Requesting information using the SL1 agent

This section describes how to monitor Windows with SNMP and WMI. For more information about using PowerShell to monitor Windows devices, see the section on Monitoring Windows with PowerShell.

What is SNMP?

SNMP (Simple Network Management Protocol) is a set of standard protocols for managing diverse computer hardware and software within a TCP/IP network. SNMP is the most common network protocol used by network monitoring and management applications to exchange management information between devices. SL1 uses this protocol and other protocols to collect availability and performance information.

SNMP uses a server-client structure. Clients are called agents. Devices and software that run SNMP are agents. The server is called the management system. SL1 is the management system.

Most network hardware is configured for SNMP and can be SNMP-enabled. Many enterprise software applications are also SNMP-compliant. When SNMP is running on a device, it uses a standard format to collect and store data about the device and/or software. For example, SNMP might collect information on each network interface and the traffic for each interface. SL1 can then query the device to retrieve the stored data.

What is WMI?

Windows Management Instrumentation, or WMI, is a Windows Service developed to access management information. WMI is a middle-layer technology that enables standardized management of Windows-based computers. It collects computer management data from a wide variety of sources and makes it accessible by using standard interfaces. WMI's specific query language is similar to SQL. For a comparison of WQL and SQL, see http://technet.microsoft.com/en-us/library/cc180454.aspx.

WMI Monitoring and System Scalability

SL1 versions 11.2.0, 11.1.3, and 10.2.5 included a new WMI client in response to Microsoft security updates. This change enables WMI Dynamic Applications to collect data from hardened Windows servers, but also has a major impact on system scalability.

This change significantly decreases the number of Microsoft Windows servers that can be supported on each Data Collector in your SL1 system compared to releases prior to the ones listed above. Users who need to monitor Windows devices using WMI should analyze their system resources and capacity to ensure that they have the resources they need for the devices they want to monitor. For guidance about sizing, see ScienceLogic's Collector Sizing guidelines for WMI endpoints.

To avoid this impact, ScienceLogic recommends using SNMP collection for two-core Windows servers and PowerShell collection for four-core Windows servers. For more information, see this Support Knowledge Base article.

PowerPacks

This manual describes content from the following PowerPacks:

  • Microsoft Base Pack PowerPack, version 109
  • Windows Restart Automatic Services PowerPack, version 101