In centralized server management, “All’s Quiet” can indicate two possible conditions. It could mean the server is operating as expected and there is no critical information to report.  Alternately, “All’s Quiet” can be the result of the server being down, the email system failure or a network outage. The question remains; which “All’s Quiet” is it?

ELM Enterprise Manager has the technology to distinguish between these two states. This Point to Point Verification process actively confirms the server monitoring and notification features are working as expected. In addition, ELM can trigger an alert when the status of these components cannot be verified. As a result, ELM can send out an alert even when the monitored server is down or not reporting.

Event Log Monitoring Point to Point Verification alerts in the ELM Enterprise Manager Dashboard.

Point to Point Verification Process

Point to Point Verification is a combination of features built into ELM Enterprise Manager. Here is how the sequence works:

  1. The Event Writer publishes a “Heartbeat Event” into the local Application Log at specified intervals.
  2. A local Agent with an Event Collector transfers the event data to the ELM Server
  3. The ELM Server inserts the event into a database and processes it against the Filters.
  4. The default “ELM Monitor-Event Writer” Filter detects the Heartbeat Event and displays it in the “Point to Point Verification” Correlation View. In addition, it activates the Correlation Timer.

A Green Circle indicating a successful Point to Point Verification process is posted to the ELM Dashboard.Verification-Success

 

At the end of the next interval, a new Heartbeat Event is posted.  It is detected by the “Consecutive Event Writer” Correlation Filter. The event is matched or “Correlated” with the previous Heartbeat Event. It is displayed as a Matching Event and stops the Correlation Timer.

Following the Correlation Filter, the “ELM Monitor-Event Writer” Filter is processed. This filter also detects the new Heartbeat Event, displays it in the Point to Point Verification” Correlation View and restarts the Correlation Timer. The Point to Point Verification process has been confirmed and restarted.

Since consecutive Heartbeat Events have been found, the Matching Notification assigned to the Correlation View is triggered. By default, a Dashboard alert updates the Agent’s Current Status. It posts a low priority Green Circle indicating the following conditions have been confirmed:

  • The host system is available.
  • The Agent is active.
  • The Event Collector is enabled and working properly.
  • The network between the host server and the ELM Server is responsive.
  • The databases are available.
  • The ELM Server is processing Filters, Views and Alerts.
  • The ELM Dashboard receives data and is current.

Windows Event Log Monitoring Dashboard Notification Red Diamond Icon posted in the ELM Dashboard.Verification-Failure

 

If Matching Event pairs are not detected within two sequential intervals, the Correlation Timer will expire. This triggers the Time Out Notification. By default, a Red Diamond is immediately displayed in the ELM Dashboard Current Status. It is assigned a Priority 8, and depending on other Status Alerts, could be elevated to the persisting Peak Status. This highly visible alert confirms “All’s Quiet” is the result of an outage condition and requires prompt attention.

With ELM Enterprise Manager’s Point to Point Verification technologies, an alert can be triggered even when a monitored system is not reporting.