This month, the TechNet IT toolbox includes tools for consolidating monitoring data, automatically adjusting the brightness of your monitor, and scheduling and managing tasks.
Keeping tabs on all your systems so you know when something goes wrong before anyone else is an essential part of being an IT professional. The problem is, the more servers and applications you have, the more log files and event systems there are and the harder it becomes to keep your finger on the “pulse.” One application that aims to gather, consolidate, aggregate and report on the various logs, events, changes and notifications throughout your network infrastructure is Splunk.
Splunk monitors all your various data points. You can “watch” various events and activities across all your systems in (near) real time through the Web-based interface. Splunk can also give you a good historical perspective on different types of events, so you can more easily identify patterns for troubleshooting and gauging usage. For example, you could note high and low bandwidth-utilization times for your network to ensure that systems processes such as backups don’t interfere with user activities. This is especially important for organizations with global presence using shared resources and applications.
Splunk is designed for scalability and high availability. It’s based on a MapReduce architecture; MapReduce is a programming model for processing large data sets.
In terms of acquisition, Splunk can handle almost any data source you throw at it. You can use it to monitor Active Directory, Windows registry changes, local and remote Event Log collection, data through Windows Management Instrumentation (WMI), files and directories—even a specific TCP or User Datagram Protocol (UDP) port for incoming data from sources such as syslog. As you configure your data sources, Splunk automatically starts acquiring and analyzing data.
Besides Windows-related data, Splunk can also pull from Linux/Unix, AIX, Mac and Solaris. From the Web application’s main dashboard, you can watch and report on the data almost immediately. There are also several charting and visualization tools to help you get the best data grab.
Splunk can alert you when data feeds meet specified events or thresholds. It sends alerts via e-mail, RSS or Simple Network Management Protocol (SNMP) traps. You can even have the event trigger an action to remedy the situation. For example, if a memory threshold is crossed on your Web server, you could have Splunk kick off an application pool reset. You can put fairly complex logic behind such events and processes, so you could even use the tool as a way to detect and mitigate potential threats (along with other tools, of course).
In addition to the standard dashboards, you can create custom dashboards and reports within Splunk to tailor the views, and you can even deliver snapshots of custom views as a PDF. Splunk is also extensible via Splunk Apps, which do everything from access and aggregate new data sources, execute tasks across various systems, create new reports and link to other systems. There are numerous Splunk Apps available for download from the community site splunkbase.com. These have either been developed by Splunk or shared by other application users. For example, you can download extensions for Cisco firewall monitoring, Internet Message Access Protocol (IMAP) connections and monitoring, or even just a “growl” script to ensure that when a threshold is crossed or an error occurs, notification of the event pops up right from the dashboard.
Splunk has a 60-day free trial for the Enterprise edition. After 60 days, an Enterprise license will run you $6,000 for a perpetual license at 500MB per day of raw data with one year of support, or $2,000 for a term license with support. Larger data-volume pricing is by quote. If you can live without some of the features of the Enterprise edition and can stay under 500MB a day in input data volume, you can convert to the perpetual free license. With the free edition, you’ll lose scheduled searches and PDF delivery, distributed deployments, single sign-on, access controls and multi-user support.
Most of the newer smartphones can dynamically adjust their screen brightness to any lighting situation. Most standard computer monitors, however, cannot. Ever been staring at your computer screen trying to troubleshoot an issue at night with a crazy-bright screen casting you in an overpowering glow? It gets tiring on the eyes.
One tool out there that aims to remedy this situation is f.lux from Michael and Lorna Herf at stereopsis.com. This free tool adjusts the brightness of your monitor based upon the time of day and the color temperature of your surrounding lights.
This is purely a software application. Unlike a smartphone, it doesn’t use a light meter to adjust the monitor settings. It uses a combination of your current location’s latitude and longitude paired with the local time. You can adjust the minimum and maximum color temperature settings from the default, as well as tweaking changes to your particular lighting scheme.
Once you have things where you want them, you can click preview to speed through a 24-hour cycle to see a time-lapse of the changes. The software also has a quick context menu item to disable the application for one hour. This is great for when you want to switch to a color-sensitive task such as editing a photo or verifying a Web site design.
If you or your end-users’ eyes are bugging out from all those late-night, dimly lit computer hours, you might want to a look at this free f.lux utility as a helpful addition to your toolbox.
Scheduling tasks is still the best and easiest way to ensure that repeated tasks are executed on your servers. As the number of servers and applications in your environment grows, however, managing the increasing number of scheduled tasks can start to outweigh the benefits.
How do you ensure that two processes that require the same resources aren’t running at the same time? How can you make sure that you don’t overload a system by running too many concurrent tasks against service applications during the wee hours of the morning? One tool out there that helps you centralize your scheduled task management is Task Scheduler Pro from Lieberman Software.
You can gather information on current tasks, as well as create and distribute new tasks across your Windows systems. You can add a set of systems to monitor in a number of ways, including domain membership, IP address ranges, OS and system name matches—or just implicitly add or ignore individual systems by name or IP address, among other traits.
Once your systems are ready to go, you can start managing tasks. You can create, modify or delete tasks for both individual systems and groups of systems. There’s also a job monitor that lets you see, across a set of systems, which tasks are running and the last time they were run. For each job, you can specify a retry policy and credentials as you would a normal scheduled task.
Task Scheduler Pro logs all job events to a central log file, so you can review historical runs across your system sets. Also, it has SMTP notification for mailing log files and letting you know when jobs fail. If a system is offline when a task should have executed, Task Scheduler Pro will automatically retry the task when it becomes available.
Besides scheduled tasks, you can also glean what hotfixes and service packs have been applied and what version of Internet Explorer is installed on the target system. Other systems-management tasks include remote rebooting, sending Wake on LAN packets, connecting to the system via a Mono Visual Basic.NET compiler or Remote Desktop Protocol (RDP), and starting and stopping services.
Task Scheduler Pro is priced by the number of systems you wish to manage. A 25-system pack costs $399. Support and maintenance are also available in one-, two- or three-year terms for a percentage of the purchase price. A 20-day, 10-system maximum free trial is available for download.
Task Scheduler Pro