This is part 3 of the Intro Guide. See part 2 here.
In this section, we’ll discuss some essential concepts related to how Netreo works.
Netreo monitors your network by performing various checks on the devices and services running in it. Some of these checks are components assigned directly to a device and check only that device (e.g. service checks, threshold checks), while others are more generic and used by Netreo to check all devices (e.g. configuration change check).
These checks are performed at various intervals according to Netreo’s internal scheduling (or a check’s individual scheduling). To perform a check, Netreo sends a query of some kind to the device or service. The results returned will cause that check to enter, or remain in, one of several states: OK, UNKNOWN, WARNING or CRITICAL.
Results that are deemed acceptable mean that the check remains in an OK state. Results that Netreo doesn’t understand cause the check to enter the UNKNOWN state (this is usually due to a misconfiguration of the check). If the results are potentially concerning, but not yet problematic, the check may enter a WARNING state. If the results of a check are definitely indicative of a serious problem, the check enters a CRITICAL state. When a check becomes CRITICAL, it generates an alarm (see below).
Alarms and Alerting
An alarm is an event indicating that an Netreo check has entered a CRITICAL state, such as a device or service is not reachable or not running, a utilization threshold has been exceeded, etc.
An alarm should not be confused with an alert. An alarm is what spurs Netreo into action when a problem occurs. Alarms are the means by which incidents (records of the problem) are opened and the structure by which they are organized (i.e. this incident consists of those related alarms). The current alarm state of a Netreo check is an important display element in dashboard displays.
An alert notification, or “alert,” is the actual message sent to an appropriate party to “alert” those users to the existence of an alarm. In short: Alarms are generated by check failures, while alerts notify users of those alarms.
Device groups are how Netreo helps you organize your company’s network devices into cohesive and easy to manage collections. Devices are typically organized and displayed in most dashboards based on device groups. They are also extremely important for configuring the various reports provided by Netreo.
There are three types of device group available (outlined below):
- Strategic group
Categories are for organizing your managed devices into groups based on device type (servers, routers, switches, etc.). Configuration settings common to these related types can then be applied automatically through the use of a device template (discussed below).
Every managed device in your network must be assigned to exactly one category. Newly discovered devices are automatically placed into the “New Devices” category, unless a user autoconfiguration rule is in place to automatically assign it to an existing category.
Categories may be managed by selecting Administration > Grouping > Category from the main menu to open the Category Administration page.
Create as many categories as you need based on your network structure.
Once you’ve created your first new category, here are a few important things to note about category administration:
- Devices are only able to belong to one category at a time.
- Devices cannot be removed from a category. You must add the device to another category to remove it from its current category.
- Categories can be deleted. All devices in that category will then be automatically moved to the “New Devices” category. So you should probably move them into the desired new categories before deleting an old category.
- Click the magnifying glass button in a category’s ACTIONS column to open that site’s dashboard.
Sites are for organizing your managed devices into groups based on real or hypothetical “location.” Configuration settings common to each location can then be applied automatically through the use of a device template (discussed below).
Every managed device in your network must be assigned to exactly one site. Newly discovered devices are automatically placed into the “Unknown” site, unless a user autoconfiguration rule is in place to automatically assign it to an existing site.
A site can be either a literal geographic location (e.g, New York) or an arbitrary system of organizing your network’s equipment by theoretical location, such as departments, lines-of-business or buildings. Defining a list of sites is required for Netreo’s mapping features to function properly.
Sites may be managed by selecting Administration > Grouping > Site from the main menu to open the Category Administration page
Create as many sites as you need based on your network structure.
Once you’ve created your first new site, here are a few important things to note about site administration:
- Devices are only able to belong to one site at a time.
- Click the edit icon in the TEMPLATE column of a site to assign a device template to that site.
- Devices cannot be removed from a site. You must add the device to another site to remove it from its current category.
- Sites can be deleted. All devices in that site will then be automatically moved to the “Unknown” site. So you should probably move them into the desired new sites before deleting an old site.
- Click the magnifying glass button in a site’s ACTIONS column to open that site’s dashboard.
Strategic groups are for organizing your managed devices into groups by completely arbitrary means (typically by application).
Strategic groups are separated into two types:
- Business workflows
- Functional groups
Business workflows are useful for organizing your devices along lines such as network applications, lines-of-business, or “high-priority” devices. These groups are evaluated for an overall device “health” score and are displayed prominently in dashboards.
One excellent use for business workflows is to create groups based on hosts running software applications critical to your operation. This strategy allows you to quickly see the total availability of your network applications or lines-of-business. A small number of strategic groups are defined and populated automatically by Netreo. But, these groups may have their member devices removed and be deleted, if desired.
Functional groups are used exclusively for device selection in administrative tasks (for example, assigning devices to categories and sites, as seen above). These groups never appear in dashboards.
There are no grouping limits for strategic groups, and any device can be a member of any strategic group—or even a member of multiple groups (including business workflows and functional groups simultaneously). However, no device is required to belong to any strategic group.
Strategic groups may be managed by selecting Administration > Grouping > Strategic Groups from the main menu to open the Strategic Group Administration page.
Create as many strategic groups as you need based on your network structure.
Once you’ve created your first new strategic group, here are a few important things to note about strategic group administration:
- Devices can belong to more than one strategic group, but are not required to belong to any. This allows tremendous flexibility in creating strategic groups.
- Clicking the stop button in a strategic group’s ACTIONS column has a different effect depending on what type of strategic group it is.
- For business workflows – it will temporarily stop that group from being evaluated for a health score and being displayed in any dashboards.
- For functional groups – it will remove that group from the device selection dialogs of administrative tools.
- Strategic groups can be deleted, even default ones.
- The “Devices” tab on the strategic group edit page, that adds devices to a strategic group can also be used to remove them. Strategic groups are the only device groups that allow you to explicitly remove a device from one of those groups. Categories and sites require you to assign a device to a new group to remove it from the old group.
Managed devices in Netreo have a large number of Netreo-specific configuration settings that can be customized for each device. Additionally, a wide variety of checks can be applied to each device for monitoring purposes, each with their own complete set of configuration settings. Coordinating and managing all of these settings can prove to be extremely difficult in networks with large numbers of devices.
To make managing all of these checks and settings much easier, and to ensure that specific standardized settings for devices are enforced consistently across the network, Netreo manages devices through the use of device templates.
A device template is a collection of Netreo configuration settings for a device (including authentication credentials, host alert contacts, service checks, threshold checks, logging rules and configuration management rule sets), that can be safely applied to any device on your network.
Device template may be managed by selecting Administration > Templates from the main menu to open the Device Templates Administration page.
Device templates apply their settings using a hierarchy based on device grouping type and device type/subtype. Templates can be applied to devices at any level in the hierarchy, with templates applied later in the hierarchy selectively overriding settings from earlier templates.
If a device template doesn’t specifically override a particular setting from a template earlier in the hierarchy, that earlier setting will be passed through and applied unchanged. This means that you can have some settings that apply to all of your devices, while other settings apply only to one group or another.
Since any device template can be applied to any type of device, settings in a template that are incompatible with a particular device type are simply ignored by Netreo, preventing potential configuration problems. For example, a server and a switch may both have a device template applied that contains settings for authentication credentials and a threshold check for disk-space resource monitoring. Both devices will happily use the authentication credentials setting, but only the server will get a threshold check to monitor disk space created for it.
Continued in part 4.