Sentry II Version 8.0.27

August 27, 2007

Installing the New Version:

• Run the ‘SentryII_Fullsetup.exe’.  It will self-extract and launch the Setup. 

• Setup will prompt to stop the Sentry II Server service, click OK, only the appropriate files are updated.

• The Installer will then restart the Sentry II Server service, click OK. 

• Sentry II version 8.0.27 is now up and running. 

• Update the Agents using ‘Manage Agents’ to complete the setup.

Detailed Changes:

• Enhancements to the Network Status Display ‘Alert Details’ View:
  - Now the View is a summary which displays one entry with a count of occurrences and date/time of first and last occurrence for duplicate alert details;
  - And also Log Network Status Display ‘Alert Details’ Acknowledgements to an audit log file called ‘MonitorITAcknowledge.log’ in the ‘.\MonitorIT\Bin’ folder; of RPMCCS.exe started by the  Sentry II Server service;

• Enhancement to the ‘Registry Monitor’ feature; it now supports a wild-card specification of asterisk ‘*’ for the ‘Value Name’ so that all Values, under the ‘Registry Key’ specification, are monitored for additions, deletions, or changes; and Keys are monitored for additions or deletions; it does not nest any further then the immediate level for the specified ‘Registry Key’; enhancement is to the MonitorIT Agent and Server;

• Enhancement to ‘Configure->Servers/Agents & Devices’ Edit when doing a server/workstation rename; now the Agent is notified, if connected, of the new name and the Agent will subsequently use the new name when reconnecting; previously, one had to manually change the Agent Registry setting ‘LoginName’;

• Enhancement to EventLogWatch processing for the option ‘Not Rcvd In x Minutes’ when monitoring for the absence of the occurrence of events; now an EventLogWatch with this option will reset the ‘Not Received’ timer regardless of the ‘Precedence’ of this Watch, and then the processing continues to look for matches with other EventLogWatches; thereby providing the ability to monitor both for the absence of occurrence with one Watch and the occurrence with another Watch;

• Fix ‘Utilities->Server/Device Maintenance’ so that no Maintenance Plans are displayed if all the included servers/devices are restricted from viewing by the user due to Group restrictions; and prevent creating new Maintenance Plans or deleting existing plans if the user rights are ‘View Only’ Analyst rights;

• Fix ‘Alert Notification’ Report for EventLog data when using the ‘Query’ option and specifying multiple ‘Source’ or ‘User/Group’ parameters; previously only the 1st in the list of multiple ‘Source’ or ‘User’ would be displayed; also applies to, and fixes, ‘View Monitored Events’ in ‘EventLog View/Archive & Report’;

• Delay Object Purging, and consequently Object cache refresh, until all Agents have been queried for current list of Objects after a MonitorIT restart; this enhances performance by eliminating repeated purging and Object Cache refreshes for every Agent;

• Fix edit of the Custom Event Log definition so if all existing defined Custom Event Logs are deleted, the change is propagated; previously, if all were deleted, the change was not propagated;

• Enhance the Auto-Restart Monitoring that the MonitorIT Server Service engages in so that database errors, usually due to problems communicating with the database, and other serious system errors, are reflected in this monitoring
  so that an Auto-Restart of MonitorIT is triggered by the Service when serious errors are detected;

• Enhancement to the ‘Alert Notifications’ Report in ‘Schedule Periodic Reports’ and ‘Run/Analyze & View’ with a new option to select one or more servers to report on all the selected associated Watches; previously the only option was to select a server in each associated Watch;

• Fix problem with ProcessWatch for Linux/Unix; previously after editing an existing ProcessWatch for Linux/Unix, subsequent email alerts would be blank;

• Fix problem with ‘Eligible Watches’ where under rare occasions the WinServiceWatches would not be displayed due to corruption in the cache;

• Change Agent Install handling so that the first logon tried uses the Domain selected in ‘Manage Agents->Logon’;

• Enhance ‘Report->Run/Analyze & View->New’ so that it closes the pop-up and runs the selected report immediately;

• Enhance Agent logon processing so that a successful logon counts as receiving a ‘keep-alive’;

• SyslogWatch enhancement to the ‘Content’ parameter handling; previously it only supported a substring match of a single substring versus the content of the Syslog message; now it supports multiple comma-delimited or plus-delimited substrings, where the comma treats each substring as a Boolean OR, and the plus treats each substring as a Boolean AND; the delimiters cannot be mixed; also now case insensitive;

• Fix Status Code text in ‘Alert Notifications Report->WinServiceWatches’ for the ‘Service Running’; previously the Status Code text was ‘Restart Failed’ when it should be ‘Running’;

• CounterWatch tree performance enhancements in ‘Configure->Watches/Alerts’ and ‘Report->Create CounterWatch Report->Custom Collection Sets’;

• Enhance performance of creating and editing WinServiceWatches in ‘Configure->Watches/Alerts’;

• Add the ‘Server/Workstation’ information tool tip to the HDD Monitor, Memory Monitor, and Registry Monitor displays;

• Cosmetic enhancement to ‘Configure->Watches/Alerts’ and ‘Reports->Create CounterWatch Reports’ to show the ‘Server/Device Selected’ box in white background;

• In WOW64 fix problem with EventLog Archiving Size and Percent options for archiving, and uploading to Archive Centrally; updated Agent to handle WOW64 file redirection for the System32 folder/subfolders;

• Change function used to look-up Counter info that is used to create the CounterWatch cache;

• Fix problem with View Archived Event Logs; if no Custom Event Log defined, then the View would fail to find any archive records for any of the archived event logs;

• Performance enhancements to the MonitorIT Server startup processing;

• Enhancements to support AIX and SCO/Unixware in the new ‘Linux/Unix’ Agent.

Previous Version Notes:

Version 8.0.20

• Enhancement to Event Log Watch so that it now supports the monitoring, alerting, reporting and archiving of user specified Custom Event Logs;  also support the new Microsoft Event Logs “Virtual Server’ and ‘Internet Explorer’;

• Extend the time-out from 30 seconds to 1 minute that the ‘SentryIIService.exe’ uses when checking the process RPMCCS.exe before deciding that the process did not start; this may address an occasional issue where there would be multiple instances of RPMCCS.exe started by the  Sentry II Server service;

• Enable a log message for a WinServicesWatch alert with sufficient information about the alert and to track what actions were taken;

• Fix a DST issue that was affecting ‘Server/Device Maintenance’ and ‘Schedule Periodic Reports’;

• Fix problem with deleting a Secondary Group in ‘Configure->Groups’; also fix problem with displaying deleted Groups in Group pop-ups;

• Fix so that Vista workstations show in the various console displays as a Windows machine;

• Enhance ‘CounterWatch Graphs’ to show 6 decimal places in tool tip summary of counter data;

• Additional refinements to ‘SentryIIService.exe’ to prevent multiple instance of RPMCCS.exe when the ‘EnumProcessModules’ API call fails;

• Fix ‘ServerWatch Display’ so that all entries are shown when 1st opened; previously some entries were initially filtered out if the there was a recent Maintenance mode, or an AGENT disk or memory threshold alert; 

• Fix problem with the ‘View CounterWatch Graphs’ faulting sometimes when exiting;

• Enhancement to ‘Configure->Groups’ with the addition of a ‘Verify Consistency’ function that provides for checking the consistency of Watches/Alerts and Reports assignment to the servers/devices that are members of one or more selected Groups; the consistency check results are displayed with any found discrepancies in a pop-up display with checkbox options to correct and apply selected discrepancies;

• Enhance the Agent and put the WMI check for Hardware Configuration information into a separate thread in order to isolate it from the Agent processing that was responsible for sending and receiving the keep-alive check; there have been occurrences where the API calls to check WMI would not return thus disrupting the keep-alive checking and causing ‘keep-alive’ timeout errors;

• Enhancement to the ‘Monitor->System Monitor’ display and add buttons to the ‘Log’ column that pops-up a display to manage Agent logging on the selected server;

• Enhancements to support the initial release of the Linux/Unix Agent;

• Fix ‘CounterWatch Graphs’ so it correctly handles counters that have a negative default Scale; previously the values for such counters were processed as a zero value;

• Enhancement to ‘Schedule Periodic Reports’ with a new ‘Properties’ tab that has a new option to specify a global, default Alternate Report Output folder;

• Enhancement to handle spaces in an ‘Optional Report Name’ spec in ‘Schedule Periodic Reports’; previously, the spaces in the name were not handled correctly;

• Performance Enhancement to ‘WinServicesWatch’ so that when saving a Watch only the servers that actually had a change are notified; previously every server in the Watch was notified causing a lot of unnecessary overhead; particular significant when a Watch has a 100+ servers;

• Performance enhancement to the ‘Cycle Multiple Displays’; previously if 100+ servers were displayed, particularly with the ‘Network Status Display’, it would take up to 10 seconds every cycle to fully display and use high CPU to do it;

• Purge the ‘Session’ table as part of the daily ‘Auto-Purge’; previously this database table which logs Console logins was not being purged;

• Date/Time fixes to correct few remaining issues with support for DD/MM/YY format;

• Fix to recreate WinServices memory cache if fault occurs during ‘Eligible Watches’ lookup;

• Fix performance in ‘Schedule Periodic Report’ when Editing a previously Queued report; previously when expanding the server tree view for reports with many Watches and many servers in each Watch, the tree expansion would take a long time;

• Fix problem with EventLog Archive Viewer and also with the Alert Notifications->EventLogWatch->Query option when specifying an Event ID range as a filter; also fix the ‘Source’ parameter so that it accepts a wild-card in a Source name;

• Enhance the ‘Alert Notifications’ Report for the EventLog Watch ‘Query’ with a new option ‘Notified Only’ to report only events that resulted in an alert notification action;

• In ‘Configure->Watches/Alert’ now support multiple ‘Trap Target Address’ parameters in the ‘Action->Snmp Trap’ option;

• Enhance the SNMP Trap OID exclude definition so it now works when optionally specified as a wild-card;

• Enhance the ‘Incl All’ checkbox option to apply to a wild-card File Name specification and ‘Maximum Size’ so that if checked then the total size of all files matching the wild-card specification are compared versus the ‘Maximum Size’; otherwise if unchecked the size of each individual file  matching the wild-card specification is compared versus the ‘Maximum Size’; 

• Enhance the ‘Memory Monitor’ and ‘HDD Monitor’ displays with a new option to ‘Show Faults Only’, that is, entries that are below the 20% threshold;

• Enhance the ‘Description’ parameter in ‘EventLogWatch’ handling so that it now accepts a plus sign as a delimiter for multiple substrings, treated as a Boolean AND, that must be found in an event description; support for a comma delimiter treated as a Boolean OR for multiple substrings is still present;  substrings are NOT case sensitive;

• Fix problem with CounterWatch Instance names which previously would fail monitoring if the spelling changed case; now it auto-corrects the case change in the name;

• Fix ‘ProcessWatch’ so it will handle a process name with a tilde (~) character in the name;

• Fix problem with sending a ServerWatch ‘Restore’ notification; previously, under conditions where successive failures occurred with different causes, a ‘Restore’ notification may not have been sent; HTTP was a problem but other ServerWatch checks could be affected as well;

• Fix Syslog report in ‘Alert Notifications’ so that the Host/IP field in the report correctly  reflected the name of the originating Host;

• New ‘FileWatch’ option called ‘Incl All’ and used with the ‘NOT Check’ option and wild-carded File Name; the ‘Incl All’ option says that all the matching files for the wild-carded name must match the ‘Not Check’ for the alert condition to exist; for example, all files matching the wild-card must ‘Not’ change, or must not exist (i.e. deleted) for the alert condition to exist; if any file changed , or if any file exists, the alert is not generated;

• Fix problem in ‘Configure->Groups’ where Group server and Watch assignment data was being truncated if amount of data was greater than 1024 bytes; the symptom would be that a particular Group entry could not be edited or deleted;

• Fix problem with WinServicesWatch where under some conditions, there would be duplicate monitoring specification records in the database table ‘NTServicesMonitor’ that would cause ‘Configure->Watches/Alerts’ to load very slowly;

• Fix the Menu group buttons in the left pane so that they display without dithering when running in video modes of 256 colors;

• New option to define Date format of DD/MM/YY versus the default MM/DD/YYYY; new button in upper-right of the Console display to change the date format for the local console only; format choice is persistent for the local console; selected Date format applies to any local console display as well as any Reports scheduled or edited;

• New EventLogWatch options on the ‘Schedule’ tab to: (1) optionally include the Event Description in the ‘x Times in Y Seconds’ alert filter; and (2) optionally log to database only when the ‘x Times in Y Seconds’ criteria is met;

Version 8.0  

• Total secure Agent and Console communications, using an encrypted and compressed message protocol over TCP connections, with the central Sentry II Server for all Agent and Console communications

• Now, you can optionally configure remote, distributed SYSLOG and SNMP Trap & Query monitoring using one or more deployed Sentry II Agents running on a Windows machine as a service, and all transparently integrated with the central Sentry II Server and Sentry II's standard Watches, Displays, and Reports using Sentry II's Internet Explorer based console.

• Groups enhanced:

• New 'Secondary' Group concept where a server/device can belong to multiple 'Secondary' Groups; original Groups are now designated as 'Primary' Groups.

• Watches and CounterWatch Reports can be assigned to the original 'Primary' Groups and the new 'Secondary' Groups; servers/devices assigned to Groups automatically pick up the Watches and CounterWatch Reports that are assigned to the Groups.

• Designate 'Default' Secondary Groups so that any new Agents are automatically assigned to one or more 'Default' Secondary Groups and thus automatically pick up the Watches and CounterWatch Reports.

• New Auto upload & archive Event Log EVT files to a central store based on one or more, totally flexible Archive Schedules

• New 'CustomWatch' feature. Execute any Windows program, command, batch, or script executable, on a periodic schedule, at selected servers/workstations, and optionally alert if the Exit Code fails a comparison with a specified exit code.

• New alert notification options; send an alert notification as an SNMP Trap or as a SYSLOG message

• Enhanced Security with User logons restricted to viewing and working only with authorized server/device Groups, and Report and Chart ownership limiting who can view and use Reports and Charts

• Monitor Select Windows Processes with 'ProcessWatch'; restart processes that should be running and terminate processes that should not be running;

• Monitor CPU & Memory utilization thresholds on a per process basis

• Track and Display Hardware Configuration details of your monitored Windows servers & workstations

• Consolidated Network Status Display; and Memory and Logical Drive Monitoring Displays