Monitoring Address Manager and DNS/DHCP Server - BlueCat Integrity - 9.3.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.3.0

When setting up Address Manager (BAM) and DNS/DHCP Server (BDDS), BlueCat strongly recommends enabling the monitoring features of your BlueCat Integrity systems. Monitoring your systems allows you to detect anomalies and be notified you when something isn't operating correctly before it critically impacts your environment.

BAM and BDDS come with monitoring features such as monitoring service, SNMP MIBs and Traps, and syslog redirection. To monitor your BlueCat Integrity systems, BlueCat strongly recommends configuring the following features.

Note: Acceptable monitoring thresholds vary based on different environments. For assistance with configuring monitoring services and defining acceptable monitoring threshold values for your environment, contact BlueCat Customer Care.

Monitoring Service Management

BAM and BDDS include built-in monitoring services configurable in the Monitoring Service Management page in the Administration tab. The Monitoring Service monitors the status of essential services running on BAM and managed BDDS.
Note: The Monitoring Service monitors a subset of services on BAM and managed BDDS. You can monitor additional services and functions by configuring SNMP service and Syslog.
The Monitoring Service allows you to monitor the following BAM and BDDS functions:
BAM functions BDDS functions
  • CPU utilization
  • Memory utilization
  • Network card interface utilization
  • Disk space utilization
  • BDDS service (the service that accepts deployments from BAM)
  • DNS queries per second
  • DHCP leases per second
  • CPU utilization
  • Memory utilization
  • Network card interface utilization
  • Disk space utilization

Once you have enabled the monitoring services, refer to the following table for analysis of different monitoring metrics:

Monitoring Service Recommended Polling Interval Time (minutes) Indication Major Alert Critical Alert
CPU Utilization Percentage (Average) 5 CPU Utilization > 75% > 85%
Memory Utilization Percentage 5 Used memory > 80% > 90%
Disk Space Usage Percentage 5 Disk Utilization > 75% > = 15%
Network Utilization 5 Interface Utilization In (64 bit) > 60% > 66%
  Interface Utilization Out (64 bit) > 60% > 66%
  In Errors > 1% > 3%
  Out Errors > 1% > 3%
  In Discards > 1% > 3%
  Out Discards > 1% > 3%

SNMP

The Simple Network Management Protocol (SNMP) allows a polling workstation or trap server to obtain data about devices on the network. This includes the near real-time status of services, server functionality, and the security and service settings on the device. BAM and BDDS can behave as managed devices on an SNMP-enabled network. BAM and BDDS include SNMP for both the system itself and for the application server.

BAM and BDDS support SNMP versions 1, 2c, and 3. Versions 1 and 2c do not include any authentication or remote administration capabilities. This means that you only need to enable SNMP and set the appropriate SNMP username (or community string) for it to function correctly. You can also set the polling period to control how often SNMP values are refreshed on the appliance. SNMPv3 includes authentication and access control. To set up SNMPv3, you must also set the SNMP password and the Trap Server username, password, and address. Version 3 has the ability to send information as SNMP traps.

Syslog redirection

BAM and BDDS allow you to set syslog (system log) redirection by adding an IPv4 or IPv6 address for one or more syslog redirection servers. Syslog redirection to a SIEM allows you to perform analysis and gain insight into the health of a system. BDDS provides support for IBM QRadar and HP ArcSight SIEM integrations.