Here are the prerequisites for an alert being successfully triggered and sent.

1. Validate SMTP Settings
* The SMTP configuration settings must be valid. Click on the Admin button, then click on SMTP Settings. Check the SMTP settings for the mail server that is configured. Send a test email to insure success for alerts, daily reports and scheduled reports.

2. Verify policy and monitor for the discovered IP address
* Confirm that the desired device IP address has been discovered by Perspective and is in the correct policy. For example, the server policy has the Exchange Server monitor enabled by default. Therefore, we conclude that any alerts related to the Exchange server services, processes or counters would fire.
* Confirm that Exchange Server monitor is checked in the device's policy. Double check to see that the device's policy indeed has the monitor checked. The monitor not being checked in the assigned policy is the most common reason an alert is not sent.

3. Validate that the Alert is enabled and configured to send to at least one valid email address
* Edit any alert. Confirm that the 'Notify on Conditions Met' box is checked and the expected email address appears in the ‘To:’ field.
* Verify that the desired condition is configured correctly. For example, an alert condition can be set to fire for 'Exchange 2003 Local Queue Length is over 0'. The alert will fire when the queue length is over 0 in this case.

4. Verify that the alert has not already fired.
* An alert can have any number of conditions. If an alert fires for any of those other conditions and the alert has not been reset, the same alert will not fire even if the desired condition has been satisfied. From our example, if the alert has fired and not been reset, a new alert will not fire even if the Exchange 2003 queue is greater than 0.

* Verify that the device exporting flows is pointed to the computer where Perspective is installed. For Cisco devices, 'sh ip flow export' in a telnet session displays the netflow statistics. Make sure that the flows are exporting to the IP where Perspective is installed. Is the device on the same subnet as the computer running Perspective? Cisco recommends that the flow collector be on the same subnet as the flow exporter. However, if you device is not, make sure that the flow traffic can flow across firewalls by making access rules to allow UDP protocol on the port that is configured on the flow router.

* Verify that the primary IP of the device has been discovered by Perspective. Routers often have more than one IP Perspective needs to listen for NetFlow on the Primary IP. To be thorough, use Network discovery to discover all of the Netflow device's IPs. Make sure that all of the discovered IPs are in a policy that has Netflow enabled. The Networking policy has NetFlow enabled by default. Enabling NetFlow on any policy can be accomplished by selecting the Netflow monitor.

* Verify that the computer running Perspective is listening on 2055, 6343 and 9995. Open a command prompt and type 'netstat -a -p udp -o'

Active Connections

Proto Local Address Foreign Address State
UDP 0.0.0.0:69 *:*
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:161 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:514 *:*
UDP 0.0.0.0:1434 *:*
UDP 0.0.0.0:2055 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:6343 *:*
UDP 0.0.0.0:9555 *:*
UDP 0.0.0.0:9995 *:*

* Install and run a packet capture application (i.e. wireshark.org) on the computer running Perspective. If there are no UDP packets or CFLOW packets going to those ports (2055, 6343 or 9995) then a firewall or router is dropping the flow packets. Consult your administrator and or firewall rules.

Please email support@quest.com if you have any questions.

To support HP devices, you must configure the device using the following configuration template. Login to your HP switch via Telnet. Enter configure terminal by typing 'conf t'.

Note: This information is stored in flash memory or a tftp server. Because of this, the settings are lost if the switch is reset.

setmib sFlowRcvrAddress.1 -o 0AC70199 (Where 0AC70199 is the IP address of the computer in hexidecimal where Perspective is installed.)

setmib sFlowRcvrPort.1 -i 6343 (You may also send sFlow on 2055 or 9995)

setmib sFlowRcvrOwner.1 -D net sFlowRcvrTimeout.1 -i 100000000 ('Net' is just a label. Substitute any name you wish to use as a label.)

(In the following statements you may substitute 'sFlowMib' = 1.3.6.1.4.1.14706.1 For example setmib sFlowMib.1.5.1.3.11.1.3.6.1.2.1.2.2.1.1.1.1 -i 1)

(this step is optional)
setmib 1.3.6.1.4.1.14706.1.1.5.1.4.11.1.3.6.1.2.1.2.2.1.1.1.1 -i 37 (This line sets the sample rate. In this case we have set it to 37. Default Sampling rate is 512 for HP devices.)

setmib 1.3.6.1.4.1.14706.1.1.5.1.3.11.1.3.6.1.2.1.2.2.1.1.1.1 -i 1 (enable sFlow. In this command we have enabled sFlow for port 1 which appears in bold. Repeat this command substituting the second to last number for the port you want to enable sFlow on.)

(this step is optional)
setmib 1.3.6.1.4.1.14706.1.1.6.1.4.11.1.3.6.1.2.1.2.2.1.1.2.1 -i 8 (Line 6 sets the polling interval for the port. In this case we have set the polling rate to 8 on port 2. The default interval is 60. Repeat this command substituting the second to last number for the port you want to enable sFlow on.)

To support Extreme devices, you must configure the device using the following configuration template.
enable sflow
configure sflow config agent 10.199.5.10
configure sflow collector 192.168.72.67 port 6343
configure sflow sample-rate 128
configure sflow poll-interval 30
configure sflow backoff-threshold 50
enable sflow backoff-threshold
enable sflow ports all
The sFlow collector value must reflect the IP address where Perspective is installed.

One of our users, Yasir Irfan, is writing a series of articles on how to configure intervlan routing between Cisco Catalyst switches and HP Procurve swithces. We thought this would be useful for the Perspective community.

Find part one of the Series here.

Find part two of the Series here.

• Verify that the device supports MIB II (http://www.faqs.org/rfcs/rfc1213.html)

• Please check the security tab of the SNMP Service properties on a computer that is not responding to SNMP requests.

• Verify that you are using the correct community string.

• Also verify that the computer in question can receive SNMP packets from the computer running Perspective. (Default protocol and port for SNMP traffic is UDP 161)

SNMPsecurityTAB.jpg

Checking these items should solve your issue. If not, please let us know by sending email to support.

Configure your alerts to send to the phone number email address of the corresponding provider. This will send an SMS message to the mobile device. I've listed a few of the US addresses below as example.

T-Mobile: phonenumber@tmomail.net

Virgin Mobile: phonenumber@vmobl.com

Cingular: phonenumber@cingularme.com

Sprint: phonenumber@messaging.sprintpcs.com

Verizon: phonenumber@vtext.com

Nextel: phonenumber@messaging.nextel.com

where phonenumber = your 10 digit phone number

To support Foundry devices, you must configure the device using the following configuration template.

Note: Ensure your Foundry device supports sFlow version 5.

config> int e 1/1 to 4/48

interface> sflow forwarding

config> sflow destination 10.199.1.199 6343

config> sflow sample 128

config> sflow polling-interval 30

config> sflow enable

The sFlow destination value must be the IP where Perspective is installed.

*Telnet or VNC to the J-flow device

* Login with valid credentials

* Open a terminal session if one is not running

* Click the 'terminal' icon on the top menu bar strip.

* type 'cd /tmp' and hit enter

* type './flowenable 192.168.1.90 public {ip address of your workstaion}' and hit enter

Click on the SMTP Settings button. Configure the following fields:

* From Email Address - Enter any valid structured email address i.e. ptperspective@yourdomain.com

* SMTP Server and port - Enter Fully Qualified Domain Nane and port

* Logon Information User Name and Password - This is necessary along with a valid email address if you wish to send mail alerts and / or reports outside your domain. If sending within domain these fields can be left blank.

* Check the checkbox if your email server uses Secure Password Authentication

* Enter an email address to test configuration

How do I configure SNMP or WMI for my Windows machine?

Enabling SNMP on targeted devices is necessary if one wants to receive SNMP information from those devices. This information includes monitoring CPU and memory usage via Perspective pt360 Tool Suite.

Enable SNMP on Windows Vista
Step 1: Navigate to the Control Panel and double click ‘Programs and Features
Step 2: Click ‘Turn Windows features on or off’.
Step 3: Scroll down to the ‘SNMP feature’ check both boxes and click ‘Ok’. Wait for windows to enable the software.
Step 4: Now go back to the Control Panel and double click ‘Administrative Tools’.
Step 5: Inside ‘Administrative Tools’ double click ‘Computer Management’.
Step 6: Under ‘Services and Applications’ click ‘Services’
Step 7: Scroll down to the ‘SNMP Service’ in the right hand pane.
Step 8: Double click the ‘SNMP Service’ and navigate to the ‘Security’ tab. Make sure the ‘Accept SNMP packets from any host’ is selected. For routine public enablement, under ‘Accepted community names’ click ‘Add’. Leave ‘Community rights’ as ‘READ ONLY’ and enter ‘Public’ for the ‘Community Name’. (A customized SNMP Community string can also be used.)
Step 9: Click ‘Ok’ twice until you’re back at the above ‘Services’ screen. Right click the ‘SNMP Service’ and select ‘Start’. Done!

Additional Resources

An article containing useful information on SNMP can be found on the CISCO site at: http://www.cisco.com/warp/public/535/3.html

Configuring SNMP Support for Cisco Devices: http://www.cisco.com/univercd/cc/td/doc

Enable SNMP on Windows XP
Step 1: Navigate to the Control Panel and double click ‘Programs and Features’.
Step 2: Click ‘Add/Remove Windows Components’.
Step 3: Select and double-click on Management and Monitoring Tools.
Step 4: Make sure both boxes are selected and click OK.
Step 5: You are returned to the previous dialogue. Click on Next
Step 6: When that configuration is completed, click finish. Return to the Control Panel and double- click ‘Administrative Tools’.
Step 7: Inside ‘Administrative Tools’ double click ‘Computer Management’.
Step 8: Under ‘Services and Applications’ click ‘Services’ and then scroll down to the ‘SNMP Service’ in the right hand pane.
Step 9: Double click the ‘SNMP Service’ and navigate to the ‘Security’ tab. Make sure the ‘Accept SNMP packets from any host’ is selected. For routine public enablement, under ‘Accepted community names’ click ‘Add’. Leave ‘Community rights’ as ‘READ ONLY’ and enter ‘Public’ for the ‘Community Name’. ( A customized SNMP Community string can also be used.)
Step 10: Click ‘Ok’ twice until you’re back at the above ‘Services’ screen. Right click the ‘SNMP Service’ and select ‘Start’. Done!

Enabling WMI on Windows

WMI comes pre-installed on XP/Vista by default. To insure accessibility via WMI the user should check that the following service(s) are started:

Windows Management Instrumentation

Windows Management Instrumentation Driver Extensions
Step 1: Go to the Control Panel and double click ‘Administrative Tools’.
Step 2: Inside ‘Administrative Tools’ double click ‘Computer Management’.
Step 3: Expand Services and Applications, right click on WMI Control and follow the Windows menus.

Additional Resources

Windows XP: http://support.microsoft.com/kb/875605

Vista: http://msdn2.microsoft.com/en-us/library/aa822854.asx

The Studio is a light weight application that can run on almost any moderate Windows-based machine. As a general guideline, the minimum specifications are:

Software / Hardware Requirement
Operating System One of the following 32-bit or 64-bit operating system is required:
Windows 2003 SP1 or later
Windows XP SP2 or later
Windows Vista SP1 (all versions)
CPU 2.0 GHz
Memory - 2GB or more
Hard Drive Space - 1GB or more
.Net Framework - 2.0 or higher
Firewall Exceptions (Allowed Programs) Automatically configured during Perspective installation: ptserverservice, ptserverconfig, ptagentservice, ptagentconfig, ptstudio

Ports:
5054 (TCP) = (Perspective Server port)
69 (UDP) - TFTP Server
514 (UDP) - Syslog Server
2055 (UDP) - Netflow
6343 (UDP) - SFLOW
9555 (UDP) - Netflow Alternative port #2
9995 (UDP) - Netflow Alternative port #3

NetFlow Listener supports any device that supports j-flow. This is all Juniper routers and switches http://www.juniper.net/products_and_services/

This can occur when the Reverse DNS (rDNS) cache is stale and inaccurate. For example, this can occur on a Top 10 Average CPU gadget (if you choose 'Display DNS'), Network Discovery results, and Ping Scan results.

To correct this, simply clear your rDNS cache and re-run the gadget or tool.

The Bridge MIB needs to be enabled. The command is "enable snmp dot1dTpFdbTable".

Here are some very easy to follow instructions to quickly set up net-snmp on your linux / unix server: http://net-snmp.sourceforge.net/docs/man/snmpconf.html.

You can install net-snmp on Win32 platforms as well by downloading from here: http://downloads.sourceforge.net/....

One of the most powerful aspects of Perspective Studio is leveraging the right click context menu on any device in that appears Devices.

Right click on a desired device and initiate a RDP connection. You may also add to Device Group, edit Policy, edit Credentials, Run pt360 Tool, Run Report, Telnet or Web Browse from the context menu.

You are just one right click away from most functions and features.

See the feature matrix at http://packettrap.com/product/perspective_vs_pt360.aspx .