Contents
1. Services
Note: This section is also relevant to Portal, since Portal Services as are the same as Finder Services and must be created/edited in Finder.
Each organization has specific IT services that are critical to the organization. Accordingly, NEXThink Finder enables you to define critical services for monitoring with a few mouse clicks. Usage and issues related to your critical services are then easily monitored in the Finder Home Tab and Source View screens, from which you can:
- Track activities
- Contextualize the information
- Drill-down to get details
- Assess impacted users
- Navigate and zoom-in to identify issue causes
- Launch investigations
1.1. Service Definition
A Service is defined as a specific application connecting to one or more servers through one or more ports. Typical examples are Microsoft Exchange, SAP or another business critical service.
1.2. Monitoring Services
Services are monitored on the Finder Home Tab and appear below the Alerts as shown below.
Monitoring a Service (Home Tab view)
1.3. Creating, Editing, Saving and Deleting Services
Only accounts with edition rights are allowed to create and edit services.
1.3.1. Creating a new Service
To create a new Service, right click on a Services icon. You can use either the Services icon in the left Finder pane or the one found below Global alerts (if you have logged in under an admin account) or under My alerts (non-admin account). Click on Create New Service as shown below.
Creating a New Service from the left pane of Finder
Creating a New Service in Finder - Home Tab view, admin user
The template to create a new service appears as shown below. Name the service you plan to monitor by dragging the mouse across 'Untitled service 1' and typing in the service name. The newly created service name is then listed alphabetically in the left frame under the Services icon. Optionally add further information by clicking on 'Enter description here...' and typing additional details. (You might prefer to add the description after you have finished creating your service and just before you click on Save. That way you'll are able to include high level information on how you have configured your service monitoring parameters.) The description is then shown as a tooltip whenever you hover over the service name.
New Service Creation Template - giving the new service a title
To configure your service, configure at least one of the MATCHES categories as follows:
Executables: select from any - with name - with keyword
TCP Ports: select from any - with number - with keyword
Destinations: select from any - with IP address - with IP network - external - with keyword
1.3.1.1. Example - Creating an Antivirus Monitoring Service
Following is a walked through example of how to set a service to monitor how well your corporate Antivirus Services are functioning (prerequisite: installed categories Application type and Server type - available for download on NEXThink Library).
When the Services template appears, title the Service 'Antivirus Services' as described above. Then in the MATCHES Executables field, select with keyword and select the category Application type.
Creating a Service to monitor a specific Executable by keyword - antivirus
As you can see from the above, if you click on the Application type drop down list, you can choose from a range of common applications. For this example, leave the Application type as antivirus, provide a description if you wish and then click on Save. You now have a Services view of how effectively your Antivirus services are updating themselves over the network.
1.3.2. Editing an existing Service
If you want to make changes to an existing service, you can edit the service by right clicking the service name from either the list of services in the left pane of Finder or in the Home Tab view.
Editing a Service from Home Tab Services view
Editing a Service from the Services list
For the purposes of this example, we are going to specify a specific destination for the Antivirus Service monitoring. To achieve this, we click on 'with keyword' in the MATCHES Destinations field, then select 'Server type' and in the last field, select Antivirus as shown below. Then click on the Save button and your changes have been made. The Services monitoring in the Home Tab view will now only monitor network traffic to the designated antivirus server.
Adding an Antivirus Server destination to an existing Antivirus monitoring Service
1.3.3. Deleting a Service
To delete a Service, right click on the Services entry in the Finder left pane and select Delete. Note that it can take a few seconds for the service to disappear from the Home Tab display, as the deletion occurs when Finder next schedules an update of the displayed services.
Deleting a Service
1.3.4. Creating a Service to Monitor an Executable
If you wish to monitor the performance of specific executables on your network, you can select it by name from a pick list as show in the screenshot below. Just select 'with name' against the MATCHES Executables field and search down the droplist for the executable name you require. (Shortcut: Type in the first few letters of the executable name to shorten your search.)
Creating a Service to monitor a specific Executable by name - selecting the executable from a pick list
1.4. Working with Services
1.4.1. Investigating Service Performance
Please refer to section 1.3 Viewing Services in Home Tab for details on how to explore service performance.
1.4.2. Launching an Investigation from a Service
Launching an Investigation from a Service
Using the Network Activity view of an Investigation launched from a Service to drill-down into the network causes of poor service performance
Launching an Investigation from a Service - Displaying Sources generating HTTP/HTTPS traffic
1.5. Hint
Work as much as you can with categories and tags when defining destination matching in services. IP addresses are prone to change and are less reusable across engines.