How to Monitor a Service with SNMP

 

Monitoring windows services is crtical to maintaining a reliable computing infrastructure.  IsItUp offers the Windows Service Monitor to insure that critical windows services are operational and to restart them if required.  However, sometime it is not possible to use the Windows Service Montior because RPC connectivity is not accessible, required ports are blocked by an external source such as an ISP or an account with the required privileges is not available.  Using SNMP monitoring has a number of advantages including using a single port which makes it firewall friendly.  In addition, it has a low network overhead, a simple security model, and is easy to configure.

 

IsItUp will detect an error when the service is either stopped, uninstalled, or exits either normally or due to a fault.  IsItUp accomplishes this in the following way.  The Windows SNMP service keeps a unique OID variable for each running service.  If the service exits for any reason, the Windows SNMP service deletes the corresponding OID variable.  Consequently, the actual error IsItUp detects when your service is not running for any reason is “Variable does not exist”.  It is also worthwhile to note that the Windows SNMP service updates its OIDs slowly.   The result of this is that it may be a minute or more after a service has exited for the Windows SNMP Service to delete the corresponding OID variable and thus for IsItUp to detect your service has failed.

 

To quickly get started, first:

Download and install IsItUp for a free 30 day trial.  Just click on the following link:

http://www.tarosoft.com/applications/IsItUpNetworkMonitor.exe

Once you have installed IsItUp, you need to install and configure the Windows SNMP service on the target system.  If you have already installed SNMP, please go to step 9 to setup monitoring a service.  The steps to install Windows SNMP are similar for all versions of windows however, the following screen shots are for Windows 7.

 

1.      Select “Control Panel” from the start menu.

   

2.      Select “Programs” from the control panel.

 

3. Select the “Turn Windows features on or off” link from the control panel.

 

 

3.      Check the “Simple Network Management Protocol (SNMP)” checkbox on the Windows Features Dialog box.

 

4.      Once Windows completes the installation, you need to configure the service.  Select the Start Menu and then enter “services.msc” in the search box and press return.

 

5.      Select the SNMP services from the list and double click.

  

 

 

6.      Select the “General” tab and make sure the service is set to “Automatic”.

7.      Select the Security Tab and click the “Add” button to set a “READ-ONLY” community string. Record this string as you will need it when configuring IsItUp in Step 9.  Then either select the “Accept SNMP packets from any host” or “Accept SNMP packets from these hosts” and specify the computer that IsItUp is running on.

 

8.      Optional:  If you need to change the default SNMP port, open the windows “Services” file located at “C:\Windows\System32\drivers\etc\Services.” with any editor such as Notepad.   You can change the port to anything you like but the computer must be restarted for the change to take effect.

9.      To create an IsItUp SNMP Monitor, right click in the left most IsItUp Window (the device list window)  and select “New Device / SNMP Monitor” from the short cut menu.

10.   In order to setup the monitor, you need to fill in the name and group.  You also need the FQDN/IP address of the server you want to monitor as well as the Community string you set in step 7.  For additional information on setup parameters, consult the IsItUp Help file.   In order to determine the OID for the service you want to monitor, you have two options.  You can compute the OID from the name of your service or you can use a MIB browser to look it up.

Compute OID:

In order to compute the OID, each character in the name of the service you want to monitor is converted to a decimal ASCII number and appended to 1.3.6.1.4.1.77.1.2.3.1.1 along with the number of characters in the service name you want to monitor.   For example, there are 6 characters in IsItUp and consulting an ASCII table for the character values, I=73,s=115,I=73,t=116,U=85,p=112. Putting all that together, the OID for IsItUp is 1.3.6.1.4.1.77.1.2.3.1.1.6.73.115.73.116.85.112.

 

Lookup OID:

 

You can install one of the many freeware or open source MIB browsers to lookup the OID.  Then use the MIB browser based on the products directions to locate your service’s OID.  It is recommended that you load the LanMgr-MibII-MIB located at "C:\Windows\System32\lmmib2.mib" into your MIB browser to make locating your services’ OID easier.

Once you determine the OID of your service, enter it in the OID field of the IsItUp SNMP monitor.  Select the “Octet” data type.  Then select the compare with constant and set the comparison operator to “Contains”.  Finally, set the constant value to the name of your service.  The following example shows an IsItUp SNMP monitor setup to monitor IsItUp itself