Whats Up Gold 2018 Manual

WHATSUP GOLD 2018
INTENSIVE MANUAL
 Ipswitch
15 Wayside Rd, 4th Floor
Burlington, MA 01803
Phone 781.676.5700
Table of Content
WHAT TO EXPECT IN THE COURSE ..............................................................................1
LEARNING OBJECTIVES ...............................................................................................1
COURSE AUDIENCE ....................................................................................................2
PREREQUISITES ..........................................................................................................2
IPSWITCH TRAINING ENVIRONMENT ..........................................................................3
POLLERS ....................................................................................................................5
SYSTEM REQUIREMENTS ............................................................................................8
LOGIC ........................................................................................................................8
SERVER ......................................................................................................................8
CLIENT .......................................................................................................................9
BASIC NAVIGATION ....................................................................................................9
MENU BAR.................................................................................................................9
DISCOVERED NETWORK ...........................................................................................12
MY NETWORK..........................................................................................................12
AUTO VS CUSTOM ........................................................................................................12
MAP TREE ..................................................................................................................13
MAP .........................................................................................................................14
USER ADMINISTRATION ...........................................................................................15

USERS .......................................................................................................................15
USER GROUPS .............................................................................................................15
USER RIGHTS ..............................................................................................................17
PASSWORD POLICY .......................................................................................................19
EXTERNAL AUTHENTICATION ...................................................................................20

INTEGRATION ..............................................................................................................20
DEVICE GROUP ACCESS .................................................................................................21
SUPPORTED PROTOCOLS ..........................................................................................23

ICMP .......................................................................................................................23
SNMP ......................................................................................................................24
SNMPV1 ............................................................................................................................ 25
SNMPV2 ............................................................................................................................ 26
SNMPV3 ............................................................................................................................ 26
WMI ........................................................................................................................27
TELNET/SSH ...............................................................................................................27
JMX .........................................................................................................................28
CREDENTIALS ...........................................................................................................29
ADDING .....................................................................................................................30
CREATING AWS READ ONLY CREDENTIALS .........................................................................30
AZURE ACCESS ............................................................................................................32
MERAKI CLOUD CREDENTIAL ...........................................................................................32
MONITORS ..............................................................................................................33
MONITOR TYPES ......................................................................................................35
ACTIVE MONITORS...................................................................................................35
POLLING CHARACTERISTICS .............................................................................................36
ARE YOU SURE YOUR DEVICE OR MONITOR IS RESPONDING CORRECTLY? ....................................36
MONITOR OPTIONS ......................................................................................................37
HARDWARE, CHASSIS AND WIRELESS ................................................................................38
APC UPS............................................................................................................................. 38
FAN .................................................................................................................................... 39
POWER SUPPLY ..................................................................................................................... 39
PRINTER............................................................................................................................... 40
TEMPERATURE ...................................................................................................................... 41
WAP RADIO......................................................................................................................... 42
NETWORK MANAGEMENT ..............................................................................................43
PING ................................................................................................................................... 43
SNMP ................................................................................................................................ 44
SNMP EXTENDED ................................................................................................................. 45
WMI .................................................................................................................................. 46
WMI FORMATTED ................................................................................................................ 47
APPLICATION ..............................................................................................................48
JMX ................................................................................................................................... 48
PROCESS .............................................................................................................................. 49
NT SERVICE .......................................................................................................................... 49
POWERSHELL........................................................................................................................ 50
TELNET ................................................................................................................................ 51
SSH .................................................................................................................................... 51
SQL QUERY.......................................................................................................................... 52
HTTP CONTENT .................................................................................................................... 54
ACTIVE SCRIPT ...................................................................................................................... 55
TCP/IP ............................................................................................................................... 56
FILE SYSTEM ...............................................................................................................58
FILE PROPERTIES ................................................................................................................... 58
FOLDER ............................................................................................................................... 59
STORAGE ............................................................................................................................. 61
SMIS .................................................................................................................................. 62
DEGRADED ARRAY ................................................................................................................. 62
CRITICAL SERVICES................................................................................................................. 63
ADVANCED EMAIL MONITOR ..................................................................................64
DNS ................................................................................................................................... 65
FTP .................................................................................................................................... 65
NETWORK STATISTICS ............................................................................................................ 66
CLOUD-BASED RESOURCES .............................................................................................67
PASSIVE MONITORS .................................................................................................68

LISTENER ....................................................................................................................68
SNMP TRAPS .............................................................................................................70
IMPORT TOOL ....................................................................................................................... 70
SYSLOG......................................................................................................................72
WINDOWS EVENT ........................................................................................................73
PERFORMANCE MONITORS ......................................................................................74

DEFAULT MONITORS.....................................................................................................75
CUSTOM MONITORS .....................................................................................................75
HARDWARE ................................................................................................................76
APC UPS............................................................................................................................. 76
PRINTER............................................................................................................................... 76
APPLICATION/OS.........................................................................................................77
ACTIVE SCRIPT ...................................................................................................................... 77
JMX ................................................................................................................................... 80
POWERSHELL........................................................................................................................ 81
SQL QUERY.......................................................................................................................... 82
SSH .................................................................................................................................... 83
NETWORK MANAGEMENT ..............................................................................................85
SNMP ................................................................................................................................ 85
WMI .................................................................................................................................. 85
WMI FORMATTED ................................................................................................................ 86
CLOUD ......................................................................................................................87
AWS CLOUDWATCH ............................................................................................................. 87
AZURE CLOUD BILLING ........................................................................................................... 88
AZURE CLOUD PERFORMANCE ................................................................................................. 88
THRESHOLDS ...........................................................................................................90
NETWORK DISCOVERY .............................................................................................91
WHAT IS A DISCOVERY .............................................................................................91
DEVICE ROLES ..........................................................................................................93

ROLES .......................................................................................................................93
SUB-ROLES .................................................................................................................94
ADVANTAGES ..............................................................................................................94
CONFIGURING .............................................................................................................95
CONFIGURATION ................................................................................................................... 95
NEW SCANS .............................................................................................................97
SCAN TYPES .............................................................................................................97

BEST PRACTICES OF USING SCANS ....................................................................................97
IP ADDRESS .......................................................................................................................... 97
SEED ADDRESS ...................................................................................................................... 97
CONFIGURATION .....................................................................................................98
SCAN DEPTH ...............................................................................................................98
SETTINGS ................................................................................................................. 100
INCLUDE ............................................................................................................................ 100
SPECIFIC IPS, RANGES, AND SUBNETS ..................................................................................... 101
USE HOST FILE .................................................................................................................... 101
MONITORED DEVICES .......................................................................................................... 101
CLOUD DEVICES .................................................................................................................. 101
EXCLUDE ............................................................................................................................ 101
IP/MAC ADDRESS EXCEPTIONS..................................................................................... 102
LIMIT................................................................................................................................. 102
MAXIMUM NUMBER OF DEVICES ........................................................................................... 102
ADVANCED SETTINGS ........................................................................................................... 103
CREDENTIALS ............................................................................................................ 105
SCHEDULE ................................................................................................................ 106
SUMMARY................................................................................................................ 107
RUN/SAVE ............................................................................................................... 107
SAVED SCAN SETTINGS ........................................................................................... 108
PRECONFIGURED SCANS ........................................................................................ 108

SCHEDULED REFRESH .................................................................................................. 108
SCHEDULED DISCOVERY ............................................................................................... 109
EXAMPLES SCANS ....................................................................................................... 109
DISCOVERED NETWORK ......................................................................................... 110

LIST VIEW ................................................................................................................ 110
FILTER TAB ......................................................................................................................... 110
ACTIVE SCANS TAB............................................................................................................... 110
DISCOVERY LEGEND TAB ....................................................................................................... 111
MAP VIEW ............................................................................................................... 113
LEGEND ............................................................................................................................. 113
ACTIVE SCANS..................................................................................................................... 113
FILTERS .............................................................................................................................. 113
SELECTING DEVICE ............................................................................................................... 114
ZOOM CONTROLS ................................................................................................................ 116
HIDING DEVICES.................................................................................................................. 116
START MONITORING ................................................................................................... 116
RETURNING TO LIST VIEW ............................................................................................ 116
HYBRID VIEW ............................................................................................................ 117
MY NETWORK........................................................................................................ 118
LIST VIEW ................................................................................................................ 118
MAP VIEW ............................................................................................................... 119
OVERLAYS ................................................................................................................ 120
LAYOUT OPTIONS ....................................................................................................... 122
ADDITIONAL FEATURES COMMON TO BOTH VIEWS ............................................................. 122
LEGEND ............................................................................................................................. 122
LIBRARY ICONS .................................................................................................................... 123
FILTERS .............................................................................................................................. 124
MAP VIEW LAYOUT ................................................................................................ 125

AUTO LAYOUT ........................................................................................................... 125
CUSTOM LAYOUT ....................................................................................................... 126
CUSTOMIZING THE MAP......................................................................................... 126

DEVICE GROUPS ........................................................................................................ 126
PHYSICAL ........................................................................................................................... 126
DYNAMIC ........................................................................................................................... 126
TOOLS ..................................................................................................................... 129
ANNOTATIONS .................................................................................................................... 129
STYLE ................................................................................................................................ 130
EDIT CONTROLS .................................................................................................................. 130
CUSTOM LINKS IN A CUSTOM MAP ................................................................................. 131
DEVICE INFORMATION ........................................................................................... 132

INFORMATION CARDS ................................................................................................. 132
DEVICE PROPERTIES ............................................................................................... 134

DEVICE PROPERTIES DIALOG ......................................................................................... 134
DEVICE PROPERTIES INTERFACE ............................................................................................. 134
SYSTEM STATUS AND PROPERTIES .......................................................................................... 135
DEVICE CENTER................................................................................................................... 135
APPLICATION MONITORING ................................................................................... 141

DEVICES IN APM ....................................................................................................... 142
APPLICATIONS IN APM ............................................................................................... 142
DEFINITIONS ............................................................................................................. 143
APPLICATION STATES .................................................................................................. 143
APPLICATION PROFILES .......................................................................................... 144
IMPORTING AND EXPORTING APPLICATION PROFILES ............................................ 145
APPLICATION INSTANCES ....................................................................................... 146
APPLICATION DISCOVERY ....................................................................................... 147
MAINTENANCE MODE ............................................................................................ 148
MAINTENANCE MODE CHARACTERISTICS ............................................................... 148
ARE YOU SURE YOUR DEVICE OR MONITOR IS RESPONDING CORRECTLY? ............... 149
ACTIONS ................................................................................................................ 149

NOTIFICATION TYPE ACTIONS........................................................................................ 149
AUDIO/VISUAL ACTIONS ...................................................................................................... 150
MESSAGING ACTIONS .......................................................................................................... 150
.............................................................................................................................. 151
EXECUTABLE ACTIONS ................................................................................................. 152
LOGGING ACTIONS ..................................................................................................... 154
MANAGEMENT ACTIONS.............................................................................................. 155
PROACTIVE OR SELF-HEALING ACTIONS............................................................................ 155
RECURRING ACTIONS .................................................................................................. 155
BLACKOUT SCHEDULE AND POLICIES ...................................................................... 156

WEEKLY BLACKOUT SCHEDULES ..................................................................................... 156
BLACKOUT POLICY ...................................................................................................... 157
APPLICATION MONITORING ACTIONS AND ACTION POLICIES .................................. 158

APPLICATION MONITORING ACTIONS.............................................................................. 159
ACTION POLICIES ....................................................................................................... 160
WHATSUP GOLD ACTION POLICIES ......................................................................... 162
ALERT CENTER ALERTS ........................................................................................... 163

NOTIFICATION POLICIES ......................................................................................... 164
THRESHOLDS ......................................................................................................... 165
ALERT CENTER DASHBOARD ................................................................................... 166
DASHBOARDS AND REPORTS.................................................................................. 167

OVERVIEW ............................................................................................................... 167
DASHBOARDS ........................................................................................................ 168

DEVICE STATUS.......................................................................................................... 170
WIRELESS ................................................................................................................. 171
VIRTUAL .................................................................................................................. 172
APPLICATION MONITORING .......................................................................................... 173
NETWORK TRAFFIC ANALYSIS ........................................................................................ 174
FULL PAGE REPORTS .............................................................................................. 175
LOGS ..................................................................................................................... 176
PREDICTIVE TRENDING ........................................................................................... 177
REPORT CONFIGURATION AND WHATSUP GOLD DATABASE ................................... 178
ALERT STORM AND DEPENDENCIES ........................................................................ 179

ALERT STORM ........................................................................................................... 179
ELIMINATING ALERT STORMS ........................................................................................ 179
DEVICE DEPENDENCIES ................................................................................................ 180
CRITICAL MONITORING................................................................................................ 181
CONFIGURATION MANAGEMENT ........................................................................... 182

OVERVIEW ............................................................................................................... 182
NETWORK DEVICE CONFIGURATIONS .............................................................................. 183
COMPARING CONFIGURATIONS ..................................................................................... 184
AUDITING DEVICES ..................................................................................................... 184
ALERTING ................................................................................................................. 185
OTHER MANAGEMENT TASKS ....................................................................................... 185
ASSIGNING TASKS ...................................................................................................... 186
CUSTOMIZING ........................................................................................................... 186
APPENDIX A ........................................................................................................... 187

EXTENDING WHATSUP GOLD WITH CUSTOM SCRIPTING ...................................................... 187
ABOUT ACTIVE SCRIPT LANGUAGES ........................................................................................ 187
SCRIPTING ACTIVE MONITORS....................................................................................... 188
USING THE CONTEXT OBJECT WITH ACTIVE MONITORS ............................................................... 188
EXAMPLE ACTIVE SCRIPT ACTIVE MONITORS ...................................................................... 190
MONITORING PRINTER INK LEVEL AND UTILIZATION ................................................................... 190
ALERT WHEN TEMPERATURE EXCEEDS OR DROPS OUT OF RANGE ................................................. 191
DETERMINE INVALID USER ACCOUNT ACTIVITY .......................................................................... 193
MONITOR BANDWIDTH UTILIZATION ON AN INTERFACE .............................................................. 195
MONITOR AN SNMP AGENT RUNNING ON A NONSTANDARD PORT .............................................. 197
MONITOR FOR UNKNOWN MAC ADDRESSES ........................................................................... 197
SCRIPTING PERFORMANCE MONITORS ............................................................................ 200
REFERENCE VARIABLES ......................................................................................................... 200
USING THE CONTEXT OBJECT WITH PERFORMANCE MONITORS .................................................... 201
EXAMPLE ACTIVE SCRIPT PERFORMANCE MONITORS ............................................................ 203
GRAPHING PRINTER INK LEVEL UTILIZATION .............................................................................. 203
POLL A REFERENCE VARIABLE AND PERFORM A CALCULATION ...................................................... 204
GRAPH A TEMPERATURE MONITOR ......................................................................................... 205
USE SNMP GETNEXT. ......................................................................................................... 206
POLL MULTIPLE REFERENCE VARIABLES .................................................................................... 207
SCRIPTING ACTIONS .................................................................................................... 208
EXAMPLE ACTIVE SCRIPT ACTIONS ................................................................................... 211
POST DEVICE STATUS TO TWITTER .......................................................................................... 211
ACKNOWLEDGE ALL DEVICES ................................................................................................. 212
Preface
W H A T S U P G O L D 2 0 1 7 + I N T E N S I V E
What to expect in the

Course
Learning Objectives
This class provides you with practical knowledge and specific skills to maintain a
complex network using WhatsUp Gold Plus, Which includes Application Monitoring,
Virtual monitoring, Network Traffic Analyzer, as well as Configuration Manager.
All of the classes for WhatsUp gold are based on the “Big 5 Tasks” a network or server
administrator. This is what you need to get out from network monitoring system, to have
a successful deployment.
These big 5 tasks are Discovery, Mapping, Monitoring, Alerting and Analysis
• Discovery is finding all your devices that are on your network. Your routers, switches,
servers and more
• Mapping is showing what devices are connected to what
• Monitoring is determining the state of your devices. Are they up or down, as well as,
the performance of your devices?
• Alerting is making sure you are aware of the status of your devices and being notified
when they are down or performing out of thresholds.
• Analysis is using WhatsUp Gold reports, Dashboards and more to help troubleshoot
and verify the metrics of your network and its devices.
1
Course Audience
This course is intended for the following audiences:
• Network Administrators
• Server/System Administrators
• WhatsUp Gold Implementers
• WhatsUp Gold Users
Prerequisites
We Recommend (but not required) that students have:
• A working knowledge of network administration
• A working knowledge of server administration
• Familiar with network monitoring/administration terms
2
Ipswitch Training Environment
During this class, each student will have access to a fully functional installation of
WhatsUp Gold that exists within a training environment, complete with an entire
network of real-world, operational devices. Network devices such as routers, switches,
wireless access points, and a firewall, as well as non-network devices such as Windows
servers, Application servers, and File servers all work together to offer you a realistic and
representative network in which to take advantage of everything WhatsUp Gold and its
plug-ins have to offer.
The Ipswitch Training Environment (ITE) fulfils two main roles for Students attending
WhatsUp Gold training:
• The ITE allows you to attend WhatsUp Gold training without the need to use your
production WhatsUp Gold server, or install a second copy of WhatsUp Gold on your
network just for training.
• The ITE provides Students with an environment rich in the type of interesting traffic
and conditions you will want to see live in WhatsUp Gold and its additional features.
3
Both of these benefits work together to offer you engaging and relevant lab exercises
with no setup required on your part.
The ITE provides us with a very flexible and portable architecture that we hope you’ll
like. Essentially, you could log in to the ITE from anywhere in the world and get started
with WhatsUp Gold training immediately
4
Introduction
to WhatsUp
1
Gold
Pollers
Polling is the term used for monitoring discovered devices in WhatsUp Gold. Polling
can occur in several ways, depending upon the monitors configured for network devices.
The default polling method uses Internet Control Message Protocol (ICMP). The default
polling interval for WhatsUp Gold is 60 seconds. If you engage the State Suppression it
will only do a state change IF the state changed. The back end configuration manages
the frequency checking for the state change with the objective for efficiency of
operations.
A small amount of data is sent from the WhatsUp Gold computer across the network
to the device it is watching. If the device is up, it echoes the data back to the WhatsUp
Gold computer. A device is considered down by WhatsUp Gold when it does not send
the data back.
WhatsUp Gold comes with one Poller on the local machine and additional ones can be
purchased. The WhatsUp Gold Poller is an application used to perform and assign
WhatsUp Gold device polling operations to monitor network devices. Specifically,
additional external pollers installed on a servers your network transmit active monitor
and performance monitor data to the WhatsUp Gold server. Extending polling activity
across multiple pollers increases the number of devices for which WhatsUp Gold can
poll and collect data to send back to the WhatsUp Gold system. This is referred to as
clustered polling. Using clustered polling, WhatsUp Gold can efficiently scale polling
operations to a larger number of network devices, ultimately providing the capacity to
monitor and manage larger networks.
5
Scalability Pollers Scalability pollers assist with Active Monitors these will include
Assist with Active ActiveScript Monitors, JavaScript, Vbscript and PowerShell
and Performance Custom Script Monitors. When assisting with Performance
Monitors Monitors these include PowerShell Custom Script Monitors.
Currently, Scalability Pollers do not assist with Discovery, Active Script Performance
Monitors, Passive Monitors, Configuration Management Tasks, Wireless Polling, or the
MIB Walker.
To assist in determining if you need an additional poller, the Poller Health dashboard
report displays the status of the local poller and all pollers installed on your network. This
dashboard report allows you to ascertain at a glance if one or more pollers are down.
Each entry in the report contains the following information:
• Status: A color-coded indicator of poller status.

• Name: Displays the name of the poller.
• Lag Time: The amount of time in seconds the poller is behind its
scheduled time to poll devices; indicates poller overloaded.
• Lag Time Status: Indicates if lag time is causing a polling issue.
o A yellow status icon is rare and is only seen as an automatic
intermediary between red and green when a poller starts up or is
failing.
• To the left of each poller name is a circular icon that serves as a visual
indicator of poller status:
o Red: Indicates the listed poller is not active or status is unknown.
o Yellow: Indicates the poller is starting up or beginning to fail.
o Blue: Indicates the listed poller is active and running properly.
An average poll lag time of a few seconds or more indicates your system may not be
performing optimally. The WhatsUp Gold CPU and memory utilization reports may
also indicate performance issues.
To install an additional poller, you must configure each poller to send data to the
WhatsUp Gold server by entering a name to identify the poller, the server name or IP
address to identify the device running WhatsUp Gold, and valid credentials required to
access the WhatsUp Gold host computer. You must also use this information to
configure WhatsUp Gold to receive data from each poller installed on our network.
6
The machine on which the WhatsUp Gold scalability poller is installed must have the
same access to the network as the WhatsUp Gold machine. Polling data is always
reported from the viewpoint of the WhatsUp Gold machine regardless of which device
performed the polling task. Therefore, if a poller can only access a portion of the
network, devices to which the poller does not have access (even previously discovered
by WhatsUp Gold) are reported as down.
The following are prerequisites for installing an additional poller on your WhatsUp Gold
system:
• Local admin privileges for the host machine are required to install the
WhatsUp Gold poller.
• The Windows account from which you install the poller must have a
known password. You will be prompted to enter this password during the
poller installation process.
• .NET4 is required for installation and is available to install if not already
installed on the host machine.
In order for a poller to successfully connect to WhatsUp Gold, enable communication

on the following ports: TCP 9713 - Polling Data Communications and TCP - 9730
Polling Control Communications.
7
System Requirements
Logic
WhatsUp Gold user interface logic now resides on the client side. This greatly reduces
the performance impact to you and the WhatsUp Gold Server. The end result is a much
more responsive experience for you. Due to this WhatsUp now has recommended
requirements for both server and any client connecting to the web interface.
Server
For a full list of OS and hardware requirements please see the release notes available
from our web site. https://www.ipswitch.com/support/documentation.
Requirements may vary depending on the configuration of WhatsUp Gold. Increasing

the number of devices monitored, number of monitors, types of monitors, polling
intervals or other configurations can result in additional load on the server and database.
Adjustments to the hardware may be required to optimize performance for your
network.
100 Devices 2,500 Devices / 20,000 Devices / 100,000
/ 500 12,500 Monitors Monitors
Monitors
Processor Quad-core Quad-core Quad-core
Processor Speed 2.6 GHz 2.6 GHz 2.6 GHz
RAM 8 GB 16 GB WUG: 8 GB
Dedicated SQL Server: 32
GB (64 GB recommended)
Database MS SQL 2014 Dedicated Microsoft Dedicated Microsoft SQL
Express SQL Server 2008 R2 Server 2008 R2 / Microsoft
/ Microsoft SQL SQL Server 2012 /
Server 2012 / Microsoft SQL Server 2014
Microsoft SQL
Server 2014
Hard Drive 25 GB of free OS/App: 15 GB or OS/App: 15 GB or more
space more free space in free space in RAID 1
RAID 1 Database files: 8 x 250 GB
in RAID 10
SQL: 4x100 GB Log files: 2 x 100 GB in
Raid 10 RAID 0
Temp DB files: 2x250 GB
Raid 0
For more information about moving SQL server database and log files, see the WhatsUp
Gold database migration and Management Guide
NIC 100 Mbps 100 Mbps 1 Gbps
Preferred: 1 Preferred: 1 Gbps
Gbps
Video 1280x1024 or 1280x1024 or higher 1280x1024 or higher
higher
8
Client
With the change in logic we recommend the following the guidelines below as a
minimum suggestion.
100 Devices 2,500 20,000

/ 500 Devices / Devices /
Monitors 12,500 100,000
Monitors Monitors
Processor i5 Class i7 Class i7 Class
RAM 8 GB 8 GB 16 GB
Video 1280x1024 or 1280x1024 or 1280x1024 or
higher higher higher
Sound SAPI- SAPI-capable SAPI-capable
Card capable sound card sound card
sound card required for required for
required for Text-to- Text-to-
Text-to- Speech Speech
Speech actions actions
actions
Basic Navigation
Menu Bar
WhatsUp Gold menu bar has a common look and feel across all the Ipswitch products.
WhatsUp Gold currently had 3 different menus and one button on the main portion of
the menu bar. Your menu options are Discover, Analyze, and Settings.
The Discover Menu allows you to view the map of discovered devices or perform a
discovery from a new scan or a previously saved scan.
The My Network Button, which takes you to the interactive network map to monitor
your device inventory, connectivity and status information. This is the default map view
you see when logging into WhatsUp Gold.
The Analyze menu is where you would access any default or custom dashboards as well
as generate reports. This is also where you would go to see the extensive library of logs
9
containing historical data to aid in troubleshooting potential network issues. The last
menu is Settings, which allows you to configure everything from the WhatsUp Gold
itself to individual customization of your deployment.
On the right hand side of the menu bar there are some additional
items. First is the search box, where you can search for:
• Application navigation and functionality

• Monitored and discovered devices
• Libraries
• Flow Sources
• Help and reference content available in the local and online help, Ipswitch
community and the knowledgebase.
Items matching your search will appear under 4 different filter controls Filter now filters
on ANY IP address on the device was just the default associated with the device but not
any of the IP addresses associated with the device.
Next to the search box is a small bell that will take you to Web Alarms
dialog page, showing you all the web Alarms that have been triggered but
not dismissed.
After the Web Alarm, it will list the user that is currently logged in. By clicking on it you
get a menu with the following options:
• User Preferences
• Legacy Dashboards
• Logout
All the way on the right of the menu bar is the Help menu where you
can:
10
• Open the help files
• View the Welcome tutorial
• Assess the Ipswitch.com web site
• Go to the Education and Training Home page
• Get support from multiple locations
o Website
o Community
o Knowledgebase
o Access customer portal
• View the About Dialog
o Where you can see the current usage and License information.
11
Discovered Network
In the Discovered Network map is where you will find all the devices WhatsUp Gold
has discovered and is either being monitored or is ready to begin monitoring. It is as
simple as selecting your devices and clicking the start monitoring button.
My Network
My Network features all of the monitored devices in your network. You have the option
to see these devices in a list view, map view or a hybrid view that features access to both
in one interface.
Auto vs Custom
12
While you can see everything in a single map you have two different option in viewing
the map. You have an Auto Layout or a Custom Layout.
The Auto Layout arranges your devices according to connectivity. It also gives you the
option to show all the devices in sub-groups.
The Custom Layout allows you to organize your devices where you want them to be. In
essence, it gives you finer tuning of your devices and device groups, including adding
shapes, annotations and images to the map. Custom links can be added between groups
or devise-groups. You can define active monitors for custom links; for groups it is for
the "entire" groups.
Map Tree
To navigate the different device groups, you can click on the down arrow on the Group
picker. It will expand the navigation tree. Clicking on the arrow shrinks it again.
13
When the tree is expanded you can see the 3 bar menu. This menu allows you to edit,
copy, delete, or create device groups and much more.
Map
You can enhance the map with the use of overlays. Apply filters by clicking the Funnel
Icon. As well as view your device in a Map view, Grid view or a hybrid of both.
14
Initial
2
Preparation
User Administration
Users
Everyone who is going to be using WhatsUp Gold should have their own login and
password, using either internal, LDAP/AD, or Cisco ACS authentication. User accounts
allow users to log in to the web interface of WhatsUp Gold and control access to data
and functionality either through direct assignment of user rights or by membership in a
user group. Also, WhatsUp Gold logs all web user activity making it easy to track down
who did what if something strange starts going on.
User Groups
Leveraging user groups allows for a single point of editing and configuration of user
rights. If at any time you need to change the user rights assigned to a selection of users,
doing so at the user group level requires only a single configuration change, versus
changing all user accounts individually, if no user groups were present.
This also follows best security practice which states to limit user interaction. Therefore,
instead of making changes to multiple users it allows for only making the change one
time, while still giving the users the rights they need to perform their job/duties.
User rights are One method of user rights management for WhatsUp Gold involves creating user
cumulative when groups with specific permissions sets and adding users to the groups that control features
users are assigned to which they need access. Users can be a member of multiple groups. Their rights will
to multiple groups. be inherited from each group.
You will want to keep the number of Groups at a minimum, to make it

easier to manage. Only create groups that are needed, while still letting
them control the user rights.
15
WhatsUp Gold 2017+ comes with 5 default user groups which were found are the most
common roles and user right configurations across our customer base.
1. WUG Administrators: Users should be assigned to this group if they are

responsible for administering and/or configuring the WhatsUp Gold
server. The user rights enabled for this group are equivalent to the default
admin user
2. Super Users: Users should be assigned to this group if they are

responsible for configuring the WhatsUp Gold server. The user rights
enabled for this group are equivalent to the WUG Administrators groups
except for the manage user right which is disabled.
3. Network Managers: Users assigned to this group manage larger,

segmented networks. They may access all reports, configure monitors,
actions, manage alert center thresholds, and manage groups and individual
devices, finally they can create and share dashboards with other users.
4. Network Admins: This group should consist of network engineers who

monitor outages and receive alerts. Users assigned to this group may
access reports related to the devices and alerts, but do not have access to
system logs or real time performance reports. They can manage devices
assigned to device groups, but cannot manage those groups. Users in this
group can also view and manage personal dashboard views, but cannot
share them with other users
5. Report Viewers: This group is for users who only need to view device,
group, inventory, and
alert center reports.
Users in this group may
also view and manage
personal dashboard
views.
You may also want to add any

other groups you may need
besides the default groups. You
will also want to make sure you
use correct naming conventions.
This allows you to see what type
of rights a group has by just
looking at the name.
16
User Rights
User Rights govern what actions and rights a user can perform in WhatsUp Gold. Users
inherit rights from group memberships first then any additional rights given to them
individually. Similar to Active Directory, a user can be a member of multiple groups.
User rights are cumulative in nature, meaning they will get all the rights from every
group they are a member of. Plus any additional rights given to them.
User rights are cached and should refresh within 5 minutes, or when the user logs off
and then back into WhatsUp gold.
The Table below lists and describes each user right:

Account Administration
Manage Users (Admin Rights) Enables users to create and edit users for the web interface. This
option also allows users to specify Group Access Rights.
Enabling this right will enable all other rights.
Manage all Dashboards Enables users to add and publish all dashboard views as well as
configure, move and delete dashboard reports within all dashboard
views.
Manage Personal Dashboards Enables Users to add, delete, and copy dashboard views, as well as
edit the properties of an owned dashboard view.
Change Your Password Enables users to change their password from the Preference dialog
(Click [username] > User Preferences from the upper-right of the
network Performance monitor interface.
Manage and Publish Dashboards Enables users to add and publish dashboard views as well as
configure, move, and delete reports within owned dashboard views.
APM
Access Application Monitoring Enables user to view APM.
Configure Application Profiles Enables users to configure application profiles in APM.
Configure Application Instances Enables users to configure application instances in APM.
Devices
Access Discovery Enables users to discover network devices, define device roles that
help identify specific device features, and add them to the WhatsUp
Gold database.
Manage Devices Enables users to add new device and edit existing devices in the
groups to which the user has access.
A users must have this right to view and hear Web Alarms.
Manage Device Groups Enables users to create, edit, or remove device groups on the network.
Monitoring
Administer Alert Center Enables users to resolve or acknowledge Alert Center threshold alerts
Thresholds
Configure Actions Enables users to create, edit and remove actions on device in the
groups which the user has access.
Configure Passive Monitors Enables users to create, edit, and remove passive monitors on devices
in the groups to which the user has access.
Manage Recurring Actions Enables users to create, edit and remove recurring actions on devices
17
Configure Action Policies Enables users to create, edit and remove action policies on devices in
the groups which the user has access.
Configure Active Monitors Enables users to create, edit, and remove active monitors on devices
Configure Performance Monitors Enables users to create, edit, and remove performance monitors on
devices in the groups to which the user has access.
Reports
Access Alert Center Reports Enables users to view Alert Center dashboards and reports
Access Inventory Reports Enables users to view Layer-2 data including reports and reporting
tools.
Access Real Time Performance Enables users to view the Real Time Performance reports
Reports
Access Virtual Monitor Event Logs Enables users to view the event logs generated by the Virtual
Monitors
Access Virtual Monitor Reports Enables uses to view virtual monitor reports
Export / Email Reports Enables users to export reports as a pdf file, export the data as an
Excel (XML), csv, or txt files, or email an exported report to a
specified email address.
Manage Scheduled Reports Enables users to manage and view scheduled reports of other
Network Performance users (Settings > Scheduling Activities >
Scheduled Reports).
Access Group and Device reports Enables users to view group and device reports for the groups to
which the user has access.
Access Network Traffic Analysis Enables users to view the Network Traffic Analysis (NTA) reports
Reports
Access System Reports Enables users to view WhatsUp Gold component logs: Activity Log,
Actions Applied Log, Actions Activity Log, Discovery Scan Log,
General Error Log, Logger Health Messages, Poller Health, Web User
Activity Log
Access Virtual Monitor Map Enables users to view the virtual machines on the Virtual Overlay
Access Wireless Enables users to view wireless reports an overlays
Manage Business Hours Enables users to view and configure the business hours
System Administration
Access Tools Menu Enables users to access the tools menu for networking utilities.
Configure Credentials Enables users to configure SNMP and Windows credentials
Configure Network Traffic Enables users to create and delete WhatsUp Gold Network Traffic
Analysis Analyzer sources, collection intervals and data intervals for reports.
Email Settings Enables users to configure Network Performance Monitor email
settings from (Settings > System Settings > Default Email Settings).
Manage SNMP MIBs Enables users to download and delete SNMP MIBs through the
SNMP MIB Manager.
Configure Alert Center Enables user to create, edit and delete WhatsUp Gold alert Center
thresholds and notification policies
Configure External Authentication Enables user to configure external authentication (LDAP / MSAD /
Cisco ACS) for user authentication in the web interface.
Configure Wireless Enables users to configure wireless settings.
Manage Configuration Enables users to configure Network Configuration Manager tasks and
Management Tasks task scripts on devices in the groups which the user has access.
System Administration Enables users to edit system configuration items, including the
maximum number of passive monitor records, maximum dimensions
of map, and enabling or disabling mobile access.
18
Password Policy
When you sync users with external authentication systems it will let you control the
password policy in a central location. These creates a one place for users to comply with
your security policies across a variety of applications.
Password Policy allows you to configure different aspects of the password, for WhatsUp
Gold User accounts, that are authenticating internally. The table below shows the
different aspects you can configure:
Password Policy
Account Lockout Enter the time in minutes that the system should
Duration (minutes) delay before allowing a locked out user from
performing a log on attempt.
Maximum number of Enter the minimum number of days required
days between password between password changes.
changes
Password expires after Enter the number of days before a password
(days) expires.
Retain Passwords for at Enter the number of days to retain previously used
least (days) passwords.
Ensure password not Enter the number of passwords that are not to be
reused against previous reused against previous passwords.
Warn when (days) left Enter the number of days to warn user before
before password password expiration.
expiration
Minimum complex Enter the minimum number of characters required
password length for the password policy. The default minimum
complex password requirement is one special
character, one capital (upper case) letter, one lower
case letter, and one number.
19
External Authentication
WhatsUp Gold allows you to synch authentication with two different types of
authentication systems:
• LDAP
o Lightweight Directory Access Protocol (LDAP) Server
o Microsoft Active Directory
• Cisco ACS
While there are advantages with synching with any external authentication system, your
biggest advantage is when you synch with Active Directory. When synching with AD
you can synch your WhatsUp Gold user groups with your Active Directory groups;
allowing AD group membership supply access and rights into WhatsUp Gold.
The biggest advantage is you will no longer have to create user accounts. When a user
logs into WhatsUp Gold for the first time, the user account will automatically get created
with the correct rights according to group membership.
You will need to do clean up, for we do not automatically delete accounts.
Integration
To integrate with an external authentication system you need to launch the External
Authorization Settings interface. You can do
so by going to Settings > System Settings >
External Authorization. On the first tab is
where you can configure your LDAP or
Active directory settings. If you prefer to
synch with Cisco ACS you will need to click
that tab and enter the IP address of your Cisco
ACS server.
On the Active Directory/LDAP tab, you will

want to enter your domain controller or
LDAP server. Under Server Type be sure to
enter your Domain name or for LDAP your
Authorized DN.
20
If are using LDAP and not Active Directory be sure to use the fully qualified
name LDAP server might be CN=%s, OU=Users, o=yourdomain.net where
%s is replaced by the username and password of the user.
WhatsUp Gold If you are going to synch your Active Directory

does not support groups with your WhatsUp Gold groups you
nested groups will need to click Browse and enter a username
within Active and password so you can browse your Active
Directory Directory Groups.
Once you have gotten your groups, select each

group in the list, or by using the search box.
Once your groups are selected Click OK to
return and choose from the drop down what
WhatsUp gold group will be associated with
each Active Directory Group.
Device Group Access

Device group access rights enable the system administrator of WhatsUp Gold to allow
or deny read and write access to specific physical groups and devices. These rights can
be enabled or disabled by the administrator and are disabled by default (except for the
user’s Home device group, to which each user has Group Read access). Device group
access rights are useful when users need to view and edit only those groups that matter
to them, as would be the case with a large network with multiple network administrators.
Device group access rights allow an administrator to grant each user rights to only the
devices on the network for which that user is responsible.
There are four types of device group access rights:
• Group Read: This right allows users to view groups and devices in the
selected group. This right allows users to see the group’s map and device
21
list. Group-level reports are not affected by group access rights but are
affected by user rights.
• Group Write: This right allows users to edit group properties and add,
edit, and delete devices and subgroups within the selected group.
• Device Read: This right allows users to view the device properties of all
devices within the selected group. Device-level reports are not affected by
group access rights but are affected by user rights.
• Device Write: This right allows
users to edit the device
properties of any device within
the selected group and to delete
the device from the group.
22
Supported Protocols
Protocols are the rules or standards that define the syntax, semantics, and
synchronization of communication and possible error recovery methods.
Credentials are used to control access to information or other resources.
In essence credentials are the passwords and other authentication methods used to
access the different protocols used for network management.
ICMP
The most basic protocol that we probably all use for network troubleshooting is – ping
– it is also a very valuable tool for network discovery. The only configuration information
that is needed to run a ping is the IP address of a target device.
A host device sends out a

specific Internet Control
Message Protocol (ICMP)
packet called “echo” to the
target IP address, which contains
both the sender’s (host) and the
intended receiver’s (target) IP
addresses. If the intended device
is running and is allowed to
respond to this message, it does
so with a response packet called “echo reply” which also contains the two IP addresses,
but with the sender and recipient addresses flipped. To ensure more confidence in the
results of this one exchange, ping can be configured to send out a few packets, or to
continuously transmit packets until stopped. However, since it is possible to disable the
intended device from responding to “echo” packets, the lack of an “echo reply” response
does not necessarily mean a device does not exist at that IP address, is not operating, or
that the path to that target is unavailable.
Therefore, the most information the host device could learn through ping is that there
is a device at a given IP address, because it receives a response. If you intend to use ping
for discovery or monitoring in WhatsUp Gold, make sure every device on your network
is allowed to respond to “echo” packets, which is the default setting unless otherwise
restricted.
To help reduce security risk, allow ICMP traffic only to and from the
WhatsUp gold server and any additional pollers through any firewalls
23
SNMP
SNMP, Simple Network Management Protocol, is one of many protocols that have been
introduced as part of the Internet, and more specifically, from the Internet Architecture
Board. It is a defined collection of tools to exchange information between devices for
the purposes of managing and monitoring networked devices, and is part of the overall
TCP/IP protocol suite. The first official publication of the protocol was released in 1988,
which is now referred to as SNMP Version 1 or SNMPv1. Since then, SNMP has been
revised twice, so in addition to SNMPv1, there is SNMPv2 and SNMPv3. The details of
all versions of SNMP are very interesting, and the most pertinent features will be
discussed throughout this class at the point where and when they relate to the next Lab
exercise. Although “simple” is part of the name, SNMP is by no means trivial, and there
are many books and websites that go into the myriad details of dozens of official Request
for Comments (RFC) documents.
At this point, we will view SNMP at a very high level and only insofar as to compare and
contrast it against ping as a scanning technique.
SNMP can poll networked devices and monitor data such as utilization and errors for
various systems on a host device. SNMP can also be used for changing the configuration
of the host, which enables remote network management. SNMP is based on the concept
of network management and monitoring as a system of logical elements including a
Network Management System, Managed Devices and SNMP Agents, which are
software modules, on those devices.
In our case, WhatsUp Gold is the Network Management System, and the fundamental
SNMP architecture is depicted here:
24
Like ping, SNMP can send out a specific message from one device to request
information from another device, which responds back with the requested information,
and there are specific formats described in the RFCs for the arrangement of the
information within these messages.
To be more specific, it is the Network Management System (WhatsUp Gold) that

initiates the request/response exchange, not just any host device, and it’s the SNMP
Agent on the Managed Device that would respond to the Management System queries.
The message sent from the Management System is simply called a “Get” message and a
“Response” is returned from the device.
More information relating to hardware and software is exchanged with SNMP, such as
make, model, serial number, and performance as well as OS version, state, and status.
SNMPv1
Introduced the term “community” to refer to all the devices in a particular SNMP
network, and this concept continues to be used. A unique name or collection of
alphanumeric characters is used to identify a particular community and serves as a case-
sensitive password, called a “Community String.” Community strings are used to
authenticate the exchange of SNMP messages, providing a basic level of security.
WhatsUp Gold and each of the SNMP Agents use this string to indicate that they belong
to the same community. Every message exchanged between them also must contain this
string (passed in clear text), because any mismatch between the string in the message and
25
the string assigned to the device receiving this message would result in the message being
ignored by that device. A device can belong to several communities, and its SNMP agent
can differentiate requests from any management system, as long as that management
system string is listed on the device.
There are two cases of community strings used: Read, and Read/Write. In many cases,
vendors of SNMP managed devices will enter “public” by default for the Read
community string on their products, and possibly “private” by default for the
Read/Write community string. Each of these community strings allow connections
exactly as their name would imply, so exercise caution in selecting appropriate
community strings for each purpose.
Best security practice is to no longer use the Public and Private Community
strings but ones that are unique for your environment.
SNMPv2
Although security was addressed in SNMPv2 and resulted in many alternatives,
ultimately the use of clear text community strings was carried over into SNMPv2c in
addition to an expanded set of commands and it became the new SNMP standard.
Today the terms SNMPv2 and SNMPv2c are used interchangeably.
SNMPv3
Adds many additional benefits to earlier versions, but notably increased security through
encryption of packets, integrity against packet tampering, and authentication between
manager and agents. This latest version of SNMP was recognized by the IETF in 2004
and continues to gain popularity in network management largely due to these security
enhancements, but SNMPv2 is still widely used as well.
There are many more parameters and settings used by all three versions of the SNMP
protocol operations, but the fundamental operation is similar among them. We will be
describing SNMP often, to address some of these configuration elements.
We strongly recommend that you enable SNMP on all of your devices before discovery
to take advantage of the capabilities that SNMP offers. We will discuss how to do this
later from an overview perspective, but each vendor will have its own way of doing so.
26
WMI
Windows Management Instrumentation (WMI) is Microsoft’s implementation of the

Web-based Enterprise Model technology for unified monitoring of distributed
environments. It is a set of extensions that provide an operating system interface to
collect management data on Windows-based systems. WMI performance monitors can
supervise Windows servers, desktops, and applications performance and health. The
monitors can proactively identify failures and bottlenecks by tracking component
processes and workloads, and thereby aid in faster troubleshooting. Administrators can
also create custom monitors for any web-based or virtual domain applications.
Additionally, WMI also trends historical data to chart out application performance over
time.
WhatsUp Gold can gather information about Windows computers using WMI. To
monitor Windows servers via WMI you must have windows credentials, whether with
local administrative rights or at least WMI and DCOM query permissions.
In many cases, the information available via WMI is also available via SNMP. However,
Microsoft has deprecated SNMP starting with Windows Server 2012 and it may be
altered or unavailable in subsequent versions. So it is recommended to use WMI with
your Windows devices.
Telnet/SSH
Telnet is an application layer protocol used on the Internet or local area networks to
provide a bidirectional interactive text-oriented communication facility using a virtual
terminal connection. User data is interspersed in-band with Telnet control information
in an 8-bit byte oriented data connection over the Transmission Control Protocol (TCP).
Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and
standardized as Internet Engineering Task Force (IETF) Internet Standard STD 8, one
of the first Internet standards.
Historically, Telnet provided access to a command-line interface (usually, of an operating

system) on a remote host, including most network equipment and operating systems
with a configuration utility (including systems based on Windows NT). However,
because of serious security concerns when using Telnet over an open network such as
the Internet, its use for this purpose has waned significantly in favor of SSH.
27
The term telnet is also used to refer to the software that implements the client part of
the protocol. Telnet client applications are available for virtually all computer platforms.
Telnet is also used as a verb. To telnet means to establish a connection with the Telnet
protocol, either with command line client or with a programmatic interface. For example,
a common directive might be: “To change your password, telnet to the server, log in and
run the password command.” Most often, a user will be telneting to a Unix-like server
system or a network device (such as a router) and obtaining a login prompt to a
command line text interface or a character-based full-screen manager.
Secure Shell (SSH) is a cryptographic network protocol for operating network services
securely over an unsecured network. The best known example application is for remote
login to computer systems by users.
SSH provides a secure channel over an unsecured network in a client-server architecture,

connecting an SSH client application with an SSH server. Common applications include
remote command-line login and remote command execution, but any network service
can be secured with SSH. The protocol specification distinguishes between two major
versions, referred to as SSH-1 and SSH-2.
The most visible application of the protocol is for access to shell accounts on Unix-like
operating systems, but it sees some limited use on Windows as well. In 2015, Microsoft
announced that they would include native support for SSH in a future release.
SSH was designed as a replacement for Telnet and for unsecured remote shell protocols
such as the Berkeley rlogin, rsh, and rexec protocols. Those protocols send information,
notably passwords, in plaintext, rendering them susceptible to interception and
disclosure using packet analysis. The encryption used by SSH is intended to provide
confidentiality and integrity of data over an unsecured network, such as the Internet,
although files leaked by Edward Snowden indicate that the National Security Agency can
sometimes decrypt SSH, allowing them to read the content of SSH sessions.
JMX
JMX (Java Management Extensions) is a set of specifications for application and network
management in the J2EE development and application environment. JMX defines a
method for Java developers to integrate their applications with existing network
management software by dynamically assigning Java objects with management attributes
and operations. By encouraging developers to integrate independent Java management
modules into existing management systems, the Java Community Process (JCP) and
industry leaders hope that developers will consider non-proprietary management as a
fundamental issue rather than as an afterthought.
28
JMX facilitates the centralized management of managed objects (called Mbeans) which
acts as Java wrappers for applications, services, components, or devices in a distributed
network. The actual management is provided by an MBean server, which acts as a
registry for all manageable resources. The MBean server is the spine of the JMX
architectural frame, allowing server components to plug in and discover all manageable
objects.
Java Management Extensions for management and monitoring are an optional extension
to the standard Java Developer Kit (JDK) and can be used in place of Simple Network
Management Protocol (SNMP).
Credentials
The Credentials system stores the applicable login, community string, or connection
string information for network devices such as routers, switches, servers, virtual hosts,
and other devices. Credentials can be divided up into 7 categories:
• Network Management
o SNMPv1
o SNMPv2
o SNMPv3
• System Attributes and Instrumentation
o Windows (WMI)
o VMWare
o SSH (Typically used for Linux and UNIX systems)
• Remote Execution
o SSH (Secure Shell Client)
o Telnet
• Storage Device Management
o SMIS [SMI-S] (Storage Management Initiative Specification)
• Cloud
o AWS (Amazon Web Services)
o Azure
• Wireless
o Meraki Cloud
• Application
o ADO (Active Data Objects)
o JMX
Hyper-V uses windows credentials, therefore if you are licensed for Virtual
Monitor then you will just need to enter your Windows Credentials
29
Adding
You need to follow your manufacturer’s or operating system’s instructions on adding
and enabling protocols on each of your devices. Inside of WhatsUp Gold you can add
the credentials in the credential library which can be accessed in 2 different way.
From the menu
Click Settings > Libraries > Credentials
From List View / Map View
Click on the credential Icon in the upper right hand corner
Click the Library Icon
Or add credentials directly by clicking the plus sign Icon
Creating AWS Read Only Credentials

1. Login to the AWS Portal and Navigate to IAM
30
2. Select Users and click Add user
3. Specify the user name and enable Programmatic access
4. Select Attach existing policies

a. Select AmazonEC2REadOnlyAccess from the list
31
5. Make sure everything is correct
6. Copy the Access key and Secret and use them to create a new AWS
Credential in WhatsUp Gold
Azure Access
Follow Microsoft’s instructions for setting up the keys for your Azure account
here: https://docs.microsoft.com/en-us/azure/billing/billing-enterprise-api under
the Enabling data access to the API section.
Meraki Cloud Credential

To enter a credential for Meraki Cloud, you first must obtain the API key from your
Meraki dashboard.
1. To obtain the API key required to create a Meraki credential in WhatsUp Gold:
2. Log in to the Meraki dashboard (http://dashboard.meraki.com).
3. Click your username in the upper-right corner of the dashboard, then select My
profile from the menu that appears.
4. Click Generate API key under the API access section of the dashboard.
5. Copy the API key displayed.
6. Return to WhatsUp Gold to continue creating the Meraki Cloud credential.
32
3
Monitors
Monitors
While the discovery process learns what devices are on your network, and you can always
add monitors after you are already monitoring your device. It is best to create all your
monitors first so you can automatically deploy monitors based on the role of the device.
So what do monitors do they monitor the condition, state and/or performance of
devices that make up your network.
Monitoring the status of the devices on your network requires making or accepting
connection to and from each network location, gathering data about the device, and
determining if the data is acceptable in terms of what you would expect to see in a healthy
environment. In some cases it is useful to compare the data against a range of acceptable
responses to see if the device is operating as it should. In other cases, you may want to
rely on the device to monitor itself and send data to the WhatsUp Gold server passively,
or to simply collect and store data for long-term analysis.
Each of these scenarios may require a different connection method and monitoring
solution, and the Monitor Library in WhatsUp Gold allows you to configure a set of
monitors to accomplish each task. Link to test the monitors
on the device before applying. Test function for Active
Monitors: Runs under whatever context the Poller engaging
is running under. An example, does the user applying monitor
have the permissions to access. Additionally, it will run under
whatever poller is being used for that device. Select the
monitor and click test.
33
Dialog box will fill in the device for test
and let you select Network Interface to be
used during the test. In the Credentials
dropdown pick the credentials to be used
in the test. If the credential you want is not
listed, click the library button to access
additional options to use in test. Once all
of the fields are filled in, click the test
button.
It will provide results of the test so you can

adjust if needed.
34
Monitor Types
There at four types of monitors in WhatsUp Gold:
• Active Monitors – Actively monitor your device. They determine if your

device are Up or down
• Passive Monitors – sit back and wait for your devices to report to them
• Performance Monitors – check how your devices are performing (CPU,
drive space, memory, etc…)
• Application – monitors your applications health and status.
Each monitor type offers unique functionality, with different options and configuration
needs, and the data you collect with each monitor type can be used in a distinctly different
way.
Active Monitors
As its name implies, an Active Monitor actively polls your devices. It will interact with a
target device for specific information, such as a ping reply, SNMP response or service
status request. After a device is added to the database, WhatsUp Gold begins monitoring
that device using ICMP (Internet Control Message Protocol) and any other active
monitors established for that specific device role, such as Interface SNMP active
monitors on a Router or Switch.
There are approximately 20 default active

monitors. There are actually 35 different
monitors to create available in the default
instance of WhatsUp Gold, ranging from
fan, temperature and power supply
monitoring to basic TCP-based service
monitors such as HTTP, SMTP, DNS
and Radius. You can create your own
custom Active Monitors as well, ranging
from very basic port monitors to
advanced synthetic transaction monitors.
Active Monitors simulate user events and actively poll for specific metrics such as MIB
values or other sorts of instrumentation, service and application availability and latency,
apply queries and exercise APIs. To accomplish this WhatsUp Gold has 6 types or areas
of monitors:
35
• Hardware, Chassis and Wireless
• Network Management and Instrumentation
• Application
• File system and Storage
• Critical Service
• Cloud-Based Resources
Many of the monitors in the Critical Service area are better suited to monitor
as an application, instead of on individual devices.
Polling Characteristics
For Active monitors to determine the state of the target device it must first poll that
device. Polling is the active watching, or monitoring, of your network by WhatsUp Gold.
In the polling process,
WhatsUp Gold sends a
message to the device, and
expects an appropriate
response. If a response is
either not received or is not
the expected response, the monitor is considered down. When an Active monitor
reports down it will initiate a state change. No other type of monitor can initiate a state
change. Meaning only active monitors determine if a monitor or device is up or down.
The default polling interval is once every 60 seconds which is configurable per device or
per monitor.
Are you sure your device or monitor is

responding correctly?
You are able to determine the state of your device with Device States; these State
Changes are dependent on a time period.
Down state (not responding - 0): Means it just reported down and WhatsUp continues
to poll the device. If, after 2 minutes, two complete polling periods, the monitor is still
reporting down, another state change, Down 2 min (not responding – 2), will occur.
Maintenance Mode, which will be covered later along with actions, is a way to show the
device is in a planned maintenance window. WhatsUp Gold will not Poll the device and
therefore will not initiate any other state changes, fire any actions, or log any activity.
Besides the default State Changes, you may create your own custom state changes. For
example, you need a down for at least 30 minutes or down for 15 besides the default
36
down 5 or down 20. Custom state changes are currently only available to through the
Admin console; Under Configure > Program Options > Device States. Because the
WhatsUp Gold Admin Console is being phased out, the shapes and colors for custom
state changes are left from previous versions and will not display or affect the Web
Interface in V17.
Monitor Options
When adding/editing a monitor to/on your
device, you have multiple options in which to
configure each monitor to fit the environment.
The first option is which interface the monitor
should be applied to. By default this is the
primary or default interface. If a device has
multiple IPs make sure it is assigned to monitor
on the correct one. There are multiple options
available Under the Advanced section of the
Active Monitors Properties Page.
Argument: Enter text to append to the OID

for the interface on the selected device. By
default, it identifies the number used by the SNMP interface.
Comment: Enter user

defined text to appear in the
Active Monitors list.
Use independent poll

frequency for this monitor:
Select this option to have the
selected monitor polled based
on the Poll frequency.
Poll frequency: Enter the amount of time (in seconds) between polls for the selected
monitor. This setting is not displayed unless you select the Use independent poll
frequency for this monitor option.
Independent poll frequency for all monitors is ignored when an active monitor
is specified as critical.
37
Hardware, Chassis and Wireless
APC UPS
The APC UPS monitor watches your
American Power Conversion
Uninterruptible Power Supply (APC
UPS) device and alerts you when selected
thresholds are met or exceeded, output
states are reached, and/or abnormal
conditions are met.
Thresholds: Select which thresholds to

monitor. Click Configure to set individual
threshold settings if desired.
Monitor the following output states:

Select the output state(s) on which you
want to be alerted.
This monitor uses SNMP to pull the information
Monitor the following abnormal conditions: Select the abnormal condition(s) on

which you want to be alerted.
An alert can be sent when the UPS battery capacity is below 20%, when the
battery temperature is high, when the battery is in bypass mode due to a
battery overload state, and many other UPS alert conditions.
38
Fan
The Fan Monitor checks manufacturer-
specific device fans and cooling devices,
such as active and passive cooling
components, to see if they are enabled
and returning values signaling they are
working properly. The monitor first
checks if the monitored device is
manufactured by Dell, Cisco, or HP.
Then, it checks for any enabled fans and
other cooling devices. If a fan is disabled,
the monitor ignores it. This monitor uses SNMP to pull the information
The monitor is considered down when it does not return one of the following values:
1 - Normal (for Cisco devices or Dell PowerConnect switches and routers)
2 - OK (for ProLiant switches and routers)
3 - OK (for Dell Servers)
4 - OK (for HP ProCurve Servers)
Not all types of device fans and cooling components can be monitored
Power Supply
The Power Supply monitor checks
manufacturer-specific power supplies
devices to see if they are enabled and
returning values signaling they are in an Up
state. The monitor first checks if the
monitored device is manufactured by Dell,
Cisco, or HP. Then, it checks for any
enabled power supply devices. If a power
supply is disabled, the monitor ignores it.
1 - Normal (for Cisco switches/routers)
1 - OK (for Dell switches/routers)
2 - OK (for HP ProLiant servers)

39
3 - OK (for Dell server devices)
4 - Good (for HP ProCurve switches/routers)
Not all types of power supplies can be monitored
Printer
The Printer monitor uses SNMP to collect data on SNMP-enabled network printers. If
a failure criteria is met, any associated
actions fire.
Warning in order for the Printer active

monitor to work, in addition to being
SNMP-enabled, the printer you are
attempting to monitor must also
support the Standard Printer MIB.
Enter or select the appropriate

information in the Failure Criteria
section:
If the ink level in any of the

cartridges falls below___%. Enter a
numerical value for the threshold. If the
ink level of any printer ink cartridge falls
below this percentage, the monitor is
considered down. By default, this option
is not selected.
Some printers may not support all of the SNMP objects associated
with the available monitor alert checks.
If the printer registers any of the following alerts. By default, the monitor watches
for all of the listed printer alerts. If you do not want to monitor a particular alert, clear
its selection in the list. If the printer registers one of the selected alerts, the monitor is
considered down.
Example, you can monitor for printer ink levels, for a paper jam, for low
input media (paper), for a fuse that is over temperature, and more.
40
Temperature
The Temperature monitor checks
manufacturer-specific temperature probes to
see if they return a value signaling they are in
an Up state. First, the monitor first checks if
the monitored device is manufactured by
Cisco, Dell, HP, or Ravica. Then, it checks
for any enabled temperature probes.
1 - Normal (for Cisco switches and routers)
2 - OK (for HP ProLiant servers)
2 - Normal (for Ravica temperature probes)
3 - OK (for Dell Servers)
4 - Good (for HP ProCurve switches and routers)
If a temperature probe is disabled, the monitor ignores it.
41
WAP Radio
The WAP Radio monitor uses SNMP
authentication to determine the status of a
Cisco Aironet wireless access point. The
monitor first checks the ifType (OID
1.3.6.1.2.1.2.2.1.3) value. The ifType value
of 71 - IEEE 80211 must be present for
the monitor to continue checking the WAP
radio device status.
Then, if the ifType value is true, the ifAdminStatus (OID: 1.3.6.1.2.1.2.2.1.7) value is
checked. If the ifAdminStatus value for the interface is in the Down or Testing state, the
active monitor is considered Down and the ifOperStatus (OID: 1.3.6.1.2.1.2.2.1.8) value
is checked. If the ifOperStatus value is 1 - Up or 5 - Dormant, the WAP radio is
determined to be in the Up state. Otherwise, the device is considered to be in the Down
state.
42
Network Management
Ping
Ping monitor sends an ICMP (ping) command to a device. This is the default monitor
added to all devices during discovery. If the device does not respond, the monitor is
considered Down.
Timeout. Enter the length of time WhatsUp Gold attempts

to connect to the selected device. When the specified time is
exceeded without connecting, a timeout occurs and
WhatsUp Gold stops trying to connect to the server. This is
considered a failed connection.
Retries. Enter the number of times WhatsUp Gold

attempts to send the command before the device is
considered Down.
Payload size. Enter the length in bytes of each packet sent

by the ping command.
Use in rescan. Enable this option to have the monitor

appear in Device Properties. If enabled, clicking Refresh
Connectivity within the Device Properties interface adds the monitor to the selected
device if the applicable protocol or service is active on that device.
If getting multiple false negatives create a second ping with:
Timeout = 1 Retries=3-5 Use in rescan=unchecked
43
SNMP
The Simple Network Management Protocol
(SNMP) monitor gathers information about the
functions of an SNMP-enabled network devices by
querying it to verify it returns an expected value.
Depending on the specific configuration, the
monitor can be considered either Up or Down
depending upon the returned value.
ObjectID/Instance. Select the target device and

required credentials, then select the specific SNMP
object to monitor in the SNMP MIB Browser.
Check Type. Select one of the following check

types:
When Constant Value is selected:
Value. Depending on the Object ID you selected, enter the appropriate value.
If the value matches, then the monitor is: select Up or Down.
When Range of Values is selected:
Low Value. Depending on the Object ID you selected, enter the appropriate
value.
High Value. Depending on the Object ID you selected, enter the appropriate
value.
When Rate of Change in Value is selected:
Rate of Change (in variable units per second). Enter the desired value. If the
value is above the rate, then the monitor is: select Up or Down.
44
SNMP Extended
SNMP Extended monitor utilizes
SNMP to gather specific
information about the functions of
multiple OIDs by querying the
group to verify they return an
expected value and allows you to
monitor all devices using SNMP.
While the standard SNMP monitor
checks a single OID against a single
threshold, the SNMP Extended
monitor checks multiple OIDs
against multiple thresholds using an
.xml file and predefined values for
each supported device type to
determine if the monitor is
considered either up or down
according to the returned value.
Import. Click to select the desired .xml file from the list containing applicable OIDs to
monitor, then click OK to return to the monitor configuration dialog. The Thresholds
to monitor section of the dialog displays the OIDs from the imported .xml file as
parameters.
Configure. Click to specify the request type for the selected parameter.
Value is. When monitoring for a specific value, determine when the monitor should
report the device as Down by specifying if the response is greater than, less than, equal
to, or contains the entered numeric or string value.
Value is outside the range of. When monitoring a range, enter the minimum and
maximum values the response must fall within for the monitor to report the device as
Down.
Rate of change between two polls is. When monitoring for a range of change,
determine when the monitor should report the device as down by specifying if the
response is greater than, less than, or equal to the entered value in seconds.
You can create your own xml files to import. Place the file in the <install
directory>\data\SNMPExtended
45
WMI
The WMI monitor checks for specific values on
WMI-enabled devices. Monitored metrics include
systems resources like CPU, disk, and memory
utilization, as well as specific process performance
counters.
• Performance Counter/Instance. Select

the target device, performance object,
counter, and instance to monitor.
• Check Type. Select one of the following
check types:
o When Constant Value is selected:
 Value. Depending on the
performance counter
selected, enter the
appropriate value.
 If the value matches, then the monitor is: select Up or
Down.
o When Range of Values is selected:
 Low Value. Depending on the performance counter selected,
enter the appropriate value.
 High Value. Depending on the performance counter selected,
o When Rate of Change in Value is selected:
 Rate of Change (in variable units per second). Enter the
desired value.
 If the value is above the rate, then the monitor is: select Up
or Down.
46
WMI Formatted
The WMI Formatted monitor checks for
specific values on WMI-enabled devices.
Monitored metrics include systems resources
like CPU, disk, and memory utilization, as well
as specific process performance counters.
While similar to the WMI monitor that uses
raw data, the WMI Formatted active monitor
uses calculated counter data. The difference
between the WMI and WMI formatted
monitor is the formatted monitor will be
rounded, instead of using a floating point
decimal. It may also be in Gigabyte or
Megabyte instead of byte
• Performance Counter/Instance.
Select the target device, performance
object, counter, and instance to
monitor.
• Check Type. Select one of the following check types:

o When Constant Value is selected:
 Value. Depending on the performance counter selected, enter
the appropriate value.
 If the value matches, then the monitor is: select Up or
Down.
o When Range of Values is selected:
 Low Value. Depending on the performance counter selected,
 High Value. Depending on the performance counter selected,
o When Rate of Change in Value is selected:
 Rate of Change (in variable units per second). Enter the
desired value.
 If the value is above the rate, then the monitor is: select Up
or Down.
47
Application
JMX
The JMX Active Monitor allows you to monitor any server that supports JMX by
requesting one or more JMX attributes the server supports and allows you to easily
browse and add available attributes to the monitoring list.
Port. Enter the port number on the

server that WhatsUp Gold should use
to communicate with the JMX service.
Use SSL with RMI Registry. Enable

this option to use the JMX active
monitor secured by SSL.
Click Add to launch the JMX

Credentials dialog.
Enter the IP address or host name of

the target device to browse.
You can also click the Browse button

(...) to select a device from the device
list.
Ensure the Port and Use SSL with RMI Registry settings reflect your selections
made in the previous dialog.
If needed, select an existing JMX credential from the list or click the Browse button
(...) to access the Credentials Library, then create a new one.
Click OK to proceed to the JMX Browser which you can use to select the target
device, domain/path, and attribute(s) to monitor. The monitor configuration dialog
should now display the attributes you selected in the JMX Browser.
Select one or more attributes, then click Configure to launch the Comparison
Definition dialog.
Specify the Comparison Type and Comparison Value for the selected attribute(s).
Click OK to return to the monitor configuration dialog.
Repeat procedure steps as needed to configure comparison settings for other attributes
to be monitored.
48
Multiple attributes can be selected and configured at once as long as they are
of the same type. You can also select multiple attributes, then click Copy to
configure multiple comparison types and values for those attributes
simultaneously using the same monitor.
Process
Process monitor determines if a process is running and issues state changes for the device
as needed.
Protocol to use. Select either SNMP or WMI as the

protocol for the monitor to use to connect to the
selected device. If using SNMP, click Advanced to
set the SNMP timeout and number of retries if
desired.
Process Name. Enter name of a process or click

Browse (...) to navigate and connect to a device
from which to select a process to monitor.
Down if the process is. Specify if the selected

process is either not loaded or is running for the
monitor to report a Down status.
NT Service
The NT Service monitor checks the status of a service on a Windows machine and has
the option of restarting the service. Service restart can only occur if the appropriate
administrator permissions exist.
Protocol. Select either SNMP or WMI as the protocol for the monitor to use to connect
to the selected device. If using SNMP, click Advanced to set the SNMP timeout and
number of retries if desired.
Service Name. Click browse (...) to specify a server or workstation running the service
by entering an IP address or hostname and selecting applicable SNMP credentials.
Restart on failure. Enable this option to attempt to restart the service when it enters a
Down state.
49
Use an Action to restart the service instead of the Restart on Failure
option. Also using SNMP, if or when possible, will preserve system
resources. If you are going to use the NT Service monitor as a critical
monitor then you must use WMI.
If you change protocols the service must be selected in the Service Name
field for the monitor to work.
PowerShell
PowerShell provides a platform
for performing a wide variety of
monitoring tasks through direct
access to script component
libraries, including the .NET
Framework.
Prerequisites:
WhatsUp Gold uses the 32-bit (i.e.

x86) PowerShell engine.
Therefore, only 32-bit PowerShell
snap-ins are supported and 64-bit
only snap-ins will not function
properly. Snap-ins that work on
both 32-bit and 64-bit operating
systems are configured for 64-bit
systems by default and must be
manually con-figured for 32-bit
PowerShell engine to function properly with WhatsUp Gold.
The PowerShell Scripting active monitor requires the use of windows credential.
Configure:
Timeout (Seconds). Enter the length of time WhatsUp Gold attempts to connect to the
selected de-vice. When the time you enter is exceeded without connecting, a timeout
occurs and WhatsUp Gold stops trying to connect to the SMTP server. This is
considered a failed connection. Although the de-fault timeout is 60 seconds, you are
discouraged from using a timeout longer than 10 seconds. Use the shortest timeout
possible.
Run under device credentials. Enable this check box to execute the script using the
Windows credentials for the affected device.
Script text. Enter your monitor code.
50
Telnet
The Telnet monitor checks for a Telnet server on port 23. If
no telnet service responds on this port, then the service is
considered Down.
Timeout. Enter the length of time WhatsUp Gold attempts

to connect to the selected device. When the specified time is
exceeded without connecting, a timeout occurs and
WhatsUp Gold stops trying to connect to the server. This is
considered a failed connection.
Use in rescan. Enable this option to have the monitor appear in Device Properties. If
enabled, clicking Refresh Connectivity within the Device Properties interface adds the
monitor to the selected de-vice if the applicable protocol or service is active on that
device.
SSH
The SSH monitor uses SSH
authentication to connect to a remote
device to execute commands or scripts
which can be either embedded in the
monitor or placed as an executable script
file on the remote machine with a
command embedded in the monitor to
run the script. The success or failure of
the monitor is dependent upon values
returned by the commands or scripts that
can be interpreted by WhatsUp Gold as
Up or Down.
Command to run. Enter the command

to run and execute on the remote device.
The command can be anything the
device can interpret and run; for example, a Unix shell command or a perl script. The
command or script must return a string value. Please note, if you create a script to run
on the remote device, it must be developed, tested, and/or debugged on the remote
machine.
Line end character. Select the appropriate line end type: None, Linefeed, Carriage
return, or Carriage return linefeed. Multiline scripts are entered and persisted on a
Windows operating system and include line-ending characters that may not be
recognized on the target device. This configuration feature instructs WhatsUp Gold to
replace the line-ending characters with the selected characters prior to connection and
command execution.
51
The monitor is considered Up if the following output. Select the appropriate output
criteria. For example, if you are checking to see that a specific network connection is
present on the remote device, ensure the output contains the specific connection. If the
network connection you specify is not present when the monitor checks, the monitor is
considered Down.
Use regular expression. Enable this option to apply the target string as a regular
expression as it searches the output from the command and considers the selected
output criteria. The target string is evaluated as simple text if this option is disabled.
SSH credential. Select the appropriate SSH credential WhatsUp Gold uses to connect
to the remote device. WhatsUp Gold uses the SSH credential assigned to the monitored
device if Use the device SSH credential is selected.
SQL Query
The SQL Query monitor uses WMI or ADO authentication to determine if specific
conditions exist in a Microsoft SQL, MySQL, or ORACLE database by querying the
database. If the configured conditions are present, the monitor is Up. If changes made
to the database since the last query cause data to no longer fall within the defined criteria,
the monitor is Down.
Server Type. Select Microsoft SQL Server,

MySQL, or ORACLE as the database
server type. Please note, MySQL database
is supported and listed as a server type
option only if the MySQL 5.2.5 Connector
is installed.
Connection Timeout. Enter the amount

of time WhatsUp Gold waits for the server
to respond before terminating the
connection and returning the timeout
error. The minimum allowed value is 1
second whereas maximum allowed value is
120. Please note, this setting only applies to
polling whereas the query builder assumes
a default of 15 seconds for the connection timeout.
Server Address. Enter the server address in the applicable format:

ServerName\Instance format for Microsoft SQL Server.
Example: WUGServer\SQLEXPRESS
ServerName for MySQL.
Example: WUGServer
ServerName/ServiceName for Oracle.
Example: WUGServer/Oracle.
52
The SQL query you
Port. Enter the database server port number.
enter must return
a single numeric
SQL Query to Run. Enter the query to run against the specified database to check for
value. Specifically, certain database conditions.
a single record
that has just one Click Build to launch the SQL Query Builder for assistance with developing proper
column. If the query syntax. Only SELECT queries are allowed.
query returns more
than one record, Click Verify to test if the entered database query is valid.
the monitor fails to
store the data. If Number of rows returned is. Select this option to determine the success or failure of
the query returns a the monitor scan based on rows returned by the SQL query. All database rows must
single record but match the criteria settings for the monitor to be considered Up.
there are multiple
columns in the Content of each retrieved row matches the following criteria. Select this option to
record returned, determine the success or failure of the monitor scan based on criteria which each
then the monitor
database row must match. If multiple threshold criteria are used, all thresholds must
will pick the first
match the criteria in each row for the monitor to be considered Up.
column as the
value to store and
this first column
Click Add, Edit, and Delete as needed to create, modify, and remove database column
has to be numeric, values and conditions, respectively.
otherwise the
monitor will fail to
store the data. To monitor a MySQL database, download and install the MySQL .NET
Connector on the WhatsUp Gold machine. Please note, only MySQL version
5.2.5 is supported due to potential compatibility issues. MySQL .NET Connector
version 5.2.5 can be downloaded directly from the WhatsUp Gold website
(http://www.whatsupgold.com/MySQL525Connector).
When connecting to a remote SQL instance, WhatsUp Gold only supports

the TCP/IP network library.
53
HTTP Content
The HTTP Content monitor requests a URL and checks
the HTTP response against the expected content. If the
response does not return the expected content, the
monitor fails. Use this monitor to ensure web page/web
server availability, to check if a page renders properly on
specific browsers, or even to check for the
presence/absence of specific content. If the monitor does
not find the specified content, the monitor is considered
Down.
URL. Location to check for HTTP content. The URL

must begin with a proper URI, such as http:// or https://.
The URL can include the full path to the document
including the document’s file name and any query string
http://www.example.com/reports.htm?ReportID=100.
Authentication username. Username the web site uses

for authentication if applicable.
Authentication password. Password that coincides with the username the web site
uses for authentication if applicable.
Proxy server. If the specified content is behind a proxy server, enter the IP address of
the proxy server.
Proxy port. Port on which the proxy server listens.
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected
device. When the specified time is exceeded without connecting, a timeout occurs and
WhatsUp Gold stops trying to connect to the server. This is considered a failed
connection.
Web page content to find. Content to search for on the specified website as either
plain text or a regular expression. Enable Use regular expression when using a regular
expression. Please note, this monitor uses standard regular expression processing as
supported by the .NET framework.
Request URL contents. Click to populate the dialog box with the Web page contents
of the URL you entered above.
Click Advanced to configure the user agent and customer headers if desired:
• User agent. Select a browser from the list. The user agent string identifies
which web browser is making an HTTP request. Use this feature to imitate
your website being visited by various browsers. The user agent from the
latest version of the browser is populated for the browser you select.
54
• Custom headers. Specify any headers for which you want to check. Enter
a header as Field: Value.
Errors can result when using invalid custom headers or when modifying
headers which do not allow modification, such as the HTTP Host header.
Click Request URL contents in the monitor configuration interface to test

custom headers. If a problem with the header exists, WhatsUp Gold displays
an error message. For example, the message “An error occurred with the
requested website. Error: The ‘Host’ header cannot be modified directly.
Parameter name: name.” indicates the user entered Host:myhost.com as a
custom header when the Host header cannot be modified.
Content URLs
To check content for the default page of a newly installed IIS server:
http://my-device/iisstart.htm
—where my-device is the hostname or IP address where a fresh instance
of IIS is running.
To see how the HTTP Content monitor works, you can test it against one of the
example documentation pages hosted by the Internet Assigned Numbers Authority
(IANA): http://www.example.com
Active Script
The Active Script monitor allows you write either VBScript or JScript code to perform
specific customized checks on a device. If the script returns an error code, the monitor
is considered Down. Example scripts are in the Appendix.
• Script Type. Select either VBScript or JScript.

• Script text. Enter the actual script code for the monitor to run.
• Execution Model: Select mode to run the Script
o Use the “Direct Data Access” execution model
 Allows direct database access via Context.GetDB
 Script failures may cause the Poller Engine to crash
o Use the “Isolated Process” execution model
 No access to the WUG database
 Variables can still be passed to the script
 Poller Engine is protected from dangerous scripts
55
To set the result in WhatsUp gold use the command Context.SetResult. The
format is Context.SetResult(0, Comment); 0 for Success (up) 1 for failure
(down)
TCP/IP
The TCP/IP monitor determines the status of the TCP/IP service that either does not
appear in the list of standard services or uses a non-standard port. In essence this a port
check monitor.
Network type. Select the network type for the FTP (File Transfer Protocol) service
which is TCP; the network type for the RADIUS (Remote Authentication and Dial-In
User Service) service is UDP; the HTTPS
monitor uses the SSL type.
Port number. Enter the TCP or UDP port

that you want to monitor.
Timeout. Enter the length of time WhatsUp

Gold attempts to connect to the selected
device. When the specified time is exceeded
without connecting, a timeout occurs and
WhatsUp Gold stops trying to connect to the
server. This is considered a failed connection.
Script. You create a script using keywords. In general, Script Syntax is

Command=String. The command is either Send, Expect, SimpleExpect, or Flow
Control.
Click Expect to open the Rules Expression editor if desired. Any text placed in the
Expression box, appends to the end of the script as an Expect expression.
WhatsUp Gold is installed with the following types of TCP/IP monitors already
configured.
• Echo. Checks to make sure an Echo server is running on the assigned

port.
• FTP. Checks to make sure an FTP server is running on the assigned port.
• HTTP. Checks to make sure an HTTP server is running on the assigned
port.
• HTTPS. Checks to make sure the Secure HTTP server is running on the
assigned port, and that WhatsUp Gold can negotiate a connection using
SSL protocols. This monitor does not check on the validity of SSL
certificates.
56
• HTTP Content Scan. Performs
advanced monitoring of a specific
web page to make sure specific
content appears in the page's
code. Supports advanced HTTP
processes such as form
submission and non-standard
HTTP headers.
• IMAP4. Checks to make sure a
IMAP4 server is running on the
assigned port.
• NNTP. Checks to make sure a
NNTP server is running on the
assigned port.
Using the Rules Expression Editor
• POP3. Checks to make sure a
POP3 mail server is running on
the assigned port.
• Radius. Checks to make sure a Radius server is running on the assigned
port. SMTP. Checks to make sure a SMTP mail server is running on the
assigned port.
• Time. Checks to make sure a Time server is running on the assigned port.
WhatsUp Gold knows the proper connecting commands for checking the
standard services listed on the Services dialog, but to monitor a custom service,
you may want to specify the commands to send to the service and the responses
to expect from the service in order for WhatsUp Gold to consider the service UP.
You need to determine the proper command strings to expect and send for a
custom service.
• You can use a rule expression to test a string of text for particular patterns.
• Enter an expression in the Expression box. Use the >>, Match case, and
Invert result options to the right of the Expression box to help build the
expression.
• In the Comparison text box, enter text to test compare against the
expression you built in the Expression box.
• Click Test to compare the expression against potential payloads you can
receive.
After creating and testing the expression, click OK to insert the string into the
Match on box.
You create a script using keywords. In general, Script Syntax is Command=String.
The command is either Send, Expect, SimpleExpect, or Flow Control.
57
File System
File Properties
The File Properties monitor checks to see if a file in a local folder or on a network share
meets the conditions specified in the monitor’s configuration. This monitor supports
percent variables (%Device.Address or %Device.HostName) allowing you to use a
macro for applying multiple devices to a monitor.
The File Properties monitor only checks files that are accessible from the
WhatsUp Gold server.
Path of the file to monitor. Enter the Universal Naming Convention (UNC) file path
that WhatsUp Gold uses to access the file. For example:
\\192.168.3.1\website\product\index.htm for a file on a single device. If you provide
the value for File size, File checksum using, or File modified within options, you can also
use percent variables for the path of the file to monitor.
\\%Device.Address\website\product\index.htm or
\\%Device.HostName\website\product\index.htm for a file located on
multiple machines with the same file path name. Note: mapped drive paths
are not permitted.
File. Enable this option to specify if the file exists or does not exist for the monitor to
report as Up.
File size is. Enable this option to determine the success or failure of the monitor scan
based on the size of the specified file.
File was last modified. Enable this option to determine the success or failure of the
monitor scan based on the date on which the file was last modified.
File checksum using. Enable this option to determine the success or failure of the
monitor scan based on the file’s checksum and specified algorithm used to calculate the
checksum.
58
Selecting this option can greatly
increase the amount of time it takes
to complete the monitor scan and
degrade or lag WhatsUp Gold
performance. The probability of
lengthy monitor scans and slower
performance increases when you
use algorithms other than SHA1
when you are scanning large files or
when you scan files located on
network shares.
File was/was not modified within X before polling time. Enable this option to
specify if the file has or has not been modified within the selected interval for the
monitor to report as Up.
Folder
The Folder monitor uses the Windows credentials assigned to the device to determine if
a local or network share folder meets the conditions specified in the monitor
configuration. This monitor supports percent variables (%Device.Address or
%Device.HostName), allowing you to use a macro for applying multiple devices to a
monitor. If the target folder or directory contents change during a poll, the change is
ignored and is not counted toward folder/file size specified in the monitor configuration.
The Folder monitor only checks files in folders that are accessible from the
WhatsUp Gold server.
Path of the folder to monitor. Enter the Universal Naming Convention (UNC) path
that WhatsUp Gold uses to access the folder. For example:
\\192.168.3.1\website\product for a folder on a single device. If you provide the value
for File size, File checksum using, or File modified within options, you can also use
percent variables for the path of the folder to monitor.
59
For example, \\%Device.Address\website\product or
\\%Device.HostName\website\product for a folder located on multiple
machines with the same folder path name. Enable Include sub-folders to
scan folders under the selection for the specified content.
Selecting this option can greatly increase the amount of time it takes to
complete the monitor scan and possibly have an adverse impact on WhatsUp
Gold performance.
Include all files. Select this option to configure the monitor to scan all accessible files.
Include files with names matching the following wildcard expression. Select this
option to specify a wildcard expression WhatsUp Gold should use to determine which
files to scan. For example, enter *.exe to check for executable (.exe) files in the selected
folder. Please note, this option only works using a single wildcard expression. If multiple
expressions are entered in this field, the monitor reads the entry as one wildcard
expression.
When enabled, this option can significantly slow performance dependent on the
wildcard expression specified. The probability of slower performance increases when
this option is used in conjunction with the Include sub-folders option.
Folder. Enable this option to specify if the folder exists or does not exist for the monitor
to report as Up.
Actual folder size is. Enable this option to determine the success or failure of the
monitor scan based on the actual size of the specified folder.
Folder size on disk is. Enable this option to determine the success or failure of the
monitor scan based on the size of the specified folder as it resides on disk.
Number of files is. Enable this option to determine the success or failure of the monitor
scan based on the number of files within specified folder.
60
Storage
The features described in this section are included in Total and Total Plus. It will
monitor NetApp and EMC/Dell EMC storage. EMC/Dell EMC storage does
not support SNMP only SMI-S credentials. In order to successfully monitor
NetApp FAS series storage devices using WhatsUp Gold, you must install the
Data ONTAP SMI-S agent. The Agent is required for monitoring volume
statistical data and must be installed on a machine that can communicate with
both WhatsUp Gold and the storage device or devices being monitored.
Use the following procedure to install the agent:

1. Download the Data ONTAP SMI-S Agent executable file from NetApp.
For detailed information such as prerequisites, supported operating
systems, versions, refer to http://support.netapp.com.
2. Ensure you are logged in using the local Administrator account, then
install the SMI-S Agent.
3. Reboot the machine on which the SMI-S Agent was installed.
4. Open a command line, then run the following command to ensure the
'cimserver' has started running:
-smis cimserver status: If the response indicates it is not running, ensure
port 5988/5989 is not use by another program
-ORAccess the list of running services in the Windows Control Panel and
start the Data ONTAP SMI-S Agent service manually, if needed.
5. Launch the Data ONTAP SMI-S Agent program from the Windows Start
menu.
6. Open a command line, then create a username and password for the SMI-
S Agent by running the following command:
-cimuser-a –u <username> -w<password>
The user created using this command must match an
existing local Windows user account. Additionally, when
creating the credential in WhatsUp Gold, enter the
password created using this command rather than the
password for the local Windows user account.
7. Set the cache refresh rate interval time by creating a system variable
named: CACHE_REFRESH_SEC
The Data ONTAP SMI-S Agent uses a default collection

interval of 5 minutes. Ipswitch recommends setting the
cache refresh rate interval to match the interval set for
disk utilization data collection in WhatsUp Gold
8. Prior to connecting the Agent to the SVM, launch a web browser and log
in to OnCommand System Manager.
9. Select the Network Interfaces tab.
10. Right-click the interface assigned to the SVM.
11. Select Enable Management Access.
12. Click Save.
61
13. Navigate to Configuration > Security > Users for the specific SVM in
the hierarchy at left.
14. Ensure the vsadmin user is present, unlocked, and sshd and ontapi are
enabled.
15. Add the SVM to the SMI-S Agent by running the following command:
smis add <SVM IP address> vsadmin or smis addsecure <SVM IP
address> vsadmin to configure SMI-S to use HTTPS instead of HTTP
16. Ensure the SVM was successfully added by running the following
command: smis list
17. Repeat the two previous steps to add each SVM you want to monitor.
SMIS
The SMI-S monitor determines if the selected storage device is operational.
The success or failure of the monitor is dependent upon values returned by
the device that can be interpreted by WhatsUp Gold as up or down. This is
used with EMC/Dell EMC and NetApp Storage.
To configure, simply provide a unique name and description for the monitor.
Degraded Array
The SMI-S monitor determines if the selected storage device is operational.
The success or failure of the monitor is dependent upon values returned by
the device that can be interpreted by WhatsUp Gold as up or down.
62
Critical Services
The Email monitor checks a mail server by first sending the server an email via SMTP.
The monitor then attempts to delete previously sent emails using either POP3 or IMAP.
If any step in the process fails then the monitored is considered Down.
The email monitor supports encryption with SSL/TLS and SMTP

Authentication which ensures that the monitor sends emails to a secure
email account.
You must use a separate email account for every email monitor created. Failure
to do so will result in false negatives. For example, if you want to check both
IMAP and POP3 on the same server, and create two instances of the monitor,
one configured with POP3 and one with IMAP, you must use two separate email
accounts. Otherwise, one monitor deletes all emails previously sent from both
instances of the monitor and incorrectly reports the mail server as Down.
Outgoing mail
• SMTP server. Enter the address

of the server on which SMTP is
running. Use the default,
%Device.Address, to use the
device IP address on which the
monitor is attached.
• Port. Enter the port on which the
SMTP service is listening. The
standard SMTP port is 25.
• Mail to. Enter the address to which
the Email Monitor sends email.
• Mail from. Enter the address you
want listed as “From” in the email
sent by the Email Monitor.
Incoming mail
• Mail server. Enter the address of

the server on which the POP3 or IMAP service is running.
• Account type. Enter the protocol (POP3 or IMAP) you want the monitor to
use to check for correct email delivery.
• Username. Enter the username of the account in which the monitor uses to log
in.
63
• Password. Enter the password for the account in which the monitor uses to log
in.
Advanced Email Monitor
Click Advanced to set the following additional advanced properties for the
monitor if desired:
SMTP advanced properties

• SMTP server requires authentication. Enable this option if the
specified SMTP server requires authentication. Please note, this monitor
supports CRAM-MD5, LOGIN and PLAIN authentication methods. The
authentication method is not configurable. It is negotiated with the SMTP
server automatically using the strongest mutually-supported authentication
method.
WhatsUp Gold only • Username. Enter the username to be used for SMTP authentication.
supports clear text • Password. Enter the password to be used for SMTP authentication.
authentication for • Use an encrypted connection (SSL/TLS). Enable this option to
retrieving mail. To encrypt SMTP traffic if your SMTP server supports encrypting data over a
protect your TLS connection. Please note, WhatsUp Gold only supports explicit SSL
username and
sessions negotiated using the STARTTLS command for SMTP
password when
connections.
retrieving mail, you
must use an SSL • Timeout. Enter the length of time WhatsUp Gold attempts to connect to the
encryption selected device. When the specified time is exceeded without connecting, a
method. When timeout occurs and WhatsUp Gold stops trying to connect to the server. This is
connecting using considered a failed connection.
STARTTLS, the
connection is
encrypted before
any authentication POP3 advanced properties
information is sent
or any mail is Port. Enter the port number where the POP3 or IMAP server listens.
retrieved.
Use an encrypted connection. Enable this option to connect to a POP3 or

IMAP server in an encrypted mode. Select one of the following encryption
methods:
• Use implicit SSL. Select this option to login to your POP3 or IMAP
server in an encrypted mode.
• Use SSL with STLS. Select this option to login to your POP3 or IMAP
server in an unencrypted mode, and then switch to a TLS connection by
sending STARTTLS or STLS command to the server.
64
Timeout. Enter the length of time WhatsUp Gold attempts to connect to the selected
device. When the specified time is exceeded without connecting, a timeout occurs and
WhatsUp Gold stops trying to connect to the server. This is considered a failed
connection.
If your IMAP server is configured to move the test message sent by the monitor
to any folder other than the Inbox, the monitor fails. WhatsUp Gold only detects
messages in the Inbox folder on an IMAP server.
DNS
The Domain Name Server (DNS) monitor is a simple
service monitor that checks for the DNS on port 53. If a
DNS service does not respond on this port, the service is
considered Down.
FTP
The FTP monitor performs upload, download, and delete tasks on designated FTP
servers to ensure they are functioning properly. You can configure a single monitor to
perform all three tasks. However, if any one of the tasks fails, the entire monitor is
considered Down.
• FTP Server. Enter the device address of the FTP server for which the
FTP monitor is configured and on which the monitor performs associated
tasks.
• Port. Enter the port the monitor should use to communicate with the
Ipswitch FTP server.
recommends • Username. Enter the username used to access the FTP server for which
creating a the monitor is configured.
separate FTP
• Password. Enter the password used to access the FTP server for which
monitor for each
FTP server you are
the monitor is configured.
monitoring, unless • Use Passive Mode. Enable this option to use passive (PASV) mode
the same rather than active mode when attempting to connect to the FTP server
username and and to perform the subsequent tasks.
password are used • Upload. Enable this option to have the active monitor upload a file to the
for each of the designated FTP server. Please note, this option must be enabled to use the
servers. Download and/or Delete tasks.
65
• Download. Select this option to have the active monitor download a file
from the designated FTP server.
• Delete. Select this option to have the active monitor delete a file from the
designated FTP server.
Specify a username and password for an account with the appropriate user permissions for the
file actions you select. To upload files to the server, the account must have write permissions.
To download files from the server, the account must have read permissions. And, to delete files
from the server, the account must have delete permissions.
Network Statistics
The Network Statistics monitor uses
Simple Network Management
Protocol (SNMP) to query a device
to collect data on three device
protocols, Internet Protocol (IP),
Transmission Control Protocol
(TCP), and User Datagram Protocol
(UDP) and alerts you when
configured thresholds are met or
exceeded.
Thresholds to monitor. Select the

IP, TCP, and/or UDP thresholds to
monitor. Click on any individual
threshold to highlight it, then click
Configure to specify Down
conditions for the selected
threshold.
The OID and a description of the selected parameter can be found at the
bottom of the configuration dialog. You can check to see if your device
supports the OID with the MIBWalker. While there are Active monitors
for Exchange, and SQL server these type of applications are best monitored with the
Application Monitor feature.
66
Cloud-Based Resources
Cloud Resource Monitor determines if the selected cloud load balancer or cloud instance
is available. This is useful for tracking service level for applications running in
the cloud, tracking uptime, and monitoring health of managed infrastructure
when your network or datacenter resources extend to the cloud.
The monitor can be used to determine availability for:

• Amazon Web Service Elastic Load Balancing service
• Amazon Elastic Compute Cloud (EC2) instances
• Azure Resource Manager load balancers
• Azure Resource Manager virtual machines
The success or failure of the monitor is dependent upon health and operational status
values returned by the device that can be interpreted by WhatsUp Gold as up or down.
Before you apply this monitor to a device, the device must have valid AWS or Azure
credentials assigned (depending on the cloud service being utilized).
67
Passive Monitors
Passive monitors are responsible for listening for device events. Whereas active monitors
poll devices for data, passive monitors passively listen for device events. Because passive
monitors do not poll devices, they use less network bandwidth than active monitors.
Passive monitors are useful because they gather information that goes beyond simple Up
or Down by listening for a variety of events.
Although passive monitors are useful, you should not rely on them solely to monitor a
device or service—passive monitors should be used in conjunction with active monitors.
When used together, active and passive monitors make up a powerful and crucial
component of 360-degree network management.
Passive Monitor types are specific configurations of SNMP traps, Windows Log Events,
or Syslog Events. Though you can create any of these three types of passive monitors,
SNMP traps are most widely used on network-type devices and Windows Event Logs
are used solely on Windows devices. In all, there are about a dozen Passive Monitors in
the default instance of WhatsUp Gold Premium.
If you want to know when someone with improper credentials tries to

access one of your SNMP-enabled devices, you can assign the default
Authentication Failure passive monitor. The monitor listens for an
authentication failure trap on the SNMP device, and logs these events
to the SNMP Trap Log. If you assign an action to the monitor, every
time the authentication failure trap is received, you are notified as soon
as it happens.
Listener
A Passive Monitor Listener runs continuously on the WhatsUp Gold server
listening for events to occur. WhatsUp Gold is installed with three Passive
Monitor Listeners:
• SNMP Trap Listener. This listens for SNMP traps, or unsolicited SNMP
messages, that are sent from a device to indicate a change in status.
• Syslog Listener. This listens for Syslog messages forwarded from devices
regarding a specific record and/or text within a record.
68
• Windows Event Log Listener. This listens for any WinEvent; for
example a service start or stop, or logon failures. It will listen for events in
the following logs:
o System
o Security
o Application
Both SNMP Trap and Syslog listeners are

not enabled by default and must be
enabled before using SNMP Traps or
Syslog passive monitors.
You can start the listener under Settings > System
Settings > Passive Monitor listener
When an event occurs and is sent to

WhatsUp Gold the appropriate Passive
Monitor Listener first checks the
contents of the event to verify it is an
item you have defined as important and
worth collecting. This is done by
checking the event for specific key words
and configuration information that must
match the configuration of the monitor
assigned to the device in WhatsUp Gold.
Then the listener logs the event, notifies
WhatsUp Gold, and any associated
actions assigned to the passive monitor
are fired. If the contents of the event do
not match the configuration of the
passive monitor the event is discarded
and no logging or actions take place.
In the case of Syslog and SNMP Trap

passive monitors you can also choose to
accept and log unsolicited events, which
do not require a matching passive
monitor to be assigned to a device and
are stored immediately to the database
upon receipt. Take care when
You can start the listener under Settings > System Settings implementing this option, however, as
> Passive Monitor listener
collecting too many unsolicited events
can very quickly lead to a large database table.
69
SNMP Traps
SNMP traps are commonly used on network devices such as routers and switches, as
well as some server-level devices, hardware devices, and appliances. SNMP traps can be
generated for a variety of situations, both for standardized events like an interface going
down and for more specialized situations like a period of high CPU utilization.
Most devices can be configured to send this data to up to two separate IP addresses
using the default UDP data port of 162, or to a non-standard port number of your
choice. In order to receive these events in WhatsUp Gold you must have the SNMP
Trap Listener running on the appropriate port, and have the remote device configured
to send the trap to the IP address and port number in use by WhatsUp Gold.
You can configure SNMP Traps using 2 different methods:

• Automatically using the Trap Definition Import Tool
• Manually using the Passive monitor Library
Import Tool
The easiest and simplest way to get your SNMP trap passive monitors created is using
the “Trap Definition Tool” found in the Admin console (Tools > Import Trap
Definitions). It will allow you to search for a specific trap you need WhatsUp Gold to
listen for, and then import it into the Passive Monitor library. After you have imported
the trap, you can make and configuration changes to the monitor in the Passive Monitor
Library using the Rules Expression Editor dialog.
Select the trap you want to import and click Import to passive monitor library. If the Trap
already exists in the database it will not be imported a second time.
70
The SNMP Trap monitor listens for unsolicited messages from a monitored network
device notifying WhatsUp Gold of a specific event. The monitor can be configured to
listen for all SNMP traps or for only specific
types.
Enterprise/OID. Select the desired object

identifier (OID) from the Enterprise section of
the MIB. This is the SNMP enterprise identifier
in the trap, which is used for unique identification
of traps for a particular application. If you specify
the OID in this box, then an incoming trap
matches this rule only if the trap enterprise box
begins with the OID that you have specified. If
you are unsure of the OID to use, or you do not
need to be specific, you can leave this box blank
and it is ignored. Please note, this option is only
available if Generic Type is set to 6-
EnterpriseSpecific.
Generic Type (Major). Select the SNMP Trap type. Each trap has a generic type
number which is part of the rule determining the matching criteria for an incoming trap.
Specific Type (Minor). Enter an integer value from 0 to 4294967296. Please note, the
Generic Type (Major) must be set to Enterprise Specific.
Payload. Click Add to launch the Rules Expression Editor to create an expression, test
it, and compare it to potential payloads.
If you have multiple payload "match on" expressions, they are linked by
"OR" logic—not "AND" logic. If you have two expressions, one set to
"AB" and the other to "BA", it matches against a trap containing any of
the following: "AB" or "BA" or "ABBA".
71
Syslog
Syslog messages are widely used amongst Unix
and Unix-based systems as well as network
devices, and even simple devices such as printers
and power supplies. Because of this they are a very
popular method of collecting and storing events
from multiple device types into a single depository
of data for compliance purposes.
Syslogs are passed to UDP port 514 by default and
can make use of varying severity levels in the

content of the event, making them a handy utility
for very specialized passive monitoring and
alerting. As with SNMP Traps you will need to
start the listener in WhatsUp under Settings > System Settings > Passive Monitor listener
Syslog monitor listens for Syslog messages on the devices to which it is assigned.
For more information about Syslog facilities and levels of severity, see RFC5424
(http://tools.ietf.org/html/rfc5424 page 9 for facilities and page 10 for levels of
severity).
Click Add to launch the Rules Expression Editor to create an expression, test it, and
compare it to potential payloads.
If you define multiple payload Match On expressions, each

expression is considered individually (think "or" operator).
72
Windows Event
Windows devices make use of event logs to store and track information, warning, and
error events logged by the local operating system. These event logs can also be
monitored from a remote location, allowing a network administrator to browse the
Windows Event Logs on a remote server on their network. Windows events include
many different parameters in a single event, including an event ID, description, type, and
source.
Windows Event Log passive monitors in WhatsUp Gold make use of these parameters
by allowing you to configure collection of events that meet a certain criteria, such as
events of a Warning type that come from a specific Source, or collecting all events that
share a common Event ID. Once this configuration is set in a passive monitor and the
monitor is saved to a device, WhatsUp Gold connects to that remote server and registers
for that set of events on the remote machine. From thereafter, any time the remote
device logs an event that matches your criteria the event is sent to the WhatsUp Gold
server and logged by the Windows Event Log Listener. Unlike SNMP Traps and Syslogs
the listener is already started.
As a best practice, we recommend keeping conditions simple by

opting for multiple Passive Monitors over complex sets of
conditions. When complex conditions are unavoidable, we
recommend grouping all OR conditions together at the beginning of
the set of conditions, followed by the ANDs
The Windows Event Log monitor uses WMI authentication to listen for Windows
events on the devices to which it is assigned. To use multiple Windows Event Log
monitors, assign a unique monitor to each device. When assigning a Windows Event
Log monitor, ensure the device has credentials assigned to it first.
Condition. Enter a list of conditions to match. Only log entries matching these
expressions are converted to events. Conditions are processed sequentially from top to
bottom. As each condition is evaluated, its results are applied to the next condition until
all conditions are evaluated. For complex sets of conditions involving both ANDs and
ORs, this serial logic may produce different results than intended.
Click Edit to add or edit a condition or Clear to remove a condition from the box
Match On. Click Add to launch the Rules Expression Editor to create an expression,
test it, and compare it to potential payloads.
73
Performance Monitors
Performance Monitors are responsible for gathering data about the performance
of the devices running on your network for long-term analysis and reporting
purposes. There are many components that can be collected with performance
monitors; for example, CPU and memory utilization. This data is collected and
stored in raw format, and is then used to create reports that trend utilization and
availability of these device components over time.
A selection of performance monitors are available in a fresh installation of

WhatsUp Gold, making use of SNMP and ICMP to collect common performance
statistics from a variety of device types. Additionally, you can create custom
performance monitors to track performance metrics for APC UPS devices and
Printers, as well as create custom monitors based on Active Script, SNMP, SSH,
and WMI to query performance counters on any type of device. All NEW
discovered devices will use WMI by default for windows devices; if currently
monitored will still run SNMP.
Performance monitors are added to individual devices through the Device

Properties dialog. You can add:
• Default Performance Monitors
• Device-specific (Custom) Performance Monitors
o Hardware
o Application/OS
o Network Management and Instrumentation
o Disk I/O and Throughput
74
Default Monitors
There are five default performance
monitors to track device
performance by checking and
reporting on device resources.
These monitors are:
• CPU utilization
• Disk utilization
• Interface utilization
• Memory utilization
• Ping Latency and
Availability
Each of these default performance

monitors includes a specialized set of
reports and utilities geared towards getting up and running with performance reporting
very quickly. By simply selecting these monitors for collection on your devices you can
immediately make use of these built-in utilities, giving you the ability to track long-term
performance on your network with almost no setup or configuration required.
The five default performance monitors cannot be edited, copied or

deleted.
The default performance monitors all use SNMP to connect to the device and
verify its performance. The only exception is the Disk utilization monitor can be
configured to use WMI instead of SNMP on a Device by device basis. The
advantage of using WMI is it gives the ability to monitor “Mount points” on your
windows devices.
NOTE: Starting with WhatsUp Gold 2017 Plus SP1 (v17.1.1) and
subsequent versions, the default performance monitors will use either
SNMP or WMI to apply them to your devices.
Custom Monitors
In Addition to the default custom monitors you can create custom monitors to
track specific performance metric. The additional monitors can be split into 4
categories Hardware, Application/OS, Network Management and
Instrumentation, and Disk I/O and Throughput. These additional monitors are:
• Hardware
o APC UPS
o Printer
• Application/OS
75
o Active Script
o JMX
o PowerShell Scripting
o SQL Query
o SSH
o Windows Performance Counter
o Hyper-V Event Log
o Hyper-V Host VM
• Network Management and Instrumentation
o SNMP
o WMI
o WMI Formatted
• Disk I/O and Throughput
o VMWare Datastore IOPS
o Hyper-V Disk Activity
Hardware
APC UPS
The APC UPS monitor collects statistical
output power usage information and
graphs APC UPS power utilization over
time. This monitor detects when a
monitored UPS device is close to
maximum performance level as well as
the time of day networking devices
connected to the UPS device are using
the most power indicating the need to
equally distribute the load across several
UPS devices. Only a unique name and
description are required to successfully
configure this monitor.
Printer
The Printer monitor uses SNMP to collect data on SNMP-enabled

network printers. The target printer must be SNMP-enabled and support
the Standard Printer MIB for this monitor to work properly. Use this
76
monitor to check for potential issues such as ink levels, paper jams, and low input media
(e.g., paper). The monitored printer must support the Standard Printer MIB.
Ink/Toner Cartridge. Select the ink/toner cartridge you want to collect ink/toner level
data. Please note, you must create a Printer performance monitor for each color
ink/toner cartridge you want to monitor.
Collection interval. Specify how often data should be collected from the selected toner
cartridge.
Please note, all SNMP objects may or may not be supported by the specific printer being
monitored depending on its manufacturer and model.
Application/OS
Keep in mind that Active Script
although you can The Active Script Performance monitor enables you to write VBScript and JScript
poll multiple to easily poll one or more SNMP and/or WMI values, perform math or other
values using the operations on those values, and graph a single output value. You should only use
feature, only one the Active Script Performance Monitor when you need to perform calculations on
value will be the polled values.
stored to the
database: the
outcome of your The Active Script performance monitor requires one or more of the following
scripted credentials:
calculation.
• SNMPv1
• SNMPv2
• SNMPv3
• WMI
Configure the Active Script performance monitor using the following boxes:
• Script type. Select either JSCRIPT or VBSCRIPT.
77
• Timeout (sec). Enter the length of time WhatsUp Gold attempts
to connect to the selected
device. When the time you
enter is exceeded without
connecting, a timeout occurs
and WhatsUp Gold stops
trying to connect to the
SMTP server. This is
considered a failed
connection. Please note, the
maximum timeout allowed is
60 seconds. However,
Ipswitch does not
recommend setting a
timeout that exceeds 10
seconds. Use the shortest
timeout possible.
• Reference variables. Add,
Edit, or Remove SNMP and
WMI reference variables using the respective buttons on the right
of the dialog. Please note, the use of reference variables in the
Active Script performance monitor is optional. For additional
information, please see Using Reference Variables with Script
Monitors in the help files.
• Script text. Enter your monitor code.
To configure an SNMP Active Script performance monitor:

• Click Add from the Add Active Script
Performance Monitor dialog to add a new
variable to the Reference variables field. The
Add New Reference Variable dialog appears.
• Enter the appropriate information:
o Variable name. Enter a unique name
for the variable.
o Description. (Optional) Enter a short
description for the variable.
• Select SNMP from the Object type list.
• Click browse (...) next to Instance. The MIB
Browser dialog appears.
• Enter the name or IP address of the computer you are trying to connect to
in the Select counters from computer box.
o You can click browse (...) to select a device from a list.
• Select the SNMP Credential used to connect to the device.
78
o You can also click browse (...) to access the Credentials Library to
create a new credential.
• Click OK. The SNMP MIB Browser appears.
• Use the navigation tree in the left panel to select the specific MIB you
want to monitor. You can view more information about the
property/value at the bottom of the dialog.
• Click OK to add the OID to the Performance counter and Instance fields
in the Add New Reference Variable dialog.
To configure a WMI Active Script performance monitor:

• Click Add from the Add Active Script Performance Monitor dialog to add
The first time that
a new variable to the Reference variables field. The Add New Reference
you poll a WMI
reference variable
Variable dialog appears.
that requires two • Enter the appropriate information:
polls in order to o Variable name. Enter a unique name for the variable.
calculate an o Description. (Optional) Enter a short description for the variable.
average (such as • Select WMI from the Object Type list.
“Processor\% • Click browse (...) next to Instance. The Performance Counters dialog
Processor Time”),
appears.
it returns “Null.”
• Enter the Name or IP address of the computer you are trying to connect.
• Select the Windows Credential used to connect to the device.
o You can also click browse (...) to access the Credentials Library to
create a new credential.
• Click OK to connect to the computer.
• Use the performance counter tree to navigate to the Performance Counter
you want to monitor.
• Select the specific Performance Instance you want to monitor.
• Click OK to add the variable to the Performance counter field in the Add
New Reference Variable dialog.
* You need to include error handling in your monitor script. Your

script either needs a value to graph by using Context.SetValue, or
you must use Context.SetResult to tell WhatsUp Gold that the
script failed.
* Context.GetReferenceVariable will return ‘null’ if the poll fails for
any reason.
* If you do not have a call to SetValue or SetResult, the script does
not report any errors and no data is graphed.
* If SetValue is used, it is not necessary to use SetResult, as SetValue
implicitly sets SetResult to 0, or “good.”
* Results from this performance monitor are displayed on Custom
Performance Monitors full and dashboard reports.
79
* Errors from this performance monitor are displayed in the
Performance Monitor Error log, as well as EventViewer.exe.
JMX
The JMX Performance Monitor allows you to monitor any server that supports JMX by
requesting a single JMX performance counter the server supports and allows you to
easily browse and add available counters to the monitoring list.
• Object Path/Attribute. Select

the target device, domain/path,
and attribute to monitor. See the
following procedure steps for
additional details about selecting
the object path and attribute.
• Port. Enter the port number

WhatsUp Gold should use to
communicate with the JMX object.
• Use SSL. Select this option to use Secure Socket Layer connection for
communication with the JMX object.
• Click the Browse button (...) to launch the JMX Credentials dialog.
• Enter the IP address or host name of the target device to browse.
• You can also click the Browse button (...) to select a device from the device list.
• Ensure the Port and Use SSL with RMI Registry settings reflect your
selections made in the previous dialog.
• If needed, select an existing JMX credential from the list
• or click the Browse button (...) to access the Credentials Library, then create a
new one.
• Click OK to proceed to the JMX Browser which you can use to select the target
device, domain/path, and attribute to monitor.
80
PowerShell
The PowerShell PowerShell Scripting enables you to create custom performance monitors using
Scripting Windows PowerShell.
performance
monitor uses the
Windows WhatsUp Gold uses the 32-bit (i.e. x86) PowerShell engine. Therefore, only 32-bit
credentials to pull PowerShell snap-ins are supported and 64-bit only snap-ins will not function
properly. Snap-ins usable in both 32-bit and 64-bit operating systems are configured
the performance
for 64-bit systems by default and must be manually configured for 32-bit PowerShell
information. engine to function properly with WhatsUp Gold.
Timeout (sec.) Duration WhatsUp Gold attempts to connect to the selected device.
This is considered a failed connection.
Reference variables. Add, edit, or remove SNMP and WMI reference variables using
the respective buttons on the right of the dialog. See steps below to configure either an
SNMP or WMI PowerShell Scripting Performance monitor.
Run under device credentials. Click to execute the script using the Windows
credentials for the affected device.
Script text. Enter your monitor code.
The use of reference variables in the PowerShell performance monitor is optional. If you
do use them, you must use Context.GetReferenceVariable, for reference variables to be
polled and their data graphed. Reference variables simplify your scripting code and
enable you to write scripts efficiently,
without having to use a list of device
properties, as with the Script Action
and Script Active Monitor. They
manage the underlying SNMP or
WMI mechanisms you would
normally have to manage in order to
access SNMP or WMI counters on a
remote device.
By using the
Context.GetReferenceVariable
(variable name), you only need to
specify the name of a pre-defined
variable. WhatsUp Gold uses device
credentials and connects to the target
device using SNMP or WMI to
81
retrieve the requested information. This information is stored in a variable that you can
use later in your script. For more information, see Using the Context Object with
Performance Monitors in the help files.
SQL Query
The SQL Query monitor uses WMI or ADO authentication to determine if specific
To monitor a
MySQL database,
conditions exist in a Microsoft SQL, MySQL, or ORACLE database by querying the
download and
database. If the configured conditions are present, the monitor is Up. If changes made
install the MySQL to the database since the last query cause data to no longer fall within the defined criteria,
.NET Connector on the monitor is Down.
the WhatsUp Gold
When connecting to a remote SQL instance, WhatsUp Gold only supports the
machine. Please
TCP/IP network library.
note, only MySQL
version 5.2.5 is
supported due to
potential
Configure the following setting to create a SQL query monitor:
compatibility
issues. MySQL • Server Type. Select Microsoft SQL
.NET Connector Server, MySQL, or ORACLE as the
version 5.2.5 can database server type. Please note, MySQL
be downloaded database is supported and listed as a server
directly from the type option only if the MySQL 5.2.5
WhatsUp Gold Connector is installed.
website • Connection Timeout. Enter the amount
(http://www.whats of time WhatsUp Gold waits for the
upgold.com/MySQL server to respond before terminating the
525Connector).
connection and returning the timeout
error. The minimum allowed value is 1
second whereas maximum allowed value is
120. Please note, this setting only applies
to polling whereas the query builder
assumes a default of 15 seconds for the
connection timeout.
• Server Address. Enter the server address in the applicable format:
o ServerName\Instance format for Microsoft SQL Server. Example:
WUGServer\SQLEXPRESS
o ServerName for MySQL. Example: WUGServer
o ServerName/ServiceName for Oracle. Example:
WUGServer/Oracle.
• Port. Enter the database server port number.
• SQL Query to Run. Enter the query to run against the specified database
to check for certain database conditions.
Click Build to launch the SQL Query Builder for assistance with developing proper
query syntax. Only SELECT queries are allowed.
82
The SQL query you enter must return a single numeric value. Specifically, a single record
that has just one column. If the query returns more than one record, the monitor fails
to store the data. If the query returns a single record but there are multiple columns in
the record returned, then the monitor will pick the first column as the value to store
and this first column has to be numeric, otherwise the monitor will fail to store the data.
Click Verify to test if the entered database query is valid.
Number of rows returned is. Select this option to determine the success or failure of
the monitor scan based on rows returned by the SQL query. All database rows must
match the criteria settings for the monitor to be considered Up.
Content of each retrieved row matches the following criteria. Select this option to
determine the success or failure of the monitor scan based on criteria which each
database row must match. If multiple threshold criteria are used, all thresholds must
match the criteria in each row for the monitor to be considered Up.
Click Add, Edit, and Delete as needed to create, modify, and remove database column
values and conditions, respectively.
SSH
The SSH monitor uses SSH authentication to connect to a remote device to execute
commands or scripts which can be either embedded in the monitor or placed
as an executable script file on the remote machine with a command
embedded in the monitor to run the script. Each monitor returns a single
numeric value which is recorded in the database and then used later by other WhatsUp
Gold functions as needed.
Command to run. Enter the command to run and execute on the remote device. The
command can be anything the device can interpret and run; for example, a UNIX shell
command or a Perl script.
Please note, if you create a script to run on the remote device, it must
be developed, tested, and/or debugged on the remote machine.
Select one of the following script options:
Numeric. The command or script must return a single numeric value. The script can be
as complex as required, but MUST only return a numeric value.
Old, single-line UNIX-style: free -m | awk ‘NR==2{print $3}’
Shell Interactive. This script is not constrained to only returning single numeric values;
however, the output MUST contain the string ‘Result=xxxx’ where xxxx represents a
numeric value.
83
New multi-line Linux-style: echo Result=$(free -m | awk
‘NR==2{print $3}’)
This newer script format supports all the features of the target script interpreters without
burdening the script developer to limit the output to a single numeric value.
Line end character. Select the appropriate line end type: None, Linefeed, Carriage
return, or Carriage return linefeed. Multiline scripts are entered and persisted on a
Windows operating system and include line-ending characters that may not be
recognized on the target device. This configuration feature instructs WhatsUp Gold to
replace the line-ending characters with the selected characters prior to connection and
command execution.
SSH credential. Select the appropriate SSH credential WhatsUp Gold uses to connect
to the remote device. WhatsUp Gold uses the SSH credential assigned to the monitored
device if Use the device SSH credential is selected.
84
Network Management
SNMP
The Simple Network Management Protocol (SNMP) monitor accesses SNMP-
supported network devices and graphs performance output.
• Performance counter/Instance. Select the target device and required

credentials, then select the
specific SNMP object to
monitor in the SNMP MIB
Browser.
• Plot raw values. Enable
this option to monitor the
current polled value instead
of tracking the rate of
change over time. Use this
feature to graph the current
value of the SNMP object
WMI
The WMI performance monitor watches for specific values on Windows Management
Instrumentation (WMI) enabled devices. WMI is a Microsoft Windows
standard for retrieving information from computer systems running
Windows and is installed by default on most Windows operating
systems.
• Performance Counter and Instance. Enter the OID and instance in the
respective fields
o Or click browse (...) to access the Performance Counters dialog.
The Performance
Counters dialog appears.
• Use the navigation tree in the left
panel to select the specific
performance counter you want to
monitor. You can view more
information about the
property/value at the bottom of
the dialog.
85
• In the right pane, select the specific performance instance of the selected
counter you want to monitor.
• Click OK to add the appropriate values to the Performance counter and
Instance boxes on the Add WMI Performance Monitor dialog. The Add
WMI Performance Monitor dialog appears.
WMI Formatted
Configuring WMI Formatted Counter
monitors collects performance data on
devices using the Windows Management
Instrumentation (WMI) technology.
WMI is Microsoft Windows standard for
retrieving information Windows
platforms.
WMI Formatted Counter performance

monitor uses calculated counter data.
• Performance Counter and Instance. Enter the OID and instance in the
respective fields
o Or click browse (...) to access the Performance Counters dialog.
The Performance Counters dialog appears.
• Computer name. Name or IP address of the computer you are trying to
connect to and gather instrumentation from.
• Windows Credential. Select a credential to connect to the device you
want to monitor. Click browse (...) if you need to access the Credentials
Library.
Add WMI Formatted Performance Monitor Dialog

• Performance Counter. Select the WMI object to monitor.
• Performance Instance. Select the instance of the counter.
• Performance counter and Instance boxes on the Add WMI
Formatted Performance Monitor dialog.
The difference between the WMI and WMI formatted monitors is

the formatted monitor will be rounded, instead of using a floating
point decimal. It may also be in Gigabyte or Megabyte instead of
byte
86
Cloud
AWS CloudWatch
The AWS CloudWatch Performance Monitor allows you to view
the performance statistics Amazon collects about your network
resources.
1. Configure the following fields

to set up your AWS
CloudWatch Performance
Monitor:
o Name. Enter a unique
name for the monitor.
This name displays in
the Performance
Monitor Library.
o Description. Enter additional information for the monitor. This
description displays next to the monitor name in the Performance
Monitor Library.
2. Click Edit to begin selecting specific metrics to monitor.
3. Select your Region and valid AWS
Credential from the respective lists,
then click Connect.
4. Select the AWS Namespace,
Metric, and Statistic from the
respective lists under Choose Metric.
5. Choose an instance set from the list
of Available instance sets under
Choose Instance. Individual instances in
the specified set from which to select for
monitoring appear below.
6. Select an Instance to monitor.
Once loaded, you can click Load data
to preview available instance data.
7. Click Select to return to the
performance monitor configuration
dialog.
8. Click Save.
87
Azure Cloud Billing
The Azure Cloud Billing Monitor gets periodic usage and billing
totals from the Enterprise Azure Management Portal.
Note: This monitor requires (enrollment number/API key). For

more information, see the topic titled Azure Credential.
• Name. Enter a unique name for the monitor. This name displays in the
Performance Monitor Library.
• Description. Enter additional
information for the monitor.
This description displays next
to the monitor name in the
Performance Monitor Library.
• Polling Interval. Enter an
interval to fetch the billing
total. The frequency and availability of usage values is determined by
Azure.
Azure Cloud Performance

The Azure Cloud Performance Monitor allows you to view the
performance statistics Azure collects about your network
resources.
Tip: You can select the cloud resource you want to monitor at
configuration time using the Create Azure Cloud Monitor dialog. For
example, if you add an Azure blob storage or table service to your cloud
subscription and want to add a new monitor, you can create and apply a new
monitor directly —no new discovery scan is needed.
1. Configure the following fields to set up your Azure Cloud Performance

Monitor:
o Name. Enter a unique
name for the monitor.
This name displays in
the Performance
Monitor Library.
o Description. Enter
additional information
for the monitor. This
description displays next to the monitor name in the Performance
Monitor Library.
88
2. Click Edit —select an Azure credential from the list, then click OK.
3. Browse for Azure resources associated with this credential and select them
for monitoring. Browse for resources in either of two modes:
o Device Context. A device (VMs, for example) managed by the
Azure subscription associated with the current credential. ( show
me)
o Subscription. Any resource groups that you granted access to
when you created your API Key, and scope down: ( show me)
 Resource Group
 Resource Type
 Resource
4. Select a Metric. And click Load data to preview current data with the
given Aggregation Type (Average, Total, ...)
5. Click Save to return to the performance monitor configuration dialog.
6. View the summary, and click Save to add the monitor.
89
Thresholds
You can set a Threshold on any of your performance monitors and more within Alert
Center. Alert Center has five major types of thresholds available out of the box:
Performance, Passive, System, Wireless, and Network Traffic Analysis. Each category
includes a number of different thresholds.
Alert Center Performance thresholds notify you about performance monitors that
have exceeded or dropped below threshold limits. These thresholds make use of data
collected by your default and custom performance monitors and saved to the WhatsUp
Gold database.
Alert Center Passive thresholds notify you when passive monitors fall out of the
parameters of the thresholds you configure. This threshold type looks at the passive
monitors that have been logged by the various Passive Monitor Listeners.
Alert Center Network Traffic Analysis thresholds notify you on WhatsUp Gold
Network Traffic Analysis feature aspects that fall out of the parameters of the thresholds
you create. These thresholds make use of standard and custom filters available within
Network Traffic Analysis.
Alert Center System thresholds alert you on aspects of your WhatsUp Gold system
according to the threshold parameters you configure. Virtualization and Configuration
Manager Thresholds are also shown as System thresholds.
Alert Center Wireless thresholds relate to your wireless devices and aspects of these
devices that fall out of threshold, including wireless access point and client data.
90
4
Discovery
Network Discovery
What is a Discovery
Network discovery is the process WhatsUp Gold uses to identify devices on your
network. Network discovery is based on the concept of query and response, where one
device will launch a query, and one or more devices receiving this query will respond, in
accordance to the protocol used. This process scans each device to determine its IP
address, host name and possibly manufacturer, model, running software and services,
and displays this information in WhatsUp Gold’s interface. The various scanning
protocols will return different information.
WhatsUp Gold applies credentials and a sequence of steps to reveal, learn about, and
decide which monitors suit devices on your network. Once a device is discovered, you
choose if you want to manage/monitor the discovered device by promoting it to the My
Network map. Promoted devices count against your license total.
91
Network discovery scans can uncover device and host attributes, the device’s role within
the network (for example, DNS, SMTP, FTP server), and which other machines on the
network the device shares dependencies or frequent connections/conversations with.
Prior to initiating a discovery scan, first ensure your network devices can be discovered
and subsequently identified. WhatsUp Gold attempts to discover devices on your
network using ping (ICMP) and by scanning for open TCP ports. Please check to see if
network devices respond to one or both of these request types before beginning
discovery.
After WhatsUp Gold discovers a device on an IP address, it uses SNMP and/or WMI
data on that device to gather all available information including the manufacturer and
model, any installed components such as fans, CPUs, and hard disks, the operating
system, and specific services (such as HTTP or DNS). Devices should be configured to
respond to SNMP requests whenever possible. Alternatively, WhatsUp Gold can also
gather information about Windows devices using WMI. In most cases, the information
available using WMI is also available using SNMP.
If a firewall exists between WhatsUp Gold and the devices to be discovered

or if the Windows firewall is enabled on the computer where WhatsUp
Gold is installed, make sure the appropriate ports are open to allow
WhatsUp Gold to communicate via Ping, SNMP, and WMI.
From the DISCOVER > New Scan page, select Advanced Setting > Expand scan to
any virtualization environments to control if Hyper-V or VMware hosts or VMs will be
included in the network discovery process.
• VMware. Valid VMware credentials are used. VMware Tools are also required.
• Hyper-V. Hyper-V devices are discovered when valid Windows credentials are
used. Groups and users for passing WMI management objects must be in place.
Host OS Application firewalls must align with default Hyper-V firewall rules.
92
Device Roles
Roles
Each device discovered by WhatsUp Gold is assigned both a single primary and multiple
sub roles based on data gathered from the device during the discovery scan. Roles
Assigned
assigned during discovery determine which monitors and attributes are assigned to the
credentials are
device automatically, and which actions are available for use. Additionally, role
used to refresh
device details. If
assignments affect what devices and associated icons the map views display when filters
credentials or are applied as well as Layer 2 dynamic group membership and may affect certain overlay-
other configuration specific behavior such as wireless or virtual.
details for the
device have
changed since the
previous refresh,
the most
appropriate
primary role
determined by
WhatsUp Gold
during discovery
could be different
depending on what
modifications were
made to the
device
configuration
since the last time
While WhatsUp Gold determines the most appropriate roles based on information
device details
received from the device itself, you can modify the primary role assignment by clicking
were refreshed. As
a result, new
Change Role in Device Properties, then selecting from the list of available roles and
monitors may also
descriptions that appears. The ability to change the primary role and/or sub roles can be
be applied to beneficial if a device serves a different purpose or performs multiple functions within
match the updated your network. That is, WhatsUp Gold may assign a primary role based on a device’s
role. assumed function when it is actually being used for a different reason within your
network environment.
You can monitor a wireless infrastructure device that could be potentially

be used as a wireless controller, a router, switch, or similar in which case,
it may benefit you to change its role in WhatsUp Gold to more accurately
reflect its actual function.
93
If you modify any roles assigned to a device, new monitors are not automatically applied
based on the new roles. However, the monitors associated with the role determined by
WhatsUp Gold during discovery will be reapplied if you:
• Update the device by clicking Update Monitoring from the information card on
the Discovered Network map.
• Request updated information from the device by selecting Refresh Device

Details from the actions menu.
If you have modified any monitors and/or attributes for the device,
performing these functions neither removes, disables, or re-enables
monitors, nor do they update attributes.
Finally, you may customize the default WhatsUp Gold configuration for device roles or
create new roles based on your specific network monitoring needs using the Device Role
Settings accessible from the WhatsUp Gold console application.
Sub-Roles
Devices in today’s networks support multiple roles per device. For example, a device can
be a virtual and windows server at the same time and have the appropriate monitors
applied, or a wireless LAN controller could also be a switch and DNS server at the same
time.
Discovery supports multiple roles (one primary and many secondary roles) for one
device so monitors, maps, and UI components will be able to correctly handle these
devices. A device will always have one primary role and will be identified as such, when
WUG discovers a device that has multiple roles it determines which role is going to be
the primarily through a prioritized set of criteria.
WUG will apply all monitors for both roles and sub-roles that apply to that device. A
network admin will be able to change the primary role of a device that has multiple sub
roles.
Advantages
The biggest advantage of device roles is it reduces the manual configuration of your
devices. You can automatically add all our monitors (active, passive and performance),
during the discovery process. It will also apply an action policy automatically at the device
level. It will also allow you to customize other device properties such as attributes, notes
and more.
94
Configuring
The Device Role Setting are only located in the Admin console, on the WhatsUp Gold
Server. Once in the Admin console Click Tools > Device Role Settings. Here you can
configure each part of your devices. You can customize your device roles with different
percent variables that will try to be discovered and pulled automatically during the
discovery process.
You can see a full list of variables available for discovery by doing a
search on the help files for “Discovery Percent Variables”
Configuration
General Tab
• Device Role: basic information can be configured on this tab.
o Name
o Description
o Notes
• Source: has three possibilities
o Default - Role is preconfigured and is a standard feature in
WhatsUp Gold
o Modified - Role is created using a default as a template and is then
further configured by the user
o Custom - Role and its configuration are created entirely by the user
• Weight
o Can be from 100 – 1000
o Used to tip the scale in favor of the role in case one or more roles
are selected during the discovery
• Set as network device
o When on, will consider this a device that handles or directs
network traffic and add the appropriate performance and interface
monitors to it.
Scan Rules Tab

• Where you will add the rules that WhatsUp Gold will consider when
attempting to best match a role and sub roles when making assignments to
discovered Devices.
Applied Sub Roles
• This is where you will select which sub roles will be applied to the device.
• Remember, in WhatsUp Gold, a device will be assigned a Single Primary
role and can have multiple sub roles
Attribute Tab
• Attributes are free-form name/value pairs that are used to save any kind of
information about a device.
95
• You can also use the attributes to categorize or tag devices with any label
of your choice, like a maintenance schedule or what building or which
server rack the device is located in.
• You can also include system and host attributes by using the
Discovery Percent variables. The most common discover attributes
are included in the device role template.
• The list of Discovery percent variables is accessible when you add a
new attribute and click on the Discovery Variable List link.
Custom Links Tab

• You will associate any web-browesable resources with the device
• The template has already added the Browse to the web link of the
device by using the URL of HTTP://%Device.UrlAddress
Monitor Tab
• On the monitors tab, you will add all of the active, passive, and
performance monitors to your device as you see fit.
• Clicking the Add button, opens the list of all of the monitors in your
monitors’ library, check all that you wish to apply and then click ok
• This will add the monitors to the list of monitors to add to the device
when promoting (start monitoring) the device to My Network.
• Each added monitor has options you may select
o Enable the monitor as critical
o And the application rule which has two choices
 Check support first
• Which will check the device to ensure the
monitor can be applied to the device
 Always applied
• Which will apply the monitor to the device if it
is actually supported by the device or not
Note: The default device roles, most monitors are applied via the sub
roles
Action Policy Tab

• Allows you to set the Action Policy for the device
96
New Scans
Scan Types
WhatsUp Gold 2017 has two types of network discovery scans:
IP address scan: Limit scans to check for

specific ranges, subnets or hosts File
Seed address Scan: WhatsUp Gold “seeds”

or builds an address list from target device
SNMP data. It then continues to scan for
additional devices based on the SNMP responses from these seed devices. This powerful
feature can be described as the ‘cast a wide net’ approach. It also has useful controls for
limiting the expanse of address boundaries and network hops.
Both scans types discover devices identically. The main difference the seed address scan
will crawls though out your network and devices to find other possible devices to
discover, while the IP Address scan is limited to the IP Addresses you have configured
in the scope of the scan.
Best Practices of Using Scans

IP Address
An IP address scan is best used when you need to limit the scope of the scan. Many
times you may only want to scan a single subnet or IP address without the fear of going
beyond that.
Seed Address
The Seed Address scan will crawl and use information from the discovered devices to
find other possible devices, discovering everything on your network. This allows you to
find devices that you may not have known existed.
97
Configuration
Scan Depth
Your network may have been divided into many sub-networks, and WhatsUp Gold can
be configured to discover all devices on all your subnets. The Seed address Scan will scan
subnets recursively, starting with the
configured seed addresses.
The scan depth allows the user to define

how deep into the network the scan will
go. WhatsUp allows a scan depth of 1-6.
Setting the scan depth to 1 will scan for
devices that are 1 physical hop from the
seed addresses. So if you used a single
seed address it would be everything
connected to that device.
98
A scan depth of 2 would discover all devices that are within 2 physical hops into
the network of all
the seed addresses.
Moving the scan

depth to 2, would
allow WhatsUp
Gold to look for
any additional
devices that are
within 2 physical
hops from the seed
addresses.
99
Now, increasing the scan depth to 3 would allow WhatsUp Gold to look even further
into your Network, to find further unique devices.
Make sure you do not confuse subnet with Physical Hops.
Settings
You may fine tune and customize your scan by modifying the configuration of the scan.
There are three areas you can configure if you are running an IP Address scan. A Seed
Address scan has one additional to fine tune your scan configuration.
Include
This section allows you to specify what IP address will be included in the scan. By default
the scan will include the Gateway and the local subnet of the WhatsUp Gold.
Clicking on the will display the information about that section.

(I.E. the gateway of your WhatsUp Gold server). This is what is listed
on the NIC configuration.
If your Subnet mask is wrong you could potentially attempt to discover

devices that are not even in your network. (Scan a Class A subnet instead
of a Class C)
100
Specific IPs,
Ranges, and
Subnets
This area also allows you to enter
a single IP address, multiple IP
addresses (one per line), a single
range of IPs, multiple ranges (one
per line), singe subnet, or
multiple subnets (again one per
line). Ranges are entered with a “-
” between the starting and ending
IP. Subnets are entered in CIDR
notation (192.168/24).
Use Host File

This option lets you add a standard HOSTS txt file for a list of IPs to scan.
Monitored Devices
Selecting this option displays the Select Groups button. Clicking the Select Groups
button opens a dialog which allows you to select one or multiple groups (multi-select) of
currently monitored devices within your WhatsUp Gold, letting you rediscover the
devices for Updates.
Cloud Devices
You may include cloud-based infrastructure devices when AWS and/or Azure
credentials are enabled during discovery. (For AWS, select only the geographic regions
where your instances are provisioned for quicker scans).
Exclude
This area is similar to the include text box, allowing you to enter single IPs, ranges or
subnets you want to exclude from being scanned.
101
IP/MAC Address Exceptions
Relating to excluded devices, you can exclude device from merging during the discovery
process by entering their IP Address or MAC address. You can find this area under
SETTINGS>Discovery Settings>IP/MAC Address Exceptions
Limit
This section only appears when running a Seed
Address scan. In this area is where you may set
it to scan only private, non-routable networks.
You may also limit the scan to subnets that you
are currently monitoring. To further restrict
what IPs to discover, you have a text box
similar to the Include and Exclude sections. It
will keep WhatsUp Gold from discovering any devices that are not included in the limit
area.
Maximum Number of Devices

To reduce the time a scan will take, you may
determine the Maximum number of Devices. When
checked, it allows you to restrict the number of
devices discovered. This number is the number of
Devices discovered after all the IPs are merged together.
102
Advanced Settings
The last set of configuration options you have is under the Advanced Settings. Most of
the options are checked by default
but you may change them if needed.
The Data Collection Settings lets you Expand scan to any virtualization environments as
well as wireless environments. Letting you discover your VMware and Hyper-V guest
and host association. Then it lets you start collecting Wireless information from your
Wireless infrastructure. Under the Concurrent
Information Collections, you may set the number of
Maximum Threads WhatsUp Gold will use during the
discovery. Lower the number the slower the discovery
will take, but if you raise this number just be aware it
could impact your network devices. WhatsUp Gold lets you determine how a device will
be named. Under the Device Naming section, you may choose to Resolve Hostnames,
which checks with DNS for the Host name and you may use SNMP SysNames to name
devices.
If the Host name or SNMP SysNames are not available, the device’s IP
address will be used to name the device and host name.
There are three different methods to discover devices under the Advanced
Discovery Checks:
• Ping Only: The most basic. It will not discover devices with ICMP turned
off or blocked by a firewall. It is also the fastest type of scan.
• Ping & Credential Port
Connectivity Checks
(Default): Checks for ICMP
response and checks to see
if any of the credential
ports, 22,23,135,443,1433,5988,5989,9000 to name a few, are open.
• Ping & Port Connectivity Checks: This type of scan Checks for ICMP
response and other ports are open to attempt to discover devices. This is
a full port scan.
103
This is also where you may determine the Timeouts and
number of retries for Ping and SNMP. And the timeout for
WMI. The default timeouts are already entered in
milliseconds.
The last section in the Advanced

Settings is the Load Monitored
Devices. This contains the
automatically update allowed
devices option. This will automatically update device details provided:
• Monitored Device groups have been selected in the include area of the
scan.
• The Keep Details Current options is set (Default configuration) in the
devices’ properties.
104
Credentials
After you have set up the configuration of your Discovery scan you need to move on to
the second task of the configuration; that is deciding what credentials you want to use.
You can get to this task by clicking next in the upper right hand sight or just clicking 2.
Credentials on the left.
This will display all credentials contained in the WhatsUp Gold Credentials Library. If
you do not already have any credentials or you need to add any additional credentials,
you may do so by clicking on the Plus icon. You may edit any existing credential by
selecting the credential then clicking on the pencil icon.
There are a couple ways to select the credentials to use with the discovery. You may use
the “Use all current and future credentials” check box at the top. With this option
checked, the discovery will attempt to apply all of the credentials in the Credentials
Library in essentially a random order. The “future credentials” comes from if you run
the scan again in the future, any new or changed credentials in the library will also be
used. If you wish to have the discovery attempt certain credentials before the rest in the
library, you may set the priority of the credential using the checkboxes in the list. The
priority is set in the order you check them.
The other way is to specify which exact credential(s) you wish to use. You will uncheck
“Use all current and future credentials”, then place a check next to the credential(s) you
want to use. Only the credential(s) with the checkbox checked will be attempted. To
specify an order or priority, you may move them up or down in the list with the list
buttons , or use the arrow keys on your keyboard.
105
Schedule
After you have optimized the
discovery settings for your network,
you may schedule it to run
periodically. Either click next or 3.
Schedule to go to the schedule
configuration settings. Each time
discovery runs, it detects new devices
on your network and checks for
changes on existing devices to update. You may also configure email notifications that
distribute information about the results of the scheduled discovery.
Once in the Schedule area tab, place a check

in the box next to schedule to configure your
settings. The scan may be configured to run
Daily, Weekly, Monthly, or a custom time
frame. Under the daily option it may be
configure to run every weekday or recur every
so many days. Weekly allows you to determine
what days of the week it will run, with the
ability to fine tune the scan to run every so
many weeks. Monthly allows the scan to run
on a certain day every so many months. The
last option, custom, lets the scan to be ran every so many minutes, hours, or days.
The scan may also be configured to expire after a certain date, keeping it from
running after that date.
In this area there is also the ability to

configure the scan to send an email
when the discovery is finished. There
are 2 buttons letting you configure the
Email settings and even test the email.
If you have configured your Email setting under Settings > System Settings >
Email Settings, it will automatically fill in the appropriate settings by clicking on
the Email settings button.
106
Summary
The last step is to review
your settings, click next
or 4. Summary. This tab
allows you to reviews the
Settings, Credentials, and
Schedule options of the
scan. If you need to make
changes, click on the
pencil icon to the right
of the applicable section.
This is also where you
may enter a name and a
description for the scan.
Run/Save
There are 2 options always available any time during the configuration of a discovery
scan. These allows the scan to either be Save or Run from a click of a button upper right
hand side.
Clicking the Save button will let you save the

discovery. Clicking OK in the Save Scan Setting dialog
will save and close the scan. It can then run it from
the Saved Scan Settings dialog window.
Clicking Run button will open a dialog very similar

to the Save button, but it gives an option to save and
run, by clicking Yes, or just run the discovery
without saving, by clicking No-Just Run.
107
Saved Scan Settings
Under the Discover Menu you have an option labeled Saved Scan Setting
(Discover > Saved Scan Settings). By highlighting a saved scan you have a variety
of option available to you.
• Run Now: Launches the selected scans. You can have up to four scans
running at the same time.
• New: Create a new scan that starts with the default discovery template.
• Modify: Edit existing saved scan. This button will not be active if more
than one scan is selected.
• Copy: Copies the information from selected scan and put into a new scan
with the default name of “Copy of...” Again the button will not be active if
more than one scan is selected.
• Set as Default: Selected scan becomes the default template when all new
scans are created. Like Modify and Copy this Button will not be active if
more than one scan is selected
Preconfigured Scans
Scheduled Refresh
WhatsUp Gold installs with five preconfigured
scans, the first being the Schedule Refresh. This
scan goes out and rescans all of the current
discovered devices. As long as the devices have
the “Keep Details Current” checked, this scan
will automatically update any devices being
monitored. If it is not checked it will keep the
updated information in the discovery portion
of WhatsUp Gold. This allows for the ability to
update the device manually, at any given time.
So what does this scan update? It looks for new

or better information about a device, including
but not limited to better fitting device roles,
device attributes and device properties.
108
The “Keep Details Current” is checked by default on every device.
Scheduled Discovery
The second of the preconfigured
scans is the Scheduled Scan. This
scan is a seed address scan with a
scan depth of 3, using all current
and future credentials. This scan
is not set to refresh and details of
your monitored devices.
Examples Scans
The last preconfigured scans are the Example scans.
There is the IP Address Scan Example. As the name implies, it is an IP address scan that
includes the local gateway and subnet. This scan is set to default, which means when you
click New, this scan is used as the template.
The next is the Seed Address scan example. This scan is set to a seed address with a scan
depth of three and includes the local gateway and subnet.
And the final example is the Large Network IP address scan example. This scan is
identical to the IP address scan example with the exception of the number of threads
which is set to 100 instead of 40.
109
Discovered Network
List View
After you start a discovery, or click on Discover> Discovered Network menu, you are
taken to the Discovered Network. If this is your fist time using WhatsUp Gold, it
defaults to the list view. Once you log out, WhatsUp Gold will remember which page
you were on and return to that page/view when you log back in with the same account.
The discovered network displays all devices which have been discovered after running
your discoveries. Devices which are not being monitored do not count against your
license count. Only those devices being monitored will take points from your license.
The discovered network list view has multiple features:
Filter Tab
The Filter Tab is
where you can filter
the list results,
displaying only the
devices which
match the filter;
more about this in
the map view
section.
Active Scans tab

The next tab will show any active scans running. It shows you overall progress of the
current scan(s). WhatsUp Gold only allows a maximum of four simultaneous running
scans. If you start more than four, the 5th and subsequent scans will be queued and run
after one of the other four finishes. You may cancel a scan from here. Canceling a scan
does not just stop the scan and everything is lost, cancelling says, don’t go any further,
but finish what you are doing and clean up. So it will finish merging devices with multiple
IP addresses in to one device and add them to the discovered network. In the list, it
shows the progress of the current scan(s) and the current status of the scan on the devices
110
themselves. This is not particular
to the active scan tab, the
progress and status will show
when any scan is currently
running in the list view. Also
when you start and or update
monitoring a device, the progress
will also show on the active scans
tab.
Discovery Legend tab

The Discovery Legend tab explains the device Icons.
• Unmonitored - Devices discovered but not monitored.

• Monitored, Up - This can be green or blue depending on what color the
user has set for
UP in their user
preferences.
• Monitored, Up
with down
monitors –
displays a
green/blue with a
red dot.
• Monitored,
Down – the
device icon is red
• Monitored,
Maintenance –
the device icon displays yellow
• Monitored, Unknown – the device icon displays grey
• Monitored, Unknown with down monitors – the device icon displays
grey with a red dot
You may collapse the Tabs by clicking on the collapse arrow and reshow them by
clicking on any of the tabs.
111
When you select a
single device in the
list view, it will
display the Device
Information on the
upper right hand
side.
Selecting multiple devices

will display the Group Card.
The list view, has an export button allowing you to export the list of devices which are
currently displays, in Excel (XML), CSV, or TXT file formats.
Clicking on the Display Map button will take you to the Map view.
112
Map View
The discovered network map view has many of the same features as the list view.
Legend
The legend on the discovery map is found in the lower left
hand corner. It displays the same icons as the list view. The
legend can also be minimized by clicking on the down arrow.
Click the Up arrow to restore it to full size.
Active Scans
The Active scans will show up under
the Discovery Legend when any
active scan is running. If you are
promoting devices to be monitored,
the progress of that action will be
shown here as well. Again, WhatsUp
Gold can run up to four scans or one promotion action at any given time.
Filters
WhatsUp Gold allows for applying filters to the map so you can see\select just the
devices you need. To access the filter you click on the funnel icon in the upper left hand
corner. Once it is selected the menu will appear.
The filter menu is divided into multiple sections.
113
• The Filter text, Name/IP Section, Location, or
Brand: enter an IP address, Name or a location
name to be used
• Roles-Dropdown menu: Shows all available roles,
default or custom, to filter devices on their role
• Credential Types-Dropdown menu: Shows available
credentials types that can be applied
• Operating system-Dropdown menu: Shows the
available Operating systems
• Monitored Status-Dropdown menu: Selects desired
status; Up, Down, Maintenance, Unknown, etc.…
• Discovery Status-Dropdown menu: Select the
desired status; Complete, In Progress, Unknown
(No Credentials)
• Scan Time: Dropdown menu: Select desired time
frame; last 60 minutes, Last 24 hours, or Select Time
Range
As you type the filter text box WhatsUp will match what is being
typed in the appropriate fields. Selecting the filter type will apply
the filter. WhatsUp Gold allows for multiple filters to be applied.
As filters are applied, the devices that

do not match will remain on the map
but are subdued nor are they
selectable. All the devices matching
the filter will remain normal, non-
subdued, and selectable. To remove
the filters by clicking the X next to the filter name or click
the Clear All to remove all the filters. Filter now filters on
ANY IP address on the device was just the default associated
with the device but not any of the IP addresses associated
with the device.
Selecting Device
The Select Tool allow WhatsUp to toggle between pan and select modes. Pan
mode allows for moving the map around. In this mode you can select single
devices. To select multiple devices, you will need to hold the shift Key down while
selecting each device.
114
When in Select mode you can draw a rectangle around multiple device to “capture”
them.
115
Zoom Controls
You may increase or decrease the size of the devices on the map view by using
the zoom controls located in the lower right corner just above the toggle between
pan and select button. Use the Plus sign to zoom in and the Minus to zoom out.
The Next Icon is the Zoom to Fit, Forces the entire map to fit inside the displayed
area. The Map also allows you to zoom in and out with a simple turn of a wheel
mouse. When using the mouse it will center the zoom on the location of the map.
Hiding Devices
Hiding devices allows for removing devices from the discover map without
permanently deleting them. To hide a
device(s), select the device(s) you want
hidden and click the eye with a slash icon
in the information card.
To unhide any device, Click Hidden Devices
Icon in upper left corner under filters.
In Hidden Devices dialog, select device(s) to

be unhidden. Then click Show Devices
button.
Start Monitoring
Once a discovery has been run, any devices in the discover list/map may be promoted
to start monitoring in WhatsUp gold. To promote
your device(s), select the device(s) you want to
monitor then click Start Monitoring or Start/Update
Monitoring in the upper right hand corner of the
device or group cards.
If you delete devices out of the Discover Map, any devices that you are currently
monitoring will repopulate in the discover map.
Returning to List View

To go back to the list view click Device List at the bottom of
the map.
116
Hybrid View
You may also view your devices in a hybrid view that will display the map on the top and
the device list at the bottom of the screen. Click the single up arrow on the Device list
button to show this view. You can return to the map by clicking the X or go to full
Device List by clicking the Device list button.
When viewing the list on the Discovered Network map, you may select just one or
multiple devices using the check boxes at left, then click Start/Update Monitoring on
the information card that appears to begin monitoring or update applicable information
for the device(s) on the My Network map view. Selecting devices on the grid also allows
you to hide, delete, or rescan connectivity from the information card using the respective
icons.
117
5
My Network
My Network
List View
If this is the first time logging into WhatsUp Gold or clicking on the My Network button,
you are taken to the My Network List view. Again, when you log out of WhatsUp Gold,
it will remember which page you visited last and will return you to that same page the
next time you log in.
The My Network list view looks and works very similar

to the Discovered Network list view with a few major
differences. The My Network only displays those
devices which are being monitored. The List view has
the Monitor Legend tab which displays the monitor
legend which consists of UP, Up with down monitors,
Down, Maintenance, Unknown, and Unknown with
down monitors.
There is the Filters & Overlays tab which has the filter which works exactly as the
Discovery List filter but it does not contain any of the filters for discovery because the
My Network only displays devices which are being monitored. Overlays are a way to
enhance or remove details to the list or map views of the My Network.
118
There is the Groups tab which shows a list of all of the default or user added groups
contained within WhatsUp Gold.
Also, you may click the export button to export the list of devices which are currently
displayed, in Excel (XML), CSV, or TXT file formats.
Clicking on the Display Map button will take you to the Map view.
Map View
WhatsUp Gold 2017

My Network map
view is also very
similar to the
discovered network
map; the legend is
almost identical,
filter, zooming,
selecting options,
along with returning
to the list view as well
as a hybrid view of
My Network, are
identical.
119
What sets the My Network map view apart from the discovered network map view
besides only displaying those devices which are currently being monitored is the use of
the Overlays.
Overlays
Overlays give the ability to enhance or remove the level of map detail by applying the
different overlays. There are five overlay options available:
• Device Overlay
• Device Connectivity
• Dependency and Link Status
• Wireless
• Virtual
• Interface Utilization Links
You may have anywhere from 1-6 overlays selected. You must have at least one
overlay selected (it will not let you remove them all).
Icon Description
Devices Overlay displays monitored devices in your network.
Network Connections and Link Status Overlay displays

devices with their network connections, showing what devices
are connected to what devices.
Device Dependencies overlay
This overlay will also show any decencies links, that have been
configured on your devices. The dashed arrow will start on the
device and point to the device it is dependent on.
Wireless overlay displays the wireless network(s). Showing the

virtual connections between the wireless controllers and access
points, as well as, the connection from access points and wireless
clients. Wireless clients will only show when wireless overlay is
selected.
Virtual overlay displays virtual environment(s). This includes
virtual devices with both VMWare and Hyper-V, their hosts and
guests. When you zoom into the map with the overlay enabled,
there are additional icons (called badges), that appear next to the
device icons. These badges depict the roll the device has within
the virtual environment.
Icon Description
120
VMWare VCenter
VMWare Data Center
VMWare Cluster
VMWare Host
VMWare Virtual Machine
Hyper-V Host
Hyper-V Virtual Machine
Overlays operate similar in the list view with the exception of the wireless and
virtual overlay. Wireless clients do not display in list view nor do the badges nor
data centers display.
121
Layout Options
Additional Features Common to both
views
Legend
The legend on the My Network views is very similar to the legend on the
Discovered Network views. It is found in the
lower left hand corner of the map view or
Monitor Legend tab in list view. It explains
the device icons:
• Up
• Up, with down monitors
• Down:
• Maintenance
• Unknown
• Unknown, with down monitors
The legend in the map view can also be minimized by clicking on the down arrow.
Click the Up arrow to restore it to full size.
Icon Device Description
A green ring indicates the device is Up. It is operating as expected

per the specific active monitors assigned and enabled.
A green ring with a red dot indicates the device is Up, but has one or
more active monitors reporting down.
A red ring indicates the device is Down. All active monitors must
report down.
A yellow ring indicates the device is currently in Maintenance Mode.

The device will not be polled, actions will not be triggered, and
activity will not be logged until it is taken out of maintenance mode.
A light gray ring indicates the status of the device cannot be

determined because WhatsUp Gold was unable to successfully
communicate with and/or gather useful data from the device when
polled.
A light gray ring with a red dot indicates the 1st critical monitor is
down.
122
Library Icons
At top right corner of the map view or list view when one
or more devises are selected, there are two icons used to
access the most common libraries used for WhatsUp Gold
device management, Credentials and Monitors. Clicking on either will open a
visual representation of the either library displaying all current credentials or
monitors. With either the credentials or monitors dialog open, click the plus icon to
add a new credential or monitor to the respective library. You may only add new from
here and may not edit. If you do need to edit a credential or monitor, click the library
icon to open the corresponding library to add, edit, or delete.
To add a credential or monitor, simply select one or more devices in the list or map view,
select the credential or monitor, then click the Assign to selected ... button to apply to
the device(s). You may only add a single credential from the credentials library or a single
monitor from the monitors library to a single or multiple devices using this method.
123
Filters
The My Network filters work exactly as they did in the discovered network, except there
are not the options to filter on the Discovery Status. To access the filter you click on the
funnel icon in the upper left hand corner of the map view, or the Filters & Overlays tab
of the list view. Once it is selected the menu will appear.
The filter menu is divided into multiple sections:
• The Filter text, Brand, Location or Name/IP

Section: You enter an IP address, Name or a
location name to be used
• Roles-Dropdown menu: shows all default and
custom roles
• Credential Types-Dropdown menu: Shows
available credentials that can be applied
• Operating system-Dropdown menu: Shows the
available Operating systems
• Monitored Status-Dropdown menu: Selects
desired status; Up, Down, Maintenance,
Unknown, etc…
As you type the filter text box WhatsUp will match what
is being typed in the appropriate fields. Selecting the filter
type will apply the filter. WhatsUp Gold allows for
multiple filters to be applied.
You can apply as many filters as you want until you run
out of room on the web page.
124
In the map view, the devices that do not match will
remain on the map but are subdued nor are they
selectable. All the devices matching the filter will
remain normal, non-subdued, and selectable.
In the list view, only devices which match the filter

are displayed in the list.
To remove the filters by clicking the X next to the

filter name or click the Clear All to remove all the
filters.
Map view layout

WhatsUp Gold’s My Network map allows for 2 different views. There is an Auto Layout,
which automatically arranges devices based on connectivity. Then there is a custom
Layout allowing each map to be customized in configuration, shapes and annotations.
Auto Layout
Auto Layout is the default view and is the one you see when you first log into
WhatsUp Gold. The devices is automatically arranged according to
connectivity and other factors. Anytime you re-click the Auto Layout icon the
map will attempt to redraw the map keeping any links lines from overlapping.
This layout gives you the option

to view all the devices in
subgroups. This option is
checked by default. When
selected, the view shows devices
in the group selected and all of
its subgroups, but will not show
any groups. When unselected
the view shows only what is in the group selected, be it devices and\or groups.
125
Custom Layout
Custom Layout allows for full customization; arrangement of devices,
adding of shapes, images and annotations. This layout allows to the
addition of background images/maps then placing each device on the map where it is
located.
Customizing the Map

Device Groups
Using device groups in WhatsUp Gold helps to quickly find and diagnose
problems within the network environment. WhatsUp Gold allows for as many
device groups as needed to organize the network in a way that is meaningful to the
layout of the network and its monitoring needs.
When WhatsUp Gold starts monitoring the devices it places them into 2 types of
groups.
• Physical Groups (non-dynamic)
• Dynamic groups
Physical
Non-dynamic groups are referred to as “Physical groups,” or simply as “device
groups.” When you start monitoring a device, you can select a physical group to
place the devices in. By default WhatsUp will place all the device in the physical
group “Discovered Devices”.
The Physical Groups icon, will show the worst state of any device with
in that group, in the lower right hand corner. This allows you to get an
indication of the status of your devices before even going into the group.
Physical Groups also make use a group access rights allowing you to restrict read
and write access to the group and devices.
Since the inventory remains static, Physical Groups best used for:
• Mapping
• Inventory
Dynamic
All devices discovered on your network are placed into a single dynamic group
named ‘All devices’ by default. Additional groups are created automatically when
SQL queries search for devices based on user-specified criteria during discovery.
126
These are referred to as dynamic groups because group membership can change
automatically based on the data WhatsUp Gold receives from the devices.
There are two types of dynamic groups that exist in WhatsUp Gold:
• Layer 2 dynamic groups
• WhatsUp Gold dynamic groups.
WhatsUp Gold Dynamic groups are created by SQL queries based on user-
specified criteria, or by WhatsUp Gold background processes.
By default, all devices discovered on your network are placed into a dynamic group
named “All devices (dynamic group)” and there are also a number of examples of
common devices sorted in a device group named “Dynamic.
Group Examples.” These advanced dynamic groups do not have customizable maps
available, but allow you to specify rules for dynamic membership of devices in the group.
As new devices are added to being monitored or updated by WhatsUp Gold, each
dynamic group may contain any number of the new devices found by WhatsUp Gold
depending on the criteria used by the group, or may contain no devices at all. Dynamic
groups can be created for specific device types, device attributes, active monitors, or
anything else that is stored for individual devices in the database. They will also update
automatically showing the most current results.
The WhatsUp Gold Dynamic Group Icon will not show the worst
state of the devices with in the group.
You can find dynamic groups built by other WhatsUp Gold users in the
forums. https://community.whatsupgold.com/library/dynamicgroups
Layer2 Groups currently use the same Icon as a physical group and will show
the worst state of any device within that group. During the discovery process
WhatsUp Gold gathers Layer 2 data: information related to the physical
connectivity between your network nodes. Detailed information about your devices,
their interfaces, connection speeds, and addressing is all compiled into a set of results
that allow WhatsUp Gold to automatically generate integrated topology maps showing
both Layer 2 connectivity and Layer 3 addressing information. With auto-discovery and
dynamic mapping, you get accurate up-to-date port-to-port connectivity and topology
information at all times. This helps in troubleshooting by making it easier to determine
data paths. It also helps ensure compliance with audits, such as PCI DSS, FIPS, and
HIPAA, by gathering and storing inventory information about your devices.
127
You can use Map Devices and Connected Devices to build customized Layer2 Groups.
The filtering options allow you to dynamically choose which device types to display on
your map, and to do so based on device connectivity data.
Layer 2 groups share properties of both Physical and Dynamic Groups. The Graphic
below shows the shared aspects.
Physical Groups and Layer2 map groups show the worst state of any device in the group
on the Icon; they also make use of access rights to control read and write access to the
group.
Layer2 Map Groups and Dynamic Groups are updated automatically to show the most
current discovery results, as well as, make use of filters to include and exclude devices.
At any time you can refresh the device details and its connectivity. Just
select the device(s) or group click on the Action Menu and select refresh
device Details or Refresh Connectivity.
128
Tools
WhatsUp Gold allows customization of the My Network map using a suite of drawing
tools used to annotate and enhance the level of detail to represent the network work
environment more accurately. To begin customizing the map, click the “Custom
Layout” icon” to disable the automatic map arrangement defined by WhatsUp
Gold. Next click the pencil icon, in the bottom right hand side of the map, to
display the map editing tools.
If you are still on “Auto Layout” the pencil will not be displayed
Annotations
When in custom layout WhatsUp gold allows for the additional of multiple shapes,
images and annotations to the map.
Icon Description
Line Segment: Used the mouse to draw a line. Grab the
end of a selected line to rotate the line.
Rectangle: Click on the map for a starting point, then
drag the mouse to expand the rectangle. Use the guide
boxes to change height and width.
Circle: Click on the map for a starting point, then drag
the mouse to expand the circle. Use the guide boxes to
change height and width.
Network Cloud: Click on the map for a starting point
then drag the mouse to expand the cloud. Use the guide
boxes to change height and width.
Image: Opens a dialog box to select an image.
WhatsUp Gold will then upload the file for use. Click
the mouse at the location for the upper left corner. Use
the guide boxes to change height and width.
Text: Click on the map to select a starting point for the
text. Type your text in the Sample Text box in the Style
area.
You may also select to always show labels. With this option
checked, the labels will always show no matter the zoom level
of the map. And the Clip device names option. This will
truncate long device names to 10 characters long and append ellipsis to the end.
129
Style
Style controls allow for changing the options of a selected Shape or text. Many controls
can be seen with any shape, while a few are dedicated to certain shapes or Text.
Icon Description
Fill: Allows for changing of the fill
color of the shape.
Fill None: Checking the box removes
any fill color.
Line Width: Set the boarder width of
any shape. When on Text it is similar
to Bold increasing the thickness of the
line weight.
Stroke: Changes the boarder color of
any shape.
Corner Radius: This control is

specific to the rectangle shape and will
control the radius of the corners.
Bold, Italic, Underline, and Strike

Through: These controls are specific
when dealing with Text added to the
map. Allows the text to be Bolded
Italicized, Underline and\or Strike
through.
Size: Again specific when dealing
with the Text. Let’s you set the font
size of any text.
Edit Controls
The controls in this area allow the shape, image or text to bring to the front, send to the
back, locked, unlocked, cloned, or deleted.
Icon Description
Bring to Front: Brings the selected shape forward.
Send to Back: Sends the selected shape back.
Lock: Groups the selected images together to act as a single image.
Unlock: Separates the grouped images back into individual images.
Clone: Makes a duplicate of the selected shape. This control will not clone a device.
Delete: Deletes the selected shape.
130
Custom Links in a Custom Map
Since you can only customize Physical groups and Layer-2 groups, you may have the
need to add your own custom link lines between devices or a device and a subgroup.
When you select two devices, a device and a group,

or two groups while editing the custom map, you
are presented with the custom link button on the
group device card.
Clicking the button

adds a link between the
two and allows naming
the link at each device.
You may also, for a devices only (not a group), you may add
a monitor to the link which will show the link status.
Clicking the  under the link label opens the monitor picker
allowing the selection of which monitor to apply to the link
at the specified device.
Once a monitor is added, clicking the

 under the link label will remove
the monitor from the link.
131
Device Information
Information Cards
Select any device on either list view or map view to display its Device Information
card which displays extensive information about the device.
There are multiple sections depending on the device’s role and it’s status. Some
information that will show is the devices identity, status, role, Performance
monitor’s last polled value, group membership, credentials applied, virtual or
wireless information.
It also provides controls for accessing dialog screens for:

Device Properties
Device Status
Action Menu gives a dropdown or basic actions related to a device.
Choosing an action from this menu performs that action to each selected
device.
132
When multiple devices on this map view are
selected, the action menu changes to display a
dropdown of group management actions.
133
Device Properties
Device properties Dialog

Any device on the network will have certain properties associated with it, such as the
configuration stored locally on the device and data associated with the device’s hardware
and software. In WhatsUp Gold, the concept of device properties encompasses a wide
array of information, including generalized data pertaining to name, vendor, serial
number, release version, etc. provided by the vendor, as well as IP address, location,
contact, etc. configured by the network or server Administrator. In addition, WhatsUp
Gold assigns credentials, monitors, tasks, etc., as configured by the WhatsUp Gold
Administrator.
Device Properties Interface

The Device Properties interface displays available data about the selected device
itself and its assignments. Upon accessing Device Properties, identifying
information for the selected device as well as its current status and notes about its
initial discovery can be seen at the center of the interface.
At the very top of the Device properties dialog is the device picker, actions, and status
reports menu.
The device picker allows selecting another device’s

properties without closing the dialog window.
The device status button exits the device properties page and takes you to the
selected device’s status dashboard.
The action menu allows applying different actions to the device. There are also buttons
to take you to the help menu, expand the properties to full screen, and where you exit
the device properties.
134
System Status and Properties
The System Status and Properties section just below the menus, is where the host
properties, device role classification and status information is displayed. The
Device Summary lists basic information about the device. Clicking the link text
(Edit or Configure) allows you to edit that area (Display Name, Host Name, IP
address, SNMP OID, Role, or Notes).
Keep Details Current allows a discovery scan to update the

devices automatically when enabled (default setting).
Device Center
Monitors Tab
Allows browsing, applying, configuring, or deleting active, passive, and

performance monitors to the device. Also contains links to directly access the
monitors library and the actions and policies library if a monitor or action/action
policy is not available for use with the current device.
Critical
monitoring
may also be
enabled and
set up using
the Setup
Critical
monitoring
link to access
the critical
monitor
dialog for
the device.
135
Polling Tab
The polling tab allows adjusting the polling interval for the device as well as the
target IP
address and
setting up
device
dependencies
for the
device.
Recurring
Maintenance
schedule may
also be
added to the
device on the
polling tab
by clicking. You may also edit or remove the maintenance schedule as well.
Actions Tab
The actions tab allows adding Action Polices or individual actions to be applied to
the device which can send notifications, log events, execute scripts or programs.
136
Credentials Tab
The credentials tab allows viewing, editing (changing), or deleting credentials
associated with the device. Also allows directly accessing the Credentials Library if
you require to add a new credential to WhatsUp Gold.
Attributes Tab
The attributes tab enables you to view device system and host descriptions, modify
some of this information, and populate user defined attributes (such as Contact
Information).
Most fields are populated at discovery time such as device MAC address, device name,
and so on. For example, for a Windows device, Discovery pulls in system and host
information (Computer Properties) as attributes.
Other fields,
such as
contact
information,
can be auto
populated at
discovery
time using
custom role
definitions or
edited
through the
Attributes
panel.
137
Roles Tab
The roles tab allows browsing, changing, applying, and removing the roles applied
to this device during discovery.
Primary Role
is considered
the main
function of
the device
on your
network. Sub
Roles are the
device’s
secondary,
tertiary ...
functions the
device holds
in the
network.
138
Inventory Tab
The Inventory tab is displays tables of system-specific, host, OS, chassis and layer
2 connectivity data reported by the selected device when discovered/rescanned.
The inventory
provides complete
views of the device
management
information.
Richness of
information
depends on
credentials available
at scan time.
Information
available depends
on device role/type.
(Windows devices
will show updates, switches show ARP cache, for example.)
Information is read-only from this view.
Links Tab
The links tab presents any user-defined URLs associated with the selected device.
139
Tasks
Configuration Management allows you to manage and run scheduled tasks as well as
modify and compare configuration archives assigned to the selected device. This option
will only be available if you are licensed for Configuration Manager, default with Total
Plus.
140
Application
6
Monitoring
Application Monitoring
Services and devices running on a network sometimes play a small role in a much larger
system, one spanning across multiple servers and appliances and hosting a variety of
critical resources. Each of these devices itself makes up a standalone element that can
be monitored individually, perhaps using WhatsUp Gold to check the status of that
device and to report or alert accordingly. However, this status information is much more
insightful when the availability of the entire multi-part system is taken into account. For
example, does the entire system rely upon a single resource for connectivity or
authentication? What happens if that resource fails: is there a backup already in place, or
another method that can be used in the interim? When should the status of the system
be considered “Down,” and when should it send a warning of a possible failure? Should
redundant systems be verified independently, or as a part of a more complex
environment? Answering these monitoring questions is the crux of WhatsUp Gold
Application Monitoring.
Application Monitoring (APM) provides you with the logical tools needed to monitor
any type of complex network infrastructure where multiple systems or applications are
present and the availability of these applications must be verified. APM allows you to
dissect an application into its component parts and to monitor these individual
components, giving you a detailed view of the overall status of the application by looking
at the sum of its elements. The services, processes, software, hardware, and core
infrastructure in use by an application can be monitored in a manner that provides not
only a detailed view into the status of the application itself, but also the flexibility to group
these sub-systems together. APM’s interface provides simplified management of each
element and testing of individual components at different physical or virtual network
locations. Using a system of actions and policies contained within libraries, you can
configure alerts that fire when your resources are unavailable, and track the performance
of your applications via management-based component checks.
141
Devices in APM
Nodes on your network are referred to as devices in APM, a term that is used for all
computers, servers, routers, switches, firewalls, appliances and hosts. These networked
devices provide the framework for your applications, with each device offering a set of
services or resources that might be in use by one or more applications running on the
network. When monitoring the elements of each application in APM it becomes
necessary to connect to and query these devices for information, and each of these
connections is unique according to the type of service being hosted on that device and
the role the device fills on the network. Some devices are considered to be Server
Devices, and might be monitored for services such as Active Directory, HTTP, SMTP,
FTP, or SQL. Other devices are seen as Network Devices and would be polled for
interface utilization, interface errors, CPU usage, or the availability of a VPN tunnel.
Together, all of these devices work to provide each application the resources and
connectivity it needs to fulfill its assigned role(s).
Using APM to monitor the status of an application first requires that any devices in use
by the application are available for monitoring within WhatsUp Gold. In the case of an
advanced application this could include multiple devices, each providing a critical
resource used by the application. These devices are queried for availability, service status,
connectivity, and performance, and the worst overall status of all dependent devices and
resources then becomes the status applied to the application itself.
Applications in APM
Applications within APM are backend network application and not end-user type
applications like Microsoft Word or Adobe Reader. The most common type of
application that you may encounter is a web application. The most common type
of web application is Microsoft’s SharePoint Server. A web application typically
consists of a server of some type with a web server service running on it, like
Microsoft’s Internet Information Services (IIS) or Apache HTTP Server. A web
application also typically has some type of backend database running on another
server.
WhatsUp Gold, by default, supports the following applications:
• Cisco Unified Communications Manager | Microsoft Windows Server

• Microsoft IIS | Microsoft Active Directory/Domain Controller
• Ipswitch WhatsUp Gold | Microsoft SQL Server
• Ipswitch IMail | Microsoft Lync Server
• Microsoft Exchange | Microsoft SharePoint
• Microsoft Hyper-V Server | Oracle Database Server
142
Definitions
Application: An application is made up of one or more programs running on one or
more monitored systems
There are three distinct application types leveraged by WhatsUp Gold:
Simple application: A simple application is an application that is not dependent on

another application to run
Complex application: A complex application is an application configured to be

dependent on one or more applications to run
Discrete application: A discrete application is an application upon which a complex

application has a dependency.
Application Profile: An application profile is a blueprint for monitoring a given type of

application within WhatsUp Gold. It defines the collection of components and distinct
applications that reflect the health and status of a specific type of application
Application Instance: An application instance is a running copy of an application

profile that monitors the defined collection of components, distinct applications, and
thresholds necessary to define the health and performance of a given type of application.
An application instance can extend the application profile by adding components,
component groups, or discrete applications. The application profile is not changed when
an application instance is extended.
Component: A component is a single data point collected as part of an application

profile (e.g., CPU Utilization)
Application States
Application States within Application Monitor are similar to the device states used with
Active Monitors with some distinct differences. Up in Application Monitor like
everything else in WhatsUp Gold meaning your application(s) is/are healthy and
responsive. If an application stops responding or responds differently than expected,
down. Depending on the severity of the outage it will show a warning, which means
that part of the application could be down, but the full application is still running, but
needs attention. And there is also a maintenance state.
143
Application Profiles
An Application is a group of devices, services, and resources that operate together to
perform a specific function on your network. For example, this could be your company
web server that hosts an internal wiki site, or a mail server used to interact with your
clients. The application itself might rely on a team of authentication servers, database
servers, and hardware utilities to host its content, and a disruption in any of these
background devices would result in the application becoming unavailable.
These backbone devices may have their own set of dependent hardware and server
devices on the network, elements they rely on to operate correctly. Many times, external
systems exist separate from the workstations you interact with on the network and the
networks hosting applications, making it more difficult and complex to monitor the
entire application.
An Application Profile in APM is a template that is used whenever an application of a

particular type is created. Every application profile carries with it a set of configuration
options, including identification information, functional settings, a version number, and
monitored items (called Components).
Usually an Application Profile is made up of multiple components, each with their own
unique configuration options. Application profiles are also often grouped by their type,
such as displaying all Microsoft applications together, then grouping specific application
profiles together according to their settings.
End-to-end monitoring of the Application Server in the diagram above would require
connecting to a number of different devices on the network using a variety of connection
methods. After gathering data from the Database Server and the Authentication Server,
144
as well as the Application Server itself, the true availability of the application could be
verified and displayed within APM. These devices in turn utilize a dedicated Storage
Appliance being managed by a Workstation, a system that might be monitored as a
standalone application in APM. All of these elements can be grouped into a single
Application Profile: a collection of network components used in the monitoring of an
application.
Importing and Exporting Application

Profiles
Tools found in the APM Application and Profile setup allow you to interact with other
APM users by sharing Application Profiles. From the WhatsUp Gold Community site,
you are able to download Ipswitch and user-created application profiles. You may also
import an application profile sent to you by another APM user and saved to the local
hard drive. Importing profiles allows you to get set up with a new application type very
quickly, and to monitor an application identically in two separate installations of APM.
Likewise, application profiles can be exported from APM to the local WhatsUp Gold
server, allowing you to send a profile to a colleague that has a similar network
configuration. You can also publish your application profiles to the WhatsUp Gold
Community site for other APM users.
Sometimes it is best to import an application profile to use as a starting point for

monitoring of a resource, then to tweak the profile for your particular network
configuration after adding it to APM. Using
Microsoft’s SharePoint as an example, one
network may have a very generic installation of
SharePoint, one that would be covered by
importing an application directly from the
community site to and using it as-is. By importing
an application for SharePoint and adding it to
APM you can very easily start monitoring this
application using options that suit most basic
installations of SharePoint that are available, and
modifying these settings only when needed, in
order to tune the application to your
environment.
However, another SharePoint installation on a different network may make use of the
more advanced installation options, such as a connection to a remote MS SQL server
for data storage, utilization of an IIS web server farm for hosting the web content, and
relying on an Active Directory server to verify access to the website. This installation
spreads the SharePoint application across multiple devices and makes use of additional
resources not covered by the generic SharePoint application profile, so much so that
building an application profile from scratch would allow you to direct your monitoring
according to that exact installation. This second example would normally require very
145
complex and involved configuration in order to monitor the entire SharePoint
application from start to finish, since it relies on a number of dependent (or discrete)
applications for functionality. In this example it would be easier to import generic
application profiles for any discrete applications used by SharePoint (IIS, SQL, and
Active Directory), and to configure these applications as standalone elements in APM.
Then, create or import an application profile for SharePoint itself and add the discrete
applications to it. You can always modify the SharePoint application profile later by
reconfiguring these discrete background applications, and in using this approach you can
“re-use” the discrete applications multiple times, such as adding the MS SQL application
to a different profile monitoring the WhatsUp Gold system.
Application Instances
Once an application profile is created or imported and configured to your liking it can
be used to generate individual instances of the application for monitoring in APM.
Whereas the application profile is a template of an application on your network, each
application instance acts as a unique copy of that application, meaning it can be modified
to monitor each application instance on your network more accurately. You can have
as many instances of an application profile as required, but remember, licensing in APM
is handled at the Component level, so re-using application instances is a smart way to
limit the number of component checks you perform. Whenever possible, avoid
duplicate application instances, as having them in place not only increases the polling
load for APM but also the associated licensing count.
It is always a good idea to test a newly configured application instance before saving it to
APM, along with testing each component within. This allows you to identify and work
through any connectivity issues or problems with the configuration of the instance, and
to verify that the instance will operate as expected. Testing an application instance also
shows you the current values for each component and how that compares to the
thresholds configured for each component state, allowing you to re-evaluate the default
threshold values.
146
Application Discovery
Unique application instances can be quickly created, tested, and applied to the network
using the Discover Applications utility in APM, which allows you to select a list of
devices from the WhatsUp Gold device list and to query each device for the availability
of a series of applications. Any time an application is found to be running on a device
in your network, that unique Application and Device combination is saved as discovered
application instance, allowing you to add instances to your application profiles very easily.
This functionality makes it simple to take an existing WhatsUp Gold network and
determine which types of applications are running on the network using Credentials and
Devices from WhatsUp Gold.
To be discoverable, an application profile must have at least one discoverable

component associated with it, and at least one device from the selected device WhatsUp
Gold device group must have those that component running. To use your custom
application profiles in Application Discovery ensure the “Use in discovery” option is
selected when adding or editing its components.
147
7
Actions
Maintenance Mode
As described earlier, an active monitor expects a response from a monitored device,
otherwise the monitored device will be considered down. This would create a problem
if a device needs to be taken down for maintenance.
Maintenance mode is a feature within WhatsUp Gold to alleviate this situation.
Maintenance Mode Characteristics

Any Device placed in Maintenance mode:
• Will not be polled
• Actions will not be triggered
• Actions set up to trigger when going in or out of
maintenance mode will trigger
• Any activity be logged
A device in maintenance will show up in yellow\orange with the wrench, when

zoomed in, the wrench will be in the lower left hand corner
Maintenance mode also has the ability to set a reoccurring maintenance schedule
for a device
148
Are you sure your device or monitor is
responding correctly?
You are able to determine the state of your device with Device States these Stage
Changes are dependent on a time period.
Down state (not responding - 0): Means it just reported down and WhatsUp continues
to poll the device. After 2 minutes there is another state change to down at least 2 min
you can also add addition device states
Maintenance Mode we will get into later in the class when we deal with actions but in
short it is a way to show the device is in the middle of a planned maintenance window.
WhatsUp does not Poll the device and the shapes and colors are still left from previous
versions and will not affect the Web Interface in V17.
State Changes are dependent on a continuous time frame regarding if it is up or down.

State changes are currently only available to customize through the Admin console;
Under Configure > Program Options > Device States
Actions
WhatsUp Gold actions are designed to perform a task as a device or an active monitor
state change occurs, or a passive monitor condition exists. Actions can try to correct the
problem, notify someone of the state change, or launch an external application. As you
configure an action, you choose the task it is to perform. Also, when you configure an
action, you choose whether to assign it to a device, or to an active or passive monitor.
To check the status of an action, or to cancel an action, in the WhatsUp

Gold console go to Tools > Running Actions.
Notification Type Actions

Notification type actions are separated into two different catagories:
• Audio / visual actions
• Messaging actions
149
Audio/Visual Actions
Audio / visual actions will play a sound or display
a visual notification in the WhatsUp Gold web
admin. There are three sound actions that you
may apply.
These sound actions will only sound on the WhatsUp Gold server and
only if there is a sound card installed.
The default web alarm will display in the

WhatsUp Gold web admin. The web admin
must be open and logged into for it to display.
The default web alarm is persistent, meaning
that the alarm will continuously return unless it
is dismissed. If the web admin is closed, the
web alarm will continue to run in the
background until someone logs into the web
admin and dismisses it. The default web alarm
will also play a sound if the machine where the
web browser is being utilized has a sound card
installed.
It is recommended that you only use the web alarm if you have someone
continually monitoring the web admin.
Messaging Actions
Messaging actions include:
• Beeper Actions
• Pager Actions
• Text to Speech
• Post to Slack
• E-mail Actions
• Texting actions which are
o SMS Action
o SMS Direct
150
Beeper and Pager actions may sound old, but they are still applicable in the
medical arena. They require a modem to be installed, or some other way of
sending a message to them.
The Text To Speech Action plays a message entered as text in the message
configuration.
The Post to Slack action generates a notification message in the specified Slack
channel/workspace or alternately to a specific Slack user. Prior to configuring
this action in WhatsUp Gold, you must create and retrieve an incoming webhook URL
from the Slack App Directory. For detailed information and procedures, please see
Incoming WebHooks for Slack.
Texting type actions include SMS action and SMS direct actions.
SMS action requires a modem connected to the WhatsUp Gold Server to

dial out and send the text to the recipient device.
The SMS direct action utilizes a GSM modem, a specialized type of

modem which accepts a SIM card, and operates over a subscription to a
mobile operator, just like a mobile phone, to send text messages to the
recipient device.
You can set up an email action to send a text message to a mobile

device. Almost all cellular providers have an email address,
typically <phone number>@provider.com, which does not need
a modem or GSM modem.
E-mail Actions allow you to send an email directly through your

e-mail server or e-mail provider to the desired recipient(s).
E-mail actions are fully customizable. You may customize the

Subject line and the body of the message. The body can be sent
in either plain text or in HTML. To utilize HTML, you would
151
select the HTML radio button, then enter your HTML tags you wish to use to
make the email as robust as you want.
E-mail actions are also customizable by utilizing WhatsUp Gold Percent variables.
Percent variables pass information about the device or monitor to the action. You
may use them in other actions and not just email actions.
A complete listing of all WhatsUp Gold percent variables are listed in the help
files.
(http://docs.ipswitch.com/NM/WhatsUpGold2017/03_Help/1033/index.htm?4
2503.htm?zoom_highlight=Percent+variables?toc.htm)
Executable Actions
Executable type actions are those that can execute some other type of action like
running a script or launching a program.
There are two types of script actions:

• Active Script Actions
• PowerShell Script Actions
Active Script Actions allow you to write either VBScript or JScript

code to perform a customized action. If the script returns an error
code, the action failed. This script has a context object you can use to
get specific information about the context of the action.
PowerShell action delivers a robust and flexible environment to the

experienced user for developing custom actions through direct access to
script component libraries, including the .NET Framework. For more
information, see PowerShell script examples.
The other type of executable actions is the program action. Program

Actions can be defined to launch an external application. You provide
the full path to the executable, the running directory, and any program
arguments you need to launch the program.
152
153
Logging Actions
Logging Actions are used to send log information to various resources.
Logging Actions Include:
• Log to Text File
• Syslog Action
• Windows Event Log Action
Log to text file action will write a custom log message to a text file. You
will specify the full path of the location of the log to write. An option
to append to an existing file or overwrite an existing file. The log
message that will be written to the file supports percent variable.
Syslog Action will send a Syslog message to a host that is running a

Syslog server. You will enter the IP address and port number, typically
UDP port 514, of the Syslog server. The message will be your custom
syslog message which may include percent variables. The Syslog
message box limits input to 511 characters. If notification variables are
used, then the message that actually gets sent is limited to 1023 bytes,
in order to comply with the Syslog protocol. Non-visible ASCII characters such as tabs
and line feeds are replaced by space characters.
Windows Event Log action allows you to configure log messages to post
to the Windows Event Viewer. You must specify the source, which is
the origin of messages logged to the Windows Event Viewer. The default
source is the Ipswitch WhatsUp Log Action. You must also enter an
event ID, select a level for the message, and the log message that displays
in the Windows Event Viewer which supports percent variables.
154
Management Actions
Management type actions consist of
• Configuration Management Actions
• VMWare Actions
Configuration Management Action creates a new action or configures an

existing action in the WhatsUp Gold Actions Library.
Configuration Management is available only in Total Plus
Proactive or Self-healing Actions

Proactive actions or self-healing actions are actions are actions that can be applied to try
to correct a situation or be proactive in fixing a situation where an active or passive
monitor has tripped.
Service Restart Action starts a previously stopped service. The

service restart utilizes WMI credentials only. It has a command
option that will allow stopping as well as starting a service on a
device.
Recurring Actions
Recurring actions (SETTINGS menu > Scheduling Activities > Recurring Actions)
enable users to fire Actions stored in the Actions Library based on a regular schedule,
independent of the status of devices.
Recurring actions can perform tasks such as sending checkpoint messages through email
or SMS text letting users know a system is up and running.
155
Blackout Schedule and
Policies
Blackout schedules and policies suspend specific actions they are applied to during a
scheduled period of time.
Weekly Blackout Schedules

Weekly blackout schedule is the blackout period assigned to individual actions.
They are stored along with the individual action and are applied only to that
action.
• To add a blackout schedule to an action.

• Select Device
• Click Monitor Setup
• Select Monitor which has the action applied / to be applied and edit
• In the Setup Actions For Monitor State Changes dialog box
o Add or Edit action to apply blackout schedule
• In the action builder dialog click Blackout Schedule button
• The Weekly Blackout Schedule dialog appears.
o Set the times for which you want the blackout to occur.
156
Blackout Policy
Blackout Policies are applied to Application Monitoring actions or Alert Center

notifications. Blackout Policies are stored in a shared library between the two. If
you create a blackout policy for an Application Monitoring action, the same
blackout policy may be applied to an Alert Center notification policy or visa-versa.
To add a blackout policy:
• From either Application Monitoring Action Policies (SETTINGS >

Application Monitoring > Application Monitoring Actions and Policies) or
Alert Center Libraries (SETTINGS > Alerts & Actions > Alert Center
Libraries) dialog
o At the bottom click on Blackout Policies to expand.
• Click Add button
o The New Blackout Policy Dialog appears
• Enter the appropriate information:
o Name. Enter a unique name for the blackout policy.
o Description. Enter additional information about the blackout
policy.
• Click and drag to select the blackout periods you want to create.
• Click Save
157
Application Monitoring Actions and
Action Policies
Application monitoring has its own set of actions. You may apply many of the same
actions are you can with standard WhatsUp Gold actions. Application Monitoring
actions include: Active Script, E-mail, Log to file, PowerShell Script, Program, Service
Restart, SMS, SMS Direct, SSH, Syslog, VMWare, and Windows Event Log actions.
Application monitoring actions have their own set of unique percent variables. This
provides the means to include information about your applications, devices, and the
Application Monitoring system in your alerts. These variables are used to send detailed
statistics about the outage or as a way to provide device and application data to a
proactive action like a PowerShell script.
The main difference between standard WhatsUp Gold actions and Application
monitoring actions is that you cannot directly apply application monitoring actions
directly, they must be applied in an Action Policy.
158
Application Monitoring Actions
Application Monitoring has its own set of actions which are accessed under:
Settings>Application Monitoring>Application Monitoring Actions and Policies
This is going to open up the library where you can add, edit, and delete the actions. There
are no default actions within Application Monitoring, so you have to add all actions that
you want to use.
All of the action types available for Application Monitoring are the same as the actions
that can be applied to devices or monitors, except there are fewer types available
Application Monitoring has its own unique set of percent variables which provides the
means to include information about your applications, devices, and the Application
Monitoring system in your actions.
With Application monitoring, you may not directly apply actions to an application,
profile, or component like WhatsUp Gold actions may be applied directly to the monitor
or directly to the device. You must use an action policy to apply an action.
159
Action Policies
The main reason why an action could not be directly applied, is because the state changes
within Application Monitoring are handled differently than how they are with WhatsUp
Gold active monitor states.
WhatsUp Gold Active

Monitors go from UP to
DOWN, DOWN to UP,
Maintenance to UP ...
Application Monitoring has the
WARNING state as well.
In the Action Policy, there are

four tabs, one for each of the
state changes of UP, DOWN,
Warning, and Maintenance.
Each tab if configurable for

going into that state from the
other four states, which includes
Unknown. Which means there
are 256 possible state changes
that can be configured. And each of the four states per tab is configurable for a time
period of minutes, hours, days, weeks, or months to determining the duration of the
state change or how long the component remained in the previous state.
Once a state change has occurred it is up to you to decide which actions to fire as a result
of that outage. This is done by defining Action Rules and applying those rules to
application states. By configuring certain actions to fire only for a very specific set of
circumstances,
and configuring
a delay in the
actions defined
for a given state,
you are able to
make use of an
unlimited
number of
configuration
options
covering every avenue of alerting. As important as the severity of the issue is the duration:
an application staying in the Warning state for a number of hours before going Down is
less severe than an application only showing the Warning state for a few minutes, or one
going immediately from Up to Down. For this reason, consider the amount of time a
state change persists whenever you are creating a new action policy. You may want to
wait a number of minutes before sending an email to make sure the device is really
160
unavailable, or set a certain amount delay before alerting a higher-up, giving you a chance
to fix the issue first. Then, using the option to repeat an alert, you can make sure
notifications are being sent until the issue is fixed.
161
WhatsUp Gold Action Policies
Just like in Application Monitoring, you may group multiple WhatsUp Gold
actions together creating an
Action policy to use with your
WhatsUp Gold Devices or
Monitors.
Action Policies are a time saver

when assigning multiple actions
to devices. The actions can be
assigned on the same or different
state changes within the policy.
You may assign your action in a

sequence to create an escalation
policy. This is done by assigning different actions on different state changes. For
example:
- Firing an Email action when a device has been down for 2 minutes, with
the email going to a small list of “on-call” personnel.
- Sending a second Email to the on-call personnel at down for 5 minutes, in
addition to an SMS Action to the Systems Administrator.
- Notifying the on-call team, the Systems Administrator, and the IT
Manager at the down for 20 minutes state if the problem has not been
resolved.
Once this action policy is created and applied to your devices, you can very easily revamp
the policy at a later time to include more actions or reconfigured settings and immediately
have that change propagated to all devices configured to use the action policy.
Once this action policy is created and applied to your devices, you can very easily revamp
the policy at a later time to include more actions or reconfigured settings and immediately
have that change propagated to all devices configured to use the action policy.
The Implicit Action policy automatically assigns actions to all devices in

your database. You cannot opt out of the Implicit Action policy and it
only assigns actions at the device level.
162
Alert Center Alerts
WhatsUp Gold Alert Center lets you receive alerts for performance monitors,
Wireless data, the WhatsUp Gold system, Network Traffic Analysis, and
Configuration Management. This notification system operates independently
of the actions and action policies configured in WhatsUp Gold for active and passive
monitors.
Alerts are triggered based on a thresholds you set. Thresholds are set up using: Number
of items occurring, Item reaches a certain
%, MB or GB, Reaches a certain level for
a least a given amount of time, or when a
specific condition occurs.
Alert Center Thresholds, Notification

Policies, Notifications, and Blackout
Polices are found under
SETTINGS>Actions and Alerts>Alert
Center Libraries.
When a device’s or devices’ monitor(s)

go out of threshold, Alert Center can
send an alert. To distinguish the
differences between Actions/Action
Policies for Active Monitors or Passive
Monitors and Alerts/Notification
Policies in Alert Center, the two are
completely separate and independent
from each other.
Actions and action policies trigger on state changes for Active monitors or trigger on
single events for Passive monitors which are all based on the current polling of your
Devices. Alerts and Notification Policies in Alert Center scan existing data in the
database for Performance monitors and Passive monitors and trigger when thresholds
set by you are exceeded.
163
Actions and action policies have multiple action types that can be applied, like the
executable
action types,
the proactive
action types,
and the
notification
action types.
Alerts and
notification
policies have
only
notification
type alerts
and only
include; SMS, SMS Direct, and Email alerts.
With actions and action policies, notification actions are completely user customizable
because the messages are send in plain text or HTML. Alerts and notification policies
notifications are very limited in what you can customize because the information being
sent in a preformatted HTML tables.
Notification Policies
To add a notification to an Alert Center
threshold, it must belong to an Alert
Center Notification policy. A notification
policy consists of up to three phases or
steps. At each step, you may configure,
select, whichever email or SMS actions
you wish to send. Between each step,
there is a configurable timeline, so you
may determine how much time could
elapse between them.
In addition, you may set a repetition

interval for the final step. Step 1 of the
notification policy begins as soon as an
item falls out of threshold. You may
specify when steps 2 and 3 begin in the Escalation Steps section of the dialog. You will
specify how many minutes, hours, or days steps 2 or 3 will start after step 1 begins.
164
Thresholds
Alert Center has five major types of thresholds available out of the box: Performance,
Passive, Network Traffic Analyzer (When licensed for it), System, and Wireless. Each
category includes a number of different thresholds shown below:
- Alert Center Performance thresholds notify you about performance

monitors that have exceeded or dropped below threshold limits. These
thresholds make use of data collected by your default and custom
performance monitors and saved to the WhatsUp Gold database.
- Alert Center Passive thresholds notify you when passive monitors fall out
of the parameters of the thresholds you configure. This threshold type
looks at the passive monitors that have been logged by the various Passive
Monitor Listeners.
- Alert Center Network Traffic
Analysis thresholds notify you
on WhatsUp Gold Network
Traffic Analysis aspects that fall
out of the parameters of the
thresholds you create. These
thresholds make use of standard
and custom filters available in
Network Traffic Analysis.
- Alert Center System thresholds
alert you on aspects of your
WhatsUp Gold system health
according to the threshold
parameters you configure.
Blackout summary, Hyper-V,
and VMware thresholds are also
shown as System thresholds.
- Alert Center Wireless thresholds
relate to your wireless devices
and aspects of these devices that
fall out of threshold, including
wireless access point and client
data.
165
Alert Center Dashboard
The Alert Center dashboard can be found under ANALYZE>Dashboards>Alert

Center. It provides a centralized location of all thresholds within Alert Center. You can
see what notifications are running; select which thresholds to view: either all, out of
threshold, or in threshold; filter your alerts by type: performance, passive, network traffic
analyzer, system, or wireless; sort by: items out of threshold or threshold names.
166
Dashboards
8
and Reports
Dashboards and Reports
Overview
Reports are an essential part of network

management and are an invaluable for many
network operations. They help in daily
operations, by displaying alerts, state changes,
load utilization, as well as quality of service. They
are also used in scheduled and periodic audits,
because they automatically gather, audit, and
analyze information about your devices. In
addition they track performance, status, and
utilization of your devices and lastly aid in
troubleshooting potential issues with the
network, a group of devices, or a single device.
WhatsUp Gold dashboards and reporting are available under the Analyze menu.
There are actually three types of Reports:
Dashboards: Multiple reports on the same screen giving access to perform critical
device management, troubleshooting and forensic tasks.
Full-page reports: Display performance and historical data collected during the
operation of the application. You can use these reports to troubleshoot and monitor
your network and devices. Monitor reports give you a broad data view that can be
modified to display data for a given time frame, which is useful in pinpointing the time
an event occurred or when viewing multiple graphed items.
Log reports: Display system-wide information and information about the WhatsUp
Gold server, and typically do not focus on a specific device nor a specific device group.
For example, the Action Log displays all actions for all network devices.
167
Dashboards
A dashboard puts multiple reports all on a single page.
The first type of dashboard is the

Home dashboard, Analyze ->
Dashboards -> Home
Dashboard. The Home
Dashboard includes views
containing a range reports that survey common performance, availability, and system
auditing scenarios. You can also add your preference of reports from the Reports Library
to the default Home Dashboard views or to custom views you create.
Those included views with their default reports are:
- Getting Started. Reports for built-in monitors. Good place to check after
you enable monitoring on a device.
o Poller Health. Status of polling service(s) for WhatsUp Gold
management environment.
o Devices with Down Critical Monitors. Status of devices with down
monitors.
o Actions Fired. History of notifications and corrective actions
chained to monitoring outcomes.
o Completely Down Devices. List of monitors that are in down
state.
o Down Active Monitors. Devices with active monitors in down
state.
o Down Interfaces. Down monitors associated with network
interfaces.
- Top 10. Ranked top n list of built-in performance as well as active monitor
(ping) reports.
o Interface Errors. Ranked list of network interfaces reporting
errors.
o Interface Discards. Ranked list of network interfaces discarding
packets.
o Interface Utilization. Ranked list of network interface capacity
utilization.
o Interface Traffic. Ranked list of network interface traffic totals.
o Ping Availability. Ranked list of responses to ICMP echo ("ping")
requests.
o Disk Utilization. Ranked list of storage capacity utilization.
o CPU Utilization. Ranked list of CPU capacity utilization/CPU Idle.
o Memory Utilization. Ranked list of RAM capacity utilization.
168
- Actions & Alerts. Operational summary for monitored devices including
device health, active monitor status, and triggered notifications, actions,
and scripts.
o Actions Fired. Devices that satisfied a policy condition that caused
WhatsUp Gold to invoke an action (corrective action, notification,
backup, and so on.)
o Completely Down Devices. Devices that due to monitor
precedence and policy are considered down.
o Down Active Monitors. Devices with active monitors in a down
state.
- Wireless. Access point performance, traffic, and summaries. Client
volume per wireless segment and rogue accounting.
o System Summary. Remote station (client) inventory, client types,
radio parameters such as SNR and RSSI.
o Bandwidth. (Inbound and outbound wireless traffic comparison).
o Bandwidth Summary. Average total input and output utilization.
Top client station MAC address.
o Client Count. Highest number of wireless clients observed.
o Rogue Count. Remote stations that are not yet identified.
o RSSI. Radio frequency signal strength for given device(s).
o Signal to Noise Ratio. RF signal to noise ratio.
169
Device Status
The Device Status dashboard provides a complete system summary and performance
survey for a single device. There are multiple ways to get to the device status dashboard;
from the device information card, from device properties, or from the Analyze Menu >
Dashboards > Device Status.
Device Status dashboard includes the following views and their default reports:
- General. Custom and polled system information and links

o Device Attributes. Table of attribute values, labels, and
descriptions that characterize a single device.
o Device Notes. Notes field associated with the current device.
o Device Custom Links. Add frequently used or critical hyperlinks
by device to dashboard.
- Disk/CPU/Memory. Performance, capacity utilization, and availability.
o CPU Utilization. CPU load metrics.
o Memory Utilization. Memory usage metrics.
o Disk Utilization. Storage usage metrics.
o Ping Response Time. Ping response time for the current device.
- Router/Switch/Interface. Network capacity utilization.
o Interface Utilization. Network traffic across one or more network
interfaces for each device or device group you specify.
- Monitoring. Monitor status, summary, and logs.
o Down Active Monitors. Active monitors reporting a down state.
o Device Active Monitor States. Active monitor health for the
current device (at a glance)
o All Down Interfaces. Interfaces with all monitors or critical
monitor in down state.
o Tail of State Change Log. Last n device state changes recorded.
o Monitors Applied. Monitors configured and applied to the current
device.
o Tail of Action Activity Log. Last n actions recorded and logged to
the activity log.
170
Wireless
The Wireless Monitoring dashboard reveals both end-station and access point wireless
traffic and Radio Frequency (RF) performance measurements for the selected interval.
The Wireless Monitoring dashboard includes the following views and their default
reports:
- Wireless Infrastructure
o Bandwidth. (Inbound and outbound wireless traffic comparison).
o Bandwidth Summary. Average total input and output utilization
and Top client station MAC address.
o System Summary. Remote station (client) inventory, client types,
radio parameters such as SnR and RSSI.
o RSSI. Radio frequency signal strength for given device(s).
o Signal to Noise Ratio. Radio frequency signal to noise ratio.
- Clients and Rogues
o Client Count. Highest number of wireless clients observed.
o Rogue Count. Remote stations that are not yet identified.
- CPU and Memory
o CPU Utilization. CPU capacity usage on the wireless access point.
o Memory Utilization. Memory capacity utilization on the wireless
access point.
171
Virtual
Virtual Monitoring Host Details dashboard is a built-in dashboard that reveals data for
an individual VMware or Hyper-V host. Use the source selector to choose the host
device. While it is in Dashboard format it acts more like a report, meaning you cannot
add, remove or modify the dashboard. To create a customized version of this dashboard,
create a new view and add, arrange and configure these reports or others individually.
The virtual dashboard consists of two columns, all reports on the left-hand column are
for the virtual host and the right-hand for the virtual guests.
The following reports are in the left-hand column:
- Virtual Host Attributes. Host machine characteristics and info.

- CPU Utilization. Host machine VM CPU capacity usage.
- Memory Utilization. Host machine VM capacity usage.
- Disk Utilization. Host machine disk capacity usage.
- Interface Utilization. Host machine interface usage.
The following reports are in the right-hand column:
- Virtual Machines CPU Utilization. VM CPU capacity usage.
- Virtual Machines Memory Utilization. VM memory capacity usage.
- Virtual Machines Disk Activity. VM read/write metrics.
- Virtual Machines Interface Utilization. VM network bandwidth utilization.
Hyper-V and VMWare virtual devices report memory statistics differently.
- When reporting usage, VMWare displays active memory and Hyper-V
displays assigned memory.
- When reporting allocation, VMWare displays consumed memory and
Hyper-V displays memory demand.
- When reporting maximum, VMWare displays granted memory and Hyper-
V displays maximum memory.
172
Application Monitoring
Application Monitoring includes a range of reports that allow you to view the
performance status for monitored applications on your network. You can also add your
preference of reports from the Reports Library to the default Application Monitoring
views or to custom views you create.
The Application Monitoring dashboard includes the following view and its default
reports:
- Application State Summary. Reveals application status based on profile

type, customized profile, or a specific application instance.
- Running Action Policies. Reveals actions invoked or pending as part of an
application policy implementation.
- Status over Time. Charts application or service availability.
- Application Availability Summary. Reveals application instances, their
current state, and provides quick access to monitor status for a given
instance.
- Application State Change Log. Records transitions in application
monitoring states. By default, it displays the last n events.
- Application Resolved Items Log. Displays a record of the action policies
previously acknowledged in the Running Action Policies report.
- Application Action Log. Records actions, triggers, recorded activities, and
their associated policies.
173
Network Traffic Analysis
Network Traffic Analysis Dashboards dashboard enables you to view, analyze, and share
observed traffic patterns as well as current and historic network performance data by
way of both
built-in and
custom
dashboards.
The Traffic
Analysis
dashboard
provides three
operational
views, each with
its own suite of
reports, charting,
graphing along
with endpoint,
application, and
keyword
filtering.
- Home. Top n traffic, connections, and bandwidth utilization reports at a

glance.
- Senders and Receivers. Top n interfaces ranked by incoming and outgoing
traffic, geo location, and Internet domain.
- Troubleshooting. Top concurrent connections received/initiated, half-
open or failed connections received/initiated, and traffic hitting non-
standard ports.
Traffic data metrics are collected from any network devices that support:
- flow export
- NetFlow
- NetFlow-Lite
- sFlow
- J-flow
- IPFIX
- SNMP: Returns traffic totals when flow source export is not enabled or
for sampled flow
You manage flow source configuration and collection status from the NTA Sources
Library (SETTINGS > Network Traffic Analysis > NTA Sources).
The NTA Source Library provides a table view of:

174
- Flow sources detected on your network.
- Flow sources you configured manually or automatically using NTA Device
Configuration.
- Devices polled for NBAR traffic totals.
- Groups or individual interfaces providing SNMP or flow statistics.
You can use the Potential NetFlow Sources dialog (Settings > Network Traffic Analysis
> NTA Device Configuration) for the following:
- View results of flow

export sources
configured and
already advertising
on your network.
- Identify devices that can be used for NetFlow export.
- Status for flow monitor sources already exporting.
- Configure flow monitor sources directly from WhatsUp Gold (click the
Configure button) for those sources that support remote configuration
MIBs.
Note: When WhatsUp Gold has the necessary read/write credentials to access target
source devices using SNMP, you can use the Configure button to check if MIB objects
needed to perform remote configuration for NetFlow are present in the device's MIB
registry
Full Page Reports
Full page reports are split into four categories under the
Analyze menu; Performance, Network, Device, and Inventory.
Many full-page reports are the same reports viewed on
dashboards but shows full screen. Full page reports may be
filtered on a group of devices or down to a single device.
The data in reports may be exported to a PDF file, a formatted

CSV or text file, Microsoft Excel (XML) file, or a PDF. You
may also email reports in the same formats, or send them on
scheduled intervals
175
Logs
WhatsUp Gold has an extensive array of different log reports found under the Analyze
> logs. Logs can be split into 5 different categories.
- System executable and application logs

o Activity log
o Action applied and action
activity logs
o Discovery Scan log
o General Error log and
Logger Health messages
o Poller health
o Web User Activity Log
- Managed device platform logs
o Syslog (tail of syslog)
o Windows event log (tail of
Win EV)
o Vmware and Hyper-V logs
- Monitor logs
o Performance monitor and passive monitor
error logs
o SNMP Trap log
o Action Log
o Down active monitors
- Configuration Management logs
o Start –vs- Run
o Policy Audit
o Task Log
- Network traffic logs
o Network Traffic Analysis log
o Unclassified Traffic Log
o Wireless Log
176
Predictive Trending
The Predictive Trending Report displays a
suite of reports that present historical and
average statistics for common performance
measures so you can better anticipate how
the selected device or devices will perform in
the future. This allows you to take action
before there is a problem if a metric is
trending toward a critical limit.
Predictive trending provides the following five individual dashboard reports:
- CPU Utilization. Reports average CPU utilization percentage for each

individual processor.
- Memory Utilization. Reports both physical and virtual memory capacity
and usage.
- Disk Utilization. Reports disk utilization percentage for individual drives.
- Interface Utilization. Reports measurements for network traffic across
network interfaces.
- Ping Response Time. Reports minimum, maximum, and average response
times.
Please note, this dashboard is completely static. Additional reports cannot be

added and the five default reports described previously cannot be removed. Only
the device(s) displayed ( ), reporting time frame ( ), and applied business
hours ( ) may be modified.
177
Report Configuration and WhatsUp
Gold Database
Data is stored in the WhatsUp Gold database to populate all of the various reports that
are available in the application, and yet the storage available to WhatsUp Gold is limited.
Therefore, consideration must be given to managing the growth of that database. This
database size and growth is controlled by settings relating to the retention of data saved
by WhatsUp Gold.
Retention Policy: Each data type in WhatsUp Gold (performance, passive, and active)
has a specific setting available for how long you would like to keep the data in the
database overall. Performance data can also be controlled in a more precise manner,
giving you the option to roll up performance monitor data at different intervals. These
settings are available in SETTINGS > System Settings > General Settings.
Controlling the size of the database: By default, data is kept for 365 days for
performance, active and passive monitor data, and also for NTA data. Data older than
365 days is marked as “expired” in the database, and is cleaned up automatically by
WhatsUp Gold over time. Any time a monitor is removed from a device, or when a
device or monitor is deleted, the data associated with that element is also marked as
expired.
An expired record is defined as a record which is marked as to be overwritten, but has

yet to be overwritten by a new record. Typically, the percentage of expired records to
total records is small (less than 10%); if a large configuration change is made, the ratio of
expired records may be different. In practice, we recommend this ratio not exceed 25%
for any database table. You can purge all expired records for a given table from the Table
Maintenance property page in the Database Tools dialog.
For example, when WhatsUp Gold collects large quantities of unnecessary or unwanted
passive monitor data, a very large table can result. The first step is to ensure that
WhatsUp Gold is only collecting data for passive monitors you have explicitly configured
for your devices. To do this, ensure that both the SNMP Trap Listener and the Syslog
Listener are not accepting unsolicited messages. After setting WhatsUp Gold to collect
data from only passive monitors that are assigned to devices, all data present because of
the old settings is marked as expired at once, which can result in a large number of
expired rows. The next step is to clear the unneeded data from the database using the
utilities available in the Database Tools dialog in the WhatsUp Gold Console Admin,
Tools > Database Utilities > Tools.
178
9
Alert Storms
Alert Storm and Dependencies

Alert Storm
What is an alert storm? An alert
storm is where you have notification
action(s) / action policies applied to
all of your devices at either the
device or monitor level within
WhatsUp Gold. Then you have a
failure or one of your network
devices, maybe a core switch or
something similar, goes down or
stops all network traffic from
passing it. Because of the random device polling order, WhatsUp Gold will start
reporting or sending notifications for all of the devices that it does not receive a response
from due to the loss of network connectivity. What starts out as a couple of devices
reporting down, will soon turn into a flood or storm of notifications/alerts filling up
your inbox or phone text messages.
Eliminating Alert Storms

How are Alerts Storms prevented? The best way is to not have a single point of failure
in your network. You will want to use redundant switches, routers, gateways, or use
clustered / high-availability servers. However, these might not always be possible or
financially feasible.
WhatsUp Gold does give you options to help prevent them:
- First, set up notification actions on devices that are important or critical,

and apply blackout policies to non-critical devices during non-business
hours.
- Use Alert Center and set up thresholds over time
- Try using proactive/self-healing actions before sending alerts
- Use maintenance mode for devices you are purposely taking off-line
The best thing to do is to set up Device Dependencies
179
Device Dependencies
Device dependencies determine if a dependent device is to be polled based on the state
of another device. The state of the other device is determined by the state of one or more
of its active monitors.
There are two types of device dependencies:
- Up Dependency
o The device is polled only if the selected active monitors on a
second device are in
the up state.
o Can be thought of as
being “behind” the
device to which it has
a dependency.
o Polled only if the
device "in front" of it
is up.
- Down Dependency
o The device is polled
only if the selected
active monitors on a
second device are in
the down state.
o The device can be
thought of as
something is “in front
of” the device to which it has a dependency.
o The dependent devices in front will not be polled unless the device
further down the line is down.
You may set a device as the Dependency Root.

The dependency root sets the device as the
center or root device which all connected devices
will have an up dependency set on that device.
All subsequent devices will cascade outward with
an up dependency set on the previous connected
device(s).
180
Critical Monitoring
Critical active monitoring, also known as
intra-device dependencies, allows you to
define a specific polling order for a device's
active monitors. For example, you can
make one monitor dependent on another
monitor on the same device, such as
making an HTTP monitor dependent on
the Ping monitor, so that you are not
flooded with multiple alerts on the same
device if network connectivity is lost.
In a critical monitor polling path, critical

monitors are polled first. If you specify
more than one critical monitor, you also
specify the order in which they are polled.
Critical monitors are "up" dependent on

one another; if critical monitors return
successful results, non-critical monitors are
polled. If any of the critical monitors go
down, all monitors behind it in the critical
polling order are no longer polled and are
placed in an unknown state for the duration of the polling cycle. If, at the start of the
next polling cycle, the critical monitor returns successful results, polling of successive
critical monitors and non-critical monitors resumes.
When critical monitoring is enabled, and you specify a critical polling order, you now
receive only one alert when a device loses its network connectivity, instead of an alert for
each down monitor on the device.
Only monitors that you specify as critical follow a specific polling order; non-critical
monitors are not polled in any specific order. Additionally, if multiple non-critical
monitors fail, all associated actions fire.
181
Configuration
10
Management
Configuration Management
Configuration Management enables automated management, compliance, and periodic
auditing of device configurations —the most critical aspect of your network and
application infrastructure. Leveraging templates, archives, and automated configuration
management actions provided by Configuration Management libraries and tracked by
WhatsUp Gold dashboards, reporting, and logging yields better network performance,
frees valuable time, and provides transparency to all stakeholders.
Overview
Managing your devices with configuration manager is a multi-step process:
- First, you should make an initial backup

of the configuration of your devices.
This will be used as a starting point, and
a reference for future backups. Going
forward, each incremental backup will
be used to…
- Compare device configuration, either
from one device to another or the
previous configuration of a device to its
current configuration.
- You can also run audits on your devices
in an effort to identify devices that already have unauthorized settings in
place.
- Any time an audit fails, or when a device configuration is changed, you can
receive alerts letting you know exactly which devices, which configuration
settings, and which individual line items failed your audit or task.
- This information can then be used to develop configuration templates and
to update the configuration of your device configuration, as well as to
manage passwords and credentials assigned to your devices.
- Finally, after updating each device to be in compliance, you can generate a
new baseline configuration backup, and start the process over again.
182
Network Device Configurations
Most network devices depend upon detailed configuration settings in order to operate
correctly. Items like IP addresses, routing tables, interface/VLAN configuration,
usernames, passwords, and security settings are critical to setting up and maintaining a
functional network and losing these configuration settings can lead to widespread
network outages.
These configuration settings are stored on the network device in configuration files,
which come in two types:
- Startup Configuration: the configuration settings used when the network

device starts up from a powered off state. This configuration can be
thought of as the default configuration of the device.
- Running Configuration: this configuration includes Startup
Configuration File settings in addition to any settings that have been
changed since the last startup. This configuration file can be thought of as
a running list of changes made to the device.
When making configuration changes to a network device the changes are first stored to
the Running Configuration, and must be manually saved to the Startup Configuration or
they will be lost if the device loses power. Therefore it is important to save any recent
changes to the Startup Configuration if you wish them to be a permanent setting on the
device. However, saving improper or incorrect configuration settings to the Startup
Configuration can have disastrous results; because of this it is VERY important to make
backups of the configuration files of your network devices before making any changes
(either to the Running or Startup Configuration).
183
Comparing Configurations
Backing up either the startup or running configuration are two of the default scripts
available when adding a task within Configuration management that can be scheduled
or run on demand. Once the configurations are backed up, you can compare the
configurations side-by-side with the Archive Compare. It allows you to step though each
of the differences that may appear between the two.
Auditing Devices
Device configuration is often a part of compliance, with many organizations requiring
that devices only have secure configurations in place. If any of these items that are found
in your device configuration could potentially cause you to fail an audit, for example:
- An active Telnet login

- A “public” SNMP community
- SNMPv2 community strings in general
- Simplistic usernames and passwords
The Configuration Management Policy Library contains many default audit policies
which cover items such as; PCI, HIPAA, SOX, and FISMA. You may also create your
own policies: which check for; Message of the day, banner messages on login, Custom
login pages and warnings, or settings that all devices should have (IP and hostname
settings, for example)
Policies may be checked on demand, and also added as a part of your standard task
scheduling and alerting.
184
Alerting
Every schedulable task has an option for a separate Alert Center threshold. You may
alert on:
- Successes – send alert if a task succeeds

- Failures – send alert if a task fails to run correctly
- Changes – send alert if changes in configuration exist
- Policy – send alert if one or more policies fail
You may send any standard Alert Center Notification Policy with the threshold. You
may also choose to send an email with the configuration changes which are detected in
a configuration file.
Other Management Tasks

Configuration management is not only to schedule backups and compare them. You
have the ability to change devices on your network using a few different tasks and
utilities:
- You may manually restore a configuration file to a device.

- Save a configuration file as a template, which can then be used to restore
the configuration to a different device.
- Run a Password Task to update usernames and passwords on a device
from the credentials library from within WhatsUp Gold.
- You may create custom tasks to upload a configuration to a device via
TFTP or standard Telnet/SSH access.
185
Assigning Tasks
You may apply tasks in a few distinct ways, which will ultimately affect the functionality
of the task at run time. You may add multiple devices to a single task which allows you
to backup or update all of your devices at the same time; this is very useful for wide-
sweeping changes that should result in every device sharing the same settings.
You may run a task on a device-to-device basis from right within device properties,
which allows you to be selective in choosing devices to update.
You may only schedule tasks that backup the Startup or Running configuration by
default. Any tasks that restore a configuration file or those that update passwords may
not be scheduled; they may only run on demand. However, with custom scripts, ANY
task may be scheduled successfully.
When creating the schedule, you may choose the frequency of your backup task(s) and
the number of incremental backups that you save to the database.
Customizing
There are times when managing your network and the devices that it is comprised of,
requires a custom solution.
Configuration Manager allows you to create specialized tasks that can fulfill virtually any
requirement you have when dealing with manageable devices.
- When any devices that are brand new to market, or ones that were added
to the network a long time ago, can require a script not included in the
default System Script Library.
- In certain situations you may want to manage a device through a non-
traditional connection method, or a device that does not use configuration
files in a traditional sense (such as a Telnet connection sending commands
to a Unix server)
- Any time you need to schedule a task that restores a configuration file to a
device or to change credentials on a scheduled basis, you must create a
custom script with a task to run the script.
- Finally, current and future integration between products in the WhatsUp
Gold suite will rely on scheduled tasks as a way to monitor your devices
and alert on network issues.
These are all critical areas of network management that usually require a very hands-on
approach. You can limit the time it takes to manage these areas by utilizing scripting with
your configuration manager.
186
Appendix A
Extending WhatsUp Gold with custom
scripting
This section explains how to use the native development tools included in WhatsUp
Gold to extend the product beyond its stock capabilities with Active Script Active
Monitors, Performance Monitors, and Actions.
WhatsUp Gold includes three types of Active Scripts, which allow you to write
custom Jscript and VBScript code to do tasks that WhatsUp Gold cannot natively
perform.
 Active Script Active Monitors perform specific customized checks on a

device. They report their status as a success or failure, and the monitor's
status effects the device's status in the same way that stock active monitors
do. For more information, see Scripting Active Monitors (on page 188).
 Active Script Performance Monitors track specific values over time and
can be used to generate logs and graphs of historical data. For more
information, see Scripting Performance Monitors (on page 200).
 Active Script Actions can be configured to trigger when an active
monitor's state changes. They can be programmed to perform a variety of
tasks, from running automated remediation scripts to posting data to
external, third party services via API. For more information, see Scripting
Actions (on page 208).
About Active Script languages

Active scripts can be written in JScript or VBScript. For more information on either of
these languages, consult the MSDN Language Reference for that language.
 MSDN JScript User's Guide (http://www.whatsupgold.com/msdnjscript)

 MSDN VBScript User's Guide (http://www.whatsupgold.com/msdnvbscript)
Note: Not all aspects of JScript and VBScript can be used in Active Scripts. In general,
any function or method that involves the user interface level, such as VBScript's
MsgBoxes or JScript's alert(), are not allowed.
187
Scripting Active Monitors
Active Script Active Monitors perform specific customized checks on a device.
They report their status as a success or failure, and the monitor's status effects the
device's status in the same way that stock active monitors do.
Keep In Mind
 You need to include error handling in your monitor script. You must use
Context.SetResult to report the status of the script to WhatsUp Gold.
 Errors from this active monitor appear in EventViewer.exe.
Using the context object with active monitors

The context object provides an interface for your script to interact with WhatsUp
Gold. All methods and properties are retrieved using the Context namespace.
Methods Method description

LogMessage(sText); This method allows for a message to be written to the WhatsUp Gold debug
log.
Example
Jscript
Context.LogMessage( "Checking Monitor name using

Context.GetProperty()");
VBScript
Context.LogMessage "Checking Address using Context.GetProperty()"
PutProperty(sPropertyName); This method allows you to store a value in the INMSerialize object. This value
is retained across polls.
Example
Jscript
var nCount = parselnt(nNum) +1;

Context.PutProperty("MyNumeric",nCount);
SetResult(nCode, sText); This method allows for a result code and result message to be set. This is how
you can tell the WhatsUp Gold system if the monitor succeeded or not. Every
script should call SetResult. If SetResult is not called, the script is always
assumed to have succeeded.
Example
JScript
Context.SetResult(0, "Script completed successfully.");
//Success
Context.SetResult(1, "An error occurred."); //Failure
VBScript
Context.SetResult 1, "An error occurred."
188
GetProperty(sPropertyName); This method offers access to any of the device properties listed below. These
names are case sensitive.
Property Description
"ActiveMonitorTypeName" The active monitordisplay name
"Address" The IP address of the
Device
"DeviceID" The device ID
"Mode" 1 = doing discovery
2 = polling
3 = test
"ActiveMonitorTypeID" The active monitor's
type ID
"CredSnmpV1:ReadCommunity" SNMP V1 Read
Community
"CredSnmpV1:WriteCommunity" SNMP V1 Write
Community
Community
Community
"CredSnmpV3:Username" SNMP V3 Username
"CredSnmpV3:Context" SNMP V3 Context
"CredSnmpV3:AuthPassword" SNMP V3 Authentication password
"CredSnmpV3:AuthProtocol" SNMP V3 Authentication
protocol
"CredSnmpV3:EncryptPassword" SNMP V3 Encrypt
Password
"CredSnmpV3:EncryptProtocol" SNMP V3 Encrypt
Protocol
"CredWindows:DomainAndUserid Windows Domain and
" User ID
"CredWindows:Password" Windows Password
Example
Jscript
var sAddress = Context.GetProperty("Address");

var sReadCommunity =
Context.GetProperty("CredSnmpV1:ReadCommunity");
var nDeviceID = Context.GetProperty("DeviceID");
GetDB; This property returns an open connection to the WhatsUp Gold database.
189
Example active script active monitors
These scripts demonstrate a few potential uses of Active Script Active Monitors.
To view other
Active Script Active Monitors created by other WhatsUp Gold users, visit the
Ipswitch user community (http://community.ipswitch.com/library).
 Monitoring printer ink level and utilization (on page 190)
 Alert when temperature exceeds or drops out of range (on page 192)
 Determine invalid user account activity (on page 193)
 Monitor bandwidth utilization on an interface (on page 195)
 Monitor an SNMP agent running on a nonstandard port (on page 197)
 Monitor for unknown MAC addresses (on page 197)
Monitoring printer ink level and utilization

Note: This example is provided as an illustration only and is not supported. Technical
support is available for the Context object, SNMP API, and scripting environment,
but Ipswitch does not provide support for JScript, VBScript, or developing and
debugging Active Script monitors or actions. For assistance with this example or
with writing your own scripts, visit the Ipswitch user community
(http://community.ipswitch.com).
This active monitor polls an object of the printer MIB to gather the ink level
information and then computes the ink percent utilization of a printer.
The active monitor will fire an alert if the utilization exceeds a value set on the first
line of the script.
Note: This script was tested on an HP MIB.
Run the SNMP MIB Walker net tool to check the OIDs of the two polled objects and
eventually adjust their instance (1.1 in this example):
1.3.6.1.2.1.43.11.1.1.8.1.1 and 1.3.6.1.2.1.43.11.1.1.9.1.1.
Note: This script is included as a code example only. The Printer Active Monitor
should be used to monitor printers.
var nMarkerPercentUtilization = 70; // This monitor will fail if the printer ink
utilization is above this value %.
var oSnmpRqst = new ActiveXObject("CoreAsp.SnmpRqst");
var oComResult = oSnmpRqst.Initialize(nDeviceID);
if (oComResult.Failed)
{
Context.SetResult(1, oComResult.GetErrorMsg);
}
else
{
// poll the two counters
190
Context.LogMessage("Polling marker maximum level");
var oResponse = oSnmpRqst.Get("1.3.6.1.2.1.43.11.1.1.8.1.1");
if (oResponse.Failed)
{
Context.SetResult(1, oResponse.GetErrorMsg);
}
var prtMarkerSuppliesMaxCapacity = oResponse.GetValue;
Context.LogMessage("Success. Value=" + prtMarkerSuppliesMaxCapacity);
Context.LogMessage("Polling marker current level");
oResponse = oSnmpRqst.Get("1.3.6.1.2.1.43.11.1.1.9.1.1");
{
}
var prtMarkerSuppliesLevel = oResponse.GetValue;
Context.LogMessage("Success. Value=" + prtMarkerSuppliesLevel);
var nPercentUtilization = 100 * prtMarkerSuppliesLevel /
prtMarkerSuppliesMaxCapacity;
if (nPercentUtilization > nMarkerPercentUtilization)
{
Context.SetResult(1, "Failure. Current Utilization (" +
(nPercentUtilization + "%) is above the configured threshold (" +
nMarkerPercentUtilization) + "%)");
}
else
{
Context.SetResult(0, "Success. Current Utilization (" +
(nPercentUtilization + "%) is below the configured threshold (" +
nMarkerPercentUtilization) + "%)");
}
}
Alert when temperature exceeds or drops out of

range
support
is available for the Context object, SNMP API, and scripting environment, but
Ipswitch does not provide support for JScript, VBScript, or developing and
This active monitor polls an SNMP-enabled temperature sensor. If the

temperature exceeds or drops below the configured acceptable range, an alert is
fired.
/* This jscript script polls the temperature from an snmp-enabled sensor from "uptime devices"
(www.uptimedevices.com), and makes sure the temperature is within an acceptable range
configured right below. */
// The OID of the temperature object for that device is 1.3.6.1.4.1.3854.1.2.2.1.16.1.14.1
var nMinAllowedTemp = 65;

var nMaxAllowedTemp = 75;
var oComResult = oSnmpRqst.Initialize(nDeviceID);
191
{
}
else
{
// poll the two counters
Context.LogMessage("Polling the temperature");
var oResponse = oSnmpRqst.Get("1.3.6.1.4.1.3854.1.2.2.1.16.1.14.1");
{
}
else
{
var nTemperature = oResponse.GetValue / 10.0;
// comment out the following line to convert the temperature to Celcius
degrees
//nTemperature = (nTemperature - 32) * 5 / 9;
Context.LogMessage("Success. Value=" + nTemperature + " degrees");
if (nTemperature < nMinAllowedTemp || nTemperature >
nMaxAllowedTemp)
{
Context.SetResult(1, "Polled temperature " + nTemperature + " is
outside of
the defined range " + nMinAllowedTemp + " - " +
nMaxAllowedTemp);
}
else
{
Context.SetResult(0, "Success");
}
}
}
192
Determine invalid user account activity
This active monitor will change a device's state to Down if an invalid, or
unexpected user account logs on. The monitor will stay up if the valid, expected
account is logged on, or if no one is logged on.
sComputer = Context.GetProperty("Address")
nDeviceID = Context.GetProperty("DeviceID")
'Assuming ICMP is not blocked and there's a ping monitor on the device, we want to
'perform the actual check only if the Ping monitor is up. ConnectServer method of
'the SWbemLocator has a long time out so it would be good to avoid unnecessary tries.
'Please note: there's no particular polling order of active monitors on a device.
'During each polling cycle, it's possible that this monitor could be polled before
'Ping is polled. If the network connection just goes down but Ping is not polled yet,
'and therefore still has an up state, this active monitor will still do an actual
'check and experience a real down. But for the subsequent polls, it won't be doing a
'real check (ConnectServer won't be called) as Ping monitor has a down state, and this
'monitor will be assumed down.
If IsPingUp(nDeviceID) = false Then
Context.SetResult 1,"Actual check was not performed due to ping being down. Automatically set to down."
Else
sAdminName = Context.GetProperty("CredWindows:DomainAndUserid")
sAdminPasswd = Context.GetProperty("CredWindows:Password")
sLoginUser = GetCurrentLoginUser(sComputer, sAdminName, sAdminPasswd)
sExpectedUser = "administrator"
If Not IsNull(sLoginUser) Then
If instr(1,sLoginUser, sExpectedUser,1) > 0 Then
Context.SetResult 0,"Current login user is " & sLoginUser
ElseIf sLoginUser = " " Then
Context.SetResult 0,"No one is currently logged in."
Else
Context.SetResult 1,"an unexpected user " & sLoginUser & " has logged in " & sComputer
End If
End If
End If
'Check if Ping monitor on the device specified by nDeviceID is up.
'If nDeviceID is not available as it's in the case during discovery, then assume
'ping is up.
'If ping monitor is not on the device, then assume it's up so the real check will be
'performed.
Function IsPingUp(nDeviceID)
If nDeviceID > -1 Then
'get the Ping monitor up state.
sSqlGetUpState = "SELECT sStateName from PivotActiveMonitorTypeToDevice as P join " & _
"ActiveMonitorType as A on P.nActiveMonitorTypeID=A.nActiveMonitorTypeID " & _
"join MonitorState as M on P.nMonitorStateID = M.nMonitorStateID " & _
"where nDeviceID=" & nDeviceID & " and A.sMonitorTypeName='Ping' and " & _
" P.bRemoved=0"
Set oDBconn = Context.GetDB
Set oStateRS = CreateObject("ADODB.Recordset")
oStateRS.Open sSqlGetUpState,oDBconn,3
'if recordset is empty then
If oStateRS.RecordCount = 1 Then
If instr(1,oStateRS("sStateName"),"up",1) > 0 Then
IsPingUp = true
Else
IsPingUP = false
End If
Else
'if there's no ping on the device, then just assume up, so regular check will happen.
IsPingUp= true
End If
oStateRS.Close
oDBconn.Close
Set oStateRS = Nothing
193
Set oDBconn = Nothing
Else
'assume up, since there's no device yet. It's for scanning during discovery.
IsPingUP = true
End If
End Function
'Try to get the current login user name.
Function GetCurrentLoginUser(sComputer, sAdminName, sAdminPasswd)
GetCurrentLoginUser=Null
Set oSWbemLocator = CreateObject("WbemScripting.SWbemLocator")
On Error Resume Next
Set oSWbemServices = oSWbemLocator.ConnectServer _
(sComputer, "root\cimv2",sAdminName,sAdminPasswd)
If Err.Number <> 0 Then
Context.LogMessage("The 1st try to connect to " & sComputer & " failed. Err:" & Err.Description)
Err.Clear
'If the specified user name and password for WMI connection failed, then
'try to connect without user name and password. Can't specify user name
'and password when connecting to local machine.
Set oSWbemServices = oSWbemLocator.ConnectServer(sComputer, "root\cimv2")
If Err.Number <> 0 Then
Err.Clear
Context.SetResult 1,"Failed to access " & sComputer & " " & _
"using username:" & sAdminName & " password." & " Err: " & Err.Description
Exit Function
End If
End If
Set colSWbemObjectSet = oSWbemServices.InstancesOf("Win32_ComputerSystem")
For Each oSWbemObject In colSWbemObjectSet
'Context.SetResult 0,"User Name: " & oSWbemObject.UserName & " at " & sComputer
sCurrentLoginUser = oSWbemObject.UserName
Err.Clear
Next
If Cstr(sCurrentLoginUser) ="" Then

GetCurrentLoginUser = " "
Else
GetCurrentLoginUser = sCurrentLoginUser
End If
Set oSWbemServices = Nothing
Set oSWbemLocator = Nothing
End Function
194
Monitor bandwidth utilization on an interface
This active monitor is used to monitor the total bandwidth utilization (both in and
out octets) of an interface by polling values of the interface MIB.
// Settings for this monitor:

// the interface index ifIndex:
var nInterfaceIndex = 65540;
// this monitor will fail if the interface utilization goes above this current ratio:
// current bandwidth / maxBandwidth > nMaxInterfaceUtilizationRatio
var nMaxInterfaceUtilizationRatio = 0.7; // Set to 70%
// Create an SNMP object, that will poll the device.
// Get the device ID
// This function polls the device returns the ifSpeed of the inteface indexed by
nIfIndex.
// ifSpeed is in bits per second.
function getIfSpeed(nIfIndex) {
var oResult = oSnmpRqst.Initialize(nDeviceID);
if (oResult.Failed) {
return null;
}
return parseInt(SnmpGet("1.3.6.1.2.1.2.2.1.5." + nIfIndex)); // ifSpeed
}
// Function to get SNMP ifInOctets for the interface indexed by nIfIndex (in bytes).
// Returns the value polled upon success, null in case of failure.
function getInOctets(nIfIndex) {
return null;
}
return parseInt(SnmpGet("1.3.6.1.2.1.2.2.1.10." + nIfIndex)); // inOctets
}
// Function to get SNMP ifOutOctets for the interface indexed by nIfIndex (in bytes).
function getOutOctets(nIfIndex) {
return null;
}
return parseInt(SnmpGet("1.3.6.1.2.1.2.2.1.16." + nIfIndex)); // outOctets
}
// Helper function to get a specific SNMP object (OID in sOid).
function SnmpGet(sOid) {
var oResult = oSnmpRqst.Get(sOid);
return null;
}
else {
195
return oResult.GetPayload;
}
}
// Get the current date. It will be used as a reference date for the SNMP polls.
var oDate = new Date();
var nPollDate = parseInt(oDate.getTime()); // get the date in millisec in an integer.
// Do the actual polling:
var nInOctets = getInOctets(nInterfaceIndex);
var nOutOctets = getOutOctets(nInterfaceIndex);
var nIfSpeed = getIfSpeed(nInterfaceIndex);
if (nInOctets == null || nOutOctets == null || nIfSpeed == null) {
Context.SetResult(1, "Failure to poll this device.");
}
else {
var nTotalOctets = nInOctets + nOutOctets;
// Retrieve the octets value and date of the last poll saved in a context variable:
var nInOutOctetsMonitorPreviousPolledValue =
Context.GetProperty("nInOutOctetsMonitorPreviousPolledValue");
var nInOutOctetsMonitorPreviousPollDate =
Context.GetProperty("nInOutOctetsMonitorPreviousPollDate");
if (nInOutOctetsMonitorPreviousPolledValue == null ||
nInOutOctetsMonitorPreviousPollDate == null) {
// the context variable has never been set, this is the first time we are
polling.
Context.LogMessage("This monitor requires two polls.");
Context.SetResult(0, "success");
}
else {
// compute the bandwidth that was used between this poll and the previous poll
var nIntervalSec = (nPollDate - nInOutOctetsMonitorPreviousPollDate) / 1000; //
time since last poll in seconds
var nCurrentBps = (nTotalOctets - nInOutOctetsMonitorPreviousPolledValue) * 8 /
nIntervalSec;
Context.LogMessage("total octets for interface " + nInterfaceIndex + " = " +
nTotalOctets);
Context.LogMessage("previous value = " + nInOutOctetsMonitorPreviousPolledValue);
Context.LogMessage("difference: " + (nTotalOctets -
nInOutOctetsMonitorPreviousPolledValue) + " bytes");
Context.LogMessage("Interface Speed: " + nIfSpeed + "bps");
Context.LogMessage("time elapsed since last poll: " + nIntervalSec + "s");
Context.LogMessage("Current Bandwidth utilization: " + nCurrentBps + "bps");
if (nCurrentBps / nIfSpeed > nMaxInterfaceUtilizationRatio) {
Context.SetResult(1, "Failure: bandwidth used on this interface " +
nCurrentBps + "bps / total available: " + nIfSpeed + "bps is above the specified ratio: "
+ nMaxInterfaceUtilizationRatio);
}
else {
Context.SetResult(0, "Success");
}
}
// Save this poll information in the context variables:
Context.PutProperty("nInOutOctetsMonitorPreviousPolledValue", nTotalOctets);
Context.PutProperty("nInOutOctetsMonitorPreviousPollDate", nPollDate);
}
196
Monitor an SNMP agent running on a nonstandard
port
This active monitor watches an SNMP agent running on a non-standard port (the
standard SNMP port is 161).
var nSNMPPort = 1234; // change this value to the port your agent is running on
// Get the device ID
// Initialize the SNMP request object
if(oResult.Failed)
{
Context.SetResult(1, oResult.GetPayload);
}
else
{
// Set the request destination port.
var oResult = oSnmpRqst.SetPort(nSNMPPort);
// Get sysDescr.
var oResult = oSnmpRqst.Get("1.3.6.1.2.1.1.1.0");
if (oResult.Failed)
{
Context.SetResult(1, "Failed to poll device using port " + nSNMPPort + ".
Error=" + oResult.GetPayload);
}
else
{
Context.SetResult(0, "SUCCESS. Detected an SNMP agent running on port nSNMPPort );
}
}
Monitor for unknown MAC addresses

This active monitor watches MAC addresses present on a network by polling an
SNMPmanaged switch and the bridge MIB. In the example script, you define a list
of MAC addresses you will allow to connect to the network. This monitor will fail
if it finds devices that do not match the addresses specified in the list.
197
// Modify the list below. It defines a list of allowed mac addresses with mapping to switch interface
// on the network.
// This script will poll a managed switch using SNMP and the bridge MIB to detect MAC addresses present
// on your network that should not be and to detect misplaced machines (connected to the wrong port).
//
// The MAC addresses should be typed lowercase with no padding using ':' between each bytes
// for instance "0:1:32:4c:ef:9" and not "00:01:32:4C:EF:09"
//
var arrAllowedMacToPortMapping = new ActiveXObject("Scripting.Dictionary");
arrAllowedMacToPortMapping.add("0:3:ff:3b:df:1f", 17);
arrAllowedMacToPortMapping.add("0:3:ff:72:5c:bf", 77);
arrAllowedMacToPortMapping.add("0:3:ff:e2:e5:76", 73);
arrAllowedMacToPortMapping.add("0:11:24:8e:e0:a5", 63);
arrAllowedMacToPortMapping.add("0:1c:23:ae:b0:4c", 48);
arrAllowedMacToPortMapping.add("0:1d:60:96:e5:58", 73);
arrAllowedMacToPortMapping.add("0:e0:db:8:aa:a3", 73);
var ERR_NOERROR = 0;
var ERR_NOTALLOWED = 1;
var ERR_MISPLACED = 2;
function CheckMacAddress(sMacAddress, nPort)
{
sMacAddress = sMacAddress.toLowerCase();
if (!arrAllowedMacToPortMapping.Exists(sMacAddress))
{
return ERR_NOTALLOWED;
}
var nAllowedPort = arrAllowedMacToPortMapping.Item(sMacAddress);
if (nAllowedPort != nPort)
{
return ERR_MISPLACED;
}
return ERR_NOERROR;
}
var oComResult = oSnmpRqst.Initialize(Context.GetProperty("DeviceID"));
{
}
else
{
var DOT1DTOFDBPORT_OID = "1.3.6.1.2.1.17.4.3.1.2";
var DOT1DTOFDBADDRESS_OID = "1.3.6.1.2.1.17.4.3.1.1";
var sOid = DOT1DTOFDBPORT_OID
var bStatus = true;
var arrMisplacedAddresses = new Array();
var arrNotAllowedAddresses = new Array();
var i=0;
while (i++<1000)
{
oComResult = oSnmpRqst.GetNext(sOid);
{
break;
}
sOid = oComResult.GetOID;
if (sOid.indexOf(DOT1DTOFDBPORT_OID) == -1)
{
// we are done walking
break;
198
}
var nPort = oComResult.GetPayload;
// the last 6 elements of the OID are the MAC address in OId format
var sInstance = sOid.substr(DOT1DTOFDBPORT_OID.length+1, sOid.length);
// get it in hex format...
oComResult = oSnmpRqst.Get(DOT1DTOFDBADDRESS_OID + "." + sInstance);
{
continue;
}
var sMAC = oComResult.GetValue;
var nError = CheckMacAddress(sMAC, nPort);
switch (nError)
{
case ERR_NOTALLOWED:
arrNotAllowedAddresses.push(sMAC + "(" + nPort + ")");
break;
case ERR_MISPLACED:
arrMisplacedAddresses.push(sMAC + "(" + nPort + ")");
break;
case ERR_NOERROR:
default:
// no problem
}
}
//Write the status
Context.LogMessage("Found " + i + " MAC addresses on your network.");
if (arrMisplacedAddresses.length > 0)
{
Context.LogMessage("Warning: Found " + arrMisplacedAddresses.length + "
misplaced addresses: " + arrMisplacedAddresses.toString());
}
if (arrNotAllowedAddresses.length > 0)
{
Context.SetResult(1, "ERROR: Found " + arrNotAllowedAddresses.length + "
unknown MAC addresses on your network: " + arrNotAllowedAddresses.toString());
}
else
{
Context.SetResult(0, "SUCCESS. No anomaly detected on the network");
}
}
199
Scripting Performance Monitors
Active Script Performance Monitors let you write VBScript and JScript to easily poll
one or more SNMP or WMI values, perform math or other operations on those
values, and graph a single output value. You should only use the Active Script
Performance Monitor when you need to perform calculations on the polled values.
Keep in mind that although you can poll multiple values using the feature, only one
value will be stored to the database: the outcome of your scripted calculation.
Reference Variables
Reference variables simplify your scripting code and enable you to write scripts
efficiently, without having to grab a list of device properties, as with the Script
Action and Script Active Monitor. They take care of the underlying SNMP or
WMI mechanisms that you would normally have to use to access SNMP or WMI
counters on a remote device.
By using the Context.GetReferenceVariable (variable name), you only need to

specify the name of a pre-defined variable. WhatsUp Gold uses a device's
credentials to connect to the target device using SNMP or WMI to retrieve the
requested information. This information is stored in a variable that you can use
later in your script.
Important: The use of reference variables in the Active Script Performance Monitor
is optional. If you do use them, you must use
Context.GetReferenceVariable,for reference variables to be polled and
their data graphed.
Keep In Mind
 You need to include error handling in your monitor script. Your script
either needs a value to graph by using Context.SetValue, or you must use
Context.SetResult to tell WhatsUp Gold that the script failed.
 Context.GetReferenceVariablewill return 'null' if the poll fails for any
reason.
 If you do not have a call to SetValue or SetResult, the script does not
report any errors and no data is graphed.
 If SetValue is used, it is not necessary to use SetResult, as SetValue
implicitly sets SetResult to 0, or "good."
 Results from this performance monitor are displayed on Custom
Performance Monitors full and dashboard reports.
 Errors from this performance monitor are displayed in the Performance
Monitor Error log as well as EventViewer.exe.
200
Using the context object with performance
monitors
The context object provides an interface for your script to interact with WhatsUp
Gold. All methods and properties are retrieved using the Context namespace.
Note: You may have to remove the copyright information from the cut and paste if it
appears when you copy from this help file.
Methods Method description

LogMessage(sText); This method allows for a message to be written to the WhatsUp Gold debug log.
Example
JScript
Context.LogMessage( "Checking Monitor name using Context.GetProperty()");
VBScript
PutProperty(sPropertyName); This method allows you to store a value in the INMSerialize object. This value is
retained across polls.
Example
JScript
var nCount = parselnt(nNum) +1;

Context.PutProperty("MyNumeric",nCount);
SetResult(nCode, sText); This method allows for a result code and result message to be set. This is how you
can tell the WhatsUp Gold system if the monitor succeeds or fails.
Every script should call SetResult. If SetResult is not called, the script is always
assumed to have succeeded.
Example
JScript
Context.SetResult(0, "Script completed
successfully."); //Success
Context.SetResult(1, "An error occurred.");
//Failure
VBScript
GetReferenceVariable(sRefVarName); This method allows the code to grab a reference variable to be used in the
monitor.
Example
JScript
Context.GetReferenceVariable("A")
A reference variable "A" would have had to have been created.

SetValue(nValue); This method allows you to graph a value.
Example
JScript
Context.SetValue(245)
201
GetProperty(sPropertyName); This method offers access to any of the device properties listed below. These
names are case sensitive.
"ActiveMonitorTypeName" The active monitor display
name
"Address" The IP address of the

device
"Mode" 1 = doing discovery

2 = polling
3 = test
"ActiveMonitorTypeID" The active monitor's type

ID

community

community

community

community
"CredSnmpV3:Username" SNMP V3 Username
"CredSnmpV3:Context" SNMP V3 Context
"CredSnmpV3:AuthPassword" SNMP V3
Authentication
password
"CredSnmpV3:AuthProtocol" SNMP V3
Authentication
protocol
"CredSnmpV3:EncryptPassword" SNMP V3 Encrypt

password
"CredSnmpV3:EncryptProtocol" SNMP V3 Encrypt

protocol
"CredWindows:DomainAndUserid" Windows Domain and

User ID
Example
JScript
var sReadCommunity =
Context.GetProperty("CredSnmpV1:ReadCommunity");
202
Example active script performance
monitors
These scripts demonstrate a few potential uses of Active Script Performance Monitors.
To view other Active Script Performance Monitors created by other WhatsUp Gold
users, visit the Ipswitch user community (http://community.ipswitch.com).
 Graphing printer ink level percent utilization (on page 203)

 Poll a reference variable and perform a calculation (on page 204)
 Graph a temperature monitor (on page 205)
 Poll the storage table using SNMP GetNext (on page 206)
 Poll multiple reference variables (on page 207)
Graphing printer ink level utilization

This performance monitor uses two reference variables to poll and compute the ink
level percent utilization of a printer for later graphing.
Note: This script was tested on an HP MIB.
Run the SNMP MIB Walker net tool to check the OIDs of the two reference variables
and eventually adjust their instance (1.1 in this example): 1.3.6.1.2.1.43.11.1.1.8.1.1
and 1.3.6.1.2.1.43.11.1.1.9.1.1.
// prtMarkerSuppliesLevel is an snmp reference variable defined with an OID or 1.3.6.1.2.1.43.11.1.9

and an instance of 1.1
// prtMarkerSuppliesMaxCapacity is an snmp reference variable defined with an OID or
1.3.6.1.2.1.43.11.1.8 and an instance of
1.1
Context.LogMessage("Print the current marker level");
var prtMarkerSuppliesLevel = Context.GetReferenceVariable("prtMarkerSuppliesLevel");
Context.LogMessage("Print the maximum marker level");
var prtMarkerSuppliesMaxCapacity = Context.GetReferenceVariable("prtMarkerSuppliesMaxCapacity");
if (prtMarkerSuppliesMaxCapacity == null || prtMarkerSuppliesLevel == null) {
Context.SetResult(0, "Failed to poll printer ink levels.");
}
else {
Context.LogMessage("marker lever successfully retrieved");
var nPercentMarkerUtilization = 100 * prtMarkerSuppliesLevel / prtMarkerSuppliesMaxCapacity;
Context.LogMessage("Percent utilization=" + nPercentMarkerUtilization + "%");
Context.SetValue(nPercentMarkerUtilization);
203
Poll a reference variable and perform a calculation
This performance monitor polls a reference variable, and then performs an arithmetic
calculation with the returned value.
// This script is a JScript that demonstrates how to use a reference variable in a script.
// The reference variable "RVsysUpTime" is an SNMP reference variable defined
// with an OID of 1.3.6.1.2.1.1.3 and instance of 0.
// Poll reference variable RVsysUpTime
var RVsysUpTime = Context.GetReferenceVariable("RVsysUpTime");
if (RVsysUpTime == null) {
// Pass a non zero error code upon failure with an error message.
// The error message will be logged in the Performance Monitor Error Log
// and in the eventviewer.
Context.SetResult(1, "Failed to poll the reference variable.");
else {
204
// Success, use the polled value to convert sysUpTime in hours.
// sysUpTime is an SNMP timestamp which is in hundredths of seconds:
var sysUpTimeHours = RVsysUpTime / 3600 / 100;
// Save the final value to graph:
Context.SetValue(sysUpTimeHours);
Graph a temperature monitor

This performance monitor polls an SNMP-enabled temperature sensor using the
CurTemp reference variable.
// This script is a JScript script that polls the temperature of an snmp-enabled

sensor from "uptime devices" (www.uptimedevices.com).
// It uses an SNMP reference variable named CurTemp defined with an OID of
1.3.6.1.4.1.3854.1.2.2.1.16.1.14
// and an instance of 1.
//
// That device indicates the temperature in degrees Fahrenheit.
var oCurTemp = Context.GetReferenceVariable("CurTemp");

if (oCurTemp == null) {
Context.SetResult(1, "Unable to poll Temperature Sensor");
}
else {
// convert temperature from tenth of degrees to degrees
var nFinalTemp = oCurTemp / 10.0;
// comment out the line below to convert the temperature in Celsius degrees:
//nFinalTemp = (nFinalTemp - 32) * 5 / 9;
Context.SetValue(nFinalTemp);
}
205
Use SNMP GetNext.
This performance monitor walks the hrStorageType MIB to find hard disks in the
storage table. After a hard disk is found, it obtains indexes of it and polls new
objects (the storage size and units).
// This scripts walks hrStorageType to find hard disks in the storage table.
// A hard disk as a hrStorageType of "1.3.6.1.2.1.25.2.1.4" (hrStorageFixedDisk).
// Then it gets the indexes of the hard disk in that table and for each index, it polls
two new
// objects in that table, the storage size and the units of that entry.
// It adds everything up and converts it in Gigabytes.
var hrStorageType = "1.3.6.1.2.1.25.2.3.1.2";
// Create and initialize the snmp object
var arrIndexes = new Array(); // array containing the indexes of the disks we found
// walk the column in the table:
var oSnmpResponse = oSnmpRqst.GetNext(hrStorageType);
if (oSnmpResponse.Failed) Context.SetResult(1, oSnmpResponse.GetPayload);
var sOid = String(oSnmpResponse.GetOid);
var sPayload = String(oSnmpResponse.GetPayload);
while (!oSnmpResponse.Failed && sOid < (hrStorageType + ".99999999999"))
{
if (sPayload == "1.3.6.1.2.1.25.2.1.4") {
// This storage entry is a disk, add the index to the table.
// the index is the last element of the OID:
var arrOid = sOid.split(".");
arrIndexes.push(arrOid[arrOid.length - 1]);
}
oSnmpResponse = oSnmpRqst.GetNext(sOid);
sOid = String(oSnmpResponse.GetOid);
sPayload = String(oSnmpResponse.GetPayload);
}
Context.LogMessage("Found disk indexes: " + arrIndexes.toString());
if (arrIndexes.length == 0) Context.SetResult(1, "No disk found");
// now that we have the indexes of the disks. Poll their utilization and units
var nTotalDiskSize = 0;
for (var i = 0; i < arrIndexes.length; i++) {
oSnmpResponse = oSnmpRqst.Get("1.3.6.1.2.1.25.2.3.1.5." + arrIndexes[i])
nSize = oSnmpResponse.GetPayload;
oSnmpResponse = oSnmpRqst.Get("1.3.6.1.2.1.25.2.3.1.4." + arrIndexes[i])
nUnits = oSnmpResponse.GetPayload;
nTotalDiskSize += (nSize * nUnits);
}
// return the total size in gigabytes.
Context.SetValue(nTotalDiskSize / 1024 / 1024 / 1024); // output in Gigabytes
206
Poll multiple reference variables
This performance monitor graphs the percentage of retransmitted TCP segments
over time using two reference variables: RVtcpOytSegs and RVtcpRetransSegs.
/* This script is a JScript that will allow you to graph the percentage of retransmitted TCP segments over time
on a device.
For this script, we use two SNMP reference variables:
The first Reference variable RVtcpOutSegs is defined with OID 1.3.6.1.2.1.6.11 and instance 0. It polls the
SNMP object tcpOutSegs.0, the total number of TCP segments sent out on the network. */
var RVtcpOutSegs = parseInt(Context.GetReferenceVariable("RVtcpOutSegs"));
/* The second reference variable RVtcpRetransSegs is defined with OID 1.3.6.1.2.1.6.12 and instance 0. It
polls the SNMP object tcpRetransSegs.0, the total number of TCP segments that were retransmitted on the
system. */
var RVtcpRetransSegs = parseInt(Context.GetReferenceVariable("RVtcpRetransSegs"));
//Error Checking
if (isNaN(RVtcpRetransSegs) || isNaN(RVtcpOutSegs)) {
Context.SetResult(1, "Failed to poll the reference variables.");
}
else {
// Compute the percentage:
var TCPRetransmittedPercent = 100 * RVtcpRetransSegs / RVtcpOutSegs;
// Set the performance monitor value to graph
Context.SetValue(TCPRetransmittedPercent);
}
207
Scripting Actions
Active Script Actions can be configured to trigger when an active monitor's state
changes. They can be programmed to perform a variety of tasks, from running
automated remediation scripts to posting data to external, third party services via
API.
Keep In Mind
 You need to include error handling in your monitor script. Your script must
use Context.SetResult to report the status of the action to WhatsUp Gold.
 Your script should check periodically to see if it has been canceled by the
user. To do this, use the IsCancelled()method described in Using the Context
object with Actions.
Method Method description

LogMessage(sText); This methods allows for a message to be written to the WhatsUp
Gold debug log. Messages are displayed in the Event Viewer.
Examples
JScript
Context.LogMessage( "Checking action name using Context.GetProperty()");
VBScript
SetResult(LONG nCode, This method allows for a result code and result message to be set. This is how
sText); you can tell the WhatsUp Gold system if the action succeeded or failed.
Examples
JScript
Context.SetResult(0, "Script completed successfully.");
//Success
Context.SetResult(1, "An error occurred."); //Failure
VBScript
208
NotifyProgress(sText); This method allows for a message to be written to the actions progress dialog.
Messages are displayed in the Test dialog and Running Actions dialog.
Examples
JScript
Context.NotifyProgress( "Checking action name using
Context.GetProperty()");
VBScript
Context.NotifyProgress "Checking Address using Context.GetProperty()"
IsCancelled(); This method tests whether the action has been canceled by the user.
If the return is true, then the script should terminate.
A cancel can be issued by the user in the action progress dialog and by the
WhatsUp Gold engine when shutting down.
GetProperty(sPropertyName) This property offers access to many device specific aspects. You obtain access
; to these items using the names listed. These names are case sensitive.
"ActionName" The action display

name
"Address" The IP Address of the

device
"Name" Network name of the

device
"DisplayName" Display name of the
device
"ActionTypeID" The action type ID
"TriggerCondition" The reason the action

was fired.
Trigger values:
1 - Monitor changed
from DOWN to UP
2 - Monitor changed
from UP to DOWN
4 - A Passive Monitor
was received...
8 - The "Test" Button

was hit
16 - This is a recurring
action...
32 - Device is UP
64 - Device is DOWN
209
The following context objects are only available if impersonations are
enabled.
"CredWindows:DomainAndUserid" Windows Domain
and User ID
Example
JScript
210
Example active script actions
These scripts demonstrate a few potential uses of Active Script Actions. To view
other Active Script Actions created by other WhatsUp Gold users, visit the Ipswitch
user community (https://community.ipswitch.com).
Post device status to Twitter (on page 211)

Acknowledge all devices (on page 212)
Post device status to Twitter

This action posts the status of the device to which it's applied to the microblogging
service Twitter. This is useful for creating an externally viewable and off-site list of
device status.
support is available for the Context object, SNMP API, and scripting environment, but
Ipswitch does not provide support for JScript, VBScript, or developing and debugging
Active Script monitors or actions. For assistance with this example or with writing your
own scripts, visit the Ipswitch user community (http://community.ipswitch.com).
Dim xml
Set xml = createObject("Microsoft.XMLHTTP")
'Update to include your account's username and password.
sUser = "username"
sPass = "password"
sStatus = "WhatsUp Gold says, '%Device.DisplayName %Device.State at %System.Time on %System.Date'"
xml.Open "POST", "http://" & sUser & ":" & sPass & "@twitter.com/statuses/update.xml?status=" &
sStatus, False
xml.setRequestHeader "Content-Type", "content=text/html; charset=iso-8859-1"
xml.Send
Context.SetResult 0, xml.responseText
Set xml = Nothing
211
Acknowledge all devices
This action resets the acknowledge flag on all devices. When a device is
unacknowledged, the label on its icon renders as white text on black. If you don't
use the acknowledge feature, this action can be used to make sure that icons
always show as acknowledged.
support is available for the Context object, SNMP API, and scripting environment, but
Ipswitch does not provide support for JScript, VBScript, or developing and debugging
Active Script monitors or actions. For assistance with this example or with writing your
own scripts, visit the Ipswitch user community (http://community.ipswitch.com).
// This JScript action sets the acknowledge flag to true for all devices.
// Written by Tim Schreyack of Dynamics Research Corporation
// Get the database info
var oDb = Context.GetDB;
if (null == oDb) {
Context.SetResult( 1, "Problem creating the DB object");
}
else {
var sSql = "UPDATE ActiveMonitorStateChangeLog SET bAcknowledged = 1 WHERE
bAcknowledged = 0";
var oRs = oDb.Execute(sSql);
var sSql = "UPDATE Device SET nUnAcknowledgedActiveMonitors = 0 WHERE
nUnAcknowledgedActiveMonitors = 1";
var sSql = "UPDATE Device SET nUnAcknowledgedPassiveMonitors = 0 WHERE
nUnAcknowledgedPassiveMonitors = 1";
}
212

Whats Up Gold 2018 Manual

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Whats Up Gold 2018 Manual

Uploaded by

Copyright:

Available Formats

WHATSUP GOLD 2018

LEARNING OBJECTIVES ...............................................................................................1

COURSE AUDIENCE ....................................................................................................2

IPSWITCH TRAINING ENVIRONMENT ..........................................................................3

SYSTEM REQUIREMENTS ............................................................................................8

BASIC NAVIGATION ....................................................................................................9

DISCOVERED NETWORK ...........................................................................................12

USER ADMINISTRATION ...........................................................................................15

EXTERNAL AUTHENTICATION ...................................................................................20

SUPPORTED PROTOCOLS ..........................................................................................23

MONITOR TYPES ......................................................................................................35

PASSIVE MONITORS .................................................................................................68

PERFORMANCE MONITORS ......................................................................................74

NETWORK DISCOVERY .............................................................................................91

WHAT IS A DISCOVERY .............................................................................................91

DEVICE ROLES ..........................................................................................................93

NEW SCANS .............................................................................................................97

SCAN TYPES .............................................................................................................97

SAVED SCAN SETTINGS ........................................................................................... 108

PRECONFIGURED SCANS ........................................................................................ 108

DISCOVERED NETWORK ......................................................................................... 110

MAP VIEW LAYOUT ................................................................................................ 125

CUSTOMIZING THE MAP......................................................................................... 126

DEVICE INFORMATION ........................................................................................... 132

DEVICE PROPERTIES ............................................................................................... 134

APPLICATION MONITORING ................................................................................... 141

APPLICATION PROFILES .......................................................................................... 144

IMPORTING AND EXPORTING APPLICATION PROFILES ............................................ 145

APPLICATION INSTANCES ....................................................................................... 146

APPLICATION DISCOVERY ....................................................................................... 147

MAINTENANCE MODE ............................................................................................ 148

MAINTENANCE MODE CHARACTERISTICS ............................................................... 148

ACTIONS ................................................................................................................ 149

BLACKOUT SCHEDULE AND POLICIES ...................................................................... 156

APPLICATION MONITORING ACTIONS AND ACTION POLICIES .................................. 158

WHATSUP GOLD ACTION POLICIES ......................................................................... 162

ALERT CENTER ALERTS ........................................................................................... 163

THRESHOLDS ......................................................................................................... 165

ALERT CENTER DASHBOARD ................................................................................... 166

DASHBOARDS AND REPORTS.................................................................................. 167

DASHBOARDS ........................................................................................................ 168

FULL PAGE REPORTS .............................................................................................. 175

LOGS ..................................................................................................................... 176

PREDICTIVE TRENDING ........................................................................................... 177

REPORT CONFIGURATION AND WHATSUP GOLD DATABASE ................................... 178

ALERT STORM AND DEPENDENCIES ........................................................................ 179

CONFIGURATION MANAGEMENT ........................................................................... 182

APPENDIX A ........................................................................................................... 187

What to expect in the

• Mapping is showing what devices are connected to what

• A working knowledge of network administration

• A working knowledge of server administration

• Familiar with network monitoring/administration terms

Ipswitch Training Environment

Each entry in the report contains the following information:

• Status: A color-coded indicator of poller status.

In order for a poller to successfully connect to WhatsUp Gold, enable communication

Requirements may vary depending on the configuration of WhatsUp Gold. Increasing

100 Devices 2,500 20,000

• Application navigation and functionality

You will want to keep the number of Groups at a minimum, to make it

1. WUG Administrators: Users should be assigned to this group if they are

2. Super Users: Users should be assigned to this group if they are

3. Network Managers: Users assigned to this group manage larger,