ManageEngine® Applications Manager


Prerequisites for Applications Manager

<< Prev

Home

Next >>

Prerequisites for Applications Manager

 

Discussed below are the prerequisites for managing the various monitors:

 

Application Servers

Glassfish

While monitoring Glassfish application servers, make the following changes in the domain.xml file and then restart it:

The configuration line should look like this :

<jmx-connector accept-all="true" address="0.0.0.0" auth-realm-name="admin-realm" enabled="true" name="system" port="8686" protocol="rmi_jrmp" security-enabled="false"/>

 

JBoss

The prerequisites for managing the various versions of JBoss server are:

 

JBoss Version 3.x and 4.x

To monitor JBoss, the http-invoker.sar should be deployed in the JBoss Server. The application (http-invoker.sar) is by default deployed in the JBoss server.

 

If the http port of the JBoss server is changed then the port number in the attribute InvokerURLSuffix should also be modified in JBOSS_HOME/server/default/deploy/http-invoker.sar/META-INF/jboss-service.xml file.

JBoss Version 5x

To monitor JBoss 5.x version and above jbossagent.sar should be deployed in JBoss server. To deploy, follow the steps below:

  • Copy jbossagent.sar from location <Applications Manager home>/working/resources and paste under <JBOSS_HOME>/server/default/deploy.

  • If you are running JBoss in different domain like all, then deployment target folder would be <JBOSS_HOME>/server/all/deploy.

JBoss Version 6.x

To monitor JBoss 6.x version and above jbossagent.sar should be deployed in JBoss server. To deploy, follow the steps below:

  • Copy jbossagent.sar from location <Applications Manager home>/working/resources and paste under <JBOSS_HOME>/server/default/deploy.

  • If you are running JBoss in different domain like all, then deployment target folder would be <JBOSS_HOME>/server/all/deploy.

  • Provide the rmiRegistryPort which is available in <JBOSS_HOME>/server/<domainname>/conf/bindingservice.beans/META-INF/bindings-jboss-beans.xml file. The default port is 1090.

    • Example:
    <bean class="org.jboss.services.binding.ServiceBindingMetadata">
    <property name="serviceName">
    jboss.remoting:service=JMXConnectorServer,protocol=rmi
    </property>
    <property name="port">1090</property>
    <property name="description">RMI/JRMP socket for connecting to the JMX MBeanServer</property>
    </bean>

JBoss Version 7.x and above

 

To add a new monitor for JBoss Version 7.x and above you must provide a management port. The default port is 9990.

 

To add MBean attributes or operations for JBoss version 7 and above:

  • Copy the jboss-client.jar from <JBoss Home>/bin/client/ and place it under <Applications Manager Home>/working/classes/jboss/as7 directory.

Oracle Application Server

Applications Manager uses the Dynamic Monitoring Service (DMS) provided by Oracle Application Server to monitor the same. For this reason, the DMS Servlet has to be made accessible to the system where the Applications Manager is running.

 

To enable the access, please follow the instructions provided below
[The instructions are referred from the Oracle website :

http://docs.oracle.com/cd/B14099_19/core.1012/b14001/monitor.htm]

 

By default, the dms0/AggreSpy URL is redirected and the redirect location is protected, allowing only the localhost (127.0.0.1) to access the AggreSpy Servlet.

 

To view metrics from a system other than the localhost you need to change the DMS configuration for the system that is running the Oracle Application Server that you want to monitor by modifying the file $ORACLE_HOME/Apache/Apache/conf/dms.conf on UNIX, or %ORACLE_HOME%\Apache\Apache\conf\dms.conf on Windows systems.

 

The following example shows a sample default configuration from dms.conf. This configuration limits AggreSpy to access metrics on the localhost (127.0.0.1). The port shown, 7200, may differ on your installation.

 

Example: Sample dms.conf File for localhost Access for DMS Metrics

# proxy to DMS AggreSpy

Redirect /dms0/AggreSpy http://localhost:7200/dmsoc4j/AggreSpy

#DMS VirtualHost for access and logging control

Listen 127.0.0.1:7200

OpmnHostPort http://localhost:7200

<VirtualHost 127.0.0.1:7200>

ServerName 127.0.0.1

By changing the dms.conf configuration to specify the host that provides, or serves DMS metrics, you can allow users on systems other than the localhost to access the DMS metrics from the location http://host:port/dms0/AggreSpy.

 

Caution: Modifying dms.conf has security implications. Only modify this file if you understand the security implications for your site. By exposing metrics to systems other than the localhost, you allow other sites to potentially view critical Oracle Application Server internal status and runtime information.

 

To view metrics from a system other than the localhost (127.0.0.1), do the following:

After performing the above steps, please ensure that you are able to access the URL http://<host>:7200/dmsoc4j/AggreSpy from the Applications Manager system.

 

To check if a user has select privilege:

We suggest you to execute the below query directly in your Oracle machine and check if a connected user has select privilege or not :

select TABLE_NAME,PRIVILEGE from user_tab_privs_recd where table_name in ('ALL_SCHEDULER_JOB_RUN_DETAILS','V_$RMAN_BACKUP_JOB_DETAILS','ALL_SCHEDULER_JOBS','ALL_SCHEDULER_RUNNING_JOBS');

If there is no row selected or privilege column does not have select value for the above table_name columns, then the user doesn't have privilege to access the table.

To grant Privilege:

Use the following query:

grant select on tablename to username;

Example:  grant select on V_$RMAN_BACKUP_JOB_DETAILS to monitoruser; Note : As above, you have to give grant permission on all the tables mentioned in the above query.

Top

Tomcat

AdventNet agent has to be deployed in Tomcat Servers 3.x and 4.x. More

 

In case of Tomcat 5.x and 6.x, an application named Manager must be running in it for Applications Manager to monitor the Tomcat server. By default, this application will be running in the server. Moreover, the user role to access the server must also be manager. To add a role as "manager" for any of the users such as tomcat, role1, or both, you need to make changes in tomcat-users.xml file located in the /conf directory.

 

Click the link to view an example tomcat-users.xml, which has user tomcat with role as manager

Top

WebLogic

 

To monitor WebLogic 6.1 ,

Follow the steps given below:

1) Provide only Admin user name.
2) Copy Weblogic.jar from folder <Weblogic Home>/weblogic61/server/lib in Remote WebLogic server version 6. Copy to <AppManager Home >\working\classes\weblogic\version6 folder in the machine where Applications Manager is running

To monitor WebLogic 7.x:

You should set the weblogic.disableMBeanAuthorization and weblogic.management.anonymousAdminLookupEnabled variables to true for enabling data collection.


Follow the steps given below:

1) Edit startWLS.cmdsh present in the <WLS_HOME>/server/bin directory and add the following arguments
-Dweblogic.disableMBeanAuthorization=true
-Dweblogic.management.anonymousAdminLookupEnabled=true Click here for Sample startWLS.cmd/sh
2) Restart the WebLogic Server for the changes to take effect
3) Copy Weblogic.jar from folder <Weblogic Home>/weblogic70/server/lib in Remote WebLogic server version 7. Copy to <AppManager Home>\working\classes\weblogic\version7 folder in the machine where Applications Manager is running

To monitor WebLogic 8.x

 

You should set the weblogic.disableMBeanAuthorization and weblogic.management.anonymousAdminLookupEnabled variables to true for enabling data collection.

 

Follow the steps given below:

1) Edit startWLS.cmdsh present in the <WLS_HOME>/server/bin directory and add the following arguments
-Dweblogic.disableMBeanAuthorization=true
-Dweblogic.management.anonymousAdminLookupEnabled=true Click here for Sample startWLS.cmd/sh
2) Restart the WebLogic Server for the changes to take effect
3) Copy Weblogic.jar from folder <Weblogic Home>/weblogic81/server/lib in Remote WebLogic server version 8 Copy to <AppManager Home>\working\classes\weblogic\version8 folder in the machine where Applications Manager is running.

To monitor WebLogic 9.x,

Copy Weblogic.jar from folder <Weblogic Home>/weblogic92/server/lib in Remote WebLogic server version 9 . Copy to <AppManager Home>\working\classes\weblogic\version9 folder in the machine where Applications Manager is running.


To monitor WebLogic 10.x , 11g , 12C ,

Copy Weblogic.jar, wlclient.jar, wljmsclient.jar, wlthint3client.jar from folder <Weblogic Home>/wlserver/server/lib in Remote WebLogic server. Copy to <AppManager Home>\working\classes\weblogic\version10 folder in machine where Applications Manager is running.

For SSL support over Weblogic:

Weblogic certificate has to be imported to Appmanager12/working/jre/lib/security/cacerts file.

This certificate can be imported through Appmanager12/bin/WeblogicCertificate.bat/sh files.

 

Syntax:

WeblogicCertificate.bat [import] [Full path of weblogic server certificate] [alias name]

 

Example:

D:\ManageEngine\APM\jun26_2_t3s\AppManager12\bin> WeblogicCertificate.bat import "G:\Oracle\Middleware\Oracle_Home\user_projects\domains\MyDomain\root.cer" mykey

 

 

Note

  • If customer is monitoring all three versions of weblogic (10.x, 11g, 12C), then get the jars from latest version of WebLogic (Version 12c).
  • SSL option is enabled in the UI only for version 9 and above.

 

The ports that need to be opened when the Weblogic Monitor is behind the firewall: Two-way communication between WebLogic listening port (default : 7001) and Applications Manager web server port (default : 9090).

Top

WebSphere Application Server

For base deployment:

 

You have to modify the Performance Monitor Interface (PMI) Specification Level from "None" to "Standard". Then deploy the perfServletApp.ear file, which uses the PMI infrastructure to retrieve the performance information from WebSphere Application Server, in the WebSphere. Restart WebSphere Application Server.

 

For Network deployment:

 

You have to modify the PMI Sepcifictaion Level from "None"to "Standard" in all the WebSphere Servers in Network Deployment. Then deploy the perfServletApp.ear file, which uses the PMI infrastructure to retrieve the performance information from WebSphere Application Server, in any one of the WebSphere Servers in the Network Deployment. Restart WebSphere Application Server.

Note: Steps to check whether WebSphere monitor has been correctly set.

To modify PMI specification level:

To deploy perfServletApp.ear:

Steps to Check whether Websphere monitor has been correctly set

 

For Base Deployment

 

To ensure whether the PMI & perfServletApp are configured properly in WebSphere, invoke the below URL & check whether the data is returned in XML format.

 

http://WebSphereHost:Port/wasPerfTool/servlet/perfservlet?connector=SOAP&port=SOAP-PORT

where

WebSphere Host -> Host in which WebSphere Application Server is running

WebSphere Port -> HTTP Transport port of the WebSphere Application server [How to locate HTTP Port]

SOAP Port -> SOAP Port of WebSphere [How to locate SOAP Port]

 

For Network Deployment

 

To ensure whether the PMI & perfServletApp are configured properly in WebSphere, invoke the below URL & check whether the data is returned in XML format.

 

http://WebSphereHost:Port/wasPerfTool/servlet/perfservlet?connector=SOAP&port=NetworkDeployerSOAP-PORT&HOST=NetworkDeployerHost

WebSphere Host -> The host of the websphere application server in which the perf servlet application is installed

Websphere Port -> HTTP Transport port of the Websphere server in which the perf servlet application is installed [How to locate HTTP Port]

NetworkDeployer SOAP PORT -> The SOAP port of the domain manager (DMGR) [How to locate SOAP Port]

Network Deployer Host -> The host in which the domain manager is running.

 

Note: Also check whether WebSphere admin user is added to the monitor group of the perfservletApp.

 

How to locate SOAP Port?

 

1. Login to Admin console

2. Expand the server link on left side tree. Click on Application Servers

3. In Base mode, various WebSpheres will be listed down. Click on the WebSphere's name- > Under Additional Properties, click on End Points link -> click on SOAP connector address. You can get the SOAP port from there.

4. In Network Deployment mode, Click DMGR - > Under Additional Properties, click on End Points link -> click on SOAP connector address - You can get the SOAP port from there.

 

How to find the HTTP Transport port?

 

1. Login to Admin console

2. Expand the Server link on left side tree, Click on Application Servers

3. Various WebSpheres will be listed down. Click on the WebSphere's name- > Under Additional Properties, click on Web Container link -> click on HTTP Transports link. You can get the HTTP port from there.

Top

Resin Server

 

JMX MBeans are used to monitor Resin Application server's activity. To enable JMX, open Resin.XML and add the below JVM arguments or start Resin.exe with the below JVM arguments

-Dcom.sun.management.jmxremote.port=1099 -Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false

Replace 1099 with the actual port number of the JMX agent

 

Jetty Server

JMX MBeans are used to monitor Jetty server's performance. To enable JMX,

1) Add the below JVM arguments on Jetty start up:

-Dcom.sun.management.jmxremote.port=9999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false

Replace 9999 with the actual port number of the JMX agent

2)Add the following line in start.ini file --module=jmx

 

Top

Database Servers

MS SQL Database Server

For monitoring a MS SQL database server the user should be permitted to access the MASTER and MSDB databases. He must log in using either the Public and Db_datareader roles for both MASTER and MSDB databases.

For SQL 2005, 2008 and 2012 servers the 'View Server State' permission should be also present. If you would like to monitor SQL Server using SQL named instance, you need to ensure that the 'SQL Browser Service' is running in the system.

 

To grant View Server State, you can use any of the following methods :

 

1) Execute the following query


GRANT VIEW SERVER STATE TO username;

 

2) In SQL management studio for user choose Properties -> Securables -> Click Add ( under securables ) -> choose "All objects of the Types..." -> choose Servers -> choose Grant for "View server state" permission.

 

Note:

The collation option for Applications Manager's backend MS SQL Database is case-insensitive.

 

MySQL Database Server

While monitoring a MySQL database server ensure that you assign a user name that has permission to access the MySQL database from the host where Applications Manager is running. An alternate way is to add a relevant user who has the privileges to do the same.

 

The user should have privileges to execute SELECT, SHOW DATABASES, REPLICATION commands in the MySQL server.

 

For enabling these privileges, execute the following commands in the remote MySQL Server:

 

INSERT INTO user (Host,User) VALUES('<host>','<user>');
GRANT SELECT,SHOW DATABASES,REPLICATION CLIENT ON *.* TO '<user>'@'<host>';
FLUSH PRIVILEGES; (Use the host name - Applications Manager machine).

Top

PostgreSQL

 

The PostgreSQL installers include the database server, pgAdmin and StackBuilder.

 

The 8.x installers are supported on:

The 9.x installers are supported on:

 

Applications Manager uses PostgreSQL's subsystem statistics collector to monitor PostgreSQL server activity. By default, the statistics collector is accessible. If you have problems in adding a new PostgreSQL server, follow the steps given below:

  1. Open postgresql.conf under <postgres home>/data

  2. Check value of configuration parameter listen address it has to be "*", if not change it to "*". Click here for more details on configuring postgresql.conf

  3. Open pg_hba.conf under /data

  4. Add a new line host all all 0.0.0.0/0 md5 to allow all machines with proper password authentication to access PostgreSQL DB server. Click here for more details on configuring pg_hba.conf

Top

IBM Informix

 

JDBC Driver:

To monitor IBM Informix DB, make sure that the ifxjdbc.jar file is present in the location:<ProductHome>\working\classes directory. The jar file can be copied from the IBM Informix installation location, <IBM Informix Home>\jdbc\lib\jar. Restart Applications Manager after copying the file.

User Privileges:

To add an Informix DB monitor, a user requires Connect database-level privileges and he should be able to access sysmaster database.

Top

 

CLOUD APPS

Amazon CloudWatch

The Amazon CloudWatch Monitoring scripts for Microsoft Windows Server are sample scripts for monitoring memory, disk and performance counters on Amazon EC2 Windows instances.

 

Please refer the following pages and use the scripts found there: http://aws.amazon.com/code/7932034889155460 and http://aws.amazon.com/code/8720044071969977. Applications Manager supports mon-put-metrics-disk.ps1(disk stats) and mon-put-metrics-mem.ps1 (memory stats).

 

For windows scripts -

For Linux scripts -

Note:

Refer the following Document for Scheduler Configuration for Windows and Linux.

 

Top

 

Windows Azure

 

ERP

Oracle EBS

Applications Manager uses the Dynamic Monitoring Service (DMS) to monitor performance and availability of Oracle E-Business Suite. You can access performance metrics using servlets from the following URLs for different versions of EBS from Applications Managers:

For Oracle E-Business Suite Version R11i, the DMS Servlet has to be made accessible to the system where Applications Manager is running. For Versions R12.0 and R12.2.0, the DMS Servlet should be accessible by default. It is recommended that you test to ensure that the Servlet is accessible to the Applications Manager system. [The instructions given below are referred from the Oracle website.]

 

For Oracle E-Business Suite R11i:

By default, the dms0/AggreSpy URL is protected, allowing only the localhost (127.0.0.1) to access the AggreSpy Servlet. To view metrics from a system other than the localhost, you need to change the DMS configuration for the system running the Oracle EBS that you want to monitor by modifying the trusted.conf file. This can be done as follows:

<Location ~ "/(dms0|DMS|Spy|AggreSpy)">
Order deny,allow
Deny from all
Allow from localhost
Allow from <list of TRUSTED IPs>
</Location>

# Include the trusted.conf file

include $ORACLE_HOME/Apache/Apache/conf/trusted.conf

For Oracle E-Business Suite R12.0:

Ensure that you are able to access the URL http://<host>:<port>/dms0/Spy (Hostname = Hostname with domain name, Port number = OAS listening port) from the Applications Manager system.

 

For Oracle E-Business Suite R12.2.0:

Ensure that you are able to access the URL http://<host>:<port>/dms/Spy (Hostname = Hostname with domain name, Port number = Weblogic Admin Server listening port) from the Applications Manager system. Users must enter the credentials of their Weblogic Admin server in their Oracle E-Business Suite to access the URL.

 

 

Caution:

Modifying trusted.conf has security implications. Modify this file only if you understand the security implications for your site. By exposing metrics to systems other than the localhost, you allow other sites to potentially view critical Oracle EBS Server internal status and runtime information.

 

Top

SAP Server, SAP CCMS

 

SAP Server Monitoring and SAP CCMS Monitoring requires SAP JavaConnector ( JCo) to be present in Applications Manager's classpath.


For Windows:

Note

Do not copy the sapjco3.dll neither into the {windows-dir}system32 nor into the {windows-dir}SysWOW64 directory. This will break the operability of other JCo versions that are already installed on the same system. Furthermore you would risk that the current installation also would not work anymore, if the sapjco3.dll gets replaced in the respective Windows system directory in the future.

For Linux:

Note

The user name provided while adding SAP monitor should have sufficient privileges to access CCMS and Background job metrics. To check this, the user can execute RZ20 transaction in the SAP GUI and see if the CCMS monitor sets can be displayed.

Microsoft Dynamics CRM

 

To monitor a Microsoft Dynamics CRM application, use Administrator user account which has the permission to excute WMI queries on 'root\CIMV2' namespace of the CRM Server.

Firewall access for monitoring:

Ports required for monitoring via WMI.

Top

 

Servers

Windows

Currently windows hardware performance monitoring is supported in SNMP and WMI monitoring mode:

 

SNMP Mode of monitoring:

 

Monitoring Dell hardware status:

Monitoring HP hardware status:

Determine if SNMP responds for the OID properly. Below are the correct OID'S for each vendor:

WMI mode of monitoring:

The following conditions must be met before you can proceed troubleshooting WMI nodes:

Services

JMX Applications

To monitor a JMX Applications, the following java runtime options are to be added to your application

Replace 1099 with the actual port number of the agent

 

Example: 

Note

To know more about monitoring a JMX Application if your application is behind a firewall, check out this blog post. Also please note that the ping/telnet/nslookup should be working for the remote JMX:

telnet hostname port

ping hostname

ping IPAddress

nslookup hostname

nslookup IPAddress

Ceph Storage Monitor

 

Ceph status command is used to collect performance stats of Ceph Storage Monitor. The user given, should have read privileage to ceph.keyring file. Ensure the ceph.keyring file has appropriate permissions set (e.g., chmod 644) on your client machine.

 

Hadoop Monitor

1. To monitor Hadoop via REST API:

2. To monitor Hadoop via JMX:

Top

Java / Transactions

APM Insight

APM Insight includes a remote monitoring agent which has to be deployed in your application instances. Know more about APM Insight Agent.

Top

Java Runtime Monitor

To monitor a JDK1.5 JVM and above, add the following JVM arguments to your application :

-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=1099 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false

 

To monitor IBM JDK1.5 JVM and above, add the following JVM arguments to your application:

-Djavax.management.builder.initial= -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=1099 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false

Note: Port number '1099' can be replaced with the actual port number of the JMX agent..

In the Tomcat Environment:

Make sure the catalina-jmx-remote.jar file is present in the $TOMCAT_HOME/lib location. This jar file can be downloaded for your version of Tomcat from the Apache website from the extras section (sample link: http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.55/bin/extras/catalina-jmx-remote.jar).

Top

Mail Servers - Exchange Server

 

Monitoring of Exchange Server is possible only if Applications Manager is running in a Windows System. Exchange Monitoring supports two Modes of Monitoring -