Alerts and monitoring overview

Ivanti® Endpoint Manager alerting and monitoring give you immediate notice of hardware, software, and application events on the devices you manage. When events occur that indicate a need for action or a potential problem, alerts initiate solutions by logging the event, sending an e-mail message, running an application, or powering off the device.

The following general types of monitoring are available in Endpoint Manager:

  • Monitoring (pinging) devices for network connectivity
  • Basic hardware and software monitoring for all devices
  • Performance monitoring of selected hardware features
  • Hardware-dependent monitoring using manufacturers' monitoring technology

Endpoint Manager provides integrated alerting for these different types of monitoring. The alerts that you choose to apply to specific devices are contained in alert rulesets that you distribute.

All alerts and monitoring are dependent on the type of hardware, firmware, and related features for each device. Some monitoring options are not supported on different types of devices. In some cases the implementation of a hardware standard may differ between manufacturers, so what works on one device may not work the same on another.

Understanding alerts, rules, and rulesets

An alert is a unique ID that represents an event. You can specify an alert action that is performed automatically when the event occurs, such as automated e-mail, applications, or power options.

An alert combined with an action is referred to in this product as an alert rule. Some alerts can be combined with specific performance monitoring rules that specify the condition that triggers an event. For example, you can define a monitoring rule for available free space on disk drives, so that when a drive is 90% full a warning alert is generated.

As you define alert rulesets you decide which events require immediate action or need to be logged for your attention. A ruleset contains a collection of alert rules, each of which has a corresponding alert action. You can deploy alert rulesets to one or more devices to monitor the items that are important for that kind of device.

Alerts agents and rulesets

To generate alerts for a managed device, the Ivanti alerting agent must be deployed to that device. A default alerting agent and alert ruleset is available that you can deploy to every managed device when you install the standard agent on the device. That agent follows the rules defined in the alert rulesets for that device.

When you have defined a custom ruleset you can deploy it to devices to monitor items specific to that type of device. You can deploy multiple rulesets to devices, although you should be aware that conflicts could occur between similar rules in different rulesets.

NOTE: When you install an additional Ivanti console on a device, no agent is installed on that device. Even though you can manage other devices from that console, the console device itself can't generate alerts, either as a core or as a managed device, unless you also install management agents on it.

Understanding performance monitoring

Some alerting events are based on specific performance monitoring rules. Performance monitoring refers to an event based on performance counters that are defined for specific devices. Counters can be defined for hardware components and sensors, operating system performance, application components and usage levels.

To add performance monitoring to the ruleset for a device, you select the "Performance" monitor alert rule in the ruleset, but the details of what to monitor are defined for each individual device. This is done in the Real-time inventory and monitoring console on each device. You can select different hardware and software components and define counters for the items to be polled, then view the monitoring data in real time or historically.

Hardware-specific monitoring

Endpoint Manager includes support for the following monitoring technologies for different manufacturers' hardware:

  • IPMI (Intelligent Platform Management Interface)
  • IPMI BMC (baseboard management controller) configuration
  • Dell DRAC (Dell Remote Access Controller)
  • Intel vPro technology, including Intel AMT (Active Management Technology)