Tag: web synthetic

AD Application monitoring

Data from StarTrek the next generation - Mr. Tricorder makes me laugh!
Data from StarTrek the next generation – Mr. Tricorder makes me laugh!

‘AD Application monitoring’ > web synthetics, artificial users > android what image comes to mind?  Is it a person, or a thing from a Sci-Fi movie? Perhaps Bishop from Aliens, Data from Star Trek.  What does ‘AD Application monitoring’ consist of?  Currently that means a CRL validity check, and ADFS web synthetic (proving that ADFS is responding).  My thanks to Jason Windisch CSA, for the supplied PowerShell!

 

Quick Download https://github.com/theKevinJustin/ADApplications/

Tailoring the pack to your environment

The purpose of the pack is to add scheduled workflow that acts like the user, identifies if the CRL’s are about to expire.  Most times, monitoring stops at ICMP ping.  Most times, there’s still an outage, as the network, and servers are responding.  The next layer is IIS, Apache, etc.  Sometimes the network team gets involved, checking a base IIS URL is configured.  Most outages aren’t network, nor IIS wasn’t running.  This is why we focus on the web application responding.  Does the multi-prong tactical attack make sense?

This pack delivers on-demand tasks, daily reports, and rules/monitors to reflect health.  Customize the watcher node, some URL’s, save, and import into SCOM!  The purpose

 

Assign watcher node(s)

Assign a watcher node by creating a registry key.

What does that mean?   Watcher nodes are needed to provide user perspective.

 

Multiple site example

Issue:  Users from sites 1,2,3 are having problems accessing web pages.  To understand a user in site 2, leverage a server in site 2 to initiate the web request (invoke-webRequest in PowerShell).

Why:  Differentiate user experience (per site).  Answer the ‘did you know’ – is the application responding from this site/perspective.

Unfortunately, the watcher node concept eludes most administrators.  Mastering ‘user perspective’ makes for an invaluable aid moving from reactive ‘fire fighting’ to proactively being told before users.   Hopefully this explains the power where monitoring imitates user interactions for key web applications.

How:  Create registry key on whatever servers you want to initiate web monitor

From PowerShell (as Admin), or Command Prompt (as admin)

reg add “HKLM\SOFTWARE\ADApplications\WatcherNode”

 

 

AD Applications regedit registry key validation
AD Applications regedit registry key validation

 

Example of XML snippet from AD Applications management pack

AD Applications Watcher Node - create specific registry key
AD Applications Watcher Node – create specific registry key

 

 

Set up CRL Validity check and ADFS synthetic

Next, configure the URL’s for the customer environment for the ‘AD Application monitoring’ management pack.

Update AD Applications module types for monitor/rules for CRL and ADFS synthetics

Update AD Applications module types for monitor/rules for CRL and ADFS synthetics

Configure the CRL validity check array

From your favorite XML editor (notepad++ pictured)

Find/Replace ##FQDN##, ##CRLstring##, numbers to customer environment

CRL Validity check, create your array length as needed for customer environment
CRL Validity check, create your array length as needed for customer environment

 

Configure the ADFS synthetic request(s)

From your favorite XML editor (notepad++ pictured)

Find/Replace $server, ##FederationFQDN##, if necessary, update ADFS URL string if different (the /adfs/ls/idpiniatedsignon.aspx portion) to customer environment

Update ADFS URL for invoke-webRequest, ADFS default URL in specified example
Update ADFS URL for invoke-webRequest, ADFS default URL in specified example

Save pack

Import and enjoy!

 

Documentation

URLGenie for advanced website monitoring

PowerShell invoke-webRequest

Addendum logic blog