Patrol Monitors Server Activity

BMC's updated system automation tool ably tracks windows systems, but it can be difficult to optimize.

Patrol for Microsoft Windows 3.0, BMC Software Inc.s latest Windows system management platform, strengthens its ability to manage everything Windows serves.

Patrol for Windows 3.0, which started shipping late last month priced at $815 per server, provides a number of interface and monitoring updates to the products core management engine, as well as a new Web-based console and process monitoring tools.

This version also "Window-izes" the product by using a Java run-time environment in place of the Patrol scripting language, making the product more inviting for non-Unix-trained administrators. (A Unix version of Patrol has also started shipping.)

Although there arent any changes in this version that will shake up the system management market, Patrol for Windows 3.0 continues to offer a healthy combination of great cross-platform support as well as a new, simplified licensing scheme and an excellent feature set that means the jostling among top system management vendors will continue.

Among competitors, Compuware Corp.s ServerVantage 8.5 covers both Windows and Unix systems (see eWeek Labs March 3 review at NetIQ Corp.s line of management products do the same, but for a more limited set of systems, and Microsoft Corp.s Microsoft Operations Manager covers Windows-only shops. System management tools from these and other vendors, including Computer Associates International Inc. and IBMs Tivoli unit, continue to joust for a clear advantage.

During eWeek Labs tests, it was simple to install and use Patrol for Windows 3.0 to monitor the activity of our servers. Despite the new wizards and significantly streamlined installation procedure, using the product will still require new users to invest at least several weeks of fiddling to get the monitoring thresholds fine-tuned.

The Web console is a nice addition to the product: We could see almost everything that we could track from the Windows client. However, because the Web console is view-only, we had to use the regular Windows console when we wanted to make changes. We hope BMC will continue work in this area so that the Web console matches its Windows counterpart in future editions of Patrol.

BMC has simplified its formerly complex licensing scheme and now calls it OneKey. This made it easier to get the components that we needed properly licensed than in previous tests, and IT managers will find it easier to do business with BMC under the new scheme.

The good news is that the Knowledge Modules, called KMs, are preconfigured to monitor the most useful processes associated with the Windows environment and common applications. For example, we were able to use the server KM to track CPU, memory and disk utilization; and to set thresholds that could send alerts when error conditions occurred.

In a significant change from previous versions, Patrol for Windows 3.0 uses a message broker and a Console server to facilitate monitoring. We set up a Console server that received messages from agents installed on Windows systems in the Labs. This meant that instead of opening ports through our firewall to monitor all agents individually—as was the case with previous versions of Patrol for Windows—we could open only one port, thus making the process more secure.

The Console server enabled us to set up profiles for different users. This means that IT workers can set views of equipment that match their job functions—for example, monitoring Microsoft SQL Server systems in San Francisco—and these profiles can be accessed from any Patrol-equipped machine with access to the Console server.

This change allows access controls to be set up for objects in the management database instead of being coded into the KM, as was the case with earlier versions of the product. In many cases, this means managers will be able to assign profiles that allow changes to be made to specific monitoring thresholds without the need to give the user developer privileges.

Patrol for Windows 3.0 ably monitored system and application availability in tests, although it took us a long time to decipher all the extended monitoring. We were able to monitor the usual suspects, including WMI (Windows Management Instrumentation), the Windows performance monitor and the Windows event log. Eventually, we figured out how to use Patrol for Windows 3.0 to invoke something like synthetic transactions that allowed us to make sure that Domain Name System was working.

During tests, we could turn Windows events into Patrol events that we could monitor. In a simple test, we set up a process monitor to track the number of command processes running on a system. When the threshold was exceeded, our KM could kill any new command processes that started. This could be a useful trick when a new application is introduced, to make sure it doesnt run wild and knock out a system (although, presumably, sufficient application testing was performed to ensure this would be unlikely).

Patrol for Windows 3.0 includes an Active Directory KM that we found useful. The KM monitors Active Directory and not only confirms that directory replication has occurred but also notes any latency.

Patrol for Windows 3.0s new configuration wizards are a big improvement over those in previous versions. We used the new WMI wizard to report on configuration information but only if it had a numerical value. This shouldnt be a big drawback, and we found that setting up the select statements to create our management reports was quite simple once we knew what information to look for.

Senior Analyst Cameron Sturdevant can be contacted at