Getting Started
- System Requirements
- Installation
- Registration
- Version Support Policy
- Assign Service Logon As Credentials
Agent-Based Management
Data Providers
- Data Provider Properties
- SQLite Properties
- MySQL Properties
- Microsoft SQL Server Properties
- File System Properties
Directory Services
Event Log Archiving for JSIG and CMMC Compliance
Auditing
- Audit Work Items
- Self-Auditing
- Group Policy Auditing
Hosts
- Adding Hosts
- Host Properties
- Batch Update Hosts
- Agent Properties
- Logon As Properties
- SFTP Properties
- FTP/S Properties
- SNMP Device Connection Properties
- WMI
- Contact
- Exclusions
- Inventory
- Docker
- Host Assignments
Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- File and Directory Monitor Templates
- Windows Monitor Templates
- Windows Management Instrumentation (WMI) Templates
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
Monitors
- Monitor Hierarchy
- Temporarily Suppress Monitors Actions
Reports
- Report Properties
- Artificial Intelligence Reports
  - AI Anomaly Detection Report
    - AI Anomaly Detection Report (Template Triggers)
- Security Reports
- Generic Log Reports
- SIEM Report
- SIEM Chart Report
- Azure Active Directory Audit Log Report
- Event Log Report
- SNMP Trap Report
- Syslog Report
- Databse Log Report
- Event Log Summary Report
File and Permission Reports
- File and Directory Access Permissions Report
- Duplicate Files Report
- File Activity Report
- Largest Files Report
- Sorted Files Report
Summary Reports
- Host Inventory Report
- Summary Report
- Collection Report
- Hash Check Reports
Auto-Configurators
Filters
- Simple Filters
- Complex Filters
Actions
- Database Actions
- Desktop Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- IIS IP Address Restriction Actions
- Action Variables
Schedules
- Fixed Schedules
- Range Schedules
- Real-Time Schedules
Environment Variables
Options
- Email Settings
- Security Settings
- Syslog Server Settings
- SNMP Trap Server Settings
- Log Viewer Settings
- Web Proxy Settings
- Miscellaneous Settings
Account Lockout Monitoring and Reporting
Merging Logs
SNMP
- SNMP Browser
SSH Shell
Syslog
Exporting and Importing Configuration Objects
Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
Command Line Interface
Server Configuration
Agent Configuration
Troubleshooting
- Arithmetic Overflow
- Access Denied
- MySQL: Fatal error encountered during command execution
- Invalid Class
- No Such Interface Supported
- Quota Violation
- The File Exists Errors
- The Interface is Unknown
- The RPC Server is Unavailable
- NetBIOS Errors
Terminology

Templates

When designing Server Manager one of our primary goals was to produce a highly scalable and easily configurable software package. The result was a system that uses what we call Templates. A Template is defined as a configurable object that defines properties for an executable function that is assigned to one or more hosts, host groups, template groups and summary reports. For example:

A Ping Monitor Template that defines the failure rate prior to triggering.
An Website Monitor Template that sends an email alert when any assigned website is down or missing expected content.

How it works:

Once a template has been created it must be assigned to a computer, device or host. Upon being assigned to a host, Server Manager immediately calculates and saves the next execution time. The Explorer Viewadds a Monitor Node under the assigned host. Every minute at the top of the minute Server Manager checks to see if a Monitor should be executed. If a Monitor is scheduled to execute, Server Manager creates a new thread. The thread then executes the Monitor, fires Actions, saves the results to the history database and finally calculates and saves the next execution time.

To create a Template:

Select File | New | Template. The Select Template Type view displays.
Click the template type to create. The Template Properties view displays.

Note

Unlicensed template types appear in gray text. If you would like to create a template that is not currently licensed, please contact Corner Bowl Software to upgrade your license.

Configure the Template Properties.
When applicable, assign target hosts, host groups, and template groups.
When you have finished configuring the template, click the OK button to save.

To assign a template to computers, devices and hosts:

From the Explorer View, navigate to the template you want to assign a host.
Right-click and select Assign | Computer, Device or Host. The Select Multiple Computers, Devices and Hosts dialog displays.
Check the computers to assign then click OK.

Sample Templates

Server Manager includes sample templates of which several are initially assigned to the localhost. The sample Templates can be modified and assigned to other computers as necessary. To view the sample templates, from the Explorer View, expand the Templates node then select Sample Templates.

Available Template Types

Type	Description
Log Management	Configure Event Log, Syslog and text log file management.
Log Consolidation	Configure log consolidation (e.g. Schedule Server Manager to download the latest Security Event Log entries and save to Microsoft SQL Server or MySQL).
Log Entry Retention Policy	Configure how long to retain log entries in the consolidation database (e.g. Archive entries older than 30 days and remove entries older than 90 days).
Log Backup	Backup, compress, encrypt and sign native Event Log and text log files (e.g. Download native Security Event Logs every night).
Log Monitor	Configure log monitoring (e.g. Create a real-time text log monitor to scan an application log then trigger notifications when search criteria is detected).
File and Directory Monitors	Configure templates that monitor files and directories (e.g. File integrity, file collection and retention, directory size, etc.)
File Integrity Monitor	Validates the integrity of operating system and application files.
File Size and Activity Monitor	Monitor file sizes and activity (e.g. Get notified when a file size exceeds 1 GB or is inactive for 10 minutes).
File Collection and Retention	Backup files to a central location and delete expired files (e.g. Copy database backups to a central location then delete old backups no longer needed).
Directory Size Monitor	Monitor directory sizes (e.g. Scan a directory every hour and trigger an alert if the size exceeds a threshold).
Directory Watcher Monitor	Monitor, log and trigger actions when a directory or file is created, modified, renamed or deleted without using Object Access Auditing (e.g. Monitor all changes made to a secure directory).
Directory Cleaner	Schedule old data files to be deleted (e.g. Once a week delete database backups and IIS log files that are older than 30 days).
Delete Temporary Files	Schedule the service to remotely delete temporary files (e.g. Delete temporary files that were last modified 3 days ago).
Windows Monitors	Configure templates that monitor network availability and applications (e.g. Ping, web server, email, etc.)
Account Lockout Monitor	Configure the frequency to scan Active Directory for domain account lockouts and the frequency to scan servers for local account lockouts.
Logon Monitor	Monitor Windows logon events (e.g. Get notified when any domain administrator logs on to a server).
CPU Monitor	Monitor CPU load over a period of time (e.g. Get notified when CPU load exceeds 50% for 10 minutes).
Memory Monitor	Monitor memory consumption over a period of time (e.g. Get notified when memory consumption exceeds 75% for 10 minutes).
Disk Space Monitor	Monitor free disk space (e.g. Every hour check the available disk space on all logical disks).
SMART Disk Monitor	Monitor SMART Predictive Disk Failure status (e.g. Check SMART status every hour).
Process Monitor	Monitor Windows Processes and the resources they consume (e.g. Restart a process when it consumes more than 4 GBs of memory).
Service Monitor	Monitor Windows Services and the resources they consume (e.g. Restart a service when it consumes more than 4 GBs of memory).
Performance Counter Monitor	Monitor Windows Performance Counters (e.g. Trigger an alert when IO latency is greater than 20ms).
Registry Value Monitor	Monitor a Windows Registry Value (e.g. Get notified when a Registry Value is changed to an unexpected value).
Active Directory User Monitor	Monitor Active Directory user attribute values (e.g. Get notified when a specific user attribute value changes).
Active Directory User Integrity Monitor	Monitor Active Directory users for changes (e.g. Get notified when a user account changes).
Task Scheduler	Start, stop or restart an application or script (e.g. Launch a PowerShell script on a managed server)
Clock Synchronization	Synchronize clock time with a Network Time Protocol (NTP) server (e.g. Synchronize the clocks on all your once a week).
Defragment NTFS Disks	Schedule the service to remote execute disk defragmentation (e.g. Defragment production disks once a week).
Network and Application Monitors	Configure templates that monitor network availability and applications (e.g. Ping, web server, email, etc.)
Database Monitor	Verify the availability and performance of a database server (e.g. Get notified when a database query is slow to respond).
Directory Service Monitor	Verify the availability of an LDAP Directory Service server (e.g. Get notified when your domain controller is no longer responding).
DNS Blacklist Monitor	Monitor DNS Blacklists (e.g. Get notified when your email server is blacklisted).
DNS Monitor	Check the availability of a DNS server and the accuracy of a record (e.g. Get notified when an MX record is not returning the expected value).
Domain Expiration Monitor	Verify the expiration date of a domain on a WHOIS server (e.g. Get notified 30 days prior to expiration).
Network Speed Monitor	Verify the speed your network (e.g. Get notified when your data transfer rate falls below an unacceptable threshold).
Ping Monitor	Checks the availability of a host and response time of an ICMP ping packet and payload (e.g. Get notified when 7 of 9 pings timeout).
SSH Shell	Check the availability of an SSH server and run SSH shell scripts.
TCP Port Monitor	Verifies a TCP port is accepting connections and optionally returns expected results (e.g. Scan a proprietary TCP based service for availability).
Website Monitor	Verify a website is responsive and returning the expected results (e.g. Trigger an alert if a website returns a 500 error).
Wake On LAN	Broadcast a UDP Wake on LAN packet (e.g. Shoulder tap computers to wake up).
SSL Certificate Monitors	Monitor SSL certificates and digitally signed files (e.g. Get notified 30 days prior to expiration).
SSL Certificate Monitor	Monitor SSL certificates, their intermediate certificates and expiration dates (e.g. Get notified 30 days prior to expiration).
Windows SSL Certificate Monitor	Monitor Windows SSL certificates, their intermediate certificates and expiration dates (e.g. Get notified 30 days prior to expiration).
Digital Signature Monitor	Monitor digitally signed files (e.g. Get notified 30 days prior to expiration).
Email Monitors	Monitor the availability and performance of SMTP, IMAP and POP3 servers (e.g. Get notified when it takes more than 5 minutes for an email to be received).
End-To-End Email Monitor	Monitor the availability and performance of SMTP, IMAP and POP3 servers (e.g. Get notified when it takes more than 5 minutes for an email to be received).
SMTP Monitor	Verify the availability of an SMTP email server and optionally send an email (e.g. Get notified when your SMTP server is no longer responding).
IMAP Monitor	Verify the availability of an IMAP email server (e.g. Get notified when your IMAP server is no longer responding).
POP3 Monitor	Verify the availability of a POP3 email server (e.g. Get notified when your POP3 email server is no longer responding).
SNMP Monitors	Monitor SNMP values and traps
SNMP Get Monitor	Monitor SNMP variables (e.g. Monitor the CPU, memory and disk space from a Linux server).
SNMP Trap Monitor	Trigger actions when specific SNMP traps are received (e.g. Send an email alert when a switch throws an SNMP trap).
SNMP Trap Consolidation	Save SNMP Traps from various sources to the data provider database (e.g. Save all SNMP Traps generated from a switch).
Windows Accounts Templates	Scan both Domain Controllers and Stand-Alone Servers for enabled accounts, active accounts and inactive accounts.
Sample Templates	Several different Templates are available.