Maximizing Effectiveness – ELM in a Small(er) Office Environment

One of the more commonly asked questions we get about ELM Enterprise Manager is “What type of setup and licenses should I use in MY network?”  Given the flexibility and feature sets ELM offers this is a fair question and no one wants to hear the answer “it depends.”

Typically we will have an exploratory call (or emails if you prefer) to determine exactly what type of event collection and performance monitoring needs to take place.  But when you are just starting to evaluate a product sometimes you don’t want to commit to that just yet.  We get it.  So here is an example of a “typical” deployment of ELM in a small office environment.

  • 1 Email Server – Core license to collect performance data and collect logs
  • 2 File Servers – Event licenses for object access event log collection
  • 1 Domain Controller/DHCP server – System license to collect security logs and read dhcp .log files
  • 1 SQL Server – Core license for performance data, SQL performance, and event logs
  • 2 Application Servers – Core licenses to collect performance data and logs
  • 10 Workstations – Event licenses to collect logs per compliance requirements
  • 3 Linux Machines – Network licenses to collect SNMP and Syslog messages
  • 1 Firewall – Network license to collect Syslog messages

Diving a Little Deeper

Ok, let’s break that down to some more real-world specifics that you would consider for your own monitoring needs.

Email Server, SQL Server, Application Servers

Problems with any of these systems can bring your operations to a screeching halt rather quickly.  Low disk space is probably the number one driver of downtime while other performance issues like processes spinning out of control or services stopping and restarting can contribute to laggy performance.  All of which your end users will be happy to complain about.

Domain Controller / DHCP

At the heart and soul of your network you need to keep close tabs on your DC and DCHP.  Problems with Replication can be from domain controller or network issues creating slow syncs or broken links.  Authenticating users trying to login to a domain and monitoring directory services are crucial to keep things running smoothly.  A System license provides ELM’s complete feature set to monitor all events, all services and processes, as well as a full lineup of performance metrics and specialty tools.

File Servers and Workstations

While often lower on the priority list, keeping tabs on the events from your file servers and even workstations is good practice, especially in an environment where you may have multiple users sharing access to a single system such as in manufacturing or POS endpoints.

Linux Machines and Firewalls

Bring in your Syslogs and SNMP data and standardize it to the same Windows Event format you’re already familiar with.  Then you can use ELM’s advanced filtering to parse through message text and collect exactly the logs you need as well as setup real-time notifications when there is user or application activity you need to be aware of.

Single or Multiple Options

While this example demonstrates the power and flexibility of the licenses in ELM (click here for a comparison chart) many customers opt to stick with a more homogeneous approach by utilizing all of the same type of license in their IT environment vs mixing and matching licenses.  For example, going with all System licenses you have the full feature set ELM Enterprise Manager offers so you don’t need to worry about what is included and what isn’t further down the road as your environment grows or changes.  And that’s okay!  We just like to demonstrate that there are options available to explore.

Still trying to decide if ELM is right for you?

Give us a call or let us know the size of your IT environment and what monitoring you need to accomplish using our contact form and we’d be happy to put together options specifically designed to meet your needs.