Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
What is ‘Monitoring’ in ITSM profiles ?
Monitoring settings allow administrators to define performance and availability conditions for various events and services. For example, you can monitor free disk space, service and web page availability, CPU/RAM usage and more. An alert will be triggered if the conditions are breached. You can also configure procedures to take remedial actions immediately.
How to configure ‘Monitors’ in profiles?
Step 1. Go to Configuration templates > profiles >Click “Profile” applied to device that requires monitoring.
Step 2. Choose ‘Monitoring’ from the ‘Add Profile Section’ drop-down. The ‘Monitoring’ screen will be displayed.
Step 3. Enter details for “General” tab as below,
1.’Monitoring Name’ – Enter name for the monitoring configuration.
2.’Description’ – Describe few words about your monitoring configuration.
3.’Trigger alert any’ – Choose any one of drop down options mentioned below,
a.’ Any of the conditions are met ‘- Choose this option if you want alert when any of the condition satisfied.b.’All of the conditions are met ‘- Choose this option if you want alert when all conditions satisfied.
4.’Use alert settings’ – Select “Alert settings” from search box for this monitor.
5.’ Auto Remediation on alert ‘ – choose any of the options as mentioned below,
a.’Take no action’ – Select this option if no action needs to done upon “Monitor alert”b.’Run below procedure’ – Select “Procedure” from search box to run upon alert.
Step 4. Click ‘Add Condition’ . Select condition from drop down menu shown.
1. For example : Select “Ping” condition to monitor ping status for the host.
Step 5. Fill condition details as mentioned below,
1.’Host Name’ – Enter host machine name or IP address to be checked.
2.’Condition’ – Choose option as described below,
a.’is down’ – Select this option if you want to generate alert when host is down.b.’is online’- Select this option if you want to generate alert when host is available.
3.’During’ – Specify time period for which condition to be monitored .
a. Select ‘sec’ to monitor condition for specified seconds.b. Select ‘min’ to monitor condition for specified minutes.
4.Click ‘Create’ to save changes.
Step 6. Repeat step 4 to add additional conditions to the monitoring. All monitor conditions will be listed for each ‘Monitoring’.
Step 7. To remove a monitoring condition, select the check box beside it and click ‘Remove Condition’ at the top.
Step 8. Click ‘Save’ to apply changes for the monitoring. Monitoring conditions will be applied to devices where current profile applied.
How to check monitoring logs?
Step 1. To check monitoring logs go to devices >Device list > click Device
Step 2. Navigate to ‘Monitoring logs’ in the device details
Step 3. Click ‘Details’ and check ‘How many times the monitor ran still?’ with Time of log item, Status of the log and Output of the log (Additional Info)
Note:
Step 4: Go to Tickets tab and find all tickets which are raised by the monitor.
How to monitor CPU/RAM/Network performance in devices?
Performance monitor checks the usage of CPU, RAM and Network on devices and trigger an alert if the conditions are met.
Step 1. Go to Configuration templates > profiles and Click profile applied to your devices
Step 2. i. Go to Step 3 for existing monitoring configuration.
Step 3. Navigate to Monitoring tab. Click Monitoring name that requires changes
Step 4. Click ‘Edit button’ . Enter details for “General” tab as below,
1. ‘Monitoring Name’ – Enter name for the monitoring configuration.
2. ‘Description’ – Describe few words about your monitoring configuration.
3. ‘Trigger alert any’ – Choose any one of drop down options mentioned below,
Step 5. Click ‘Add Condition’ Select ‘Performance’ condition in drop down.
Step 6. You can add monitoring conditions of CPU/RAM/Network for the profile as mentioned below,
1. ‘Parameter usage’ – select any of the option as described below,
a. Select ‘CPU Usage’ to monitor conditions for ‘CPU’ performance for the given time period. This parameter can be monitored in Percentage units.b. Select ‘RAM Usage’ to monitor conditions for ‘RAM’ memory usage for the given time period. This parameter can be monitored in Percentage,Megabytes and Gigabytes Units.c. Select ‘Network Usage’ to monitor conditions for ‘Network’ usage for the given time period. This parameter can be monitored in Percentage units.
2. ‘Condition’ – Select any of the option as explained below,
a. More than – Select this condition to trigger alert if greater than specified value reached.b. Equals to – Select this condition to trigger alert if parameter equals specified value.c. Less than – Select this condition to trigger alert if parameter value down to less than specified value.d. More than or equals to -Select this condition to trigger alert if parameter equals specified value as well as exceeds the specified value.e. Less than or equals to -Select this condition to trigger alert if parameter equals specified value as well as down to the specified value
3. Value – Specify threshold value for the parameters with desired units. Value should be in numerical.
a.% – Select % to monitor parameter condition in Percentage units.b. GB – Select GB to monitor parameter condition in Gigabytes units.c. MB – Select MB to monitor parameter condition in Megabytes units.
4. ‘During’ – Specify time period for which condition to be monitored.
5. Example, to monitor RAM usage for more than 600 MB in 10 minutes time interval,
a. Select ‘RAM usage’ option under parameter.b. Choose condition ‘More than or equals to’c. Enter 600 in the value and choose ‘MB’ as value type.
6.Click ‘Create’ to save the monitor condition.
Step 7. The monitoring parameters added for the profile will be listed.
How to Monitor Processes in devices?
Step 1: Go to ITSM > Configuration Templates > Profiles
Step 2: Choose profile if exist, if not exist then create a new profile then continue.
Step 3: Select ‘Monitoring’ from ‘Add Profile Section’
Step 4: Fill the form of General tab.
1. Enter name in ‘Monitoring Name’, Example: Monitor RMM
2. Enter description in ‘Description’, Example: This setup monitors process of rmm.exe of the target computer
3. Choose any of one from ‘Trigger an alert if’
a. Select ‘Any of the conditions are met’ if to trigger alert when any condition become trueb. Select ‘All of the conditions are met’ if to trigger alert when all conditions become true
4. 4.Type and select custom alert from ‘Use Alert Settings’ if you want to get alerted based on the existing setting otherwise leave it blank. Example: TriggerAtMonitoringProcess
a. If expected alert is not already created then create a new alert and continue
5. Select any of one from ‘Auto Remediation on alert’
a. Select ‘Take no action’ if you want to take no action belongs to alertb. Select ‘Run below procedure’, type the script name and select the appropriate script if you want to automatically fix the alert. Example: Get Running Tasks from Task Scheduler
Step 5: Select ‘Conditions’ tab.
Step 6: Select ‘Process’ from ‘Add Condition’ button.
Step 7: Fill the pop-up form loads there.
1. Enter the Process Name. Example: rmm.exe
2. Choose any Condition from the list as per your preference
a. Select ‘is running?’ if you want to monitor running processb. Select ‘is not running?’ if you want to monitor the process that is not running
3. Click ‘Create’ button to complete the form submission**Repeat the step 6 and step 7 to create monitor for multiple processes
Step 8: Click ‘Save’ button to save the Monitoring Settings.
Step 9: Go to ITSM > Devices > Device List.
Step 10: Select any Device from the list.
Step 11: Click Manage Profiles
Step 12: Click Add Profiles
Step 13: Choose profile created for monitoring processes and Save the changes. Example: MonitorProcesses
How to Monitor Events in Devices?
Step 1: Go to ITSM > Configuration Templates > Profiles.
Step 3: Select ‘Monitoring’ from ‘Add Profile Section’.
1. Enter name in ‘Monitoring Name’, Example: Monitor Events
2. Enter description in ‘Description’, Example: This setup monitors Events of the target computer
4. Type and select custom alert from ‘Use Alert Settings’ if you want to get alerted based on the existing setting otherwise leave it blank. Example: TriggerAtMonitoringEvents
a. Select ‘Take no action’ if you want to take no action belongs to alertb. Select ‘Run below procedure’, type the script name and select the appropriate script if you want to automatically fix the alert. Example: Get Running Events
Step 6: Select ‘Event’ from ‘Add Condition’ button.
1. Select Event ID or Level or Source from Parameter
2. If Event ID
a. Enter the ID value on ‘Value is equal to’., Example: 12345
3. If Level
a. Choose Level – Critical Error or Error or Warning or Information or Verbose on ‘Value is equal to’. Example: Critical Error
4. If Source
a. Enter the source value on ‘Value is equal to’. Example: wininit
5. Click ‘Create’ button**Repeat the step 6 and step 7 to create monitor for multiple events.
Step 8: Save the monitoring.
Step 10: Select any Device from the list
Step 11: Click Manage Profiles.
Step 13: Choose profile created for monitoring process or processes and Save the changes. Example: Monitor Events
How to monitor a TCP connection from Devices?
1. Enter name in ‘Monitoring Name’, Example: Monitor TCP Connection
2. Enter description in ‘Description’, Example: This setup monitors TCP Connection of the target computer
a .Select ‘Any of the conditions are met’ if to trigger alert when any condition become trueb. Select ‘All of the conditions are met’ if to trigger alert when all conditions become true
4. Type and select custom alert from ‘Use Alert Settings’ if you want to get alerted based on the existing setting otherwise leave it blank. Example: TriggerAtMonitoringTCPConnection
a. Select ‘Take no action’ if you want to take no action belongs to alertb. Select ‘Run below procedure’, type the script name and select the appropriate script if you want to automatically fix the alert. Example: Get Running TCP Connections
Step 6: Select ‘TCP’ from ‘Add Condition’ button
1. Select Hostname or IP Address from Parameter.
2. Enter the value at ‘Is Equal to’. Example: 10.109.51.125
3. Enter the port number in ‘Port’. Example: 2424
4. Select any of one from Condition
a. Is Openb. Is Closed
5. Enter the required number of seconds or minutes in ‘During’.
a. Select ‘sec’ or ‘min’ for During’ value. Example: 5 or Sec
6. Click ‘Create’ button.**Repeat the step 6 and step 7 to create monitor for multiple TCP connections
Step 12: Click Add Profiles.
Step 13: Choose profile created for monitoring process or processes and Save the changes. Example: Monitor TCP
How to Monitor content of a web page from Devices?
1. Enter name in ‘Monitoring Name’, Example: Monitor a Web Page
2. Enter description in ‘Description’, Example: This setup monitors a Web Page from the target computer
4. Type and select custom alert from ‘Use Alert Settings’ if you want to get alerted based on the existing setting otherwise leave it blank. Example: TriggerAtMonitoringWebPage
a. Select ‘Take no action’ if you want to take no action belongs to alertb. Select ‘Run below procedure’, type the script name and select the appropriate script if you want to automatically fix the alert. Example: Get Running Web Page
Step 6: Select ‘Web Page’ from ‘Add Condition’ button.
Step 7: Fill the pop-up form
1. Enter web page URL in ‘URL’. Example: https://technet.microsoft.com/en-us/security/bulletins.aspx
2. Select equals or not equals or contains or not contains from ‘Condition’. Example: Contains
3. Enter the content in ‘Content’. Example: 3198467
4. Enter the required number of seconds or minutes in ‘During’. Example: 5
a. Select sec or min from the list box. Example: sec
5. Click ‘Create’ button**Repeat the step 6 and step 7 to create monitor for multiple web pages
Step 9: Go to ITSM > Devices > Device List
Step 13: Choose profile created for monitoring process or processes and Save the changes. Example: Monitor Web Page
How to monitor File Size in devices?
Monitors changes in the size of a file and also triggers the alert when the specified conditions are met.
Step 1: To Set Monitoring, Go to ITSM ? Configuration Templates and click Profiles.
Step 2 : Choose the profile of your device from the list and if the profile does not exists, create a new profile and continue.
Step 3 : Follow below options,
1. Add Monitoring Column by Clicking “Add a Profile Section “ -> Monitoring.
2. Go to Monitoring tab -> “Add Monitoring “ and Enter the Name for monitoring and its Description in their respective fields.
Step 4 : Go to “General Tab “, configure alert settings as below,
1.Choose desired action from “ the trigger an alert if “ drop down
a. Any of the conditions are met – when any of the condition that you have mentioned is metb. All of the conditions are met – when all of the conditions that you have mentioned are met
2.Apply the custom alert created for the monitoring using “Use Alert Setting. Example: File size.
3.The remedy action for the triggered alert can be set by technician by either opting to “Take no action” or choose run below procedure for fix using ‘Auto remediation alert’.
a. Take no action – No remedy action are defined for the triggered alert.
b. Run Below Procedure – Assign procedure as a remedy for the triggered alert by entering the name in the respective field. Example : Clean Up Downloads folder in all User Accounts.
Step 5 : After configuring General tab ,Go to “Condition Tab“. To add condition for monitoring the file size in devices follow below steps,
1. Click ” Add Condition ” and select File size.
2. Enter file path. Example: C:/Users/Root/Downloads/instalwin.log
3. Set the conditions
a. Less than – Alert triggers when the file size is less than mentioned value .b. Equal to – Alert triggers when the file size is equal to the mentioned value.c. Greater than – Alert triggers when the file size is greater than the mentioned value
4. Value – The Maximum or minimum value of file size can be entered . Example: 55 KB / 55 MB / 55GB
Step 6: Click ‘Create’ and the monitoring parameters will be listed.
Step 7: Click ‘Save’ to apply changes.
Step 8: Go to Devices -> Device List.
Step 9: Select a Device. Go to Manage Profiles -> Add profiles -> select a profile name and save.
How to Monitor Folder size in Devices?
Monitors changes in the size of a folder and also triggers the alert when the specified conditions are met.
Step 1: To set Monitoring, Go to ITSM ? Configuration Templates ->Profiles.
Step 2 : choose a profile of you device and if the profile does not exists create new profile and continue.
Step 3: Follow below options,
1. Add Monitoring Column by clicking “Add a Profile Section“ -> Monitoring.
2. Go to Monitoring tab -> “Add Monitoring“ and Enter the Name for monitoring and its Description in their respective fields.
Step 4: Go to “General Tab“ , configure alert settings as below,
1. Choose desired action from “the trigger an alert if “ drop down
2. Apply the custom alert created for the monitoring using “Use Alert Setting. Example: Folder size.
a. Take no action – No remedy action are defined for the triggered alert .b. Run Below Procedure – Assign procedure as a remedy for the triggered alert by entering the name in the respective field.c. Example: Clean Up Downloads folder in all User Accounts.
Step 5 : After configuring General tab ,Go to “Condition Tab“ : To add condition for monitoring the folder size in devices follow below steps,
1. Click ” Add Condition ” and select Folder size.
2. Enter file path. Example : C:/Users/Root/Downloads
a. Either Less than – Alert triggers when the file size is less than mentioned value.(or)b. Equal to – Alert triggers when the file size is equal to the mentioned value.(or)c. Greater than – Alert triggers when the file size is greater than the mentioned value
4. Value – The Maximum or minimum value of file size can be entered in any of the terms such as KB/MB/GB. Example: 1000 MB
Step 8: Go to Devices -> Device List .
Step 9: Select a Device . Go to Manage Profiles -> Add profiles -> select a profile name and save
How to Monitor Disk Free space in devices?
Monitors changes in the available free spaces in the disk and also triggers the alert when the specified conditions are met .
Step 4 : Go to “General Tab“, configure alert settings as below,
1. Choose desired action from “ the trigger an alert if “ drop down
2. Apply the custom alert created for the monitoring using “Use Alert Setting. Example: Free disk space.
a. Take no action – No remedy action are defined for the triggered alert .b. Run Below Procedure – Assign procedure as a remedy for the triggered alert by entering the name in the respective field. Example : Clean Up Downloads folder in all User Accounts .
Step 5: After configuring General tab ,Go to “Condition Tab “ : To add condition for monitoring the free disk space in devices follow below steps,
1. Click ” Add Condition ” and select Disk
2. Select Parameter
a. Free space left on system drive – The alert triggers when the free spaces left on system drive reached the mentioned condition .b. Free space left on all drivers – The alert triggers when the Free space left on all drivers reached the mentioned condition .c. Free space change on system drive – The alert triggers when the Free space change on system drive reached the mentioned condition
4. Value – The Maximum or minimum value of file size can be entered . Example : 55 KB / 55 MB / 55GB
Step 9: Select a Device . Go to Manage Profiles -> Add profiles -> select a profile name and save.
How to monitor Services in devices?
Step 2: Choose a profile of you device and if the profile does not exists create new profile and continue.
2. Apply the custom alert created for the monitoring using “Use Alert Setting. Example: Services.
3. The remedy action for the triggered alert can be set by technician by either opting to “Take no action” or choose run below procedure for fix using ‘Auto remediation alert’.
a. Take no action – No remedy action are defined for the triggered alert.b. Run Below Procedure – Assign procedure as a remedy for the triggered alert by entering the name in the respective field. Example: Clean Up Downloads folder in all User Accounts.
Step 5: After configuring General tab ,Go to “Condition Tab“: To add condition for monitoring the service in devices follow below steps,
1. Click ” Add Condition ” and select Service.
2. Enter service name – Enter the any service name that you would like to monitor .Example: Parameter = CesmAgentService
a. Is Running – The alert is triggered when the service is running stateb. Is Not Running – The alert is triggered when the service is not running. Condition = Is Not Running
Step 6: Submit the parameters by clicking ‘Create’ button.
Step 7: Click ‘Save’ button.
Step 9: Select a Device. Go to Manage Profiles -> Add profiles -> select a profile name and click Save icon.
How to Monitoring the Ping in device?
Step 2 : choose profile of your device and if the profile does not exists create new one . Example: Monitor Processes.
1. Add Monitoring Column by Clicking “Add a Profile Section“ -> Monitoring.
Step 4: Go to “General Tab“, configure alert settings as below,
2. Apply the custom alert created for the monitoring using “Use Alert Setting. Example: Ping
a. Take no action – No remedy action are defined for the triggered alert .b. Run Below Procedure – Assign procedure as a remedy for the triggered alert by entering the name in the respective field. Example: Clean Up Downloads folder in all User Accounts.
Step 5: After configuring General tab, go to “Condition Tab“: To add condition for monitoring the ping in devices follow below steps,
1. Click ” Add Condition ” and select Ping
2. Enter Host name. Example: 10.108.51.125
a. Is Down – when the system is going down , the alert will be triggered.b. Is Online – When the system is going Online , the alert will be triggered.c. During – Define the time limit. Example: 5 mins /5 sec
Step 7 Click ‘Save’ to apply changes.
Save
How to monitor online/offline status of devices
The state of availability of a device can be known by setting the “Device status” monitor in ITSM. This monitoring allows the user to check whether the device is connected or disconnected for a certain amount of time. If the condition achieved, the user will be notified with an alert. In addition to triggering an alert, a user can call a procedure automatically as an act of remedy.
Use cases:
Device Online status can be checked for devices of sales representative who uses devices for limited period of time.Device offline status can be checked for server devices which is set be always up.
Step 1: To set Monitoring, Go to ITSM ? Configuration Templates ?”Profiles” menu and go to “Profiles” Tab.
Step 2: Choose a profile applied to your devices which requires monitoring for online/offline status. Example: Standard Updates Management Profile.
Step 3: Add a Device Status ‘Monitoring’ to the profile as mentioned in the below steps,
Step 5: After configuring General tab, go to “Condition Tab “ and then follow below steps,Click ” Add Condition” button and Device Status from the drop-down.In the ‘Add Condition Dialog’ box, set the conditions and click ‘Create’ button.
Step 6: Click ‘Save ‘button to apply changes to Monitoring.
The created ‘Monitoring’ will be listed.
How to use custom script procedure monitoring
The “Custom script” which will be available now in the “Monitoring” will help you to receive an alert by giving your own conditions. It helps you create your own Custom script for monitoring, Alerts you if the condition has met and also generates the Tickets.
Note : We also have the other custom scripts from the below Webpage (https://forum.mspconsortium.com/forum/script-library/11468-script-monitors-index-page)
Step 1: Go to ‘Configuration Templates’ > ‘Profiles’ > click “Profile” applied to device that requires monitoring.
Step 2: Choose ‘Monitoring’ from the ‘Add Profile Section’ drop-down. The ‘Monitoring’ screen will be displayed.
Step 4. Click ‘Add Condition’. Select condition from drop down menu shown:
Step 5. Fill Conditions for Custom Script
The below code which should not be disturbed:
import os import sys import _winreg def alert(arg): sys.stderr.write("%d%d%d" % (arg, arg, arg))
# Please use “alert(1)” to turn on the monitor(trigger an alert)# Please use “alert(0)” to turn off the monitor(disable an alert)# Please do not change above block and write your script belowHere there is a sample Example to Generate the alert with Custom Script
Reference: Here you can refer a sample code.
import sys import _winreg import os import re import socket def alert(arg): sys.stderr.write("%d%d%d" % (arg, arg, arg)) def information(): name=os.environ['username'] print 'PC-NAME : '+name s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.connect(("8.8.8.8", 80)) print "IP-ADDRESS : " + (s.getsockname()[0]) path="c:\windows\system32" os.chdir(path) out=os.popen("cscript slmgr.vbs -dli").read() c=0 os.environ k,li,up,no,no1=[],[],[],[],[] ab=re.findall('Licensed',out) bc=re.findall('([0-9]{2}\sday.*)',out) cd=re.findall('0xC004F056',out) de=re.findall('0xC004F034',out) lea=len(ab) leb=len(bc) lec=len(cd) led=len(de) for i in ab: li.append(i) for j in bc: up.append(j) for k in cd: no.append(k) for l in de: no1.append(l) if lea!=0: if ab==li: print "Your windows is Activated." alert(0) if leb!=0: if bc==up: up.append('Left to expire your windows,Please Activate it.') str1=''.join(str(e)for e in up) print str1 alert(1) if lec!=0: if cd==no: print "You need to Activate your windows." alert(1) if led!=0: if de==no1: print "you need to Activate your windows." alert(1) information()
Step 6: Click on “Save”, to save your Custom script.
Step 7. Go to ITSM → ‘Devices’ → ‘Device List’ menu and click “Device Management” tab. Select a device to which you want to see the log files from the list.
Step 8: Click the “Associated Profiles”.
Step 9:
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP