Active Directory
Introduction
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is used for storing network, user, and resource information, facilitating user and resource management across a network.
Getting Started
Compatibility
The Windows Active Directory O11ySource is compatible with all versions Microsoft Windows Server 2016 and newer. Minimum PowerShell version 5.1 is required.
Data Collection Method
vuSmartMaps collects health and performance data for Active Directory server using VuNet's Healthbeat agent. This agent collects data based on the source configuration.
Prerequisites
Inputs for Configuring Data Source
- Domain Controller: The IP Address/FQDN of the Windows AD server. This field is the key to identify each server you add here.
- Period [in seconds]: How frequently data is gathered. The period should be between 60 seconds – 3000 seconds.
Firewall Requirement
To collect data from this O11ySource, ensure the following ports are opened:
| Source IP | Destination IP | Destination Port | Protocol | Direction |
|---|---|---|---|---|
| IP address of the Domain Controller | vuSmartMaps Data Collector End Point | 9092* | TCP | Inbound |
*Before providing the firewall requirements, please update the port based on the customer environment.
Configuring the Target
The dcdiag utility should be available and Healthbeat agent should able to execute PowerShell scripts.
Configuration Steps
Enablethe Active Directory O11ySource.- Select the Sources tab and press the
+button to add a new Active Directory domain controller to be monitored. - Add the required details and then click on
Next. - The following packages will be available for download based on the OS:Healthbeat full installer package - Downloads the full Healthbeat package with required configurations for a fresh installationHealthbeat config update package - Downloads the agent configuration package to update an existing Healthbeat installation
- Download the agent installation or update package, then click
Finishto close the data source window.
Metrics Collected
| Name | Description | Data Type |
|---|---|---|
| server | Name of the server | LowCardinality(String) |
| os_version | OS version details | String |
| operation_master_roles | Domain control Roles information | String |
| dns | Status of dns resolution | String |
| ping | Reachability status | String |
| uptime | System uptime | String |
| dit_free_space | The free space available for an active directory database | Float32 |
| os_free_space | Os disk free space information | Float32 |
| dns_service | DNS service status | String |
| ntds_service | NTDS service status | String |
| netlogon_service | NETLOGON service status | String |
| dcdiag_advertising | Advertising status | String |
| dcdiag_replications | Replication status | String |
| dcdiag_fsmo_knows_of_role_holders | FSMO knows of role test result | String |
| dcdiag_fsmo_check | FSMO check test result | String |
| dcdiag_services | Services test result | String |
| replications_errors | Replication Errors | UInt32 |
| last_replication | The last replication Date and time | String |
| ldap_bind_time | The time (in milliseconds) required for the completion of the last successful LDAP binding. | Float64 |
| ldap_writes_per_sec | LDAP writes per second | Float64 |
| atq_queue_latency | The amount of time in milliseconds that requests are delayed in ATQ waiting to be processed. | Float64 |
| ldap_successful_binds_per_sec | The number of LDAP bindings (per second) that occurred successfully. | Float64 |
| ds_directory_reads_per_sec | The number of directory reads per second. | Float64 |
| ldap_active_threads | The current number of threads in use by the LDAP subsystem of the local directory service. | Float64 |
| ldap_client_sessions | The number of currently connected LDAP client sessions. | Float64 |
| dra_inbound_full_sync_objects_remaining | The number of objects remaining until the full synchronization is completed (while replication is done). | Float64 |
| ldap_searches_per_sec | The number of search operations per second performed by LDAP clients. | Float64 |
| dra_outbound_values_per_sec | The number of object property values containing DNs sent to outbound replication partners. | Float64 |
| dra_pending_replication_syncs | The number of directory synchronizations that are queued for this server but not yet processed. | Float64 |
| ds_directory_writes_per_sec | The number of directory writes per second. | Float64 |
| dra_inbound_values_per_sec | The number of object property values received from inbound replication partners. | Float64 |
| atq_threads_total | The total ATQ Threads | Float64 |
| host | The IP address of the server | LowCardinality(String) |
| target | The IP address of the server | LowCardinality(String) |
| o11ysource_name | The name of the O11ysoruce | LowCardinality(String) |
| type | The metricset type | LowCardinality(String) |
| @timestamp | The elastic timestamp | String |
| timestamp | The timestamp | DateTime64 |
