Monitoring SVM status
January 10, 2024
You can receive information about the status of SVMs deployed in the virtual infrastructure by using any network management system that utilizes the SNMP protocol. An SVM is installed with an SNMP agent that can send information about the status of the SVM to the network management system of your organization.
SNMP Agent can relay the following SVM status information:
- RAM usage by the Protection Server (scanserver service) as a percentage of the maximum value that, when reached, causes the application to restart.
- Page file usage by the Protection Server (scanserver service) as a percentage of the maximum value that, when reached, causes the application to restart.
- Number of virtual machines with desktop operating systems that are under the protection of this SVM (includes only virtual machines that are not powered off and not paused).
- Number of virtual machines with server operating systems that are under the protection of this SVM (includes only virtual machines that are not powered off and not paused).
- Information about whether virtual machine scan tasks are currently running on the SVM.
- If scan tasks are running: information about the number of virtual machines that are currently waiting to be scanned, and the number of virtual machines that are being simultaneously scanned.
- Information about the status of the following application services on SVMs:
- scanserver (Protection Server)
- klnagent (Kaspersky Security Center Network Agent)
- watchdog (wdserver)
SNMP Agent relays the Running (service is running) or Stopped (service is not running) value for each service.
This data is specific to the application, and such information is contained in the MIB file KSVLA-MIB.txt that is provided together with the application. You can use this file to receive additional information from SVMs. You can also receive other values of SNMP counters from the standard set of the Net-SNMP package.
You can enable or disable SNMP monitoring in the Administration Console when creating a Protection Server policy or in the Protection Server policy settings.
If SNMP Monitoring is enabled in the active Protection Server policy, the SNMP agent installed on an SVM relays information about the status of the SVM to the network management system of your organization.
If the policy that enables SNMP monitoring is inactive, information about the status of SVMs is not relayed.
To enable or disable SNMP Monitoring in the Administration Console:
- Open Kaspersky Security Center Administration Console.
- In the Managed devices folder in the console tree, open the folder with the name of the administration group to which the required SVMs belong.
- In the workspace, select the Policies tab.
- Select a Protection Server policy in the list of policies and right-click to open the Properties: <Policy name> window.
- In the policy properties window, select the SNMP monitoring settings section in the list on the left.
- In the right part of the window, do one of the following:
- Select the Enable SNMP monitoring of the SVM status check box if you want to receive SVM status information.
- Clear the Enable SNMP monitoring of the SVM status check box if you want to disable SVM status monitoring.
- Click the Apply button.