Table of Contents
- Introduction
- System Requirements
- Assign Service Logon As Credentials
- Server Configuration
- Agent-Based Monitoring
- Azure Relay Hybrid Connection
- Account Lockout Monitoring and Reporting
- Data Providers
- Directory Services
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Log Management Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Account Lockout Monitor Template
- Logon Monitor Template
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- SMART Monitor Template
- Process Monitor Template
- Service Monitor Template
- Performance Counter Monitor Template
- Active Directory User Monitor Template
- Active Directory User Integrity Monitor Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Network and Application Monitor Templates
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Monitor Hierarchy
- Reports
- Auto-Configurators
- Options
- Actions
- Filters
- Schedules
- Shared Views
- General Executable Properties
- Assign Actions
- Assign Directories
- Assign Disks
- Assign Shares
- Assign Files
- Assign Consolidated Logs
- Assign Event Logs
- Assign Active Directory Audit Logs
- Target Files and Sub-Directories
- Define Log Entry Columns
- Define CSV and W3C Log Entry Columns
- Active Directory User and Group Filters
- Explicitly Assigned Logs
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- SNMP Browser
- SSH Shell
- Exporting and Importing Configuration Objects
- Command Line Interface
- Troubleshooting
- Terminology
Agent-Based Monitoring Templates
Server Manager includes an agent-based solution to push logs from remote computers. The agent-based solution solves several potential problems. Event Logs and are downloaded using a WMI whereas Text Logs require either Windows Shares, SFTP/SSH or FTP/S to pull logs. WMI transmits data relatively slow. In some cases, large Security Event Logs can take hours to download the first time. Second, WMI requires multiple ports one of which is randomly assigned. The randomly assigned port can be configured to use fixed port, however, the single port must be configured on each client host. Third, Server Manager typically is installed on a management server that does not have a public IP address. If so, there is no way to remote manage computers over the Internet. Lastly, hosts that periodically connect to the network, such as laptops, can be difficult to manage as a pulling schedule would need to be fast enough to catch the laptop when it just so happens to be logged into the network.
Corner Bowl Software solves these issues with our Server-Side Server Agent and our remotely installed lightweight Server Manager Agent.
Corner Bowl Server Manager Agent
Server Manager includes an option to flag several templates for remote execution. Once set, the Template is referred to as an Agent-Based Template. Once an Agent-Based Template is assigned to a remote host, Server Manager uses Windows Shares to upload the agent installation file to the host then uses WMI to remote install onto the host. If Server Manager is unable to penetrate the firewall to upload and remote install, you have the option to manually install the agent to the remote host. Once installed, the agent connects once a minute to get list of templates to execute. Once the Server Manager Agent Server determines it is time to run a template on the target host, the template and any required filters are returned to the agent for execution.
![]() |
If the server instance of Server Manager is not available on a public IP address, an Azure Hybrid Relay can be setup to proxy the connection. |
The following templates are currently supported:
- CPU
- Disk Space
- Event Log Consolidation
- Event Log File Backup
- Event Log Monitor
- Memory
- Process
- Service
- Registry
To configure the Agent Server
- From the Explorer View, navigate to Agent Server then right click and select Properties. The Agent Server Properties View displays.
-
From the Agent Server Properties View check the Enabled Checkbox to enable the server.
Once enabled, the server attempts to install the agent to all configured hosts that have Agent Based Templates assigned to them. If you do not want to automatically install the agent to each host that has an Agent Based Template assigned, use the Host Properties View to disable the automatic installation of the agent.
For more information see: Host Properties - Use the Host identification method drop-down to select how you would like connecting hosts to be identified.
Option Description DNS Lookup The server uses DNS to resolve the hostname. DNS and FQDN Lookup The server uses DNS and Active Directory to resolve the Fully Qualified Domain Name (FQDN). Remote IP Address The server uses the IP address. Local Hostname The client sends its local hostname to server for identification. Local FQDN The client sends its locally resolved FQDN to server for identification. Local IP Address The client sends its local IP address to server for identification. - Use the Assign the following templates to all new clients check box to automatically add new hosts to the Agent Server Host Group then assign the listed templates.
To enable remote Server Manager Agent installation
- From the Explorer View, navigate to Agent Server then right click and select Properties. The Agent Server Properties View displays.
- Check Enabled.
- Click Save.
-
From the Explorer View, navigate to Templates | Sample Templates | Log Consolidation then right click on Agent-Based Event Log Consolidation and select Assign.
You can assign any template that has been flagged as an Agent-Based Template. For more information see below. - From the Select Services, Devices and Endpoints View, check each host you would like to install the Server Manager Agent, then click OK.
- Once assigned, Server Manager will attempt to remote install the Server Manager Agent onto each assigned host.
To manually install the Server Manager Agent on remote hosts
-
From the host you have installed Server Manager, copy the following file to each target host:C:\Program Files\Corner Bowl\Server Manager\ServerManagerAgentInstaller.exe
-
From each target host, open a command prompt as Administrator then run the executable with the following command line options:
Parameter Description HOST The fully qualified hostname of the host Server Manager is installed. PORT The port to connect with. The default value is 21843 TLSENABLED true to enable TLS 1.2. Please note the server must be configured to use TLS. For more information see: Server Configuration TLSCERTIFICATE The optional TLS client certificate to use for TLS 1.2. RELAYENABLED true to proxy communication through an Azure Relay Connection. RELAYNAMESPACE The Azure Relay Connection namespace. RELAYCONNECTIONNAME The Azure Relay Connection name. RELAYKEYNAME The Azure Relay Connection key name. RELAYKEY The Azure Relay Connection key value. -q Silently run the installation. -norestart Suppress reboot. For Example:ServerManagerAgentInstaller.exe -q HOST=1.2.3.4 PORT=21843
To update the Agent configuration
Just like the Service, the agent uses an XML configuration file to load the parameters to connect to the server.
Configuration is implemented through the cbsmsrv.exe.config file located in the program data directory. The default location is:
C:\ProgramData\Corner Bowl\Server Manager Agent 2022\cbsmagt.exe.config
Configuration File Reference
<?xml version="1.0" encoding="utf-8" ?> <configuration> <configSections> <section name="server" type="XPlatformWindowsShared.Configuration.ServerConfigurationSectionHandler,XPlatformWindowsShared" /> </configSections> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2" /> </startup> <server> <host value="SERVERNAME" /> <port value="21843" /> <tls value="False" certificate="" requireRemoteCertificate="false" allowSelfSignedCertificate="true" checkCertificateRevocation="false" allowCertificateChainErrors="true" /> <idleTimeout value="300" /> <readTimeout value="120" /> <writeTimeout value="120" /> <azure value="False" relayNamespace="" connectionName="" keyName="" key="" /> </server> <appSettings> <add key="AutoUpdate" value="true" /> </appSettings> </configuration>
To configure Agent-Based Event templates
- Select File | New Template. The Select Template Type view displays.
- Click the Template type to create. The Template Properties view displays.
- Select the Agent Template Tab
- Use the Enabled Check Box to flag the template as an Agent-Based Template.
- Use the Trigger Check Box to trigger actions when assigned hosts do not connect within the configured time span.
- Use the On Host Not Connecting Drop-Down to assign the actions to fire when assigned hosts do not connect within the configured time span.
To configure Agent-Based Event Log Consolidation for remote hosts
After following the steps above, the pre-installed Template is automatically assigned to each host. You have the option to modify this Template or create your own.
- To modify the pre-installed Template, navigate to Templates | Sample Templates | Log Consolidation | Agent-Based Event Log Consolidation then right click and select Template Properties.
- To create a new template, select Files | New | Templates | Log Managements | Log Consolidations then from the properties page set the Sub Type to Event Log.
- Use the General tab to schedule the frequency.
- Use the Logs tab to select the target logs.
- Use the Options tab to specify consolidation filters and log entry retention policy.
-
Use the Agent Template tab to configure Server Manager to remotely install the Corner Bowl Server Manager Agent to the assigned hosts.
If using the sample template notice the Enabled option is checked. If you are creating your own template this option must be selected. The Server Manager Agent logs into the server anonymously with access limited to reading assigned templates and pushing log entries. - The Monitor tab enables you to scan entries on the server-side to fire actions or notifications when necessary.
- Use the Actions tab to assign actions or notifications when the template starts, completes or errors.
- Use the Hosts and Host Groups drop-down boxes on the right side of the screen to assign hosts to this Template.
- Click Save.
To configure Agent-Based Native Event Log File Backup for remote hosts
After following the steps above, the pre-installed Template is automatically assigned to each host. You have the option to modify this Template or create your own.
- To modify the pre-installed Template, navigate to Templates | Sample Templates | Log Consolidation | Agent-Based Event Log File Backup then right click and select Template Properties.
- To create a new template, select Files | New | Templates | Log Managements | Log Backup then from the properties page set the Sub Type to Event Log.
- Use the General tab to schedule the frequency.
- Use the Logs tab to select the target logs.
- Use the Options tab to specify backup options. For more information see: Log Backup Template
-
Use the Agent Template tab to configure Server Manager to remotely install the Corner Bowl Server Manager Agent to the assigned hosts.
If using the sample template notice the Enabled option is checked. If you are creating your own template this option must be selected. The Server Manager Agent logs into the server anonymously with access limited to reading assigned templates and upload log entries. - The Monitor tab enables you to scan entries on the server-side to fire actions or notifications when necessary.
- Use the Actions tab to assign actions or notifications when the template starts, completes or errors.
- Use the Hosts and Host Groups drop-down boxes on the right side of the screen to assign hosts to this Template.
- Click Save.
Troubleshooting
If the Agent does not appear to be connecting or processing templates you can view the Agent's verbose output log for detailed information. The log file is located in the following directory on each remotely managed host:
c:\ProgramData\Corner Bowl\Server Manager Agent 2022\agent.log