Windows¶
About¶
- If you are viewing this documentation outside of the Epoch AOC, you may need to fill in untemplated variables in some of the steps below.
- Before installation, consult Supported Platforms and Collector Requirements.
- You need only one collector per host (VM or bare metal OS).
Installation¶
This section provides instructions for installing collectors on Windows OS.
1. Download the Installer¶
Download the Windows Collector Installer in your windows host from the following url:https://repo.epoch.nutanix.com/master/epoch-collectors-windows-x64.msi
Important: Do not double click on the downloaded msi. Use the administrator command prompt to install the collector as described in the following sections.
2. Choose a Collection Mode¶
- Basic: This default mode for Windows enables monitoring of infrastructure metrics such as CPU, Memory and Disk on your host(s).
- Advanced: This mode enables monitoring of infrastruture metrics and Layer4 to Layer7 protocol traffic, such as TCP, UDP, DNS, IPFIX, HTTP, and MySQL, by capturing and analyzing IP Packets on the network.
In both the installation modes, you can enable Integrations to monitor metrics for the processes and applications running on your host(s). For more details, see the Integrations section.
3. Deploy the Collection Mode¶
3.1 Basic Mode installation¶
This mode can be enabled by setting the EPOCH_ROLE parameter to infra_only. If you choose to not specify the EPOCH_ROLE, Epoch will default to infra_only.
Run the following command from admin command prompt on your Windows host. You will need to add the values for your_epoch_host andorganizationId. Alternatively, you can directly copy this command with auto-filled values from the in-product AOC documentation.
msiexec /qb /i epoch-collectors-windows-x64.msi /l*v "install.log" ^
EPOCH_ORGANIZATION_ID=${organizationId} ^
EPOCH_AOC_HOST=${your_epoch_host} ^
EPOCH_ROLE=infra_only
The above command assumes that the Windows Collector installer you downloaded in step 1 is also available at the path where this command is being run from. If Windows Collector installer is located in another location, you need to provide the complete path of the installer package.
You can also add additional parameters during installation by simply adding line breaks ^ to the above command. For a complete list of configurable parameters, please see Configuration.
3.2 Advanced Mode installation¶
The advanced mode installation for Windows has two key components:
-
Collectors on Windows host(s) with
collectorrole: This collects network packets, infrastructure metrics, and custom metrics from the host and ships the collected packets and metrics to the Stream Processor. -
Stream Processor on Linux host(s) with
sprole: This receives data from collectors and processes the data into compact timeseries metrics which are then sent to the AOC. You can use one Stream Proccessor for multiple Collectors.
Note: Epoch today does not support Stream Processor for Windows OS.
3.2.1 Deploying Stream Processor¶
Before deploying Collectors in Advanced Mode on Windows host(s), setup Stream Processor on host(s) with a supported OS - CentOS/RHEL, Ubuntu, Debian, and Docker. For a complete list of supported platforms, see Supported Platforms.
Important: please ensure sufficient resources are available on your machine to run Stream Processor.
| Recommended | Minimum | |
|---|---|---|
| vCPUs | 4 (or more) | 2 |
| Memory | 8 GiB (or more) | 4 GiB |
| Disk | 16 GiB (or more) | 8 GiB |
On your host, run the following command as a root user. For Stream Processor, EPOCH_ROLE should be configured as sp. You will need to update the values for host, your_epoch_host andorganizationId. Alternatively, you can directly copy this command with auto-filled values from the in-product AOC documentation.
For CentOS/RHEL, Debian, and Ubuntu¶
wget --header="userport: 443" \
-O /usr/bin/install-epoch-collectors.sh ${host}/install_epoch_collectors \
&& chmod +x /usr/bin/install-epoch-collectors.sh \
&& EPOCH_AOC_HOST=${your_epoch_host} EPOCH_ORGANIZATION_ID=${organizationId} EPOCH_ROLE=sp EPOCH_ANALYSIS_DEPTH=layer4 /usr/bin/install-epoch-collectors.sh \
&& /etc/init.d/epoch-collectors restart
For Docker¶
docker run -td \
--name=epoch_sp \
--net=host \
--ulimit core=0 \
-e DEPLOY_ENV="docker" \
-e EPOCH_ROLE=sp \
-e EPOCH_AOC_HOST=${your_epoch_host} \
-e EPOCH_ORGANIZATION_ID=${organizationId} \
-e EPOCH_ANALYSIS_DEPTH=layer4 \
gcr.io/nutanix-epoch/collectors:latest
Please ensure that the Stream Processor inbound ports 2005 and 3005 are reachable from the Windows server where the Advanced mode Collector is being installed. For more information, see Standalone Stream Processor.
3.2.2 Deploying Collector on Windows Host(s)¶
Prerequisite: Win10Pcap service should be running on the collector host to capture IP traffic
To check whether the Win10Pcap service is running on your host, run the following command:
#win10pcap status
sc query win10pcap
If win10pcap service is not installed, use the below link to download and install it on the host.
Next, run the following command from admin command prompt on your Windows host(s). You will need to update the values for your_epoch_host and organizationId. Alternatively, you can directly copy this command with auto-filled values from the in-product AOC documentation.
For EPOCH_SP_HOST_OVERRIDE, please make sure to add the correct IP address your_sp_host_IP of your Stream Processor.
msiexec /qb /i epoch-collectors-windows-x64.msi /l*v "install.log" ^
EPOCH_ORGANIZATION_ID=${organizationId} ^
EPOCH_SP_HOST_OVERRIDE=<your_sp_host_IP> ^
EPOCH_ROLE=collector ^
EPOCH_AOC_HOST=${your_epoch_host} ^
EPOCH_ANALYSIS_DEPTH=layer4
The above command assumes that the Windows Collector installer you downloaded in step 1 is also available at the path where this command is being run from. If Windows Collector installer is located in another location, you need to provide the complete path of the installer package.
You can also add additional parameters during installation by simply adding line breaks ^ to the above command. Please refer to the Configuration section for a list of configurable parameters.
Configuration Updates¶
To change the configuration parameters after installation, follow these steps :
#Stop the epoch agent
sc stop epochagent
#Edit the below configuration file with a text editor and change the configuration parameter as needed
C:\ProgramData\nutanix\epoch-collectors\Config.ini
#Execute the configuration script.
"C:\Program Files\nutanix\epoch\collectors\embedded\python.exe" "C:\Program Files\nutanix\epoch\collectors\configure.py"
#Start the epoch agent
sc start epochagent
In order to enable and configure DDAgent Integrations, you may need to modify following configuration files.
C:\ProgramData\nutanix\epoch-dd-agent\datadog.conf
C:\ProgramData\nutanix\epoch-dd-agent\conf.d\
Note: ProgramData is a hidden folder.
For more information, see the Integrations section. Dont forget to restart the Epoch collector for any changes to these files to take effect.
sc stop epochagent
sc start epochagent
Troubleshooting¶
Status Check¶
Check if the collector is in 'RUNNING' state:
sc query epochagent
Restarting the collector¶
Stop collector
sc stop epochagent
Start collector
sc start epochagent
Logs location¶
The collector logs are located in the following location:
```
C:\ProgramData\nutanix\epoch-dd-agent\logs
C:\ProgramData\nutanix\epoch-collectors\logs
```
Note:ProgramDatais a hidden folder
Need Help? Contact us at epoch-support@nutanix.com
Reporting Troubleshooting Information¶
Step 1: Run the following command as an Admin to generate a zip file.
powershell -ExecutionPolicy Bypass -File "C:\Program Files\nutanix\epoch\collectors\windows-inspect.ps1"
This will capture the required troubleshooting information and any necessary logs.
Step 2: Collect the zip file
The zip file is created in the %SystemRoot%\Temp directory, for example ("C:\Windows\Temp"). The file name will begin with epochcollectorsinspection_yyyy-MM-dd_HH-mm-ss.
Step 3: Send the zip file to Epoch support through email at epoch-support@nutanix.com
Uninstallation¶
To uninstall the collectors, run the following command:
msiexec /qb /x epoch-collectors-windows-x64.msi
or
goto Control Panel -> Programs -> uninstall program, and select Epoch Agent
Monitoring Windows with AOC¶
Once installation is successful, you can login to AOC and monitor Windows metrics using Maps, Dashboards, and Analytics Sandbox. Epoch creates a default System dashboard, named Windows Overview , which provides an aggregated summary of the Windows infrastructure such as CPU, Memory, and Disk. In this dashboard, you can filter the data for a specific host by using instance.host_name tag and selecting a host name.
Some of the metrics collected in Basic Mode are listed below.
| Category | Metrics initials | Description |
|---|---|---|
| Cpu | cpu* | cpu related metrics like idle, user, interrupt,etc |
| Disk | system.disk.* | Disk related metrics like free, total, used, etc |
| Network | system.net.* | Network related metrics like bytes_rcvd, bytes_sent etc |
| Memory | memPhys* | Memory related metrics like total, usable, free etc |
| Io | system.io.* | Io operations metrics like rkB/s, wkB/s etc |
| System Load | system.load.1 | Refers to processor queue length |
| Processes | system.processes.* | Metrics for processes enabled in process.yaml |
Note:
cpuWait is calculated from cpuInterrupt time.
In order to filter Windows metrics, use tags tags.epoch_platform for Maps and instance.tags.epoch_platform for Analytics Sandbox and select windows. You can also use these tags to create Alerts or custom dashboards.
To learn more, see Maps, Dashboards, and Alerts.