NetCrunch 10.4 – Fast and versatile monitoring for SMEs

NetCrunch is a Windows-based network monitoring tool that is fast, covers just about any device in your network, and gives you a single pane of glass with easy-to-read dashboards.

This review covers version 10.4, which is a release candidate at the time of writing. Originally, 4sysops looked at version 9—please read Timothy's review for the basic functionality of NetCrunch. We also covered the new features of version 9.3 here.

A versatile tool ^

NetCrunch has Cisco compatibility certification as well as comprehensive monitoring for Linux, BSD, Windows, macOS, VMware ESX/ESXi, and other network devices. It even does Solaris (for the few people on the planet who care).

While it's tempting to draw parallels between NetCrunch and System Center Operations Manager (SCOM), I think they target different markets. SCOM is definitely an enterprise tool and has little to offer in the small-to-medium enterprise (SME) markets. Conversely, NetCrunch plays directly to the SME market, especially as many managed service providers (MSPs) use it. As often happens though, NetCrunch is now capable of handling large environments, up to 10,000 devices, with one server capable of handling up to 1,000,000 counters.

I was impressed with the remediation chaining where you can automatically restart a failed service. If that doesn't fix the problem, you can restart the server, and if that doesn't fix it, it sends a notification to a particular tier of IT personnel. And if they haven't attended to the ticket within, say, an hour, it notifies a higher tier. Similarly, you can have a script run to delete temporary files when disk space goes under a particular percentage. If that doesn't fix it, it can send a notification.

This minimizes the number of alerts a human must attend to—always a good thing in a monitoring solution in my book. Another filter to stop alert storms is monitoring dependencies. For example, if NetCrunch discovers a switch goes down, there's no point in alerting you about all the devices now disconnected, just an alert to fix the switch.

A couple of terms that'll help you get acquainted with NetCrunch is the Atlas, basically the map of your entire network, and monitoring packs, software that contains the rules and monitors for different types of hardware and software (like management packs in SCOM). I also really like the simulated Atlas installed with the product, making it easy to explore and change settings without affecting your real network. NetCrunch has a Windows console along with a web console and mobile apps.

Simulated Atlas

Simulated Atlas

The live dashboards are based on Adrem's fork of Grafana, called GrafCrunch. These are nice, as they're up to date and easy to read. The pending alerts view is also useful, negating the need to scroll through alerts already attended to. Another nice touch is the network operations center (NOC) friendly ability to drag screens and dock them on secondary screens to show them on big screens.

New in versions 10.0 to 10.3 ^

A new IPMI sensor can monitor all presented parameters, and you can filter out the ones you don't need to see. They've updated GrafCrunch to the latest 5.0.1 version of Grafana. For easy access to any API, there's a new representational state transfer (REST) HTTP/S sensor. An IP camera sensor can also take snapshots from any IP-connected camera and display them as widgets on a map. If you happen to use TruVision video surveillance recording equipment, this new sensor will tell you when a camera signal goes out or disk space runs low.

Scanning the network and Active Directory (AD)

Scanning the network and Active Directory (AD)

You can use complex queries for monitoring SQL servers (MS SQL Server, Oracle, PostgreSQL, MySQL, MariaDB, and ODBC), including joins, column aliases, and conversions. There's a new trend view for the web console. If you're looking to use custom icons for your dashboards, you can get JPEG images from the internet, and NetCrunch will resize them and make the backgrounds transparent. These little things really make me like NetCrunch.

If you're monitoring hard disks that support SMART, a new VMI sensor lets you gather this data, which can be useful in predicting disk failures. Data parsers let you transform any external data into a format NetCrunch understands, and it supports XPath, JSONPath, and DOM selectors (JavaScript). You can ping Linux hosts using a Secure Shell (SSH) connection, and a new Smart Printer Sensor is more capable than the older monitoring packs.

There's full IPv6 support, improved SNMP v3 support, and over 8,500 MIBs with about 800,000 objects. Improving the already excellent layer 2 connectivity diagram is the support for EtherChannels (bonding of two to eight 1 Gbit/s or 10 Gbit/s links for bandwidth and redundancy) and link aggregation. You can configure up to 10 SMTP servers for sending notifications, also providing redundancy.

Real network Atlas for my lab

Real network Atlas for my lab

The ability to combine the status of various elements (services, sensors, and nodes) into a virtual node lets you view your IT environment as your business does, instead of as discrete elements you need tribal knowledge of to know how they're connected.

You can multiselect nodes and then add a service or change monitor settings across multiple nodes in one go. You can monitor RADIUS servers, and a new SSL certificate sensor will report on the expiration date of certificates along with other certificate properties. A test log sensor will pick up changes in a log file stored on Windows Server Message Block (SMB), FTP and HTTP (and their secure flavors), SSH, and SFTP protocols. A data file sensor can monitor any file on the same network access types.

Coming in 10.4 ^

The newest version 10.4 offers a new integration with Messagebird, new sensors for Dell, IBM, HP IPMI interfaces (and generic IPMI logs) on their servers as well as sensors for Docker containers, Dell EMC, and iNodes. There are 32 new monitoring packs for a variety of servers, uninterruptable power supplies (UPSs), and network-attached storage (NAS) devices, as well as improvements to existing monitoring packs.

Conclusion ^

My one concern would be that NetCrunch focuses too much on on-premises technology (although there is some Amazon integration). The world is moving to the cloud, and while many larger businesses have a large footprint in their own datacenters today, most already have some workloads in public cloud. For NetCrunch to remain a good choice going forward, I think they need add more cloud monitoring, in particular for Azure.

However, for SMEs, NetCrunch is a good option. I really like the tool's wide coverage of things it "talks to." It's easy to set up, and configuration is mostly a walk in the park (with good guidance directly in the UI).

Want to write for 4sysops? We are looking for new authors.

Read 4sysops without ads by becoming a member!


Leave a reply

Your email address will not be published. Required fields are marked *


© 4sysops 2006 - 2020


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account