Latest posts by Paul Schnackenburg (see all)
- Iperius Backup for Windows Server, VM, and cloud - Wed, Mar 18 2020
- Altaro Office 365 backup: Exchange Online, OneDrive and SharePoint backup in Azure - Tue, Feb 4 2020
- Repair a corrupt EDB file with Stellar Repair for Exchange - Tue, Jan 14 2020
This review covers version 10.4, which is a release candidate at the time of writing. Originally, 4sysops looked at version 9—please read Timothy's review for the basic functionality of NetCrunch. We also covered the new features of version 9.3 here.
A versatile tool ^
NetCrunch has Cisco compatibility certification as well as comprehensive monitoring for Linux, BSD, Windows, macOS, VMware ESX/ESXi, and other network devices. It even does Solaris (for the few people on the planet who care).
While it's tempting to draw parallels between NetCrunch and System Center Operations Manager (SCOM), I think they target different markets. SCOM is definitely an enterprise tool and has little to offer in the small-to-medium enterprise (SME) markets. Conversely, NetCrunch plays directly to the SME market, especially as many managed service providers (MSPs) use it. As often happens though, NetCrunch is now capable of handling large environments, up to 10,000 devices, with one server capable of handling up to 1,000,000 counters.
I was impressed with the remediation chaining where you can automatically restart a failed service. If that doesn't fix the problem, you can restart the server, and if that doesn't fix it, it sends a notification to a particular tier of IT personnel. And if they haven't attended to the ticket within, say, an hour, it notifies a higher tier. Similarly, you can have a script run to delete temporary files when disk space goes under a particular percentage. If that doesn't fix it, it can send a notification.
This minimizes the number of alerts a human must attend to—always a good thing in a monitoring solution in my book. Another filter to stop alert storms is monitoring dependencies. For example, if NetCrunch discovers a switch goes down, there's no point in alerting you about all the devices now disconnected, just an alert to fix the switch.
A couple of terms that'll help you get acquainted with NetCrunch is the Atlas, basically the map of your entire network, and monitoring packs, software that contains the rules and monitors for different types of hardware and software (like management packs in SCOM). I also really like the simulated Atlas installed with the product, making it easy to explore and change settings without affecting your real network. NetCrunch has a Windows console along with a web console and mobile apps.
The live dashboards are based on Adrem's fork of Grafana, called GrafCrunch. These are nice, as they're up to date and easy to read. The pending alerts view is also useful, negating the need to scroll through alerts already attended to. Another nice touch is the network operations center (NOC) friendly ability to drag screens and dock them on secondary screens to show them on big screens.
New in versions 10.0 to 10.3 ^
A new IPMI sensor can monitor all presented parameters, and you can filter out the ones you don't need to see. They've updated GrafCrunch to the latest 5.0.1 version of Grafana. For easy access to any API, there's a new representational state transfer (REST) HTTP/S sensor. An IP camera sensor can also take snapshots from any IP-connected camera and display them as widgets on a map. If you happen to use TruVision video surveillance recording equipment, this new sensor will tell you when a camera signal goes out or disk space runs low.
You can use complex queries for monitoring SQL servers (MS SQL Server, Oracle, PostgreSQL, MySQL, MariaDB, and ODBC), including joins, column aliases, and conversions. There's a new trend view for the web console. If you're looking to use custom icons for your dashboards, you can get JPEG images from the internet, and NetCrunch will resize them and make the backgrounds transparent. These little things really make me like NetCrunch.
There's full IPv6 support, improved SNMP v3 support, and over 8,500 MIBs with about 800,000 objects. Improving the already excellent layer 2 connectivity diagram is the support for EtherChannels (bonding of two to eight 1 Gbit/s or 10 Gbit/s links for bandwidth and redundancy) and link aggregation. You can configure up to 10 SMTP servers for sending notifications, also providing redundancy.
The ability to combine the status of various elements (services, sensors, and nodes) into a virtual node lets you view your IT environment as your business does, instead of as discrete elements you need tribal knowledge of to know how they're connected.
You can multiselect nodes and then add a service or change monitor settings across multiple nodes in one go. You can monitor RADIUS servers, and a new SSL certificate sensor will report on the expiration date of certificates along with other certificate properties. A test log sensor will pick up changes in a log file stored on Windows Server Message Block (SMB), FTP and HTTP (and their secure flavors), SSH, and SFTP protocols. A data file sensor can monitor any file on the same network access types.
Coming in 10.4 ^
The newest version 10.4 offers a new integration with Messagebird, new sensors for Dell, IBM, HP IPMI interfaces (and generic IPMI logs) on their servers as well as sensors for Docker containers, Dell EMC, and iNodes. There are 32 new monitoring packs for a variety of servers, uninterruptable power supplies (UPSs), and network-attached storage (NAS) devices, as well as improvements to existing monitoring packs.
My one concern would be that NetCrunch focuses too much on on-premises technology (although there is some Amazon integration). The world is moving to the cloud, and while many larger businesses have a large footprint in their own datacenters today, most already have some workloads in public cloud. For NetCrunch to remain a good choice going forward, I think they need add more cloud monitoring, in particular for Azure.
However, for SMEs, NetCrunch is a good option. I really like the tool's wide coverage of things it "talks to." It's easy to set up, and configuration is mostly a walk in the park (with good guidance directly in the UI).