VisualLookout™ Online Manual

Manual Index


1. Installing VisualLookout    

NOTE: This documentation is for VisualLookout, VisualLookout Express and VisualLookout Personal Edition.  Features not available in VisualLookout Express or VisualLookout Personal Edition are clearly marked as [NX] or [NP].

First, make sure that you meet the minimum requirements for your platform, including the proper Java VM. Then install VisualLookout :

Windows: The download EXE is the install program for VisualLookout. Just run this program after downloading it.

Unix: VisualLookout is not available for Unix



2. Running VisualLookout    

Windows: Go to Start / Programs / VisualLookout and click on VisualLookout. If this is a trial license you will then see the 'run as trial' dialog box, click the 'run trial' button. The following hot-links window (fig 2.1) will appear.

This is the VisualLookout main application window.  It is a single window, which can present a number of views depending on the users requirements. The initial view is the hot-link view which notifies the user of any product update information such as a problem fix release. The "view" menu option in the top right corner of the dialog presents the available views (see Fig 2.11  below).


The user can select the view directly from the menu selection list (see table below) or alternatively the user may click the VCR styled arrow buttons which move the view through the list in a forward or backward direction.

AutoSentry 
[NX]

Provides a central view of activity from all connections that are required to be monitored.

AutoContact
[NX]    

Provides a central view of all connections made to all monitored systems.

AutoAlert
[NX]

New in version 2 this allows you to trigger alarms when certain events occur such as a connection from an undesirable country

Agent List
[NX,NP]

A list view of all connections whether running or not

<connection name>

A line appears for each connection that is running

From the Agent List view the user can initiate a number of actions to specific listed connections by left clicking on the line item in the agent list to highlight the line and then right mouse click to see a menu of available choices. See Fig 2.12 below. Note: VisualLookout Express and VisualLookout Personal Edition is for home consumers and does not support multiple agents.

Add new Agent  [NX,NP]

Defines a new connection to monitor a server

Run    

Starts an agent connection (must be in stopped or not running status to be enabled)

Stop

Stops a running agent (must be in running status to be enabled)

Goto
[NX,NP]

Changes the dialog view to that agents view (must be in running status to be enabled)

Delete
[NX,NP]

Remove an agent connection (will automatically stop the agent if running)

Edit/Test connection

Checks that the connection parameters to the server are working

Cancel

Closes the menu

VisualLookout comes preconfigured to run a localhost connection, i.e. it will monitor the system on which it is installed. By default the service is initially in a "not running" state. The configuration of VisualLookout to add another connection or use the AutoSentry and AutoAlert features is a simple process as outlined below.

  1. Add the host or hosts that you wish to monitor  (if localhost is all that is required then this is done for you)
  2. Start the VisualLookout agent for the defined host(s)
  3. Select and define any AutoSentry items if required
  4. Select and define any AutoAlert items if required


3. VisualLookout Configuration [NX, NP]    

Adding a Host IP/Domain:

VisualLookout Express and VisualLookout Personal Edition are pre-configured and do not need a host IP/Domain to be added.

To monitor an IP/Domain using VisualLookout choose the FILE  menu option and select the ADD NEW AGENT option. This will then present the add agent dialog box (fig 3.1). Note the user may add as many monitoring agents as permitted by the license purchased.

Each field has help text that appears in the panel below the buttons. For clarity these fields are also explained below.

Agent name or IP address: Enter here either the IP address or the domain name of the system you want VisualLookout to monitor. For example www.mysystem.com or 192.168.0.1. If you wish to monitor the system upon which VisualLookout is installed simply use the name 'localhost'. Note: the system must be able to support SNMP for VisualLookout to monitor it. In the case of 'localhost' (i.e. the system where VisualLookout is running) if no SNMP is present it will automatically give you the option to start an SNMP agent. For remote systems the user must ensure that SNMP is running.

Community Password: The Community Password, sometimes referred to as the community name, is the password that allows access to the system to be monitored. Without a valid Community Password VisualLookout will be unable to collect any data from the system. Note, the community password is a special password for SNMP and is not tied to any user password. The default on most SNMP devices is 'public'. If you do not know your community name then try the 'public' community name first. If the 'public' name works it is advisable to have this changed to something more secure.

SNMP Port: The SNMP Port is normally set to 161 although the system administrator can change this. If you do not know the SNMP port and VisualLookout is unable to collect any data please contact your system administrator for the correct port number.

Timeout: The timeout option is the total wait time allowed in milliseconds for VisualLookout to collect data. Every 1000 milliseconds is a second so the example above has a 10 second timeout. If VisualLookout is unable to collect the data before 10 seconds has passed VisualLookout will give up and try again immediately if the 'Retry' (see below) option is set or at the next collection interval 'Seconds between requests' (see below).

Retry: This number is a count and represents the number of times VisualLookout can retry after a failure to collect data. The retry option instructs VisualLookout to immediately retry any failed request because the timeout time has been exceeded. It is advisable not to set this value too high if at all especially if the 'Seconds between requests' (see below) is small.

Seconds between requests: This number is in seconds and represents the time between VisualLookout data collection requests.  If collecting from a remote system it is advisable to set this option to a value that makes sense for your connection speed. The example above is 5 seconds.

AutoRun: The AutoRun check box defines whether VisualLookout requires the user to initiate the run request or if VisualLookout can initiate the running of the collection agent.

Test: Clicking this button validates the connection request immediately and reports any errors to the user.

Reset: Clicking this button resets all the values in the dialog box.

Cancel: Clicking this button aborts the update and closes the dialog box.

OK: Clicking this button validates the request and adds the agent details to VisualLookout.



4. Modifying an Agent Connection [NX, NP]    


VisualLookout Express and VisualLookout Personal Edition are pre-configured and do not need an agent to be configured.

An Agent Connection may be modified by the user to either Stop, Start, Delete or Edit an existing Agent Connection. The documentation in this section documents the process of modifying an agent connection using the Agent List window, however, the same options are also available in the Agent Connection window. The Agent List window lists all defined connections and therefore has the advantage of allowing the user to modify many connections in a single view.

The modify agent options are as follow:

Stop a Connection

To stop a connection that is in "running state" (indicated in the agents panel, see Fig 4.1.1 below) do the following:

  1. Select "View Menu" - > "Agent List"
  2. Highlight the agent you want by left clicking on the line, in this example select Localhost
  3. Right click on the agent and select 'stop' from the context menu that appears


Delete a Connection

To delete a current defined connection:

  1. Click on the agent line in the Agent List View window so it turns blue (see Fig 4.1.1 above).
  2. Right mouse click and select delete from the context menu that appears.
  3. You will then be presented with a caution check dialog  (see Fig 4.1.2 below).  Selecting OK will delete the connection.  However, if the connection is currently busy, deleting the connection will terminate the connection and close the agent monitoring window automatically.



Edit/Test a Connection

To edit/test an existing connection:

  1. Click on the agent line in the Agent List view window so it turns blue (see Fig 4.1.1 above).
  2. Select Edit/Test from the dropdown menu or right mouse click and select edit/test from the context menu that appears.
  3. You will then be presented with the agent definition dialog (see Fig 4.1.3 below). To edit the connection just change the desired options in the dialog box and click the OK button.  If the connection is currently running you will need to stop and restart the connection to implement the changes (see section 4 above).

To test the connection just click the test button to start a connection test. See the test results in Fig 4.1.4 below.




5. AutoSentry    

AutoSentry is the VisualLookout monitoring and logging list panel. The user can select any connection IP/Domain address or Port from an agent window to be added to the AutoSentry window. Any item listed in the AutoSentry window is continuously monitored to provide the user with details such as the number of current connections, the overall total connections since VisualLookout started and the total time connected. For ease of monitoring all agent information is centralized and appears in a single global AutoSentry window (see fig 5.1 below).

To add agent data to the AutoSentry window perform the following steps:

  1. Highlight the agent from the agent window list (see fig 5.1.1 below).
  2. Right mouse click and select either 'add port to sentry' or 'add address to sentry'. The Port option will add the port number for monitoring and logging. This means that any connection to the selected port will be recorded. The Address option adds the IP Address for monitoring and logging. This means that every time this IP address connects the connection times will be recorded.


6. Map View for a Connection    

VisualLookout provides any connection 2 digit ISO standard country code on the connection report entry line see Fig 5.1.2 below. As it is not always apparent which country is represented by the ISO code the user may select a map view by left mouse clicking on the inbound connection in the Agent connection view and then right mouse click to select 'map n.n.n.n' from the context menu displayed (See Fig 5.1.2 below).

7. AutoContact List [NX]    

The Contact List View is the list of all visitors that have contacted the monitored system. Every IP that connects gets looked up by VisualLookout and recorded in the Contact List View. See Fig 6.1 below:

If the VisualLookout user wishes to track and further identify a Visitor to the system being monitored he may use the optional VisualRoute utility. VisualRoute allows the user to trace to the exact location of any visitor to the monitored system and plots the location on a world map. VisualRoute provides a wide range of additional data including the route taken to reach the user the final location and the WHOIS information to further identify the domain/IP address owner. See Fig 6.2 below.

8. AutoAlert [NX]    

AutoAlert is the VisualLookout automated alarming system that can initiate emails and other actions depending on security definitions. The user can select an event from any running Agent to trigger an Alert. The user may also select a global option to convert all the entries in the AutoSentry view directly into AutoAlert. When this option is used all items listed in the AutoSentry view is added as an Alert but the action settings are set to none. The user must edit the automatically added entries to configure the actions desired. These consist of, send an email,  display a window popup, send SNMP trap, or run an application.  See Fig 7.1 and 7.2  below:

The process to configure an Alert is as follows:

  1. Select "View Menu" - > "AutoAlert"
  2. Right mouse click anywhere under the title bar and select "Add new alert" (see fig 7.1 above)
  3. When the Edit Alert dialog appears select and enter a port number, an IP address or a Country Code in the Agent edit field
  4. Select the action type of Popup Window, Send mail, SNMP Trap, or Run application
  5. Complete the remaining edit fields with valid data for the action type selected. See fig 7.2 below for an example
  6. Click OK

9. History/Search [NX]    

The History and Search feature in VisualLookout captures the connectivity information into an internal database and allows the user to search for details on an historical basis. The user can select any connection on which to search if multiple connections exist.  See Fig 8.1 below:

The Database Search dialog is composed of three (3) views: the database overview in the upper left, the search parameters in the upper right, and the agent view in the lower portion. The database overview contains a drop-down list box with all of the agents available in the logs\Connections directory. Additional directories can be copied from other machines for viewing. Periodically, and whenever the database is updated, a scan of the latest sample available is performed. There are four (4) buttons in this view.

  1. <Agent> button toggles between the agent view and the help message view
  2. <Reset> button is used to clear cached data when walking through agent data
  3. <Fetch> button is used to start/resume a search through the currently selected database
  4. <Close> button can be used to exit the database search dialog

The search view is used to select the search parameters and starting time. The top portion of the view consists of the three (3) selection criteria. Each selection contains the search value and an On/Off checkbox. The middle portion of the view is the current starting time for the next search. The four (4) buttons in the bottom portion are used to set the search time. The buttons can be used to increase and decrease the next search time. Clicking on the left half of a button decreases the time by the respective amount. Clicking on the right half increases the time.

Once a search has located a match on the selection parameters and time, the agent/help view of the dialog will change to the agent view. This view is identical to the agent view in the VisualLookout main window. The agent context menu options, via a right mouse click, are available in the database search dialog. For example, the menu option, run, will cause the agent to replay the database from the selected time. The replay rate is set by the interval menu option. See fig 8.2 below.



10. Interface Data  

Network interface data is reported in real-time, displayed at the bottom of each agent view, providing the transfer speed, both sent and received, and the length of the output queue for each active agent (see Fig 10.1 below).

The data is sampled at intervals of 15 seconds or the agent's interval, whichever is larger. The display consists of a drop-down menu of all the available interfaces and the latest speed data, containing:

1. 'advertised' speed of the interface, such as '57 KB/s', which is the speed of the interface as provided to the system.
2. utilization of the interface, which is the percentage of the 'advertised' speed that was actually used during the latest interval. The utilization can legitimately be less than the 'advertised' speed.
3. actual input speed
4. actual output speed
5. output queue length

For additional information regarding VisualLookout interface data, please see our FAQ page.

© 1997-2006 Visualware Inc. | All rights reserved | Legal Information