Windows Systems (WMI) Sensor Types

Windows Management Instrumentation (WMI) is the base technology from Microsoft for monitoring and managing Windows-based systems. WMI allows access to data for many Windows configuration parameters, as well as current system status values. Access can be local or remote via a network connection. WMI is based on COM and DCOM and is integrated in Windows 2000, XP, 2003, Vista and Windows 7 (add-ons are available for Windows 9x and NT4).

In order to be able to monitor remote machines, PRTG's WMI sensor needs an Active Directory account to have access to the WMI interface. You can enter these credentials in PRTG for the parent device or group. The sensor will then inherit these settings.

WMI Sensor Types

PRTG supports the following WMI based sensor types:

  • WMI CPU Load: Measures CPU load of a system (total and per CPU).
  • WMI Memory: Displays free system memory (MB and %).
  • WMI Disk Free: Free disk space on fixed drives (MB and %, per drive). Monitors all disks of a target system in one sensor (each volume in a different channel).
  • WMI Network Card: Measures traffic going through network cards.
  • WMI Volume: Monitors free disk space on Volumes. Monitors only one volume (one disk) per sensor (available for Windows Vista or higher). Preferred option to WMI Disk Free.
  • WMI Pagefile: Checks the usage of the Windows page file.
  • WMI Service: Checks if a service is running and optionally restarts a service if it is not running.
  • WMI Process: Monitors a single process.
  • WMI Event Log: Monitors a system's application, system and security event log for specific events.
  • WMI File: Monitors file size and existence, as well as changes to a file.
  • WMI Custom: Performs a custom WMI query.
  • WMI Vital System Data: Users can select from more than 30 different vital Windows System parameters (CPU: Percent Processor Time, CPU: Processor Queue Length, CPU: Processor Percent Privileged Time, CPU: Processor Percent User Time, System: Thread Context Switches/sec, Memory: Free Physical Memory, Memory: Total Visible Memory, Memory: Pages/sec, Memory: Page Faults/sec, Memory: Page Reads/sec, Memory: Page Writes/sec, Memory: Percent Pagefile Usage, Memory: Pool Nonpaged Bytes, Memory: Pool Paged Bytes, Memory: Cache Bytes, Memory: Committed Bytes, Disk: Percent Disk Time (Windows 2000/XP/Server 2003 only), Disk: Current Disk Queue Length, Disk: Bytes/sec (Windows 2000/XP/Server 2003 only), Disk: Reads/sec (Windows 2000/XP/Server 2003 only), Disk: Writes/sec (Windows 2000/XP/Server 2003 only), Network: Bytes Total/sec, Network: Bytes Received/sec, Network: Bytes Sent/sec, Network: Packets Outbound Errors, Server: Bytes Total/sec, Server: Bytes Received/sec, Server: Bytes Sent/sec, CLR Memory: % Time in GC, CLR Memory: # Bytes in all Heaps, CLR Exceptions: # of Excepts Thrown / sec).

Limitations of WMI on Windows Vista and Windows Server 2008 R1

You should be aware that performance of WMI-based monitoring is drastically limited when the monitoring station or the monitored client runs on Windows Vista or Windows Server 2008 R1. When it comes to network monitoring via WMI, Windows XP and Windows 2003 are up to 70 times faster than Windows 2008 or Vista.

These limitations are not limitations of PRTG, these limitations are coming from the WMI functionality built into the Windows operating systems.

Here are some detailed results of our WMI tests on selected Windows versions:

clip0163

The results of our tests are:

  • On Windows XP/Windows 2003/Windows 7/Windows 2008 R2 you can run about 10,000 WMI sensors with one minute interval.
  • On Windows Vista/Windows 2008 R1 you can run about 300 WMI sensors with one minute interval.
  • The more Windows Vista/Windows 2008/Windows 7 client systems you have in your network the more WMI monitoring performance will be affected.
  • System performance (CPU, memory etc.) of virtualization does not strongly affect WMI monitoring performance.

If you want to use WMI for network monitoring of more than 20 - 30 boxes please consider the following rules:

  • Do not use Windows Vista or Windows 2008 R1 as monitoring stations for WMI-based network monitoring.
  • If possible use Windows 2003 R2 Server for WMI based network monitoring (followed by XP and Windows 7/2008 R2).
  • If you can't run PRTG on Windows XP/Windows 2003 consider setting up a remote probe with XP for the WMI monitoring. (You still get far better WMI monitoring performance with a remote probe on a virtual machine running Windows XP or Windows 2003 than on any bare metal system running Windows Vista/Windows 2008 R1.)
  • Consider switching to SNMP-based monitoring for large networks. Using SNMP you can easily monitor 10 times as many nodes as with WMI (on the same hardware).

Links to WMI related articles

Paessler's Guide to Troubleshooting WMI Problems.
http://www.paessler.com/support/kb/prtg7/wmi_not_working/

Paessler WMI Tester - A useful freeware tool to test WMI connections. Tests the accessibility of WMI (Windows Management Instrumentation) counters in a quick and easy manner.
http://www.paessler.com/tools/wmitester

Microsoft: Windows Management Instrumentation Technical Articles: Managing Windows with WMI
http://msdn2.microsoft.com/en-us/library/ms811533.aspx

Microsoft: WMI Reference
http://msdn.microsoft.com/en-us/library/aa394572.aspx

See also

Comparison of Bandwidth Monitoring Sensor Types

Continue

Keywords: WMI,Windows Management Instrumentation,COM,DCOM,Sensor