PRTG Manual: Core & Probes

On the Core & Probes tab, you can define settings for the PRTG core server as well as for probe connections if you use remote probes or mini probes.

i_round_redIf you cannot save changes to Core & Probes settings because you get an Error (Bad Request) with the message Active Directory Domain not accessible, make sure that you provide the correct access type for your domain in section Active Directory Integration. For example, change Use the PRTG core server service account (usually Local System) to Use explicit credentials and provide correct credentials for the domain. PRTG automatically sets the access type to Use the PRTG core server service account (usually Local System) by default, so you might need to change this.

i_podIf 15 minutes (900) seconds have passed since your last credential-based login and you open a setup page from a different setup page, PRTG asks you to enter your credentials again for security reasons. A dialog box appears. Enter your Login Name and Password and click OK to continue.

i_round_blueThis documentation refers to an administrator that accesses the PRTG web interface on a master node. Other user accounts, interfaces, or failover nodes might not have all of the options in the way described here. In a cluster, note that failover nodes are read-only by default.

In this section:

Proxy Configuration

i_podThis option is not available in PRTG Hosted Monitor.

Proxy Configuration

Proxy Configuration

Setting

Description

Proxy Server Handling

Define if you want to use PRTG with a direct internet connection or if a proxy is necessary. Choose between:

  • Do not use a proxy server (default): Do not use a proxy. Use this setting if a direct internet connection to the PRTG core server system is available.
  • Use a proxy server: Define proxy settings below. Use this setting if a proxy is mandatory in your network.

i_round_blueWe recommend that you use PRTG with a direct internet connection.

i_round_blueThe proxy settings are valid for auto-update, activating the product, obtaining Geo Maps tiles, and for sending HTTP, push, and SMS text message notifications.

Proxy Server

This setting is only visible if you select Use a proxy server above. Enter the address of the proxy server that you use for outbound connections. Enter a valid address.

Port

This setting is only visible if you select Use a proxy server above. Enter the port number of the proxy server that you use for outbound connections. Enter an integer value.

Proxy Authentication

This setting is only visible if you select Use a proxy server above. Determine whether the proxy server needs credentials or not:

  • Do not use authentication: Do not use credentials for proxy connections.
  • User name and password: Define credentials (user name and password) below. Use this setting if the proxy server requires credentials.

User Name

This setting is only visible if you select User name and password above. Enter a user name for proxy authentication. Enter a string.

Password

This setting is only visible if you select User name and password above. Enter a password for proxy authentication. Enter a string.

Probe Connection Settings

Probe Connection Settings

Probe Connection Settings

Setting

Description

Probe Connection IP Addresses

Define how the PRTG core server handles incoming connections from probes:

  • Local probe only, 127.0.0.1 (PRTG is not accessible for remote probes): Only accept local probe connections. The PRTG core server does not allow the use of remote probes.

i_prtgThis is the default setting in PRTG Network Monitor.

  • All IP addresses available on this computer: Accept incoming connections from remote probes, no matter on which IP address of the PRTG core server they come in.

i_podThis is the default setting in PRTG Hosted Monitor.

  • Specify IP addresses: Accept incoming connections from remote probes only on the selected IP address(es) of the PRTG core server. In the list, select the IP addresses by enabling a check box in front of the desired IP addresses.

i_round_blueYou can also change this setting in the PRTG Administration Tool on PRTG Core Server Systems.

i_round_redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After you click Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

i_podThis option is not available in PRTG Hosted Monitor.

Access Keys

Enter a list of access keys for remote probe connections. Enter one access key per line.

i_round_blueEvery remote probe that wants to connect to this PRTG installation has to use one of these keys.

i_square_cyanFor more information on how to set an access key for a remote probe, see section PRTG Administration Tool.

Allow IP Addresses

Enter a list of remote probe IP addresses or Domain Name System (DNS) names that you want to allow to connect to the PRTG core server. Enter one IP address or DNS name per line.

  • [Empty]: An empty field does not allow any remote probes (only the local probe). Enter IP addresses or DNS names to allow remote probe connections.
    i_round_blueWe recommend that you use IP addresses instead of DNS names because DNS name resolution might be cached.
  • any: Enter the word any to automatically allow all remote probe connections.

i_podThis is the default setting in PRTG Hosted Monitor.
i_round_blueWe recommend that you only use this option in intranets in PRTG Network Monitor, not in PRTG Hosted Monitor.

i_round_bluePRTG always automatically allows the local probe (127.0.0.1). PRTG checks the list of allowed IP addresses before it checks the list of denied IP addresses.

i_round_blueIf the IP address of a remote probe regularly changes (for example, because of an internet provider that dynamically assigns IP addresses), enter the potential IP address range for the remote probe or use any.

i_square_cyanYou can use the PRTG syntax for IP address ranges. For more information, see section Define IP Address Ranges.

Deny IP Addresses

Enter a list of remote probe IP addresses or DNS names that you do not want to allow to connect to the PRTG core server. Enter one IP address or DNS name per line.

i_round_blueYou can use Deny IP Addresses to explicitly deny connections from remote probes that you do not want to include in your setup either at all or for a certain time. You can also use it to allow access to an IP address range under Allow IP Addresses, but to deny access to a single IP address from the IP address range.

i_square_cyanYou can use the PRTG syntax for IP address ranges. For more information, see section Define IP Address Ranges.

i_round_blueIf you deny the IP address or DNS name of a remote probe, you must restart the PRTG core server to apply your changes.

i_round_blueWe recommend that you use IP addresses rather than DNS names because DNS name resolution might be cached.

Deny GIDs

Enter a list of global IDs (GID) Enter one GID per line. PRTG denies access to matching GIDs.

i_round_blueIf you remove a remote probe from the device tree or if you deny a remote probe after installation, PRTG automatically adds its GID to this list. The remote probe is no longer able to connect. Denying GIDs is more precise than denying IP addresses, where other remote probes at the same location could also be excluded.

i_round_blueA GID is the ID that PRTG attributes to every probe that you include in your monitoring.

Connection Security

Specify the security level that the PRTG web server accepts for connections to and from the PRTG core server:

  • High security (TLS 1.2): Only accept high security connections from probes.
  • Default security (TLS 1.1, TLS 1.2) (recommended): Additionally accept TLS 1.1-secured connections from probes.
  • Weakened security (SSLv3, TLS 1.0, TLS 1.1, TLS 1.2): Additionally accept TLS 1.0-secured and SSLv3-secured connections from probes.
    i_round_blueIf you have probes that do not support TLS 1.1-secured or TLS 1.2-secured connections because you updated from an older PRTG version, you can use this setting to connect to and to update older probes. After the update, we recommend that you change this setting to High security (TLS 1.2) or Default security (TLS 1.1, TLS 1.2) (recommended).

i_round_blueIf you set a registry key in previous PRTG versions to override the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) version and cipher suites of PRTG web server connections or probe connections, High security (TLS 1.2) overrides the registry setting and only TLS 1.2 is allowed. If you select Default security (TLS 1.1, TLS 1.2) (recommended), the registry value overrides this setting and the connection security that you defined in the registry applies.

i_round_redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After you click Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

i_podThis option is not available in PRTG Hosted Monitor.

Mini Probes

Define if you want to allow mini probe connections to the PRTG core server. Choose from:

  • Do not allow mini probes: Mini probes cannot connect to the PRTG web server. You are not able to monitor with mini probes if you choose this option.
  • Allow mini probes to connect to the PRTG web server: Mini probes can connect to the PRTG web server and use the defined TCP port for the web server for this purpose. The default port for secure connections is 443.
  • Allow mini probes to connect to an extra port: Mini probes can connect to the PRTG web server via a specific port. Use this if you do not want the whole PRTG web server to be reachable from other networks all the time only because of mini probes.
    i_round_blueSSL/TLS must be enabled on the mini probe port.

i_round_blueIf you want to use mini probes, you need to configure the PRTG web server to accept connections from mini probes and select Secure HTTPS server (port 443, recommended, mandatory for internet access) in the PRTG web server settings.

i_square_cyanFor more information, see section Mini Probe API. See also the Knowledge Base: Where can I find PRTG mini probes which are ready to use?.

i_round_redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After you click Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

i_podThis option is not available in PRTG Hosted Monitor.

Mini Probe Port

This setting is only visible if you select Allow mini probes to connect to an extra port above. Enter the number of the port for mini probe connections. Ensure that SSL is available on this port.

i_round_redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After you click Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

i_podThis option is not available in PRTG Hosted Monitor.

Active Directory Integration

i_podThis option is not available in PRTG Hosted Monitor.

Active Directory Integration

Active Directory Integration

Setting

Description

Domain Name

To use the Azure Active Directory (Azure AD) integration, enter the name of your local domain. Enter a string or leave the field empty.

i_round_redPRTG does not support trusted domains or AD subdomains. For more important notes about AD integration, see section Active Directory Integration, section Notes and Restrictions.

Domain Access

Define how PRTG performs AD queries:

  • Use domain name: Use the entry in the Domain Name field above.
  • Specify domain controllers: Use specific domain controllers. Specify the domain controllers below.

Primary Domain Controller

This setting is only visible if you select Specify domain controllers above. Enter the DNS name of the primary domain controller.

Backup Domain Controller (optional)

This setting is only visible if you select Specify domain controllers above. Optionally enter the DNS name of the backup domain controller or leave the field empty.

LDAP Connection Security

Define if you want to use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection to the LDAP server:

  • Use LDAP without connection security: Do not use an SSL/TLS-secured connection.
  • Use LDAP over SSL: Use an SSL/TLS-secured connection.

Access Type

Define which user account PRTG uses to configure Active Directory (AD) access:

  • Use the PRTG core server service account (usually Local System): Use the same Windows user account configured for the PRTG core server service. In a default installation, this is the "local system" Windows user account. If this account does not have the right to query all groups of your Active Directory, do not use this option.
  • Use explicit credentials: Define a user account that PRTG uses to authenticate against the Active Directory. This should be a user account with full access to all of your Active Directory groups.

PRTG uses this account to query the AD for available groups.

User Name

This setting is only visible if you select Use explicit credentials above. Enter the Windows user account name that PRTG uses to authenticate for Active Directory configuration.

Password

This setting is only visible if you select Use explicit credentials above. Enter the password for the Windows user account that PRTG uses to authenticate for Active Directory configuration.

Historic Data Purging

Data purging enables you to automatically delete unnecessary data to free up disk space and to improve system performance. You can define different time spans for several kinds of data.

i_square_cyanFor more information on storage locations, see section Data Storage.

i_podPRTG Hosted Monitor purges historic data using the default purging limits of PRTG Network Monitor. You cannot modify historic data purging limits in PRTG Hosted Monitor.

Historic Data Purging

Historic Data Purging

Setting

Description

Log File Records

Define how long PRTG keeps records in the system log file Log Database.db. Enter a value in days. PRTG automatically deletes all entries that are older than this value. This also affects the content of the Logs tab of monitoring objects like sensors.

i_round_blueKeep this value as low as possible to enhance system performance.

i_round_blueThe default value is 30 days.

PRTG Web Server Log Records

PRTG creates one PRTG web server log file every day. Define how many PRTG web server log files to keep. Enter a value in days. PRTG automatically deletes all PRTG web server log files that older than this value.

i_round_blueThe default value is 30 days.

Historic Sensor Data

Define for how long PRTG keeps historic sensor data for all sensors. Enter a value in days.

i_round_redHistoric sensor data is the basis for reports on monitoring data. If you decrease this value, less historic monitoring data is available.

i_round_blueDepending on the scanning intervals and the number of sensors in your setup, the file that contains this data can become large. For smaller installations up to 500 sensors, 365 is usually appropriate.

i_round_blueThe default value is 365 days.

i_round_blueThe maximum value is 9999 days.

Toplist Records

Define for how long PRTG keeps toplist records for xFlow (NetFlow, jFlow, sFlow, IPFIX) and Packet Sniffer sensors. Enter a value in days. We recommend that you use 30 days here.

i_round_blueOld toplist data is deleted automatically as soon as a limit of 2 GB is reached. The oldest data is deleted from the database first.

i_round_blueThe default value is 30 days.

Closed Tickets

Define for how long PRTG keeps tickets that are in the Closed status. Enter a value in days.

i_round_blueThe default value is 365 days.

Reports

Define the maximum age for PDF reports. Enter a value in days. PRTG automatically deletes all reports that are older than this value.

i_round_blueThe default value is 365 days.

Configuration Auto-Backups

Define the maximum age for daily configuration backups. Enter a value in days. PRTG automatically deletes all configuration backup files that are older than this value.

i_round_blueThe default value is 365 days.

Screenshots of HTTP Full Web Page Sensor

Define for how long PRTG keeps the screenshots of the HTTP Full Web Page sensor (PhantomJS browser engine). Enter a value in days. PRTG automatically deletes screenshots that are older than this value with every sensor scan.

i_round_blueThe default value is 10 days.

i_round_redSave your settings. If you change tabs or use the main menu without saving, all changes to the settings are lost.

More

i_square_blueKNOWLEDGE BASE

Where can I find PRTG mini probes which are ready to use?

Setup

Others

There are some settings that you must make in the PRTG Administration Tool. For more details, see the sections: