PRTG Manual: System Administration—Core & Probes

To open the system administration, select Setup | System Administration from the main menu bar. Select the various tabs to change the different settings.

System Administration Bar

System Administration Bar

You can define the following aspects of your PRTG system setup:

On the Core & Probes tab, you can define settings for the PRTG core server as well as for probe connections if you use remote probes or mini probes.

icon-i-round-redIf you cannot save changes to Core & Probes settings because you get an Error (Bad Request) with the message Active Directory Domain not accessible, ensure that you provide the correct access type for your domain in section Active Directory Integration. For example, change Use the PRTG core server service account (usually Local System) to Use explicit credentials and provide correct credentials for the domain. PRTG automatically sets the access type to Use the PRTG core server service account (usually Local System) by default, so you might need to change this.

If you use PRTG on premises and open the system administration page from a different administration page, PRTG asks you to enter your credentials again for security reasons if 15 minutes (900 seconds) have passed since your last credential-based login. A dialog box appears. Enter your Login Name and Password for PRTG in the corresponding fields and confirm to continue.

icon-i-round-blueThis documentation refers to an administrator accessing the PRTG web interface on a master node. If you use other user accounts, interfaces, or failover nodes, you might not see all of the options in the way described here. If you use a cluster installation, note that failover nodes are read-only by default.

Proxy Configuration

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

Setting

Description

Use Proxy Server

We recommend that you use PRTG with a direct internet connection. However, if you need to use a proxy, you can configure the relevant settings here. Choose between:

  • No, use direct connection to the internet (default): Do not use a proxy. Use this setting if a direct internet connection to the PRTG core server system is available.
  • Yes, in our network a proxy is mandatory: Define proxy settings below.

icon-i-round-blueProxy settings are valid for auto-update, activating the product, obtaining Geo Maps tiles, and for sending out HTTP, push, and SMS text message notifications.

Proxy Server

This setting is only visible if you enable Yes, in our network a proxy is mandatory above. Enter the address of the proxy server that you use for outbound connections. Enter a valid address.

Port

This setting is only visible if you enable Yes, in our network a proxy is mandatory above. Enter the port number of the proxy server that you use for outbound connections. Enter an integer value.

Use Proxy Credentials

This setting is only visible if you enable Yes, in our network a proxy is mandatory above. Determine whether the proxy server needs credentials or not:

  • No, there are no credentials necessary: Do not use credentials for proxy connections.
  • Yes, the proxy server requires credentials: Define credentials (username and password) below.

User

This setting is only visible if you enable Yes, the proxy server requires credentials above. Enter a username for proxy authentication. Enter a string.

Password

This setting is only visible if you enable Yes, the proxy server requires credentials above. Enter a password for proxy authentication. Enter a string.

Probe Connection Settings

Setting

Description

Probe Connections IPs

Define how PRTG handles incoming connections from probes:

  • Local Probe only, 127.0.0.1 (PRTG is not accessible for remote probes): The PRTG core server only accepts local probe connections. You cannot use remote probes with this setting enabled. This is the default setting in PRTG on premises.
  • All IPs available on this computer: The PRTG core server accepts incoming connections from remote probes, no matter on which IP address of the PRTG core server they come in.

icon-prtg-on-demandThis is the default setting in PRTG hosted by Paessler.

  • Specify IPs: The PRTG core server accepts incoming connections from remote probes only on the selected IP address(es) of the PRTG core server. In the list, select the IP addresses by adding a check mark in front of the desired IPs.

icon-i-round-blueYou can also change this setting in the PRTG Administration Tool on Core Server System.

icon-i-round-redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After clicking Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

Access Keys

Enter a list of access keys for remote probe connections. Enter one access key per line. Every remote probe that wants to connect to this PRTG installation has to use one of these keys.

icon-square-cyanFor more information on how to set an access key for a remote probe, see section PRTG Administration Tool.

Allow IPs

Enter a list of remote probe IPs or Domain Name System (DNS) names that are accepted when connecting to this PRTG core server. Enter one IP address or DNS name per line. The local probe (127.0.0.1) is always allowed automatically. PRTG checks the list of allowed addresses before the list of denied addresses.

  • [Empty]: An empty field does not allow any remote probes (only the local probe). Enter IP addresses or DNS names to allow remote probe connections.
    icon-i-round-blueWe recommend that you use IP addresses instead of DNS names because DNS name resolution might be cached.
  • any: Enter the word any to automatically allow all remote probe connections.

icon-prtg-on-demandThis is the default setting in PRTG hosted by Paessler.
icon-i-round-blueWe recommend that you only use this option in intranets in PRTG on premises.

icon-i-round-blueIf the IP address of a remote probe changes regularly (for example, because of an internet provider assigning IP addresses dynamically), enter the potential IP range for the remote probe or use the any option.

icon-i-round-blueYou can use the PRTG syntax for IP address ranges here. For more information, see section Define IP Ranges.

Deny IPs

Enter a list of remote probe IPs or DNS names that are not accepted when connecting to this PRTG core server. Enter one IP address or DNS name per line. You can use this to explicitly deny connections from remote probes that you do not want to include in your setup either at all or for a certain time.

Access to IP addresses or DNS names that you enter in Allow IPs is denied if you enter them here. You can use this to allow access to an IP range in Allow IPs, but to deny access to a single IP address from this IP range here. You can use the PRTG syntax for IP address ranges here (see section Define IP Ranges).

icon-i-round-blueWe recommend that you use IP addresses rather than DNS names, because DNS name resolution might be cached.

Deny GIDs

Enter a list of global IDs (GID) Enter one GID per line. PRTG denies access to matching GIDs. If you remove a remote probe from the device tree or if you deny a remote probe after installation, its GID is automatically entered here. The remote probe is no longer able to connect. Denying GIDs is more precise than denying IPs, where other remote probes at the same location could be excluded, too.

icon-i-round-blueA GID is the ID that PRTG attributes to every probe that you include in your monitoring.

Connection Security

Specify the security level for connections to and from the PRTG core server:

  • High security (TLS 1.2): The PRTG web server only accepts high security connections from probes.
  • Default security (TLS 1.1, TLS 1.2) (recommended): The PRTG web server additionally accepts TLS 1.1–secured connections from probes.
  • Weakened security (SSL V3, TLS 1.0, TLS 1.1, TLS 1.2): If you have probes that do not support high or default security connections because you updated from an older PRTG version, you can use this security level to connect and to update older probes. After updating, we recommend that you use the default or high security setting.

icon-i-round-blueIf you have set a registry key in previous PRTG versions to override the SSL/TLS version and cipher suites of PRTG web server or probe connections, the High security setting overrides the registry setting and only TLS 1.2 is allowed. If you select the Default security setting, the registry value overrides the default security setting and the connection security defined in the registry applies.

icon-i-round-redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After clicking Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

Mini Probes

Define if you want to allow mini probe connections to your PRTG core server. If you want to use mini probes, you need to configure the PRTG web server to accept connections from mini probes here and choose the secure HTTPS server option in the web server settings. Choose from:

  • No Mini Probes: Mini probes cannot connect to the PRTG web server. You are not able to monitor with mini probes if you choose this option.
  • Allow Mini Probes to connect to the web server: Mini probes can connect to the PRTG web server and use the defined TCP port for the web server for this purpose. The default port for Secure Sockets Layer (SSL) connections is 443.
  • Allow Mini Probes to connect to an extra port: Mini probes can connect to the PRTG web server via a specific port. Use this if you do not want the whole PRTG web server to be reachable from other networks all the time only because of mini probes.
    icon-i-round-blueSSL must be active on the mini probe port.

icon-square-cyanFor more information ,see section Mini Probe API. See also the Knowledge Base: Where can I find PRTG Mini Probes which are ready to use?

icon-i-round-redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After clicking Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

Mini Probe Port

This field is only visible if you enable Allow Mini Probes to connect to an extra port above. Enter the number of the port for mini probe connections. Ensure that SSL is available on this port.

icon-i-round-redIf you change this setting, PRTG needs to restart the PRTG core server to apply your changes. After clicking Save, a dialog box appears that asks you to confirm the restart. Click OK to trigger the restart. During the restart, all users of the PRTG web interface, of PRTG Desktop, or of PRTG Apps for Mobile Network Monitoring are disconnected and reconnected.

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

Active Directory Integration

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

Setting

Description

Domain Name

To use the Active Directory Integration, enter the name of your local domain. Enter a string or leave the field empty.

icon-i-round-redPRTG does not support trusted domains or AD subdomains. For more important notes about AD integration, see section Active Directory Integration—Notes and Limitations.

Domain Access

Define how PRTG performs Active Directory queries:

  • Use domain name: Use the entry in the Domain Name field above.
  • Specify domain controllers: Use specific domain controllers. Specify the domain controllers below.

Primary Domain Controller

This setting is only visible if you enable Specify domain controllers above. Enter the DNS name of the primary domain controller.

Backup Domain Controller (optional)

This setting is only visible if you enable Specify domain controllers above. Optionally enter the DNS name of the backup domain controller or leave the field empty.

LDAP Transport Security

Define whether to use encryption for the connection to the LDAP server:

  • Do not use encryption: Do not use encryption for the connection.
  • Use SSL encryption: Use SSL encryption for the connection.

Access Type

Define which user account PRTG uses to configure Active Directory (AD) access:

  • Use the PRTG core service account (usually LOCAL SYSTEM): Use the same Windows user account configured for the PRTG core server service. In a default installation, this is the "local system" Windows user account. If this account does not have the right to query all groups of your Active Directory, do not use this option.
  • Use explicit credentials: Define a user account that PRTG uses to authenticate against the Active Directory. This should be a user account with full access to all of your Active Directory groups.

PRTG uses this account to query the AD for available groups.

Access User

This field is only visible if you enable Use explicit credentials above. Enter the Windows user account name that PRTG uses to authenticate for Active Directory configuration.

Access Password

This field is only visible if you enable Use explicit credentials above. Enter the password for the Windows user account that PRTG uses to authenticate for Active Directory configuration.

Historic Data Purging

Data purging enables you to automatically delete unnecessary data to free up disk space and improve system performance. You can define different time spans for several kinds of data. Select here for how many days historic data remains accessible.

icon-square-cyanFor more information on storage locations, see section Data Storage.

icon-prtg-on-demandThis option is not available in PRTG hosted by Paessler.

icon-prtg-on-demandPRTG hosted by Paessler purges historic data using the default purging limits of PRTG on premises (see the table below). You cannot modify historic data purging limits in PRTG hosted by Paessler.

Setting

Description

Logfile Records

Define how long records in the system logfile Log Database.db are kept. Enter a value in days. All entries older than this value are deleted from the logfile automatically. This also affects the content of the Logs tab of monitoring objects like sensors. Keep this value as low as possible to enhance system performance.

icon-i-round-blueThe default value is 30 days.

Web Server Log Records

PRTG creates one web server logfile every day. Define how many web server logfiles are kept. Enter a value in days. All web server logfiles older than this value are deleted automatically.

icon-i-round-blueThe default value is 30 days.

Historic Sensor Data

Define for how many days historic sensor data is kept for all sensors. It is used to create reports of monitoring data. Enter a value in days.

Depending on the used intervals and the number of sensors in your setup, the file containing this data can become large. For smaller installations (up to 500 sensors) a value of 365 is usually fine.

icon-i-round-redHistoric sensor data is the basis for reports on monitoring data. If you decrease this value, less historic monitoring data is available.

icon-i-round-blueThe default value is 365 days.

icon-i-round-blueThe maximum value is 9999 days.

Toplist Records

Define how long toplist records for xFlow (NetFlow, jFlow, sFlow, IPFIX) and Packet Sniffer sensors are kept. Enter a value in days. We recommend that you use 30 days here.

icon-i-round-blueOld toplist data is deleted automatically as soon as a limit of 2 GB is reached. The oldest data is deleted from the database first.

icon-i-round-blueThe default value is 30 days.

Closed Tickets

Define how long tickets that are in status closed are kept. Enter a value in days.

icon-i-round-blueThe default value is 365 days.

Reports

Reports generated in PDF format are stored on disk for later reference. Define the maximum age for these reports. Enter a value in days. All reports that are older than this value are deleted automatically.

icon-i-round-blueThe default value is 365 days.

Configuration Auto-Backups

PRTG creates one backup of your configuration every day. Define the maximum age for these backups. Enter a value in days. All configuration backup files that are older than this value are deleted automatically.

icon-i-round-blueThe default value is 365 days.

Screenshots of HTTP Full Web Page Sensor

Define how long the screenshots of the HTTP Full Web Page sensor (PhantomJS browser engine) are kept. Enter a value in days. PRTG deletes older screenshots with every sensor scan.

icon-i-round-blueThe default value is 10 days.

icon-i-round-redSave your settings. If you change tabs or use the main menu without saving, all changes to the settings are lost.

Remote Probe Setup

For more information about setting up remote probes, see section Multiple Probes and Remote Probes.

More

icon-square-bluePRTG MANUAL

 

icon-square-blueKNOWLEDGE BASE

Where can I find PRTG Mini Probes which are ready to use?

Setup—Topics

Others

There are some settings that you must make in the PRTG Administration Tool. For more details, see the sections: