PRTG Manual: Add a Group

There are several ways to manually add a group:

  • Select Devices | Add Group from the main menu bar. A dialog appears that guides you through the process of adding a new group.
  • Hover over b_add and select Add Group from the menu.
  • Select Add Group from the context menu of the probe or group to which you want to add the new group. This skips step 1 and leads you directly to step 2.

i_round_blueThis documentation refers to an administrator that accesses the PRTG web interface on a master node. Other user accounts, interfaces, or failover nodes might not have all of the options in the way described here. In a cluster, note that failover nodes are read-only by default.

In this section:

Add a Group

The Add a Group dialog appears when you add a new group to a parent group. It only shows the settings that are required to create the group. Therefore, you do not see all settings in this dialog.

i_round_blueYou can change all settings on the Settings tab of the group later. For more information, see section Group Settings.

Step 1: Select a Parent

Add Group Assistant Step 1

Add Group Assistant Step 1

Select the probe or group that you want to add the new group to. Click OK.

Step 2: Define Group Settings

Add Group Assistant Step 2

Add Group Assistant Step 2

Basic Group Settings

Basic Group Settings

Basic Group Settings

Setting

Description

Group Name

Enter a name to identify the group. By default, PRTG shows this name in the device tree, as well as in alarms, logs, notifications, reports, maps, libraries, and tickets.

i_round_blueIf the name contains angle brackets (<>), PRTG replaces them with braces ({}) for security reasons. For more information, see the Knowledge Base: What security features does PRTG include?

Tags

Enter one or more tags. Confirm each tag with the Spacebar key, a comma, or the Enter key. You can use tags to group objects and use tag-filtered views later on. Tags are not case-sensitive. Tags are automatically inherited.

i_round_blueIt is not possible to enter tags with a leading plus (+) or minus (-) sign, nor tags with parentheses (()) or angle brackets (<>).

i_round_blueFor performance reasons, it can take some minutes until you can filter for new tags that you added.

Auto-Discovery

Auto-Discovery Settings

Auto-Discovery Settings

Setting

Description

Auto-Discovery Level

Select the level of detail for the auto-discovery:

  • No auto-discovery: Select this option if you only want to manually create devices and sensors.
  • Standard auto-discovery (default): Create a set of standard sensors for standard monitoring. This option works fine for most installations.
  • Detailed auto-discovery: Create all standard sensors and additional sensors from detailed variants of device templates. As a result, you might get many sensors. This option is suitable for small network segments and whenever you want to monitor the maximum number of sensors available.
  • Auto-discovery with specific device templates: Customize the auto-discovery and select or combine standard, detailed, and custom device templates. Select one or more templates from the Device Templates list.

i_round_blueAuto-discoveries can be resource intensive. They are primarily intended for devices on the same network as your probes.

Schedule

Select when PRTG runs the auto-discovery:

  • Once (default): Run the auto-discovery only once. PRTG adds new devices and sensors once. If you select this option, you must manually start the auto-discovery.
  • Hourly: Run the auto-discovery for new devices and sensors every 60 minutes.
    i_round_redUse this option with caution. Frequent auto-discoveries might cause performance issues, in particular when PRTG scans large network segments every hour.
  • Daily: Run the auto-discovery for new devices and sensors every 24 hours. The first auto-discovery runs immediately. All other discoveries start at the time that you define in the Monitoring settings, section Auto-Discovery.
  • Weekly: Run the auto-discovery for new devices and sensors every 7 days. The first auto-discovery runs immediately. All other discoveries start at the time that you define in the Monitoring settings, section Auto-Discovery.

i_round_blueFor performance reasons, PRTG sets Schedule to Once (default) on all devices that the scheduled auto-discovery creates.

Device Templates

This setting is only visible if you select Auto-discovery with specific device templates above.

Select one or more device templates by enabling a check box in front of the template name. PRTG uses the device templates that you select for the auto-discovery on the device:

  • ADSL
  • Buffalo TeraStation NAS
  • Cisco ASA VPN
  • Cisco Device (Generic)
  • Dell EqualLogic
  • Dell MDi Disk
  • DNS Server
  • Environment Jacarta
  • Environment Poseidon
  • FTP Server
  • Generic Device (Ping Only)
  • Generic Device (SNMP Enabled)
  • Generic Device (SNMP Enabled, Detailed)
  • HTTP Web Server
  • Hyper-V Host Server
  • IPMI-enabled Device
  • Juniper NS Device
  • Linux/UNIX Device (SNMP or SSH Enabled)
  • Mail Server (Generic)
  • Mail Server (MS Exchange)
  • Microsoft SharePoint 2010
  • MQTT Round Trip
  • NAS LenovoEMC
  • NAS QNAP
  • NAS Synology
  • NetApp
  • NTP Server
  • OPC UA
  • Printer (Generic)
  • Printer (HP)
  • RDP Server
  • RMON-compatible Device
  • Server (Cisco UCS)
  • Server (Compaq/HP Agents)
  • Server (Dell)
  • Server (Fujitsu)
  • Server (IBM)
  • SNMP Rittal CMC III Hardware Status
  • SonicWall
  • SSL Security Check
  • Switch (Cisco Catalyst)
  • Switch (Cisco IOS Based)
  • Switch (HP Procurve)
  • UNIX/Linux Device
  • UPS Health (APC)
  • UPS Health (Generic)
  • UPS Health (Liebert)
  • VMware ESXi / vCenter Server
  • Web Server
  • Windows (Detailed via WMI)
  • Windows (via Remote PowerShell)
  • Windows (via WMI)
  • Windows IIS (via SNMP)
  • XenServer Hosts
  • XenServer Virtual Machines

Once the auto-discovery is finished, PRTG creates a new ticket and lists the device templates that it used to create new sensors.

Inherited Settings

By default, all of these settings are inherited from objects that are higher in the hierarchy. We recommend that you change them centrally in the root group settings if necessary. To change a setting for this object only, click b_inherited_enabled under the corresponding setting name to disable the inheritance and to display its options.

i_square_cyanFor more information, see section Inheritance of Settings.

Credentials for Windows Systems

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

 

Credentials for Windows Systems

Credentials for Windows Systems

Setting

Description

Domain or Computer Name

Enter the domain or computer name of the user account with which you want to access the Windows system. PRTG uses this account for Windows Management Instrumentation (WMI) sensors and other Windows sensors.

If you want to use a Windows local user account on the target device, enter the computer name. If you want to use a Windows domain user account (recommended), enter the domain name. PRTG automatically adds a prefix to use the NT LAN Manager (NTLM) protocol if you do not explicitly define it. Do not leave this field empty.

User Name

Enter the user name for access to the Windows system. Usually, you use credentials with administrator rights.

Password

Enter the password for access to the Windows system. Usually, you use credentials with administrator rights.

Credentials for Linux/Solaris/macOS (SSH/WBEM) Systems

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Linux/Solaris/macOS (SSH/WBEM) Systems

Credentials for Linux/Solaris/macOS (SSH/WBEM) Systems

Setting

Description

User Name

Enter the user name for access to the Linux/Solaris/macOS system via Secure Shell (SSH) and Web-based Enterprise Management (WBEM). Usually, you use credentials with administrator rights.

Authentication Method

Select the authentication method for the login:

  • Password (default): Provide the password for the login.
  • Private key: Provide an RSA private key for authentication.

Password

This setting is only visible if you select Password (default) above.

Enter a password for access to the Linux/Solaris/macOS system via SSH and WBEM. Usually, you use credentials with administrator rights.

Private Key

This setting is only visible if you select Private key above.

Paste the entire RSA private key, including the BEGIN and END lines. Make sure that a corresponding public key exists on the target device.

i_round_redPRTG can only handle keys in the OpenSSH format that are not encrypted. You cannot use password-protected keys.

i_round_redPRTG only supports RSA keys. It does not support DSA keys.

i_square_cyanFor more information, see section Monitoring via SSH.

i_round_redIf you want to enter a private key for the first time or change the private key, you need to restart the PRTG core server service for the private key change to take effect.

WBEM Protocol

Select the protocol that you want to use for the connection to the system via WBEM:

  • HTTP: Use an unsecure connection for WBEM.
  • HTTPS (default): Use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection for WBEM.

i_round_blueThis setting is only relevant if you use WBEM sensors.

WBEM Port

Select if you want to use one of the default ports for the connection to the system via WBEM or if you want to set a custom port:

  • Default: Use one of the default ports. The default port for unsecure connections is 5988 and the default port for secure connections is 5989.
  • Custom: Use a custom port.

i_round_blueThis setting is only relevant if you use WBEM sensors.

Custom WBEM Port

This setting is only visible if you select Custom above.

Enter a custom WBEM port. Enter an integer.

SSH Port

Enter the port for SSH connections. Enter an integer. The default port is 22.

i_round_blueBy default, PRTG automatically uses this setting for all SSH sensors unless you define a different port number in the sensor settings.

SSH Rights Elevation

Select the rights that you want to use to run the command on the target system:

  • Run the command as the connecting user (default): Use the rights of the user who establishes the SSH connection.
  • Run the command as a different user using 'sudo' (with password): Use the rights of a different user with a password required for sudo to run commands on the target system, for example, as a root user.
  • Run the command as a different user using 'sudo' (without password): Use the rights of a different user without a password required for sudo to run commands on the target system, for example, as a root user.
  • Run the command as a different user using 'su' (deprecated): Use the rights of a different user with su to run commands on the target system. This option is deprecated for security reasons. Use sudo without a password instead.

Target System User Name

This setting is only visible if you select an option that includes sudo or su above.

Enter a user name to run the specified command on the target system as a different user than the root user. If you leave this field empty, you run the command as a root user. Make sure that you set the Linux password even if you use a public key or a private key for authentication. This is not necessary if the user is allowed to run the command without a password.

Password

This setting is only visible if you select an option that includes sudo or su with password above.

Enter the password to run the sudo command or the su command.

SSH Connection Mode

Select the connection mode that you want to use to access data with SSH sensors:

  • Default: This is the default connection mode for SSH sensors. It provides the best performance and security.
  • Compatibility mode (deprecated): Use this only if the default connection mode does not work on the target system. The compatibility mode is the connection mode that PRTG used in previous versions and it is deprecated.

i_round_redWe strongly recommend that you use the default connection mode.

i_round_blueYou can also individually select the connection mode for each SSH sensor in the sensor settings.

Credentials for VMware/XenServer

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for VMware/XenServer

Credentials for VMware/XenServer

Setting

Description

User Name

Enter the user name for access to VMware ESXi, vCenter Server, or Citrix XenServer. Usually, you use credentials with administrator rights.

Password

Enter the password for access to VMware ESXi, vCenter Server, or Citrix XenServer. Usually, you use credentials with administrator rights.

i_round_blueSingle sign-on (SSO) passwords for vSphere do not support special characters. For more information, see the VMware sensors sections.

VMware Protocol

Select the protocol for the connection to VMware ESXi, vCenter Server, or Citrix XenServer:

  • HTTPS (default): Use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection.
  • HTTP: Use an unsecure connection.

Session Handling

Select if you want to reuse a session for VMware sensors:

  • Reuse a session for multiple scans (default): Select this option if you want a VMware sensor to reuse a single session for multiple sensor scans to query data. With this option, the sensor does not need to log in and out for each sensor scan. We recommend that you use this option because it reduces network load and log entries on the target device. This can increase performance.
  • Create a new session for each scan: If you select this option, PRTG does not reuse a session and a VMware sensor has to log in and out for each sensor scan. This can decrease performance.

Credentials for SNMP Devices

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for SNMP Devices

Credentials for SNMP Devices

Setting

Description

SNMP Version

Select the Simple Network Management Protocol (SNMP) version for the connection to the target SNMP device:

  • SNMP v1: Use SNMP v1 for the connection. SNMP v1 only offers clear-text data transmission.
    i_round_redSNMP v1 does not support 64-bit counters. This might result in invalid data when you monitor traffic via SNMP.
  • SNMP v2c (default): Use SNMP v2c for the connection. SNMP v2c also only offers clear-text data transmission but it supports 64-bit counters.
  • SNMP v3: Use SNMP v3 for the connection. SNMP v3 provides secure authentication and data encryption.
    i_round_redSNMP v3 has performance limitations because of the use of encryption. The main limiting factor is CPU power. Also keep in mind that SNMP v3, unlike SNMP v1 and v2c, does not scale with more CPU power. Because of this limitation, PRTG can only handle a limited number of requests per second so that you can use only a limited number of sensors using SNMP v3. If you see an increase in Interval Delay or Open Requests with the Probe Health sensor, distribute the load over multiple probes. SNMP v1 and SNMP v2c do not have this limitation.

Community String

This setting is only visible if you select SNMP v1 or SNMP v2c (default) above.

Enter the community string of your device. This is like a clear-text password for simple authentication.

i_round_blueWe recommend that you use the default value.

Authentication Method

This setting is only visible if you select SNMP v3 above.

Select the authentication method:

  • MD5 (default): Use message-digest algorithm 5 (MD5) for authentication.
  • SHA: Use Secure Hash Algorithm (SHA) for authentication.
  • SHA-224: Use SHA-224 for authentication.
  • SHA-256: Use SHA-256 for authentication.
  • SHA-384: Use SHA-384 for authentication.
  • SHA-512: Use SHA-512 for authentication.

i_round_blueIf you do not want to use authentication but you need SNMP v3, for example, because your device requires context, you can leave the Password field empty. In this case, PRTG uses SNMP_SEC_LEVEL_NOAUTH and it entirely deactivates authentication.

i_round_redThe authentication method that you select must match the authentication method of your device.

User Name

This setting is only visible if you select SNMP v3 above.

Enter the user name for access to the target SNMP device.

i_round_redThe user name that you enter must match the user name of your device.

Password

This setting is only visible if you select SNMP v3 above.

Enter the password for access to the target SNMP device.

i_round_redThe password that you enter must match the password of your device.

Encryption Type

This setting is only visible if you select SNMP v3 above.

Select an encryption type:

  • DES (default): Use Data Encryption Standard (DES) as the encryption algorithm.
  • AES: Use Advanced Encryption Standard (AES) as the encryption algorithm.
  • AES-192: Use AES-192 as the encryption algorithm.
  • AES-256: Use AES-256 as the encryption algorithm.

i_round_redThe encryption type that you select must match the encryption type of your device.

Encryption Key

This setting is only visible if you select SNMP v3 above.

Enter an encryption key. If you provide a key, PRTG encrypts SNMP data packets with the encryption algorithm that you selected above. Enter a string or leave the field empty.

i_round_redThe encryption key that you enter must match the encryption key of your device. If the encryption keys do not match, you do not get an error message.

Context Name

This setting is only visible if you select SNMP v3 above.

Enter a context name only if the configuration of the device requires it. Context is a collection of management information that is accessible by an SNMP device. Enter a string.

SNMP Port

Enter the port for the connection to the SNMP target device. Enter an integer. The default port is 161.

i_round_blueWe recommend that you use the default value.

Timeout (Sec.)

Enter a timeout in seconds for the request. Enter an integer. The maximum timeout value is 300 seconds (5 minutes).

Credentials for Database Management Systems

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Database Management Systems

Credentials for Database Management Systems

Setting

Description

Port

Select the port that PRTG uses for connections to the monitored databases:

  • Default: PRTG automatically determines the type of the database and uses the corresponding default port to connect. PRTG uses the following default ports:
    • Microsoft SQL: 1433
    • MySQL: 3306
    • Oracle SQL: 1521
    • PostgreSQL: 5432
  • Custom port for all database sensors: Select this option if your database management systems do not use the default ports. Enter a custom port for database connections below.

Custom Port

Enter a custom port for database connections. Enter an integer.

i_round_redPRTG uses this custom port for all database sensors and for connections to all your databases.

Authentication Method

Select the authentication method for the connection to the Structured Query Language (SQL) database:

  • Windows authentication with impersonation (default): PRTG uses the Windows credentials that you define in settings that are higher in the object hierarchy for the database connection.
    i_round_redThe user whose credentials PRTG uses needs to have permission to log in to the probe system with a database sensor. This is necessary for the impersonation.
  • SQL server authentication: Use explicit credentials for database connections. Enter a user name and password below.

User Name

This setting is only visible if you select SQL server authentication above.

Enter the user name for the database connection.

Password

This setting is only visible if you select SQL server authentication above.

Enter the password for the database connection.

Timeout (Sec.)

Enter a timeout in seconds for the request. Enter an integer. The maximum timeout value is 900 seconds (15 minutes).

Credentials for AWS

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

i_square_cyanFor more information about the permissions that are necessary to query the AWS API, see the Knowledge Base: How do I set permissions for the Amazon Web Services (AWS) API key to use certain sensors in PRTG?

Credentials for AWS

Credentials for AWS

Setting

Description

Access Key

Enter the Amazon Web Services (AWS) access key.

Secret Key

Enter the AWS secret key.

Credentials for Script Sensors

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Script Sensors

Credentials for Script Sensors

Setting

Description

Placeholder 1 Description

Enter a description for Placeholder 1, for example information about the purpose or content of the placeholder.

Placeholder 1

Enter a value for the placeholder. PRTG inserts the value for the script execution if you add %scriptplaceholder1 in the argument list. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 2 Description

Enter a description for Placeholder 2, for example information about the purpose or content of the placeholder.

Placeholder 2

Enter a value for the placeholder. PRTG inserts the value for the script execution if you add %scriptplaceholder2 in the argument list. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 3 Description

Enter a description for Placeholder 3, for example information about the purpose or content of the placeholder.

Placeholder 3

Enter a value for the placeholder. PRTG inserts the value for the script execution if you add %scriptplaceholder3 in the argument list. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 4 Description

Enter a description for Placeholder 4, for example information about the purpose or content of the placeholder.

Placeholder 4

Enter a value for the placeholder. PRTG inserts the value for the script execution if you add %scriptplaceholder4 in the argument list. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 5 Description

Enter a description for Placeholder 5, for example information about the purpose or content of the placeholder.

Placeholder 5

Enter a value for the placeholder. PRTG inserts the value for the script execution if you add %scriptplaceholder5 in the argument list. PRTG does not display the value in the sensor log or the sensor's settings.

Credentials for Cisco Meraki

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Cisco Meraki

Credentials for Cisco Meraki

Setting

Description

API Key

Enter an API key that the sensor uses for authentication against the Cisco Meraki Dashboard API.

Meraki Dashboard API Endpoint

Enter the endpoint for the Cisco Meraki Dashboard API. The default api.meraki.com should be valid for most use cases.

i_round_blueSee the Cisco Meraki Dashboard API documentation for other possible choices.

Credentials for Dell EMC

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Dell EMC

Credentials for Dell EMC

Setting

Description

User Name

Enter the user name for access to the Dell EMC system.

Password

Enter the password for access to the Dell EMC system.

Port

Enter the port for the connection to the Dell EMC system. The default port for secure connections is 443.

Credentials for FortiGate

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for FortiGate

Credentials for FortiGate

Setting

Description

API Token

Enter the API token for access to the FortiGate system.

Port

Enter the port for the connection to the FortiGate system. The default port for secure connections is 443.

Credentials for HPE 3PAR

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for HPE 3PAR

Credentials for HPE 3PAR

Setting

Description

User Name

Enter the user name for access to the HPE 3PAR system.

Password

Enter the password for access to the HPE 3PAR system.

Protocol

Select the protocol that you want to use for the connection to the HPE 3PAR system:

  • HTTPS (default): Use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection.
  • HTTP: Use an unsecure connection.

WSAPI Port

Enter the Web Services API (WSAPI) port for the connection to the HPE 3PAR system. The default port for secure connections is 8080 and the default port for unsecure connections is 8008.

i_round_blueFor more information, see the Knowledge Base: Where can I find the Web Services API (WSAPI) port for the connection to the HPE 3PAR system?

SSH Port

Enter the SSH port for the connection to the HPE 3PAR system. The default port for secure connections is 22.

Credentials for HTTP

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensor:

Credentials for HTTP

Credentials for HTTP

Setting

Description

Authentication Method

Select the authentication method for access to the server:

  • None (default): Use no authentication.
  • Basic authentication: Use basic authentication.
  • Bearer authentication: Use an OAuth2 bearer token.

User Name

This setting is only visible if you select Basic authentication above.

Enter the user name for access to the server.

Password

This setting is only visible if you select Basic authentication above.

Enter the password for access to the server.

Bearer Token

This setting is only visible if you select Bearer authentication above.

Enter a bearer token for access to the server.

Placeholder 1 Description

Enter a description for Placeholder 1, for example information about the purpose or content of the placeholder.

Placeholder 1

Enter a value for the placeholder. PRTG inserts the value for the HTTP request if you add %httpplaceholder1 in the URL, POST Body, and Custom Headers fields of the HTTP v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 2 Description

Enter a description for Placeholder 2, for example information about the purpose or content of the placeholder.

Placeholder 2

Enter a value for the placeholder. PRTG inserts the value for the HTTP request if you add %httpplaceholder2 in the URL, POST Body, and Custom Headers fields of the HTTP v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 3 Description

Enter a description for Placeholder 3, for example information about the purpose or content of the placeholder.

Placeholder 3

Enter a value for the placeholder. PRTG inserts the value for the HTTP request if you add %httpplaceholder3 in the URL, POST Body, and Custom Headers fields of the HTTP v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 4 Description

Enter a description for Placeholder 4, for example information about the purpose or content of the placeholder.

Placeholder 4

Enter a value for the placeholder. PRTG inserts the value for the HTTP request if you add %httpplaceholder4 in the URL, POST Body, and Custom Headers fields of the HTTP v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 5 Description

Enter a description for Placeholder 5, for example information about the purpose or content of the placeholder.

Placeholder 5

Enter a value for the placeholder. PRTG inserts the value for the HTTP request if you add %httpplaceholder5 in the URL, POST Body, and Custom Headers fields of the HTTP v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Credentials for Microsoft Azure

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

The sensors use the credentials to authenticate with Microsoft Entra ID.

i_square_cyanFor more information about the credentials and permissions that are necessary use the Microsoft Azure sensors, see the Knowledge Base: How do I obtain credentials and create custom roles for the Microsoft Azure sensors?

Credentials for Microsoft Azure

Credentials for Microsoft Azure

Setting

Description

Tenant ID

Enter the Microsoft Entra tenant ID.

i_round_redA tenant ID must be a 32-digit sequence in hexadecimal notation.

Client ID

Enter the Microsoft Entra client ID.

Client Secret

Enter the Microsoft Entra client secret.

Subscription ID

Enter the Microsoft Entra subscription ID.

Credentials for MQTT

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for MQTT

Credentials for MQTT

Setting

Description

Authentication Method

Select if you want to connect without credentials or define credentials for access to the MQTT broker:

  • None (default): Connect without credentials.
  • User name and password: Define credentials for the connection.

User Name

This setting is only visible if you select User name and password above.

Enter the user name for access to the Message Queue Telemetry Transport (MQTT) broker.

Password

This setting is only visible if you select User name and password above.

Enter the password for access to the MQTT broker.

Port

Enter the port for the connection to the MQTT broker. The default port for secure connections is 8883 and the default port for unsecure connections is 1883.

Transport-Level Security

Select if you want to use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection:

  • Do not use transport-level security: Establish the connection without connection security.
  • Use transport-level security: Establish the connection with the strongest SSL/TLS method that the target device provides.

Server Authentication

This setting is only visible if you select Use transport-level security above.

Select if you want to use a certificate for server authentication:

  • Disable (default): Do not use a certificate for server authentication.
  • Enable: Use a certificate for server authentication.

CA Certificate

This setting is only visible if you select Enable above.

Paste the certificate authority (CA) certificate for the verification of the MQTT broker.

i_round_redThe certificate must be in Privacy-Enhanced Mail (PEM) format.

Client Authentication

This setting is only visible if you select Use transport-level security above.

Select if you want to use a certificate for client authentication:

  • Disable (default): Do not use a certificate for client authentication.
  • Enable: Use a certificate for client authentication.

Client Certificate

This setting is only visible if you select Enable above.

Paste the certificate that you created for authenticating the sensor against the MQTT broker.

i_round_redThe certificate must be in PEM format.

Client Key

This setting is only visible if you select Enable above.

Enter the client key for access to the MQTT broker.

i_round_redThe client key must be in PEM format and it must be encrypted using the Client Key Password.

Client Key Password

This setting is only visible if you select Enable above.

Enter the password for the client key.

Credentials for NetApp

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

The sensors use the credentials for access to the ONTAP System Manager.

Credentials for NetApp

Credentials for NetApp

Setting

Description

User Name

Enter a user name for access to the ONTAP System Manager.

Password

Enter the password for access to the ONTAP System Manager.

Port

Enter the port for the connection to the ONTAP System Manager. The default port for secure connections is 443.

Protocol

Select the protocol that you want to use for the connection to the ONTAP System Manager:

  • HTTPS (default): Use HTTPS for the connection.
  • HTTP: Use HTTP for the connection.

Credentials for OPC UA

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for OPC UA

Credentials for OPC UA

Setting

Description

Port

Enter the port for the connection to the OPC Unified Architecture (OPC UA) server. The default port for secure connections is 4840.

Server Path

Enter the path of the OPC UA server endpoint if you run more than one server under the same IP address or DNS name.

Security Mode

Select if you want to use encryption:

  • None (default): Do not use encryption.
  • Sign: Sign messages between the sensor and the OPC UA server.
  • Sign & Encrypt: Sign and encrypt messages between the sensor and the OPC UA server.

Security Policy

This setting is only visible if you select Sign or Sign & Encrypt above.

Select if you want to use a security policy and define which policy you want to use:

  • None (default): Do not use a security policy.
  • Basic256Sha256: Use the Basic256Sha256 security policy.
  • Basic256: Use the Basic256 security policy.

Client Certificate

This setting is only visible if you select Sign or Sign & Encrypt above.

Enter the certificate that you created for authenticating the sensor against the OPC UA server.

i_round_redThe certificate must meet the following requirements:

  • The key size must be 2048-bit or 4096-bit.
  • The secure hash algorithm must be SHA256.
  • DataEncipherment must be part of the KeyUsage certificate extension.
  • A uniform resource indicator (URI) must be set in subjectAltName.
  • The certificate must be in Privacy-Enhanced Mail (PEM) format.

Client Key

This setting is only visible if you select Sign or Sign & Encrypt above.

Enter the client key for access to the OPC UA server.

i_round_redThe client key must be in PEM format and it must be encrypted using the Client Key Password.

Client Key Password

This setting is only visible if you select Sign or Sign & Encrypt above.

Enter the password for the client key.

Authentication Method

Select if you want to connect without credentials or define credentials for access to the OPC UA server:

  • Anonymous (default): Connect without credentials.
  • User name and password: Define credentials for the connection.

i_round_redMost OPC UA servers do not support User name and password authentication without a client certificate. To use User name and password authentication, select Sign or Sign & Encrypt under Security Mode and Basic256Sha256 or Basic256 under Security Policy and enter the Client Certificate, Client Key, and Client Key Password that you want to use.

i_round_redIf you select None (default) under Security Mode and use User name and password authentication, PRTG sends the unencrypted password to the OPC UA server.

User Name

This setting is only visible if you select User name and password above.

Enter the user name for access to the OPC UA server.

Password

This setting is only visible if you select User name and password above.

Enter the password for access to the OPC UA server.

Credentials for Soffico Orchestra

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensor:

Credentials for Soffico Orchestra

Credentials for Soffico Orchestra

Setting

Description

Authentication Method

Select if you want to connect without credentials or define credentials for access to the Orchestra platform:

  • None (default): Connect without credentials.
  • User name and password: Define credentials for the connection.

User Name

This setting is only visible if you select User name and password above.

Enter the user name for access to the Orchestra platform.

Password

This setting is only visible if you select User name and password above.

Enter the password for access to the Orchestra platform.

Timeout (Sec.)

Enter a timeout in seconds for the request. Enter an integer. The maximum timeout value is 300 seconds (5 minutes).

Port

Enter the port for the connection to the Orchestra platform. The default port for secure connections is 8443 and the default port for unsecure connections is 8019.

Protocol

Select the protocol that you want to use for the connection to the Orchestra platform:

  • HTTPS (default): Use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection.
  • HTTP: Use an unsecure connection.

Credentials for PRTG Data Hub

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for PRTG Data Hub

Credentials for PRTG Data Hub

Setting

Description

Port

Enter the port for the metrics endpoint of the PRTG Data Hub API. The default port is 443.

User Name

Enter the user name for access to the PRTG Data Hub API.

Password

Enter the password for access to the PRTG Data Hub API.

Credentials for Redfish

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Redfish

Credentials for Redfish

Setting

Description

User Name

Enter the user name for access to the Redfish system.

Password

Enter the password for access to the Redfish system.

Protocol

Select the protocol that you want to use for the connection to the Redfish system:

  • HTTPS (default): Use a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) secured connection.
  • HTTP: Use an unsecure connection.

Port

Enter the port for the connection to the Redfish system. The default port for secure connections is 443.

Credentials for REST API

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensor:

Credentials for REST API

Credentials for REST API

Setting

Description

Authentication Method

Select the authentication method for access to the Representational State Transfer (REST) application programming interface (API):

  • None (default): Use no authentication.
  • Basic authentication: Use basic authentication.
  • Bearer authentication: Use an OAuth2 bearer token.

User Name

This setting is only visible if you select Basic authentication above.

Enter the user name for access to the REST API.

Password

This setting is only visible if you select Basic authentication above.

Enter the password for access to the REST API.

Bearer Token

This setting is only visible if you select Bearer authentication above.

Enter a bearer token for access to the REST API.

Placeholder 1 Description

Enter a description for Placeholder 1, for example information about the purpose or content of the placeholder.

Placeholder 1

Enter a value for the placeholder. PRTG inserts the value for the REST API request if you add %restplaceholder1 in the Request URL, POST Body, and Custom Headers fields of the REST Custom v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 2 Description

Enter a description for Placeholder 2, for example information about the purpose or content of the placeholder.

Placeholder 2

Enter a value for the placeholder. PRTG inserts the value for the REST API request if you add %restplaceholder2 in the Request URL, POST Body, and Custom Headers fields of the REST Custom v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 3 Description

Enter a description for Placeholder 3, for example information about the purpose or content of the placeholder.

Placeholder 3

Enter a value for the placeholder. PRTG inserts the value for the REST API request if you add %restplaceholder3 in the Request URL, POST Body, and Custom Headers fields of the REST Custom v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 4 Description

Enter a description for Placeholder 4, for example information about the purpose or content of the placeholder.

Placeholder 4

Enter a value for the placeholder. PRTG inserts the value for the REST API request if you add %restplaceholder4 in the Request URL, POST Body, and Custom Headers fields of the REST Custom v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Placeholder 5 Description

Enter a description for Placeholder 5, for example information about the purpose or content of the placeholder.

Placeholder 5

Enter a value for the placeholder. PRTG inserts the value for the REST API request if you add %restplaceholder5 in the Request URL, POST Body, and Custom Headers fields of the REST Custom v2 sensor. PRTG does not display the value in the sensor log or the sensor's settings.

Credentials for Veeam

Click b_inherited_enabled to interrupt the inheritance.

i_round_blueThe settings you define in this section apply to the following sensors:

Credentials for Veeam

Credentials for Veeam

Setting

Description

User Name

Enter the user name for access to the Veeam Backup Enterprise Manager.

Password

Enter the password for access to the Veeam Backup Enterprise Manager.

Port

Enter the port for the connection to the Veeam Backup Enterprise Manager. The default port for secure connections is 9398.

Access Rights

Click b_inherited_enabled to interrupt the inheritance.

Access Rights

Access Rights

Setting

Description

User Group Access

Select the user groups that have access to the object. You see a table with user groups and group access rights. The table contains all user groups in your setup. For each user group, you can choose from the following group access rights:

  • Inherited: Inherit the access rights settings of the parent object.
  • No access: Users in this user group cannot see or edit the object. The object neither shows up in lists nor in the device tree.
    i_round_blueThere is one exception: If a user in this user group has access to a child object, the parent object is visible in the device tree but users in this user group cannot access it.
  • Read access: Users in this group can see the object and view its monitoring results. They cannot edit any settings.
  • Write access: Users in this group can see the object, view its monitoring results, and edit its settings. They cannot edit its access rights settings.
  • Full access: Users in this group can see the object, view its monitoring results, edit its settings, and edit its access rights settings.

To automatically set all child objects to inherit this object's access rights, select the Revert access rights of child objects to "inherited" option.

i_square_cyanFor more information on access rights, see section Access Rights Management.

i_round_redClick OK to save your settings. If you close the dialog without saving, all changes to the settings are lost.

More

i_square_blueKNOWLEDGE BASE

What security features does PRTG include?