PRTG & Lansweeper - Taking the 'un' out of 'unknown'
Originally published on July 26, 2022 by Simon Bell
Last updated on July 26, 2022 • 10 minute read
As former US Secretary of Defense Donald Rumsfeld once (in)famously said:
“…there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns — the ones we don’t know we don’t know.”
While the phrasing of the statement drew much comment and no little ridicule, what he was saying was basically true. One of the key concepts in risk management is the idea that there are risks that we are aware of and understand (known knowns), there are those that we are aware of, but don’t understand (known unknowns), those that we understand, but are not aware of (unknown knowns); and those that we are neither aware of, nor understand (unknown unknowns).
By now, you probably asking, “Where the heck is he going with this?” Let me explain. Those risk categories, particularly the last two, apply perfectly to the dark art of asset management - you can’t manage and control what you don’t know you have.
Keeping track of IT assets with Lansweeper
In many organisations, the IT department is responsible for not just keeping the infrastructure running efficiently, but also for the procurement, maintenance and ultimately disposal of the physical hardware and software assets the company relies upon. This responsibility carries financial, compliance and security implications. Not having an accurate inventory of tech assets is inefficient, costly and a potential security risk; and for all but the smallest networks, an inventory spreadsheet just won’t cut it.
Lansweeper provides complete visibility across the entire technology asset estate. Through the use of industry standard protocols and optionally, an easily distributed, small footprint agent, the system automatically discovers all networked devices and extracts detailed information about each one, to build a detailed asset inventory. This can be further enhanced by combining information from other data sources, such as purchasing systems. Allowing the full asset lifecycle to be tracked from procurement, through “ownership” by different users, to eventual disposal.
Of course, collecting data is only one part of the story. Lansweeper ships with over 500 pre-defined reports. Want to see all assets with warranty expiring within 60 days? What about devices with SSH enabled? Or Windows devices without the latest Service Pack? - All available with a single click. The reports don’t just cover on-prem assets either. There are over a dozen relating to Office 365, and even more for Azure and AWS.
The Lansweeper website also hosts hundreds of additional report templates, including over 230 just focussed on security topics, such as scanning for specific CVE vulnerabilities and “patch Tuesday” compliance reports. After all that, if you still can’t find a particular report you need, Lansweeper includes an easy-to-use graphical report builder.
Traditionally an on-premises only solution, Lansweeper is now also available as a cloud hosted application. This brings with it several advantages. Firstly, it allows data from multiple stand-alone instances of Lansweeper to be combined into a single federated asset repository, providing the IT Team with a centralized asset visibility platform for their entire enterprise. The new “Security Insights” feature presents an automatically updated list of known CVEs, as well as the assets to which they apply. This greatly simplifies the identification and remediation of vulnerabilities across the asset inventory.
Lansweeper and PRTG
Of most interest from a Paessler PRTG perspective is the inclusion of a new integration framework and API, as this allows PRTG to retrieve asset information from Lansweeper using both out-of-the-box REST Custom Sensors or EXE / Script Sensors.
Here’s an example of a REST sensor being used to track the number of assets discovered by Lansweeper:
The sensor configuration is very straightforward. Using the excellent Lansweeper Cloud API documentation, we can find all the information needed for the sensor.
The API return in this case is a simple integer, showing the number of managed assets. However, depending on the query being used, the return data can be formatted as a multi-level JSON object. In which case, we can’t use the REST sensor, as it can’t parse the returned data.
Instead, we need to use a script to process the response from the API query. Here is an example of some PowerShell based sensors that do just that:
These sensors are querying the API for different “types” of assets. The return is a JSON object detailing those that match the search term. A simple PowerShell script parses the JSON data to extract the number of assets matching the search query, and maps that number to a sensor channel.
Once the sensors are created, the Administrator can then assign thresholds and notifications that trigger when the values change. In the example above, I’ve added thresholds that trigger alerts if the number of CCTV cameras on the network drops below the expected value, or if additional, potentially unauthorised wireless APs are detected.
As usual, you can find the REST Sensor template and the PowerShell script shown above in our GitLab repository, along with more detailed instructions. Of course, these are just very simple examples of the information that can be retrieved from Lansweeper, and its worth noting that the cloud platform and its API are still under active development, with additional functionality being added with every new release.
The benefits of good asset management
The management of any organisation’s assets is a vital facet of effective service management. Making sure the right assets are available to those that need them, and when, can have a profound impact on the efficiency, and profitability of that organisation.
There are other, less tangible benefits too, such as reduced stress and improved morale amongst teams. Managing the procurement, allocation, maintenance, and disposal of those assets can be a complex and time-consuming task, but one that can be greatly simplified by using the correct tools. Lansweeper, with its multi-site federation capability, detailed reporting and API based integration with PRTG is an ideal solution to this problem and can help to turn your unknown knowns, into known knowns.