Monitoring Zerto with PRTG

A site I work with uses PRTG for infrastructure monitoring. It is a great product that is reasonably priced and has a vast array of out of the box sensors for common network devices as well as the ability to create custom ones. They recently implemented Zerto as part of the DR strategy in the datacentre and wanted to monitor for alerts using PRTG. There are no native PRTG sensors available for Zerto however using the EXE/Script Advanced sensor type I was able to craft a PowerShell script to do the job. The script was based upon the excellent work of Markus Kraus over at My Cloud-(R)evolution who created a script to monitor Veeam. I copied his basic logic with a few modifications to secure the credentials and to navigate the different REST API structures of Zerto. The sensor will indicate the existence of any errors and warnings for the Zerto Virtual Appliances, Virtual Protection Groups, and the Virtual Manager.

The first step is to create an account to allow the script to access Zertos REST API. Zerto leverages VMWare VCenter for authentication and this sites VCenter Server was configured to use Active Directory as an authentication source. A new AD user was created and assigned the role of Zerto Viewer from within VCenter Server.

Next we need to generate an encrypted password for use in the script as it is never a good idea to leave credentials lying around in plain text!

We will use Windows in built encryption provider to generate the encrypted password. The encrypted password is tied to the account profile on the Windows instance that it is generated on so you MUST perform the following steps on the PRTG server.

This particular PRTG instance was configured to run as the LOCAL SYSTEM account so we need a little help from PsExec by Mark Russinovich.

Download it onto the PRTG server from here. Unzip the PSTools zip file and copy PSExec.exe into a folder in your executable path.

Launch a PowerShell window using the following command.

psexec -s -i powershell.exe

Execute the following commands in your newly opened PowerShell window. If PRTG is running under a different user account (i.e. not LOCAL SYSTEM), you just need to log in as that user and run these commands, you don’t need to use psexec.

$Password = "Password of the Zerto Viewer user account"

$Password | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File c:\temp\encrypted.txt

Use the contents of c:\temp\encrypted.txt for the $EncryptedPassword variable in the script.

Update the $User and $ZertoServerURI variables to appropriate values and then copy the script to C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors\EXEXML

Create a sensor of type EXE/Script Advanced in PRTG. You should be able to select the new script in the drop down list labelled EXE/Script.

 

 


 

 

 

5 Comments on "Monitoring Zerto with PRTG"


    1. Hi Simon

      Yes there should be a Github Gist window at the bottom of the post containing the script. Are you not seeing this? What browser/OS are you using? Happy to send you through the link if you like.

      Regards

      Kirin

      Reply

      1. Hi Kirin

        Our web proxy guys have tightened up security in the last week.

        I just checked on my phone and sure enough, there is the script.

        Ran it up on PRTG and it worked a treat. Much appreciated!

        Reply

  1. FYI, you can shorten your SSL verification ignore script to the following one line:

    [System.net.ServicePointManager]::ServerCertificateValidationCallback = { $true };

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *