Monitoring Overview
TestimoX.Monitoring extends the assessment suite with continuous, probe-based health monitoring of your Active Directory infrastructure. While the core TestimoX engine performs point-in-time assessments, the monitoring service runs around the clock, detecting issues as they occur.
Architecture
The monitoring system is built on a probe-based architecture:
- Probes -- lightweight, targeted health checks that test protocols and services such as DNS, LDAP, Kerberos, NTP, HTTPS, reachability, replication, directory health, ADWS, Ping, and additional configured probe groups
- Monitoring Engine -- schedules and executes probes on a configurable interval, collects results, and evaluates health status
- History Store -- persists probe results over time for trend analysis and alerting
- Dashboard -- HTML-based real-time view of infrastructure health with drill-down into individual probes and domain controllers
- Notifications -- configurable alerts via email when probes detect degraded or down states
Probe Lifecycle
Each probe execution follows this lifecycle:
- Target Resolution -- discover domain controllers and endpoints via AD or manual configuration
- Expansion -- generate per-target probe instances (e.g., one DNS probe per DC)
- Execution -- run the health check against each target with timeout and retry
- Status Evaluation -- classify the result as Up, Down, Degraded, or Recovering
- Aggregation -- roll up individual results into an overall probe status
- History Write -- persist the result for trend analysis
Probe Status
| Status | Description |
|---|---|
| Up | Probe succeeded within thresholds |
| Down | Probe failed (timeout, error, unreachable) |
| Degraded | Probe succeeded but exceeded latency or quality thresholds |
| Recovering | Probe is transitioning back to healthy after a failure |
| Unknown | Status has not been determined yet |
Use Cases
- Real-time DC health -- detect domain controller outages, DNS failures, or replication lag within minutes
- Certificate expiry tracking -- HTTPS probes monitor TLS certificate validity and warn before expiration
- Kerberos validation -- verify that port 88 is responding with valid Kerberos protocol, not just open
- Replication monitoring -- track AD replication freshness vectors and detect stale partners
- Network path validation -- confirm that required ports are reachable between DCs and clients
- NTP drift detection -- verify time synchronization across the domain hierarchy
Integration with Assessments
Monitoring complements the core assessment engine. Assessments provide deep, rule-based evaluation with guidance and scoring. Monitoring provides continuous shallow checks that detect operational issues. Together they give both breadth (monitoring) and depth (assessment) of AD health visibility.
Next Steps
- Probe Types -- learn about each probe type and what it checks
- Monitoring Setup -- install and configure the monitoring service