Prerequisites for the Message Queueing Monitoring Agent
This page describes the prerequisites for installing and running the Nodinite Message Queueing Monitoring Agent.
Instances of this agent can be installed on-premise using TCP/IP for local network access and/or in the cloud/off-site using Service Bus Relaying (see also the external link for additional information MicrosoftServiceBusRelayingLink).
We recommend that you keep this agent close to Nodinite Core Services. This documentation covers local network setup (usually on the Nodinite application server)
Software Requirements
The Message Queueing Monitoring Agent is a Windows Service and is usually installed on the Nodinite application server.
| Product | Version/Edition |
|---|---|
| Windows Server | Windows 2022Windows 2019Windows 2016Windows 2012 R2Windows 2012 |
| .NET Framework | .NET Framework 4.8 or later New 6.0Our recommendation is .NET Framework 4.8.1 or later |
| ActiveMQ | 5.14.0 and later |
MSMQ
|
For supported Windows versions. NOTE: Additional roles and features may be required depending on the intended usage |
| Azure Service Bus | Current public (GA) version by Microsoft in Azure |
Versions 6.0 and later make use of the .NET Framework 4.8 or later.
Versions 5.4 and subsequently make use of the .NET Framework 4.6.2 or later.
Versions before 5.4 make use of the .NET Framework 4.5.2 or later.
What Windows User Rights does the Message Queueing Monitoring Agent require?
The agent is installed as a Windows Service usually on the Nodinite application server. Virtual machines are supported.
- Local named account or domain account (preferred).
- Access and run-time rights
- Follow the 'How to set logon as a Windows service right' user guide for detailed instructions.
What ActiveMQ User rights does the Message Queueing Monitoring Agent require
Review the Apache ActiveMQ Security guide.
What MSMQ User rights does the Message Queueing Monitoring Agent require
There are many sources with documentation about this topic. One of them is the Securing Messages Using Transport Security user guide.
What Azure ServiceBus User rights does the Message Queueing Monitoring Agent require
The Nodinite Message Queueing Monitoring Agent requires the following Azure Roles to be set on the ClientId/ApplicationId used to connect with the Azure REST API:
| Name | Description | Comment |
|---|---|---|
| Azure Service Bus Data Owner | Allows for full access to Azure Service Bus resources. | Set on Subscription, or Resource Group Level |
You can apply these rights on different scopes, please review the Authenticate and authorize an application with Azure Active Directory to access Azure Service Bus entities user guide for additional details.
Firewall
Depending on where you install the Message Queueing Monitoring Agent with respect to Nodinite Monitoring Service and your IBM MQ Queue managers you may need different firewall configurations on different servers. The following illustration shows the agent installed on its own server.
The Message Queueing Monitoring Agent has both inbound and outbound communication:
- Between the Message Queueing Monitoring Agent and the ActiveMQ Broker
- Between the Message Queueing Monitoring Agent and the MSMQ Service
- Between the Message Queueing Monitoring Agent and Azure (ServiceBus)
- Between the Monitoring Service and the Message Queueing Monitoring Agent
- Between the Message Queueing Monitoring Agent and MuleSoft AnypointMQ (CloudHub)
1. Between the Message Queueing Monitoring Agent and the ActiveMQ Broker
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 53 | DNS | The Agent needs to know where your other servers/services are (can sometimes optionally be solved with user-defined entries in the hosts file in each Windows server instance), review the following 'Microsoft' user guide |
||||
| 61616 | Remote connection port | Default, actual value may depend on your configuration |
If you use SSL or custom ports then additional ports needs to be opened
2. Between the Message Queueing Monitoring Agent and the MSMQ Service
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 1801 | TCP | |||||
| 135 | TCP | |||||
| 2101 | RPC | |||||
| 2103 | RPC | |||||
| 2105 | RPC | |||||
| 1801 | ||||||
| 3527 |
´*´ Review the Microsoft guide here
3. Between the Message Queueing Monitoring Agent and the Azure (ServiceBus)
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 443 | HTTPS | Secure outbound traffic |
4. Between the Monitoring Service and the Nodinite Message Queuing Monitoring Agent
The following ports must be allowed on the Windows server where the agent is installed and running :
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 53 | DNS | The Agent needs to know where your other servers/services are (can sometimes optionally be solved using entries in the local hosts file) |
And further with 'Option 1' or 'Option 2' as documented next:
Option 1 (Local network)
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 8000 | RPC | Communication is initiated by the Monitoring Service |
Option 2 (Cloud/Hybrid)
Use Service Bus Relayed connections when Nodinite and the agent are on totally different networks.
Nodinite uses the same principle technique as the On-Premise data gateway, see 'Adjust communication settings for the on-premises data gateway' user guide.
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 443 | HTTPS | Secure outbound traffic | ||||
| 5671, 5672 | Secure AMQP | |||||
| 9350 - 9354 | Net.TCP |
Release Notes
For detailed information about the features and bug fixes, please visit the Portal
Next Step
Install Message Queues Monitoring Agent
Related
Add or manage a Monitoring Agent Configuration
Monitoring
Administration