Managed Services
How to Set Up Automated IT Monitoring for Your Business
10 December 2025 · 0x1m3 · 7 min read
Step 1: Define What to Monitor
Before deploying any agents or configuring any dashboards, answer one question: what matters most to your business?
Not everything needs the same level of attention. Start by categorising your assets:
Tier 1 — Business-Critical - Production servers (file servers, database servers, application servers) - Domain controllers and Active Directory - Email systems (Exchange or Microsoft 365) - Line-of-business applications - Internet connectivity
Tier 2 — Important - User workstations - Printers and peripherals - Secondary servers (development, staging) - Wireless access points
Tier 3 — Standard - Conference room equipment - Guest network devices - Non-essential peripherals
Tier 1 assets get the most aggressive monitoring thresholds and the fastest alert response. Tier 3 gets basic health checks. This tiered approach prevents alert fatigue while ensuring critical systems receive immediate attention.
Step 2: Deploy the Monitoring Agent
N-central uses a lightweight agent installed on each managed device. The agent collects telemetry data — CPU usage, memory, disk space, running services, installed software, event logs — and reports back to the central console.
Deployment options include:
- Manual installation — download and run the agent installer on individual machines - Group Policy deployment — push the agent to all domain-joined Windows devices automatically - Discovery-based deployment — let N-central find devices first, then push agents remotely - Scripted deployment — use PowerShell or Bash scripts for bulk installations
For most organisations, Group Policy deployment is the fastest route to full coverage. Within an hour, every Windows device on your domain can have the agent reporting.
Step 3: Run Network Discovery
Agent deployment covers your managed devices. But what about everything else on the network? Unmanaged switches, rogue devices, printers, IoT equipment — you need visibility into all of it.
N-central's network discovery engine uses multiple protocols to map your environment:
| Protocol | What It Finds | Best For |
|---|---|---|
| ICMP (Ping) | Any device with an active IP address | Initial network sweep |
| SNMP | Detailed status from switches, routers, printers, UPS units | Network infrastructure monitoring |
| WMI | Hardware specs, software inventory, OS details on Windows | Windows device audit |
| CDP | Cisco device neighbour tables and topology | Cisco network mapping |
| LLDP | Vendor-agnostic neighbour discovery | Multi-vendor network mapping |
Run an initial discovery scan across your entire subnet range. N-central returns a complete map of active devices, their types, and their current status. From here, you decide which devices to bring under active management.
Schedule discovery to run weekly. New devices appear on the network regularly — new hires, contractors, IoT devices. Weekly scans ensure nothing goes unnoticed.
Step 4: Configure Monitoring Policies
Monitoring policies define what N-central checks on each device and how often. A well-configured policy covers:
Performance thresholds - CPU usage sustained above 90% for 5 minutes → alert - Memory usage above 85% → alert - Disk space below 15% free → warning; below 5% → critical alert - Network interface errors exceeding threshold → alert
Service monitoring - Critical Windows services (DNS, DHCP, Active Directory) must be running at all times - If a service stops, attempt automatic restart before alerting
Event log monitoring - Watch for specific Windows Event IDs: failed logon attempts, service crashes, disk errors - Filter out noise — not every event log entry warrants attention
Hardware health - SMART disk status on servers (predictive failure detection) - Temperature readings on server hardware - UPS battery status and load levels
Apply policies to device groups rather than individual machines. Servers get server policies. Workstations get workstation policies. Network devices get SNMP-based policies. This keeps management scalable as your environment grows.
Step 5: Set Up Alert Routing
An alert that nobody sees is worthless. Configure alert routing so the right people get notified through the right channels:
- Email notifications — for non-urgent warnings and informational alerts - SMS / push notifications — for critical alerts requiring immediate response - Ticketing system integration — alerts automatically create support tickets with full diagnostic data - Escalation rules — if an alert is not acknowledged within 15 minutes, escalate to the next tier
Be deliberate about alert thresholds. Too sensitive, and your team drowns in noise. Too relaxed, and real problems slip through. Start with conservative thresholds and adjust based on the first month of data.
Step 6: Build Automation Recipes
This is where monitoring transforms from passive observation into active management. N-central's automation recipes let you define automated responses to common conditions.
Example recipes:
- *Disk space low* → Run disk cleanup script, clear temporary files, report results - *Windows Update service stopped* → Restart the service, verify it is running, alert if restart fails - *Backup job failed* → Retry the backup, alert the team if the retry also fails - *New device discovered* → Run a security scan, check for agent installation, notify the admin - *Patch compliance below threshold* → Trigger an immediate patch deployment cycle
The visual workflow builder lets you chain these actions without writing code. Drag-and-drop conditions, actions, and decision points into a logical flow. N-central handles the execution across all targeted devices.
Start with five to ten core recipes covering your most common issues. Expand as you identify recurring problems in your alert history.
Step 7: Configure Reporting
Monitoring data is only valuable if it reaches the people who need it. Set up scheduled reports for different audiences:
- Weekly IT summary — alert counts, resolution times, patch status, device health scores - Monthly executive report — uptime percentages, SLA performance, trend analysis - On-demand compliance reports — POPIA readiness, patch compliance, security posture
N-central generates reports automatically and distributes them via email. No manual compilation. No spreadsheet wrangling.
Ongoing: Review and Refine
Monitoring is not a set-and-forget exercise. Review your setup monthly:
- Are you getting too many alerts? Adjust thresholds. - Are issues recurring? Build automation recipes to handle them. - Have new devices appeared? Ensure they are covered by monitoring policies. - Are reports reaching the right people? Update distribution lists.
A well-tuned monitoring environment should reduce the volume of alerts over time as automation handles more of the routine work.
---
Ready to see everything happening on your network? OAS sets up monitoring that runs itself.