2006-06-01 00:00:00
After reading through my small write-up on Nagios clients on UNIX you may also be interested in the same story for Windows systems.
Since Nagios was originally written with UNIX systems in mind, it'll be a little bit trickier to get the same amount of information from a Windows box. Luckily there are a few tools available that will help you along the way.
For a quick introduction the Nagios clients, read the write-up linked above. Or pick it from the menu on the left.
|
||||||
Connection |
Srv -> Clnt |
Srv -> Clnt |
Srv -> Clnt |
Srv -> Clnt |
Clnt -> Srv |
Clnt -> Srv |
Security |
Password |
Password |
Password |
Access List |
Access List |
Encryption |
Configuration |
On client |
On client |
On client |
On client |
On client and |
On client |
Difficulty |
Moderate |
Moderate |
Moderate |
Hard |
Hard |
Moderate |
Resource |
unknown |
unknown |
9MB RAM |
unknown |
unknown |
30MB RAM |
Available |
*: Thanks to Jeronimo Zucco for pointing out that encryption in NSClient++ only works when used with the NRPE DLL.
**: Thanks to Anthony Montibello for pointing out recent changes to NC_Net, which is now at version 3.
***: Thanks to Kyle Hasegawa for providing me with resource usage infor on the various clients.
NSClient was originally written to work with Nagios when it was still called NetSaint: a long, long time ago. NSClient only provides you with access to a very small number of system metrics, including those that are usually available through the Windows Performance Tool.
Personally I have no love for this tool since it is quite fidgetty to use. In order to use NSClient on your systems, you will need to do the following.
You can now set up your services.cfg in such a way that each remote service is checked like so:
define service{
host_name remote-host
service_description D_ROOT
check_command check_nt_disk!C!85!95
}
Your check command definition would look something like this:
define command {
command_name check_nt_disk
command_line /usr/local/nagios/libexec/check_nt -H $HOSTADDRESS$ -p 1248 -v USEDDISKSPACE -l $ARG1$ -w $ARG2$ -c $ARG3
}
NRPEnt is basically a drop-in replacement for NRPE on Windows. It really does work the same way: on the Nagios server you run check_nrpe and on the Windows side you have plugins to run locally. These plugins can be binaries, Perl scripts, VBScript, .BAT files, whatever.
To set things up, you'll need the same things as with the normal NRPE.
You can now set up your services.cfg in such a way that each remote service is checked like so:
define service{
host_name remote-host
service_description D_ROOT
check_command check_nrpe!check_root
}
And in nrpent.cfg on the client you would need to include:
command[check_root]=C:\windows\system32\cscript.exe //NoLogo //T:10 c:\nrpe_nt\check_disk.wsf /drive:"c:/" /w:300 /c:100
Due to the limited use provided by NSClient, someone decided to create NSClient++. This piece of software is a lot more useful because it actually combines the functionality of the original NSClient and that of NRPEnt into one Windows daemon.
NSClient++ includes the same security measures as NRPEnt and NSClient, but adds an ACL functionality on top of that.
On the configuration side things are basically the same as with NSClient and NRPEnt. You can use both methods to talk to a client running NSClient++.
Unfortunately I haven't yet worked with SNMP on Windows systems, so I can't tell you much about this. I'm sure though that things won't be much different from the UNIX side. So please check the Nagios UNIX clients story for the full details.
To make proper use of monitoring through SNMP you'll need to:
Ufortunately the check_snmp script that comes with Nagios isn't flexible enough to let you monitor custom SNMP objects in a nice way. This is why I wrote the retrieve_custom_nagios script, which is available from the menu. Your service definition would look like this:
define service{
host_name remote-host
service_description D_ROOT
check_command retrieve_custom_snmp!.1.3.6.1.4.1.6886.4.1.4
}
As I said, I haven't configured a Windows SNMP daemon before, so I really can't tell you what the config would look like. Just look for options similar to "EXEC", which allows you to run a certain command on demand.
Just as is the case with UNIX systems you will need to dig around the MIB files provided to you by Microsoft and you hardware vendors to find the OIDs for interesting metrics. It's not an easy job, but with some luck you'll find a website where someone's already done the hard work for you :)
SNMP doesn't involve polling alone. SNMP enabled devices can also be configured to automatically send status updates do a so-call trap host. The downside to receiving SNMP traps with Nagios is that it takes quite a lot of work to get them into Nagios :D
To make proper use of monitoring through SNMP traps you'll need to:
There are -many- ways to get the SNMP traps translated for Nagios' purposes, 'cause there's many roads that lead to Rome. Unfortunately none of them are very easy to use.
NC_net is another replacement for the original NSClient daemon. It performs the same basic checks, plus a few additional ones, but it is not exentable with your own scripts (like NRPEnt is).
So why run NC_net instead of NSClient++? Because it is capable of sending passive check results to your Nagios server using a send_nsca-alike method. So if you're going all the way in passifying all your service checks, then NC_net is the way to go.
I haven't worked with NC_net yet, so I can't tell you anything about how it works. Too bad :(
UPDATE 31/10/2006:
I was informed by Marlo Bell of the Nagios mailing list that NC_net version 3.x does indeed allow running your own scripts and calling them through the NRPEnt interface! That's great to know, as it does in fact make NC_net the most versatile solution for running Nagios on your Windows.
Also, Anthony Montibello (lead NC_Net dev) tells me that NC_Net 3 requires dotNET 2.0.
kilala.nl tags: tutorial, sysadmin, nagios, windows,
View or add comments (curr. 7)
Posted by Thomas
Nope, sorry.
As they say in the common vernacular: "I ain't know crap about Windows" ;) I'd suggest you try the Nagios mailing lists.
Posted by chris
NSClient++ has a NSCAAgent.dll. So there is Clnt > Srv, too. It says it is beta, but so far workes quite well. Encryption is available with NSCA, too.
Posted by Mattias R (website)
The script exits with the code 0 as you don't change it.
a modified version (not tested) below.
*************************************************
Dim fs, f, f1, fc, count, status
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.GetFolder("c:")
Set fc = f.Files
Set status = 0
count=fc.Count
if count>6 and count<8 then
wscript.echo "WARNING: " & "WARNING, Filecount is " & count
status = 1
elseif count>=8 then
wscript.echo "CRITICAL: " & "CRITICAL, Filecount is " & count
status = 2
else
wscript.echo "OK: " & "OK, Filecount is " & count
status = 0
end if
wscript.quit(status)
*************************************************
Posted by Moby (website)
One limitation of NC_Net when using it to send back results in a passive manner is that it does not support encryption for communications to the nsca daemon.
Posted by Izaz (website)
Could you please let me know how the traps are converted into nagios message. What is process?
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Tess Sluijter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.
2008-05-04 05:37:00
Posted by Ben Chen
Hi, I noticed that NRPEnt can use the external vbscript to return the status. When I write the below script, the status of the service is always shown "OK". Could you let me know what is wrong? Thanks.
filename: filecount.vbs
*************************************************
Dim fs, f, f1, fc, count
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.GetFolder("c:")
Set fc = f.Files
count=fc.Count
if count>6 and count<8 then
wscript.echo "WARNING: " & "WARNING, Filecount is " & count
elseif count>=8 then
wscript.echo "CRITICAL: " & "CRITICAL, Filecount is " & count
else
wscript.echo "OK: " & "OK, Filecount is " & count
end if
*************************************************