Monitoring Windows Operating Systems

Software

NSClient++ aims to be a simple yet powerful and flexible monitoring daemon.

It was built for Nagios/Icinga, but nothing in the daemon is Nagios/Icinga specific and it can and is used in many other scenarios where you want to receive/distribute check metrics.

It is entirely possible to use it stand alone as well as the core monitoring system though that is not recommended as it is rather limited.

NSClient++ does basically three things:

1. Allow remote checks

   1. Allow a remote machine (monitoring server) to request commands to be run on this machine

   2. (the monitored machine) which return the status of the machine.

2. Monitor system in realtime

• 1. Monitor your systems and submit the findings and results a remote (monitoring server).

3. Resolve your problems

• 1. NSClient++ can take action either on its own monitoring or remotely from a central server and act on what happens and resolve issues.

Nagios Services

A Windows server can be fully monitored by the Nagios/NSClient++ services listed below.

WIN_CPU - This service checks the CPU Load

See doc: http://nsclient.org/nscp/wiki/CheckSystem/checkCPU

check_nrpe_win_cpu

$USER1$/check_nrpe -H $HOSTADDRESS$ -t 50 -c CheckCPU -a ShowAll warn=$ARG1$ crit=$ARG2$

WIN_DRIVE - This service checks the size (free-space) of a drive or volume

See doc: http://nsclient.org/nscp/wiki/CheckDisk

check_nrpe_win_drive

$USER1$/check_nrpe -H $HOSTADDRESS$ -t 50 -c CheckDriveSize -a Drive="$ARG1$" ShowAll MaxWarnUsed=$ARG2$ MaxCritUsed=$ARG3$ FilterType=FIXED

☛ Example

Drive ($ARG1$) = C

MaxWarnUsed ($ARG2$) = 90%

MaxCritUsed ($ARG3$) = 95%

☛ Note: some versions of the nsclient++ agent has a wrong output. Fix it by using a wrapper that do a:

sed 's,\\,,g;s,\: \%,_prct:,g'

WIN_RAM - This service checks the memory usage and generates a state if the memory is above or below give parameters. See doc: http://nsclient.org/nscp/wiki/CheckSystem/checkMem

check_nrpe_win_mem

$USER1$/check_nrpe -H $HOSTADDRESS$ -t 50 -c CheckMem -a MaxWarn=$ARG1$ MaxCrit=$ARG2$ ShowAll type=$ARG3$

☛ Example

MaxWarn ($ARG1$) = 90%

MaxCrit ($ARG2$) = 95%

type ($ARG3$) = physical

WIN_SWAP - This service checks the state of the page usage and generates a state if the memory is above or below give parameters. See: http://nsclient.org/nscp/wiki/CheckSystem/checkMem

check_nrpe_win_mem

$USER1$/check_nrpe -H $HOSTADDRESS$ -t 50 -c CheckMem -a MaxWarn=$ARG1$ MaxCrit=$ARG2$ ShowAll type=$ARG3$

☛ Example

MaxWarn ($ARG1$) = 90%

MaxCrit ($ARG2$) = 95%

type ($ARG3$) = page

☛ Note: some versions of the nsclient++ agent has a wrong output. Fix it by using the following wrapper:

#!/bin/sh

VAL=$(/usr/lib/nagios/plugins/check_nrpe $@)

RET=$?

echo "$VAL" | sed "\

s, %,_prct,g;s,; , ,g

s,'\(page[d]*\) \(file\|bytes\),'\1_\2,g

s,'\(physical\|virtual\) \(memory\),'\1_\2,g"

exit $RET

WIN_PING - This service checks connection statistics for a remote host.

See manpage: http://nagios-plugins.org/doc/man/check_ping.html

check_ping

$USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5

☛ Example

w ($ARG1$) = 3000.0,80%

c ($ARG2$) = 5000.0,100%

WIN_SERVICES_AUTOSTART - This service checks the state of the autostart services.

See doc: http://nsclient.org/nscp/wiki/CheckSystem/checkServiceState

check_nrpe_win_service_autostart_except_common_and_extra

$USER1$/check_nrpe -H $HOSTADDRESS$ -t 50 -c CheckServiceState -a CheckAll exclude=Service1 "exclude=Service2 with Spaces" <..add-more-excludes-if-required..> $ARG1$

where $ARG1$ is a list of extra services we want to exclude.

WIN_UPTIME - This service checks the uptime of a server and if the time is less then the times given as arguments a state is returned.

See doc: http://www.nsclient.org/nscp/wiki/CheckSystem/checkUpTime

check_nrpe_uptime

$USER1$/check_nrpe -H $HOSTADDRESS$ -t 50 -c CheckUpTime -a ShowAll MaxCrit=$ARG1$

☛ Example

MaxCrit ($ARG1$) 30d