1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
5
<title>Monitoring Windows Machines</title>
7
<STYLE type="text/css">
9
.Default { font-family: verdana,arial,serif; font-size: 8pt; }
10
.PageTitle { font-family: verdana,arial,serif; font-size: 16pt; font-weight: bold; }
16
<body bgcolor="#FFFFFF" text="black" class="Default">
19
<img src="images/nagios.jpg" border="0" alt="Nagios" title="Nagios">
20
<h1 class="PageTitle">Monitoring Windows Machines</h1>
26
<img src="images/upto.gif" border="0" align="middle" alt="Up To" title="Up To">Up To: <a href="toc.html">Contents</a><br>
27
<img src="images/seealso.gif" border="0" align="middle" alt="See Also" title="See Also"> See Also: <a href="quickstart.html">Quickstart Installation Guide</a>, <a href="monitoring-publicservices.html">Monitoring Publicly Available Services</a>
31
<strong><u>Introduction</u></strong>
35
This document describes how you can monitor "private" services and attributes of Windows machines, such as:
42
<li>Service states</li>
43
<li>Running processes</li>
48
Publicly available services that are provided by Windows machines (HTTP, FTP, POP3, etc.) can be monitored easily by following the documentation on <a href="monitoring-publicservices.html">monitoring publicly available services</a>.
52
<img src="images/note.gif" border="0" align="bottom" alt="Note" title="Note"> Note: These instructions assume that you've installed Nagios according to the <a href="quickstart.html">quickstart guide</a>. The sample configuration entries below reference objects that are defined in the sample config files (<i>commands.cfg</i>, <i>templates.cfg</i>, etc.) that are installed if you follow the quickstart.
57
<strong><u>Overview</u></strong>
60
<img src="images/monitoring-windows.png" border="0" alt="Monitoring a Windows Machine" title="Monitoring a Windows Machine" style="float: right;">
63
Monitoring private services or attributes of a Windows machine requires that you install an agent on it. This agent acts as a proxy between the Nagios plugin that does the monitoring and the actual service or attribute of the Windows machine. Without installing an agent on the Windows box, Nagios would be unable to monitor private services or attributes of the Windows box.
67
For this example, we will be installing the <a href="http://sourceforge.net/projects/nscplus">NSClient++</a> addon on the Windows machine and using the <i>check_nt</i> plugin to communicate with the NSClient++ addon. The <i>check_nt</i> plugin should already be installed on the Nagios server if you followed the quickstart guide.
71
Other Windows agents (like <a href="http://sourceforge.net/projects/nc-net">NC_Net</a>) could be used instead of NSClient++ if you wish - provided you change command and service definitions, etc. a bit. For the sake of simplicity I will only cover using the NSClient++ addon in these instructions.
77
<strong><u>Steps</u></strong>
81
There are several steps you'll need to follow in order to monitor a new Windows machine. They are:
85
<li>Perform first-time prerequisites</li>
86
<li>Install a monitoring agent on the Windows machine</li>
87
<li>Create new host and service definitions for monitoring the Windows machine</li>
88
<li>Restart the Nagios daemon</li>
92
<strong><u>What's Already Done For You</u></strong>
96
To make your life a bit easier, a few configuration tasks have already been done for you:
100
<li>A <i>check_nt</i> command definition has been added to the <i>commands.cfg</i> file. This allows you to use the <i>check_nt</i> plugin to monitor Window services.</li>
101
<li>A Windows server host template (called <i>windows-server</i>) has already been created in the <i>templates.cfg</i> file. This allows you to add new Windows host definitions in a simple manner.</li>
105
The above-mentioned config files can be found in the <i>/usr/local/nagios/etc/objects/</i> directory. You can modify the definitions in these and other definitions to suit your needs better if you'd like. However, I'd recommend waiting until you're more familiar with configuring Nagios before doing so. For the time being, just follow the directions outlined below and you'll be monitoring your Windows boxes in no time.
109
<strong><u>Prerequisites</u></strong>
113
The first time you configure Nagios to monitor a Windows machine, you'll need to do a bit of extra work. Remember, you only need to do this for the *first* Windows machine you monitor.
117
Edit the main Nagios config file.
121
vi /usr/local/nagios/etc/nagios.cfg
125
Remove the leading pound (#) sign from the following line in the main configuration file:
129
#cfg_file=/usr/local/nagios/etc/objects/windows.cfg
133
Save the file and exit.
137
What did you just do? You told Nagios to look to the <i>/usr/local/nagios/etc/objects/windows.cfg</i> to find additional object definitions. That's where you'll be adding Windows host and service definitions. That configuration file already contains some sample host, hostgroup, and service definitions. For the *first* Windows machine you monitor, you can simply modify the sample host and service definitions in that file, rather than creating new ones.
142
<strong><u>Installing the Windows Agent</u></strong>
146
Before you can begin monitoring private services and attributes of Windows machines, you'll need to install an agent on those machines. I recommend using the NSClient++ addon, which can be found at <a href="http://sourceforge.net/projects/nscplus">http://sourceforge.net/projects/nscplus</a>. These instructions will take you through a basic installation of the NSClient++ addon, as well as the configuration of Nagios for monitoring the Windows machine.
150
1. Download the latest stable version of the NSClient++ addon from <a href="http://sourceforge.net/projects/nscplus">http://sourceforge.net/projects/nscplus</a>
154
2. Unzip the NSClient++ files into a new C:\NSClient++ directory
158
3. Open a command prompt and change to the C:\NSClient++ directory
162
4. Register the NSClient++ system service with the following command:
170
5. Install the NSClient++ systray with the following command ('SysTray' is case-sensitive):
178
6. Open the services manager and make sure the NSClientpp service is allowed to interact with the desktop (see the 'Log On' tab of the services manager). If it isn't already allowed to interact with the desktop, check the box to allow it to.
182
<img src="images/nscpp.png" border="0" alt="NSClientpp">
186
7. Edit the NSC.INI file (located in the C:\NSClient++ directory) and make the following changes:
190
<li>Uncomment all the modules listed in the [modules] section, except for CheckWMI.dll and RemoteConfiguration.dll</li>
191
<li>Optionally require a password for clients by changing the 'password' option in the [Settings] section.</li>
192
<li>Uncomment the 'allowed_hosts' option in the [Settings] section. Add the IP address of the Nagios server to this line, or leave it blank to allow all hosts to connect.</li>
193
<li>Make sure the 'port' option in the [NSClient] section is uncommented and set to '12489' (the default port).</li>
198
8. Start the NSClient++ service with the following command:
206
9. If installed properly, a new icon should appear in your system tray. It will be a yellow circle with a black 'M' inside.
210
10. Success! The Windows server can now be added to the Nagios monitoring configuration...
215
<strong><u>Configuring Nagios</u></strong>
219
Now it's time to define some <a href="objectdefinitions.html">object definitions</a> in your Nagios configuration files in order to monitor the new Windows machine.
223
Open the <i>windows.cfg</i> file for editing.
227
vi /usr/local/nagios/etc/objects/windows.cfg
231
Add a new <a href="objectdefinitions.html#host">host</a> definition for the Windows machine that you're going to monitor. If this is the *first* Windows machine you're monitoring, you can simply modify the sample host definition in <i>windows.cfg</i>. Change the <i>host_name</i>, <i>alias</i>, and <i>address</i> fields to appropriate values for the Windows box.
236
use windows-server ; Inherit default values from a Windows server template (make sure you keep this line!)
238
alias My Windows Server
244
Good. Now you can add some service definitions (to the same configuration file) in order to tell Nagios to monitor different aspects of the Windows machine. If this is the *first* Windows machine you're monitoring, you can simply modify the sample service definitions in <i>windows.cfg</i>.
248
<img src="images/note.gif" border="0" align="bottom" alt="Note" title="Note"> Note: Replace "<i>winserver</i>" in the example definitions below with the name you specified in the <i>host_name</i> directive of the host definition you just added.
252
Add the following service definition to monitor the version of the NSClient++ addon that is running on the Windows server. This is useful when it comes time to upgrade your Windows servers to a newer version of the addon, as you'll be able to tell which Windows machines still need to be upgraded to the latest version of NSClient++.
259
service_description NSClient++ Version
260
check_command check_nt!CLIENTVERSION
265
Add the following service definition to monitor the uptime of the Windows server.
272
service_description Uptime
273
check_command check_nt!UPTIME
279
Add the following service definition to monitor the CPU utilization on the Windows server and generate a CRITICAL alert if the 5-minute CPU load is 90% or more or a WARNING alert if the 5-minute load is 80% or greater.
286
service_description CPU Load
287
check_command check_nt!CPULOAD!-l 5,80,90
293
Add the following service definition to monitor memory usage on the Windows server and generate a CRITICAL alert if memory usage is 90% or more or a WARNING alert if memory usage is 80% or greater.
300
service_description Memory Usage
301
check_command check_nt!MEMUSE!-w 80 -c 90
307
Add the following service definition to monitor usage of the C:\ drive on the Windows server and generate a CRITICAL alert if disk usage is 90% or more or a WARNING alert if disk usage is 80% or greater.
314
service_description C:\ Drive Space
315
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
321
Add the following service definition to monitor the W3SVC service state on the Windows machine and generate a CRITICAL alert if the service is stopped.
328
service_description W3SVC
329
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
335
Add the following service definition to monitor the Explorer.exe process on the Windows machine and generate a CRITICAL alert if the process is not running.
342
service_description Explorer
343
check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
348
That's it for now. You've added some basic services that should be monitored on the Windows box. Save the configuration file.
353
<strong><u>Password Protection</u></strong>
357
If you specified a password in the NSClient++ configuration file on the Windows machine, you'll need to modify the <i>check_nt</i> command definition to include the password. Open the <i>commands.cfg</i> file for editing.
361
vi /usr/local/nagios/etc/commands.cfg
365
Change the definition of the <i>check_nt</i> command to include the "-s <PASSWORD>" argument (where PASSWORD is the password you specified on the Windows machine) like this:
370
command_name check_nt
371
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -s PASSWORD -v $ARG1$ $ARG2$
380
<strong><u>Restarting Nagios</u></strong>
384
You're done with modifying the Nagios configuration, so you'll need to <a href="verifyconfig.html">verify your configuration files</a> and <a href="startstop.html">restart Nagios</a>.
388
If the verification process produces any errors messages, fix your configuration file before continuing. Make sure that you don't (re)start Nagios until the verification process completes without any errors!
1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
9
<title>Monitoring Windows Machines</title>
13
<STYLE type="text/css">
17
.Default { font-family: verdana,arial,serif; font-size: 8pt; }
19
.PageTitle { font-family: verdana,arial,serif; font-size: 16pt; font-weight: bold; }
31
<body bgcolor="#FFFFFF" text="black" class="Default">
37
<img src="images/nagios.jpg" border="0" alt="Nagios" title="Nagios">
39
<h1 class="PageTitle">Monitoring Windows Machines</h1>
51
<img src="images/upto.gif" border="0" align="middle" alt="Up To" title="Up To">Up To: <a href="toc.html">Contents</a><br>
53
<img src="images/seealso.gif" border="0" align="middle" alt="See Also" title="See Also"> See Also: <a href="quickstart.html">Quickstart Installation Guide</a>, <a href="monitoring-publicservices.html">Monitoring Publicly Available Services</a>
61
<strong><u>Introduction</u></strong>
69
This document describes how you can monitor "private" services and attributes of Windows machines, such as:
83
<li>Service states</li>
85
<li>Running processes</li>
95
Publicly available services that are provided by Windows machines (HTTP, FTP, POP3, etc.) can be monitored easily by following the documentation on <a href="monitoring-publicservices.html">monitoring publicly available services</a>.
103
<img src="images/note.gif" border="0" align="bottom" alt="Note" title="Note"> Note: These instructions assume that you've installed Nagios according to the <a href="quickstart.html">quickstart guide</a>. The sample configuration entries below reference objects that are defined in the sample config files (<i>commands.cfg</i>, <i>templates.cfg</i>, etc.) that are installed if you follow the quickstart.
113
<strong><u>Overview</u></strong>
119
<img src="images/monitoring-windows.png" border="0" alt="Monitoring a Windows Machine" title="Monitoring a Windows Machine" style="float: right;">
125
Monitoring private services or attributes of a Windows machine requires that you install an agent on it. This agent acts as a proxy between the Nagios plugin that does the monitoring and the actual service or attribute of the Windows machine. Without installing an agent on the Windows box, Nagios would be unable to monitor private services or attributes of the Windows box.
133
For this example, we will be installing the <a href="http://sourceforge.net/projects/nscplus">NSClient++</a> addon on the Windows machine and using the <i>check_nt</i> plugin to communicate with the NSClient++ addon. The <i>check_nt</i> plugin should already be installed on the Nagios server if you followed the quickstart guide.
141
Other Windows agents (like <a href="http://sourceforge.net/projects/nc-net">NC_Net</a>) could be used instead of NSClient++ if you wish - provided you change command and service definitions, etc. a bit. For the sake of simplicity I will only cover using the NSClient++ addon in these instructions.
153
<strong><u>Steps</u></strong>
161
There are several steps you'll need to follow in order to monitor a new Windows machine. They are:
169
<li>Perform first-time prerequisites</li>
171
<li>Install a monitoring agent on the Windows machine</li>
173
<li>Create new host and service definitions for monitoring the Windows machine</li>
175
<li>Restart the Nagios daemon</li>
183
<strong><u>What's Already Done For You</u></strong>
191
To make your life a bit easier, a few configuration tasks have already been done for you:
199
<li>A <i>check_nt</i> command definition has been added to the <i>commands.cfg</i> file. This allows you to use the <i>check_nt</i> plugin to monitor Window services.</li>
201
<li>A Windows server host template (called <i>windows-server</i>) has already been created in the <i>templates.cfg</i> file. This allows you to add new Windows host definitions in a simple manner.</li>
209
The above-mentioned config files can be found in the <i>/usr/local/nagios/etc/objects/</i> directory. You can modify the definitions in these and other definitions to suit your needs better if you'd like. However, I'd recommend waiting until you're more familiar with configuring Nagios before doing so. For the time being, just follow the directions outlined below and you'll be monitoring your Windows boxes in no time.
217
<strong><u>Prerequisites</u></strong>
225
The first time you configure Nagios to monitor a Windows machine, you'll need to do a bit of extra work. Remember, you only need to do this for the *first* Windows machine you monitor.
233
Edit the main Nagios config file.
241
vi /usr/local/nagios/etc/nagios.cfg
249
Remove the leading pound (#) sign from the following line in the main configuration file:
257
#cfg_file=/usr/local/nagios/etc/objects/windows.cfg
265
Save the file and exit.
273
What did you just do? You told Nagios to look to the <i>/usr/local/nagios/etc/objects/windows.cfg</i> to find additional object definitions. That's where you'll be adding Windows host and service definitions. That configuration file already contains some sample host, hostgroup, and service definitions. For the *first* Windows machine you monitor, you can simply modify the sample host and service definitions in that file, rather than creating new ones.
283
<strong><u>Installing the Windows Agent</u></strong>
291
Before you can begin monitoring private services and attributes of Windows machines, you'll need to install an agent on those machines. I recommend using the NSClient++ addon, which can be found at <a href="http://sourceforge.net/projects/nscplus">http://sourceforge.net/projects/nscplus</a>. These instructions will take you through a basic installation of the NSClient++ addon, as well as the configuration of Nagios for monitoring the Windows machine.
299
1. Download the latest stable version of the NSClient++ addon from <a href="http://sourceforge.net/projects/nscplus">http://sourceforge.net/projects/nscplus</a>
307
2. Unzip the NSClient++ files into a new C:\NSClient++ directory
315
3. Open a command prompt and change to the C:\NSClient++ directory
323
4. Register the NSClient++ system service with the following command:
339
5. Install the NSClient++ systray with the following command ('SysTray' is case-sensitive):
355
6. Open the services manager and make sure the NSClientpp service is allowed to interact with the desktop (see the 'Log On' tab of the services manager). If it isn't already allowed to interact with the desktop, check the box to allow it to.
363
<img src="images/nscpp.png" border="0" alt="NSClientpp">
371
7. Edit the NSC.INI file (located in the C:\NSClient++ directory) and make the following changes:
379
<li>Uncomment all the modules listed in the [modules] section, except for CheckWMI.dll and RemoteConfiguration.dll</li>
381
<li>Optionally require a password for clients by changing the 'password' option in the [Settings] section.</li>
383
<li>Uncomment the 'allowed_hosts' option in the [Settings] section. Add the IP address of the Nagios server to this line, or leave it blank to allow all hosts to connect.</li>
385
<li>Make sure the 'port' option in the [NSClient] section is uncommented and set to '12489' (the default port).</li>
395
8. Start the NSClient++ service with the following command:
411
9. If installed properly, a new icon should appear in your system tray. It will be a yellow circle with a black 'M' inside.
419
10. Success! The Windows server can now be added to the Nagios monitoring configuration...
429
<strong><u>Configuring Nagios</u></strong>
437
Now it's time to define some <a href="objectdefinitions.html">object definitions</a> in your Nagios configuration files in order to monitor the new Windows machine.
445
Open the <i>windows.cfg</i> file for editing.
453
vi /usr/local/nagios/etc/objects/windows.cfg
461
Add a new <a href="objectdefinitions.html#host">host</a> definition for the Windows machine that you're going to monitor. If this is the *first* Windows machine you're monitoring, you can simply modify the sample host definition in <i>windows.cfg</i>. Change the <i>host_name</i>, <i>alias</i>, and <i>address</i> fields to appropriate values for the Windows box.
471
use windows-server ; Inherit default values from a Windows server template (make sure you keep this line!)
475
alias My Windows Server
487
Good. Now you can add some service definitions (to the same configuration file) in order to tell Nagios to monitor different aspects of the Windows machine. If this is the *first* Windows machine you're monitoring, you can simply modify the sample service definitions in <i>windows.cfg</i>.
495
<img src="images/note.gif" border="0" align="bottom" alt="Note" title="Note"> Note: Replace "<i>winserver</i>" in the example definitions below with the name you specified in the <i>host_name</i> directive of the host definition you just added.
503
Add the following service definition to monitor the version of the NSClient++ addon that is running on the Windows server. This is useful when it comes time to upgrade your Windows servers to a newer version of the addon, as you'll be able to tell which Windows machines still need to be upgraded to the latest version of NSClient++.
517
service_description NSClient++ Version
519
check_command check_nt!CLIENTVERSION
529
Add the following service definition to monitor the uptime of the Windows server.
543
service_description Uptime
545
check_command check_nt!UPTIME
557
Add the following service definition to monitor the CPU utilization on the Windows server and generate a CRITICAL alert if the 5-minute CPU load is 90% or more or a WARNING alert if the 5-minute load is 80% or greater.
571
service_description CPU Load
573
check_command check_nt!CPULOAD!-l 5,80,90
585
Add the following service definition to monitor memory usage on the Windows server and generate a CRITICAL alert if memory usage is 90% or more or a WARNING alert if memory usage is 80% or greater.
599
service_description Memory Usage
601
check_command check_nt!MEMUSE!-w 80 -c 90
613
Add the following service definition to monitor usage of the C:\ drive on the Windows server and generate a CRITICAL alert if disk usage is 90% or more or a WARNING alert if disk usage is 80% or greater.
627
service_description C:\ Drive Space
629
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
641
Add the following service definition to monitor the W3SVC service state on the Windows machine and generate a CRITICAL alert if the service is stopped.
655
service_description W3SVC
657
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
669
Add the following service definition to monitor the Explorer.exe process on the Windows machine and generate a CRITICAL alert if the process is not running.
683
service_description Explorer
685
check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
695
That's it for now. You've added some basic services that should be monitored on the Windows box. Save the configuration file.
705
<strong><u>Password Protection</u></strong>
713
If you specified a password in the NSClient++ configuration file on the Windows machine, you'll need to modify the <i>check_nt</i> command definition to include the password. Open the <i>commands.cfg</i> file for editing.
721
vi /usr/local/nagios/etc/objects/commands.cfg
729
Change the definition of the <i>check_nt</i> command to include the "-s <PASSWORD>" argument (where PASSWORD is the password you specified on the Windows machine) like this:
739
command_name check_nt
741
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -s PASSWORD -v $ARG1$ $ARG2$
759
<strong><u>Restarting Nagios</u></strong>
767
You're done with modifying the Nagios configuration, so you'll need to <a href="verifyconfig.html">verify your configuration files</a> and <a href="startstop.html">restart Nagios</a>.
775
If the verification process produces any errors messages, fix your configuration file before continuing. Make sure that you don't (re)start Nagios until the verification process completes without any errors!
b'\\ No newline at end of file'