Monitoring Windows server using Nagios

Monitoring windows server require installation on NSClient ++ on windows host.

How it works?

For example disk space usage needs to be monitored on windows host.
1. Nagios will execute check_nt command on nagios-server and request it to monitor disk usage on windows machine.
2. Check_nt on nagios-server will contact the NSClient++ service on remote windows host  and request it to execute USEDISKSPACE on remote host. The result will be retured back to check_nt on nagios-server  by NSClient++ daemon.

How to Install and configure NSClient++?

1. Download and install NSClient ++ from http://nsclient.org/download/
2. Modify the NSClient++ service
Type services.msc in run and  then double click on NSClient++ service in the list.  Select the check-box that says “Allow service to interact with desktop”

3. Modify the Nsclient.ini file
Edit the C:\Program Files\NSClient++\NSC.ini file
– Uncomment everything under [modules] except RemoteConfiguration.dll and CheckWMI.dll
– Uncomment allowed_host under settings and add the ipaddress of the nagios-server.
– Uncomment the port# under [NSClient] section

If you have firewall running, open the port used by NSClient ++. Default ports used are 12489, 5666 and 5667.

Configuration on Nagios Monitorng Server.

1. Verify check_nt command and windows-server template
–  Verify that the check_nt is enabled under /usr/local/nagios/etc/objects/commands.cfg
# ‘check_nt’ command definition
define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$
}

– Verify that the windows-server template is enabled under
/usr/local/nagios/etc/objects/templates.cfg
# Windows host definition template – This is NOT a real host, just a template!
define host{
name windows-server ; The name of this host template
use generic-host ; Inherit default values from the generic-host template
check_period 24×7 ; By default, Windows servers are monitored round the clock
check_interval 5 ; Actively check the server every 5 minutes
retry_interval 1 ; Schedule host check retries at 1 minute intervals
max_check_attempts 10 ; Check each server 10 times (max)
check_command check-host-alive ; Default command to check if servers are “alive”
notification_period 24×7 ; Send notification out at any time – day or night
notification_interval 30 ; Resend notifications every 30 minutes
notification_options d,r ; Only send notifications for specific host states
contact_groups admins ; Notifications get sent to the admins by default
hostgroups windows-servers ; Host groups that Windows servers should be a member of
register 0 ; DONT REGISTER THIS – ITS JUST A TEMPLATE
}

2. Uncomment windows.cfg in /usr/local/nagios/etc/nagios.cfg
# Definitions for monitoring a Windows machine
cfg_file=/usr/local/nagios/etc/objects/windows.cfg

3. Modify /usr/local/nagios/etc/objects/windows.cfg
By default a sample host definition for a windows server is given under windows.cfg, modify this to reflect
the appropriate windows server that needs to be monitored through nagios.
# Define a host for the Windows machine we’ll be monitoring
# Change the host_name, alias, and address to fit your situation
define host{
use windows-server ; Inherit default values from a template
host_name remote-windows-host ; The name we’re giving to this host
alias Remote Windows Host ; A longer name associated with the host
address 192.168.1.4 ; IP address of the remote windows host
}

4. Define windows services that should be monitored.
Following are the default windows services that are already enabled in the sample windows.cfg. Make sure
to update the host_name on these services to reflect the host_name defined in the above step.
define service{
use generic-service
host_name remote-windows-host
service_description NSClient++ Version
service_description NSClient++ Version
check_command check_nt!CLIENTVERSION
}
define service{
use generic-service
host_name remote-windows-host
service_description Uptime
check_command check_nt!UPTIME
}
define service{
use generic-service
host_name remote-windows-host
service_description CPU Load
check_command check_nt!CPULOAD!-l 5,80,90
}
define service{
use generic-service
host_name remote-windows-host
service_description Memory Usage
check_command check_nt!MEMUSE!-w 80 -c 90
}
define service{
use generic-service
host_name remote-windows-host
service_description C:\ Drive Space
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}
define service{
use generic-service
host_name remote-windows-host
service_description W3SVC
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
}
define service{
use generic-service
host_name remote-windows-host
service_description Explorer
check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
}

5. Enable Password Protection
If you specified a password in the NSC.ini file of the NSClient++ configuration file on the windows
machine, you’ll need to modify the check_nt command definition to include the pssword.

Modify the /usr/local/nagios/etc/commands.cfg file and add password as shown below.
define command{
command_name check_nt
command_line $USER1$/check_ntHOSTADDRESS$ -p 12489 -s My2Secure$Password -v $ARG1$ $ARG2$
}

6. Verify Configuration and Restart Nagios.

Verify the nagios configuration files as shown below.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

7. Restart nagios

In the next article I will cover How to install Nagios server?

One Reply to “Monitoring Windows server using Nagios”

Leave a Reply