prednisone for acute back pain problems with zantac premarin horse prescription celebrex cost anchor coumadin clinic glucophage lavender allergies side effects with taking celexa lisinopril indigestion zoloft and overeating coral calcium helps diabetes dangers of zoloft in children lexapro pill images hgh formulas plavix fever what schedule drug is depakote buy now viagra beginning side effects of lexapro orlando florida breast augmentation 3000 ordr nolvadex online ultram ultram tramadol hci tablets breast enhancement coffee coumadin and lexapro micardis and formulary drug list is augmentin a sulfa drug claritin d during pregnancy risperdal withdrawal side effects synthroid it is a drug order cialis in united states altace and cellcept prozac and forgetfulness

Nagios is a great open source monitoring tool, and allows a wide range of options for monitoring servers and network devices of all varieties. SNMP is supported as are a custom set of plugins for the monitored clients. When it comes to Windows machines, there are also good options, but configuring it and getting it working is not a ‘one-click’ operation, thus the subject of this post.

Once you get this working, you’ll be able to view the Services page of your Nagios console, and view something like this:

Nagios Services GUI with monitored Windows machine

Nagios Services GUI with monitored Windows machine

This involves utilizing the NSCA facility in Nagios, which allows you to receive passive updates into your monitoring system via a proprietary protocol. This requires installing the monitoring software on the (client, monitored) Windows machine, configuring it to point at your Nagios server, then installing it as a Windows Service. Then you will modify your Nagios configuration and add this Windows machine, as well as the names of the services on the machine that you’ve chosen to monitor.

Setting up your client(monitored) machine

There are several options for the software that can be installed on Windows to enable this monitoring. Two of the better options are NC_Net and NSClient++ - I believe these are the ones that are being currently maintained. They both provide the ability to perform active checks (Nagios server contacts Windows machine to retrieve data), but NC_Net also provides the ability to perform passive checks(Windows machine sends data to Nagios server). The fewer open ports at the firewall, and fewer ways to get into each server is certainly preferable - not to mention lessening the load on your Nagios server. So - I prefer deploying passive checks for my Windows servers. NC_Net also appears to be more extensible, and offers more options. The only downside is that it requires dotNet - currently dotNet 2.0 - but that comes with the territory, so…

Be sure to download NC_Net from its Sourceforge project page I’m currently running NC_Net 4.4.0. Note: The original(?) version available from shatterit.com - which prominently claims to be the “Official Site” - hasn’t been updated for several years, and should really be taken down. Anyway - download the one from Sourceforge and install it on your Windows host. It will run on XP and WS 2003, I’m not sure about Vista or WS2008. You’ll need to modify several configuration files. At this point, it installs by default into C:\Program Files\Montitech\NC_Net

Within the config dir, there are two files that you need to modify - startup.cfg and passive.cfg. They are well documented internally, so you can read through them to fully understand all of the options. Or - if you just want it to work quickly, enable(uncomment) the following options:

startup.cfg:

active_check false
passive_check true
passive_alwayson true
embedded_send_nsca true
host_passive <windows_machine_nagios_host_id>
ip_passive <nagios_server_ip>

passive.cfg

C testrun false
2 cputotal -l 10,80,90,5,20,90
3 uptime
4 usedspace -l C -w 80 -c 90
5 servicestate -d showall -l NC_Net
7 Memory Use
8 Perf Counter -l "\Paging file(_total)\% usage","Paging File usage is %%.4f %" -w 50 -c 60
10 Instances -l System,Process,Memory,Processor
11 EventLog -l Application,any,10,1,NC_Net,-2,start,stop,0 -w 5 -c 20

I’ve enabled just a standard set of checks for illustrative purposes here. Read through the passive.cfg file to understand the different commands and their options.

If you do not already have the dotNet framework installed on your windows machine, d/l and install it. As of this writing, NC_Net requires dotNet 2.0 - that is what I’ve installed to get NC_Net 4.4.0 working.
It is currently available at dotNet 2.0

Then, from the command line within the NC_Net dir, enter:

Net Start NC_Net

This will start NC_Net as a service, which will attempt to contact your Nagios server at the default NSCA port(5667) once it has some data to report.

Setting up your Server

If you don’t have the NSCA addon installed in conjunction with Nagios, then download it from http://www.nagios.org/download/addons/, and install it. Note: I’m running Centos 5.2, and Nagios 3.0.3. One of the prereqs for NSCA is libmcrypt - if you’re missing that (locate libmcrypt.so), then you’ll need to d/l and install that prior to compiling NSCA.


mkdir /usr/local/src
cd /usr/local/src
tar xzf {your download dir}/nsca-2.7.2.tar.gz
cd nsca-2.7.2
sh ./configure
make all
cp src/*nsca /usr/local/nagios/bin/
chown nagios.nagios /usr/local/nagios/bin/*nsca
cp sample-config/nsca.cfg /usr/local/nagios/etc/

edit the nsca.cfg file and change the IP to your Nagios server’s IP (interface that you want NSCA listening on)
server_address=<nagios_server_IP_address>

You can then start the daemon:
/usr/local/nagios/bin/nsca –c /usr/local/nagios/etc/nsca.cfg
There are a couple ways to insure that the NSCA daemon starts automagically, and you can find a complete treatment of these here: http://nagios.sourceforge.net/download/contrib/documentation/misc/NSCA_Setup.pdf

Make sure the daemon is listening: netstat -an|grep 5667, and that you’ve configured firewall(s), as well as iptables and/or selinux on your Nagios server to be able to access your NSCA daemon at port 5667.

So - depending upon how the logging of your Nagios installation is configured, you should be getting some messages via syslog - typically by default in /var/log/messages, where, after at least five minutes, you should see some messages like the following:


Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;cputotal;0;OK - load average: 0%, 0%
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;uptime;0;System Uptime - 23 day(s) 15 hour(s) 38 minute(s)
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;usedspace;0;C: - total: 19.99 Gb - used: 7.23 Gb (36%) - free 12.75 Gb (64%)
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;servicestate;0;NC_Net: Started
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;Memory Use;0;Memory usage: total:2464.94 Mb - used: 146.97 Mb (6%) - free: 2317.97 Mb (94%)
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;Perf Counter;0;"Paging File usage is %%.4f %" = 0.17 %
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;Instances;0;System: - Process: alg,svchost#2,svchost#4,svchost#3,winlogon,svchost#1,svchost,_Total,wmiprvse,inetinfo,services,spoolsv,dllhost#1,smss,logon.scr,lsass,logonui,cygrunsrv,csrss,System,msdtc,dllhost,sshd,NC_Net,snmp,Idle - Memory: - Processor: _Total,0
Sep 6 18:43:13 nagiosadmin nagios: PASSIVE SERVICE CHECK: <windows_machine_nagios_host_id>;EventLog;0;OK: No entries in Application log recently.

Setting up your host in Nagios

You’ll need to configure Nagios to have entries mirroring the host and services that you’ve just set up in your NC_Net configuration. I’ve been using Nagios Administrator, which is a decent GUI interface into the Nagios command files. It is built upon Symfony, a powerful LAMP-based framework.

You should set up the following items in this order:

Add the Command

Add a ‘check_dummy’ command (if it doesn’t already exist)

Nagis Administrator check_dummy Command

Nagis Administrator check_dummy Command

Add the Services

Add a service to correspond with each passive check that you’ve defined in the NC_Net passive.cfg file. The Service’s Name field has to correspond with the name of the check specified as the second field of each enabled check in the passive.cfg. For instance, for the ‘cputotal’ passive check, define a service like:

Nagios Administrator cputotal service

Nagios Administrator cputotal service

Note that the ‘check_dummy’ command must be specified, and flag ‘use passive-service’ must be set in the ‘Special’ field.

Add the Host

Once you’ve added all the services that correspond to the passive checks you’ve enabled, add the host that corresponds to your Windows machine:

Nagios Administrator add Windows machine

Nagios Administrator add Windows machine

Note that - most importantly - the Name must match the name specified in the NC_Net startup.cfg - <windows_machine_nagios_host_id>, and that the flag ‘active_checks_enabled’ must be set to ‘0′, and you must specify the correct IP address, host group, OS and contact group.

Nagios Administrator services for Windows machine

Nagios Administrator services for Windows machine

Scroll down and specify the correct services to match up to those in your NC_Net passive.cfg for that host.

Once you have these items all created successfully, go to the Generator screen and ‘Save’ your configuration. On your Nagios server, restart the Nagios server. service nagios restart

Now you should soon see the correct service entries on your Nagios GUI screen populated.

This is good treatment of monitoring Exchange Server with these tools.