Basic monitoring of Windows hosts via Winrpe

Basic monitoring of Windows hosts via Winrpe


For each Windows host to monitor:

  • Windows host: Install Nagios NRPE Agent for Windows Winrpe (say host test4)
  • Windows host: Replace contents of the configuration file nrpe.cfg (default location is c:\program files\icw):
command_timeout=60
connection_timeout=300
command[pdm_disk_c]=check_pdm.exe --disk --drive C: -w 90 -c 95
command[pdm_cpuload]=check_pdm.exe --processor -w 50 -c 80
command[pdm_memory_physical]=check_pdm.exe --memory physical -w 95 -c 99
command[pdm_memory_virtual]=check_pdm.exe --memory virtual -w 95 -c 99
command[pdm_memory_pagefile]=check_pdm.exe --memory pagefile -w 95 -c 99
command[process_no_response]=check_winprocess.exe --filter "status eq NOT RESPONDING" --critical 1
command[process_total]=check_winprocess.exe --warn 150 --critical 300
command[service_auto_running]=check_winservice --startmode auto --state !running --critical 0
command[service_all]=check_winservice --warning 50 --critical 150
command[event_all_errors]=check_winevent --type error --window "5 minutes" --critical 0
command[event_audit_failures]=check_winevent --log security --type "audit failure" --critical 0
command[event_application_errors]=check_winevent --log application --source "Application Error" --warning 2 --critical 5
  • Windows host: Start Xinet Server service.
  • Nagwin host: Run the following command to check NRPE connectivity:
<plugins dir>\check_nrpe -H <ip-address-of-Windows-host>

NRPE connectivity is OK if the response is NRPE vx.xx

  • Nagwin host: Create the file test4.cfg in etc/nagios/nagwin directory with the following content:
# Define a host for the local machine
define host{
        use                     windows-server,host-pnp           
        host_name               test4
        alias                   test4
        address                 ip.add.re.ss
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Disk C
	check_command			check_nrpe!pdm_disk_c
        }
		
define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             CPU load
	check_command			check_nrpe!pdm_cpuload
        }
		
define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Memory physical
	check_command			check_nrpe!pdm_memory_physical
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Memory virtual
	check_command			check_nrpe!pdm_memory_virtual
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Memory pagefile
	check_command			check_nrpe!pdm_memory_pagefile
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Non-running automatic services 
	check_command			check_nrpe!service_auto_running
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             All services
	check_command			check_nrpe!service_all
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Error events
	check_command			check_nrpe!event_all_errors
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Audit failures
	check_command			check_nrpe!event_audit_failures
        }


define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Application errors
	check_command			check_nrpe!event_application_errors
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Non-responding processes
	check_command			check_nrpe!process_no_response
        }

define service{
        use                             generic-service,srv-pnp         
        host_name                       test4
        service_description             Total processes
	check_command			check_nrpe!process_total
        }
  • Restart Nagwin_Nagios service and check results via web interface.