Agentless WMI monitoring of Windows hosts

Nagwin example - WMI monitoring of Windows hosts

 

All operations will be done on the Nagwin machine:

  • Copy contents of check_wmic archive to <inst-dir>/plugins/check_wmic directory (if it doesn't exist before)
  • Add macroes $USER10$ (login name) and $USER11$ (password) to etc/nagios/resource.cfg file. Those two macroes will be used as credentials during remote WMI connections.

# Store some usernames and passwords (hidden from the CGIs)
$USER10$=wmi-user
$USER11$=wmi-password

NB! User with local admin privileges works best. However, please consider security implications of making such privileges visible in a file. Make sure that resources.cfg is only readable by the service account (SvcNagwin as default)

  • Define following commands in the nagios configuration directory (<inst.dir>/nagios/nagwin/wmi-commands.cfg for example):

################################################################################
#
# CHECK_WMIC COMMANDS
#
################################################################################

# 'wmic_cpu_load' command definition
#
define command{
    command_name    wmic_cpu_load
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias cpu --property LoadPercentage --format "CPU load %.2f%.|'CPU Load'=%.2f%" $ARG1$
}

# 'wmic_local_disk_free' command definition
#
define command{
    command_name    wmic_local_disk_free
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias "LogicalDisk where DeviceID='$ARG1$:'" --property FreeSpace --factor 0.0000009536743 --format "Free disk space on $ARG1$: %.2f MB|'Free $ARG1$:'=%.2fMB" $ARG2$
}

# 'wmic_physical_memory_free' command definition
#
define command{
    command_name    wmic_physical_memory_free
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias OS --property FreePhysicalMemory --factor 0.0009765625 --format "Free physical memory: %.2f MB|'free mem physical'=%.2fMB" $ARG1$
}

# 'wmic_virtual_memory_free' command definition
#
define command{
    command_name    wmic_virtual_memory_free
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias OS --property FreeVirtualMemory --factor 0.0009765625 --format "Free virtual memory: %.2f MB|'free mem virtual'=%.2fMB" $ARG1$
}

# 'wmic_pagefile_inuse' command definition
#
define command{
    command_name    wmic_pagefile_inuse
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias Pagefile --property CurrentUsage --format "Current usage: %.2f MB|'current usage'=%.2fMB" $ARG1$
}

# 'wmic_non_running_auto_services' command definition
#
define command{
    command_name    wmic_non_running_auto_services
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias "Service where (StartMode='Auto' And State!='Running')" --property Name --count --format "%d non-running automatic services."
}

# 'wmic_defined_services' command definition
#
define command{
    command_name    wmic_defined_services
    command_line    $USER1$/check_wmic/check_wmic --host $HOSTADDRESS$ --user $USER10$ --password $USER11$ --alias Service --property Name --count --format "%d defined services." $ARG1$
}

 

  • Create a configuration file for each host in etc/nagios/nagwin directory:
# Define a host for the local machine
define host{
use windows-server,host-pnp
host_name host-200
alias Windows 2008
address ip.add.re.ss
}

define service{
use generic-service,srv-pnp
host_name host-200
service_description CPU Load
check_command wmic_cpu_load
}

define service{
use generic-service,srv-pnp
host_name host-200
service_description Disk C
check_command wmic_local_disk_free!C!--warn 1000 --crit 250
}

define service{
use generic-service,srv-pnp
host_name host-200
service_description Physical memory free
check_command wmic_physical_memory_free
}

define service{
use generic-service,srv-pnp
host_name host-200
service_description Virtual memory free
check_command wmic_virtual_memory_free
}

define service{
use generic-service,srv-pnp
host_name host-200
service_description Pagefile in use
check_command wmic_pagefile_inuse
}

define service{
use generic-service,srv-pnp
host_name host-200
service_description Non-running automatic services
check_command wmic_non_running_auto_services!--warn 1 --crit 3
}

  • Restart Nagwin_Nagios service and check results via web interface.