NavigationSyndicateUser login |
NAGIOS - Win32APIProxyThis NAGIOS plugin allows to remotely monitor Windows hosts in a agentless fashion. Technically it is using the Win32 API from a Windows proxy server to the remote host. Syntax wise it mirrors NSClient++ features. Historically my friend decided to move away from HP SiteScope to Nagios. A large amount of 'monitors' (SiteScope lingo, 'service' in Nagios terminology) were related to Windows servers, monitored via the Win32 API, what Sitescope refers as NetBIOS protocol. Installing the NSClient++ agent, new to the team, was a concern for both security and stability of each server. Then naturally came the need to support the existing server infrastructure setup without any change. ArchitectureThe Win32APIProxy is a small Perl script which runs on a Windows host. This proxy acts as a bridge between the UNIX world and the Windows world. Nagios connects to the proxy via HTTP(s) protocol using a POST command, the request is received by Apache Web Server and the proxy, configured as a CGI script, issues a Win32 call to the target Windows host. The link between the proxy and the proxy must be setup and security on remote host properly setup. Download Win32APIProxySource code can be downloaded from SourceForge. How to Install Win32APIProxy - Proxy ServerYou need a Windows OS machine to install the proxy.
HOST_DATA_DIR=c:\win32apiproxy\hostdata\ PROXY_LOG=c:\win32apiproxy\proxy.log
How to Install Win32APIProxy - Nagios Server
cpan install "Nagios::Plugin"
PROXY_URL=http://192.168.1.4:8080/cgi-bin/win32apiproxy.pl #Security (used if USERNAME is not empty) NETLOC=192.168.1.4:8080 REALM=myrealm USERNAME=nagiossvr PASSWORD=pass123
# 'check_win32apiproxy' command definition define command{ command_name check_win32apiproxy command_line $USER1$/check_win32apiproxy.pl -H $HOSTADDRESS$ -v $ARG1$ $ARG2$ }
define host{ use windows-server host_name Win32APIProxyServer alias WIN32API Proxy Server address 192.168.1.4 } define service{ use generic-service host_name Win32APIProxyServer service_description Proxy Version check_command check_win32apiproxy!PROXYVERSION } How to Monitor a HostTo check if step 1 and 2 are required, you can use either the HTML test page or the check script and submit one operation.
Port 135/TCP (I did not see traffic on this port though)
D:\>net use \\winserver /user:winserver\nagiosusr xxxpwdxxx /PERSISTENT:YES The command completed successfully. D:\>net use New connections will be remembered. Status Local Remote Network ------------------------------------------------------------------------------- OK \\winserver\IPC$ Microsoft Windows Network The command completed successfully. D:\>
define host{ use windows-server host_name winserver alias My Win32 Windows Server address 192.168.1.5 }
define service{ use generic-service host_name winserver service_description Uptime check_command check_win32apiproxy!UPTIME } define service{ use generic-service host_name winserver service_description CPU Load check_command check_win32apiproxy!CPULOAD!-w 80 -c 90 } define service{ use generic-service host_name winserver service_description Memory Usage check_command check_win32apiproxy!MEMUSE!-w 80 -c 90 } define service{ use generic-service host_name winserver service_description C:\ Drive Space check_command check_win32apiproxy!USEDDISKSPACE!-l c -w 80 -c 90 } define service{ use generic-service host_name winserver service_description ALG Service check_command check_win32apiproxy!SERVICESTATE!-l alg } define service{ use generic-service host_name winserver service_description Explorer check_command check_win32apiproxy!PROCSTATE!-l Explorer } Script Syntax$ ./check_win32apiproxy.pl -h Program: check_win32apiproxy.pl, version:0.01 Usage: check_win32apiproxy.pl -H host -v variable [-w warning] [-c critical] [-l params] [-t timeout] -H, --hostname=HOST Name of the host to check -w, --warning=INTEGER Threshold which will result in a warning status -c, --critical=INTEGER Threshold which will result in a critical status -l, --params=PARAMS Threshold which will result in a critical status -t, --timeout=INTEGER Seconds before connection attempt times out (default: 10) -h, --help Print this help screen -V, --version Print version information -v, --variable=STRING Variable to check Valid variables are: PROXYVERSION = Get the remote win32apiproxy version Will return warning if check script and proxy version differ UPTIME = Get the uptime of the machine No specific parameters Warning and critical thresholds (in seconds) can be specified with -w and -c CPULOAD = Average CPU load since the last query Warning and critical thresholds (in CPU busy %) can be specified with -w and -c USEDDISKSPACE = Size (GB) and percentage of disk use Request a -l parameter containing the drive letter only Warning and critical thresholds (in disk used %) can be specified with -w and -c MEMUSE = Virtual and Physical Memory use (MB). Warning and critical thresholds (in virtual memory used %) can be specified with -w and -c SERVICESTATE = Check the state of one or several services. Return critical if at least 1 service is not in SERVICE_RUNNING state Request a -l parameters with the following syntax: -l <service1>,<service2>,<service3>,... PROCSTATE = Check if one or several process are running Same syntax as SERVICESTATE Sample Script Outputs$ ./check_win32apiproxy.pl -v PROXYVERSION Report Issues or Request EnhancementsJust click on the "Contact" link inside the top left box. In case of issue, I am glad to track down what went wrong and get the Win32API Proxy fixed ASAP. Up-Coming Enhancements
Version History
|