Service not showing as running on Windows 10 machine

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
User avatar
pelicanmedia
Posts: 22
Joined: Wed Feb 22, 2017 5:32 am
Location: Colchester, Essex, UK
Contact:

Service not showing as running on Windows 10 machine

Post by pelicanmedia »

Hi,

I have 6 x Windows workstations with identical setups, 5 x Windows 7 & 1 x Windows 10 (clean install, not upgraded).
All of their .cfg files are also identical...

Code: Select all

###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
###############################################################################

# Define a host for the Windows machine we'll be monitoring
# Change the host_name, alias, and address to fit your situation

define host{
use windows-workstation
host_name cgi001
alias CGI001
address 192.168.2.121
}

###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################

# Create a service for monitoring the uptime of the server
# Change the host_name to match the name of the host you defined above

define service{
use generic-service
host_name cgi001
service_description Uptime
check_command check_nt!UPTIME
}

define service{
use generic-service
host_name cgi001
service_description CPU Load
check_command check_nt!CPULOAD!-l 5,80,90
}

define service{
use generic-service
host_name cgi001
service_description Memory Usage
check_command check_nt!MEMUSE!-w 80 -c 90
}

define service{
use generic-service
host_name cgi001
service_description Drive Space - C
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}

define service{
use generic-service
host_name cgi001
service_description Drive Space - B
check_command check_nt!USEDDISKSPACE!-l b -w 80 -c 90
}

define service {
use generic-service
host_name cgi001
service_description Updates
check_command check_updates
}

define service{
use generic-service
host_name cgi001
service_description Avast
check_command check_nt!PROCSTATE!-d SHOWALL -l avastsvc.exe
}
CGI002 is a Windows 7 Machine and shows the service avastsvc.exe as Running, which is correct...

Code: Select all

cgi002 Avast OK 16-03-2017 10:00:51 2d 16h 33m 9s 1/3 avastsvc.exe: Running
CGI001 is the Windows 10 machine and shows the service avastsvc.exe as not running, which is incorrect...

Code: Select all

cgi001 Avast CRITICAL 16-03-2017 09:58:27 2d 16h 20m 13s 3/3 avastsvc.exe: not running 
Is there something I need to change on the Windows 10 machine, or in it's config for it to work on Windows 10 ?

Thanks
dwhitfield
Former Nagios Staff
Posts: 4583
Joined: Wed Sep 21, 2016 10:29 am
Location: NoLo, Minneapolis, MN
Contact:

Re: Service not showing as running on Windows 10 machine

Post by dwhitfield »

What version of NSClient are you running?

Can you please post your nsclient.ini / nsc.ini, with important information obfuscated of course.
User avatar
pelicanmedia
Posts: 22
Joined: Wed Feb 22, 2017 5:32 am
Location: Colchester, Essex, UK
Contact:

Re: Service not showing as running on Windows 10 machine

Post by pelicanmedia »

Hi,

Sorry for delay in getting back... I am out of the office quite a lot.

I updated the NSClient to NSCP-0.5.0.62-x64 from NSCP-0.4.1.105-Win32, which kindly removed all the files in C:\Program Files (x86)\NSClient++\

Luckily I have a back up of the nsclient.ini file I use for all my Win 7 machines (which is the same on the Win 10 machine) Which is pretty much the default file bar the allowed hosts line and the last 2 for Windows Updates:

Code: Select all

# If you want to fill this file with all avalible options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help

; Undocumented section
[/modules]

; CheckDisk - CheckDisk can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckDisk = 1

; Event log Checker. - Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
CheckEventLog = 1

; Check External Scripts - A simple wrapper to run external scripts and batch files.
CheckExternalScripts = 1

; Helper function - Various helper function to extend other checks. This is also only supported through NRPE.
CheckHelpers = 1

; Check NSCP - Checkes the state of the agent
CheckNSCP = 1

; CheckSystem - Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem = 1

; CheckWMI - CheckWMI can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckWMI = 1

; NRPE server - A simple server that listens for incoming NRPE connection and handles them.
NRPEServer = 1

; NSClient server - A simple server that listens for incoming NSClient (check_nt) connection and handles them. Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
NSClientServer = 1

; Undocumented section
[/settings/default]

; ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts = 192.168.XXX.XXX

; A list of aliases available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop)
[/settings/external scripts/alias]

; alias_cpu - Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu
alias_cpu = checkCPU warn=80 crit=90 time=5m time=1m time=30s

; alias_cpu_ex - Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex
alias_cpu_ex = checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s

; alias_disk - Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk
alias_disk = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED

; alias_disk_loose - Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose
alias_disk_loose = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED ignore-unreadable

; alias_event_log - Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log
alias_event_log = CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"

; alias_file_age - Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age
alias_file_age = checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename% %write%"

; alias_file_size - Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size
alias_file_size = CheckFiles "filter=size > $ARG2$" "path=$ARG1$" MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" max-dir-depth=10

; alias_mem - Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem
alias_mem = checkMem MaxWarn=80% MaxCrit=90% ShowAll=long type=physical type=virtual type=paged type=page

; alias_process - Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process
alias_process = checkProcState "$ARG1$=started"

; alias_process_count - Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count
alias_process_count = checkProcState MaxWarnCount=$ARG2$ MaxCritCount=$ARG3$ "$ARG1$=started"

; alias_process_hung - Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung
alias_process_hung = checkProcState MaxWarnCount=1 MaxCritCount=1 "$ARG1$=hung"

; alias_process_stopped - Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped
alias_process_stopped = checkProcState "$ARG1$=stopped"

; alias_sched_all - Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all
alias_sched_all = CheckTaskSched "filter=exit_code ne 0" "syntax=%title%: %exit_code%" warn=>0

; alias_sched_long - Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long
alias_sched_long = CheckTaskSched "filter=status = 'running' AND most_recent_run_time < -$ARG1$" "syntax=%title% (%most_recent_run_time%)" warn=>0

; alias_sched_task - Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task
alias_sched_task = CheckTaskSched "filter=title eq '$ARG1$' AND exit_code ne 0" "syntax=%title% (%most_recent_run_time%)" warn=>0

; alias_service - Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service
alias_service = checkServiceState CheckAll

; alias_service_ex - Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex
alias_service_ex = checkServiceState CheckAll "exclude=Net Driver HPZ12" "exclude=Pml Driver HPZ12" exclude=stisvc

; alias_up - Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up
alias_up = checkUpTime MinWarn=1d MinWarn=1h

; alias_updates - Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates
alias_updates = check_updates -warning 0 -critical 0

; alias_volumes - Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes
alias_volumes = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED

; alias_volumes_loose - Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose
alias_volumes_loose = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED ignore-unreadable 

; default - Alias for default. To configure this item add a section called: /settings/external scripts/alias/default
default = 

[/settings/external scripts/scripts]
check_updates=cmd /c echo scripts\check_windows_updates.ps1; exit $LastExitCode | powershell.exe -command -
After upgrading the NSClient I am now getting the following... The Updates check worked fine with NSCP-0.4.1.105-Win32 (CGI002 (Win 7) for comparison):
Image

It's a bit difficult to get on these machines as they are being used during the day then set for rendering in the evening. If you require any more info please let me know.

Sorry again for the delay.
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Service not showing as running on Windows 10 machine

Post by mcapra »

You might try adding the following settings to the machine's NSClient++ configuration:

Code: Select all

[/settings/NRPE/server]
verify mode = none
insecure = true
allow arguments = true
allow nasty characters=true
Though i'd have to see the Nagios Core command definition for check_updates to be sure that would fix it.

It might also be more appropriate to use PROCSTATE if avastsvc.exe is a process:

Code: Select all

PROCSTATE =
  Check if one or several process are running.
  Same syntax as SERVICESTATE.
Former Nagios employee
https://www.mcapra.com/
User avatar
pelicanmedia
Posts: 22
Joined: Wed Feb 22, 2017 5:32 am
Location: Colchester, Essex, UK
Contact:

Re: Service not showing as running on Windows 10 machine

Post by pelicanmedia »

Hi @mcapra

Thanks for your input. I have not been able to get onto the machine in question yet. But I can get on to the Nagios computer...

From commands.cfg...

Code: Select all

# 'check_updates' command definition
define command{
		command_name		check_updates
		command_line		$USER1$/check_nrpe -H $HOSTADDRESS$ -c check_updates -t 30
		}
I already have PROCSTATE in the .cfg file for that machine (and the Windows 7 ones too)...

Code: Select all

define service{
		use							generic-service
		host_name					cgi001
		service_description		Avast
		check_command				check_nt!PROCSTATE!-d SHOWALL -l avastsvc.exe
		}
I'm probably going to go back to NSCP-0.4.1.105-Win32 as I know that works (as with most updates from Nagios, they seem to do more damage than good) I'd rather know if the machine has updates over if the AV is running.
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Service not showing as running on Windows 10 machine

Post by mcapra »

If you want to troubleshoot the PROCSTATE issue for the AV from 0.4.1, that'd be fine to. Let us know if there's any errors produced.
Former Nagios employee
https://www.mcapra.com/
Locked