Using NRPE for windows server

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
dwhitfield
Former Nagios Staff
Posts: 4583
Joined: Wed Sep 21, 2016 10:29 am
Location: NoLo, Minneapolis, MN
Contact:

Re: Using NRPE for windows server

Post by dwhitfield »

You don't need a windows.cfg. You can put the hosts and service configs where you like.

You'll need a command definition that looks something like

Code: Select all

define command{
        command_name    check_nrpe
        command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -t 20
        }
I don't know what checks you are trying to run, but let's assume you want to check the swap. In the service definition, you'll want something like check_command check_nrpe!check_swap!20!10.

You can see the full requirements for the host object and service object at https://assets.nagios.com/downloads/nag ... tions.html
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

AnyLuck?
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

I just want to get the basics to work for now that is all.
dwhitfield
Former Nagios Staff
Posts: 4583
Joined: Wed Sep 21, 2016 10:29 am
Location: NoLo, Minneapolis, MN
Contact:

Re: Using NRPE for windows server

Post by dwhitfield »

It doesn't look like you followed our documentation at https://assets.nagios.com/downloads/nag ... ios-XI.pdf

Please modify the NSClient.ini as directed in the document and then send your nsclient.ini for review if it is still not working.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

I followed the guides and enabled the nrpe listener still no luck. i ran telnet <IP Address> 5666 and the getting connection refused. the Firewall is open and can ping to my nagios core server. here is my ini file for my windows machine thanks.
Attachments
nsclient.ini
(28.5 KiB) Downloaded 472 times
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Could you please post a KB on how to step by step add the check_nrpe template in nagios as well thanks so much :D
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Where do you add this command?
dwhitfield wrote:You don't need a windows.cfg. You can put the hosts and service configs where you like.

You'll need a command definition that looks something like

Code: Select all

define command{
        command_name    check_nrpe
        command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -t 20
        }
I don't know what checks you are trying to run, but let's assume you want to check the swap. In the service definition, you'll want something like check_command check_nrpe!check_swap!20!10.

You can see the full requirements for the host object and service object at https://assets.nagios.com/downloads/nag ... tions.html
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Here the info your requested after running that command.
bolson wrote:Have you installed NSClient++ on the Windows host? Any installation issues? Can you run the following command from you ubuntu host and post the result:

Code: Select all

telnet <ip_addr_of_windows_host> 5666
Attachments
telent 5666.PNG
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Using NRPE for windows server

Post by npolovenko »

@skypete, Looks like your nsclient.ini file is missing a few config options. Try replacing the whole ini file with mine below.

Code: Select all

# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help
; TODO
[/settings/default]
; Undocumented key
password = 12345 
; Undocumented key
allowed hosts = 127.0.0.1,::1,192.168.128.130
; CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server.
cache allowed hosts = 1
; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout = 30
; TODO
[/modules]
; Undocumented key
CheckHelpers = 1
; Undocumented key
CheckEventLog = 1
; Undocumented key
CheckNSCP = 1
; Undocumented key
CheckSystem = 1
; Undocumented key
NSClientServer = 1
; NRPEServer - A server that listens for incoming NRPE connection and processes incoming requests.
NRPEServer = 1
; CheckExternalScripts - Execute external scripts
CheckExternalScripts = 1
; CheckDisk - CheckDisk can check various file and disk related things.
CheckDisk = 1
; A set of options to configure the real time checks
[/settings/system/windows/real-time]
; Configure which services has to be in which state
[/settings/system/windows/service mapping]
; TODO
[/settings/system/windows/counters/default]
; TODO
[/settings/system/windows/counters]
; TODO
[/settings/log/file]
; TODO
[/settings/log]
; LOG LEVEL - Log level to use. Available levels are error,warning,info,debug,trace
level = debug
; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S
; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log
; TODO
[/settings/system/windows]
; DEFAULT LENGTH - Used to define the default interval for range buffer checks (ie. CPU).
default buffer length = 1h
; TODO
[/settings/external scripts/scripts/default]
; IGNORE PERF DATA - Do not parse performance data from the output
ignore perfdata = 1
; A list of wrapped scripts (ie. scruts using a template mechanism). The template used will be defined by the extension of the script.
[/settings/external scripts/wrapped scripts]
check_windows_time = check_windows_time.bat.pool.ntp.org $ARG1$ $ARG2$
; TODO
[/settings/external scripts/alias]
; TODO
[/settings/eventlog/real-time/filters/default]
; EMPTY MESSAGE - The message to display if nothing matches the filter (generally considered the ok state).
empty message = eventlog found no records
; MAGIMUM AGE - How long before reporting "ok". If this is set to "false" no periodic ok messages will be reported only errors.
maximum age = 5m
; A set of filters to use in real-time mode
[/settings/eventlog/real-time/filters]
; TODO
[/settings/eventlog/real-time]
; STARTUP AGE - The initial age to scan when starting NSClient++
startup age = 30m
; REAL TIME CHECKING - Spawns a background thread which detects issues and reports them back instantly.
enabled = 0
; LOGS TO CHECK - Comma separated list of logs to check
log = application,system
; DEBUG - Log missed records (useful to detect issues with filters) not useful in production as it is a bit of a resource hog.
debug = 0
; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
[/settings/external scripts/scripts]
restart_service = scripts\restart_service.bat "$ARG1$"
check_windows_time=scripts\check_windows_time.bat $ARG1$
; TODO
[/settings/external scripts/alias/default]
; TODO
[/settings/shared session]
; TODO
[/settings/crash]
; RESTART SERVICE NAME - The url to submit crash reports to
restart target = NSCP
; CRASH ARCHIVE LOCATION - The folder to archive crash dumps in
archive folder = ${crash-folder}
; RESTART - Submit crash reports to nsclient.org (or your configured submission server)
restart = true
; SUBMISSION URL - The url to submit crash reports to
submit url = https://crash.nsclient.org/post
; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder
archive = true
; A set of filters to use in real-time mode
[/settings/system/windows/real-time/checks]
; TODO
[/settings/NSClient/server]
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 0
; PORT NUMBER - Port to use for check_nt.
port = 12489
; PERFORMANCE DATA - Send performance data back to Nagios (set this to 0 to remove all performance data).
performance data = 1
; TODO
[/settings/external scripts]
; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout = 80
; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true
; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true
; TODO
[/paths]
; Path for shared-path - 
shared-path = C:\Program Files\NSClient++
; Path for module-path - 
module-path = ${shared-path}/modules
; Path for crash-folder - 
crash-folder = ${shared-path}/crash-dumps
; Path for exe-path - 
exe-path = C:\Program Files\NSClient++
; Path for certificate-path - 
certificate-path = ${shared-path}/security
; Path for base-path - 
base-path = C:\Program Files\NSClient++
; Files to be included in the configuration
[/includes]
; TODO
[/settings/eventlog]
; DEBUG - Log more information when filtering (useful to detect issues with filters) not useful in production as it is a bit of a resource hog.
debug = 0
; LOOKUP NAMES - Lookup the names of eventlog files
lookup names = 1
; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
buffer size = 131072
; TODO
[/settings/external scripts/wrappings]
; BATCH FILE WRAPPING - 
bat = scripts\\%SCRIPT% %ARGS%
; VISUAL BASIC WRAPPING - 
vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%
; POWERSHELL WRAPPING - 
ps1 = cmd /c echo If (-Not (Test-Path "scripts\%SCRIPT%") ) { Write-Host "UNKNOWN: Script `"%SCRIPT%`" not found."; exit(3) }; scripts\%SCRIPT% $ARGS$; exit($lastexitcode) | powershell.exe /noprofile -command -
; TODO

[/settings/NRPE/server]

; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket.  default-workarounds  Various workarounds for what I understand to be broken ssl implementations no-sslv2  Do not use the SSLv2 protocol. no-sslv3  Do not use the SSLv3 protocol. no-tlsv1  Do not use the TLSv1 protocol. single-dh-use  Always create a new key when using temporary/ephemeral DH parameters. This option must be used to prevent small subgroup attacks, when the DH parameters were not generated using "strong" primes (e.g. when using DSA-parameters).   
ssl options = 

; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket.  none  The server will not send a client certificate request to the client, so the client will not send a certificate. peer  The server sends a client certificate request to the client and the certificate returned (if any) is checked. fail-if-no-cert  if the client did not return a certificate, the TLS/SSL handshake is immediately terminated. This flag must be used together with peer. peer-cert  Alias for peer and fail-if-no-cert. workarounds  Various bug workarounds. single  Always create a new key when using tmp_dh parameters. client-once  Only request a client certificate on the initial TLS/SSL handshake. This flag must be used together with verify-peer   
verify mode = none

; ALLOW INSECURE CHIPHERS and ENCRYPTION - Only enable this if you are using legacy check_nrpe client.
insecure = true
allow arguments = true
allow nasty characters = true

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 1

; PORT NUMBER - Port to use for NRPE.
port = 5666
After you replaced it please restart NSclient(you can do that from the command line or from the GUI windows services menu).
Untitled.png
After that, you may navigate to the /usr/local/nagios/libexec/ folder on your Nagios server and run the following command:

Code: Select all

./check_nt -H 192.168.3.244 -s "12345" -p 12489 -v CPULOAD -l 5,80,90
*Replace the IP address with your windows Server's IP.
You could also run this command:

Code: Select all

 ./check_nrpe -H 192.168.3.244
Let us know if these commands fail or succeed.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Thank you i will try this really appreciate your help.
Locked