Using NRPE for windows server

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

That worked now all i need to do is have it show up on nagios side now to receive system checks from the windows servers. I know i need to create a template and add the service to it can you point me in the right direction on this thanks.
npolovenko wrote:@skypete, Looks like your nsclient.ini file is missing a few config options. Try replacing the whole ini file with mine below.

Code: Select all

# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help
; TODO
[/settings/default]
; Undocumented key
password = 12345 
; Undocumented key
allowed hosts = 127.0.0.1,::1,192.168.128.130
; CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server.
cache allowed hosts = 1
; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout = 30
; TODO
[/modules]
; Undocumented key
CheckHelpers = 1
; Undocumented key
CheckEventLog = 1
; Undocumented key
CheckNSCP = 1
; Undocumented key
CheckSystem = 1
; Undocumented key
NSClientServer = 1
; NRPEServer - A server that listens for incoming NRPE connection and processes incoming requests.
NRPEServer = 1
; CheckExternalScripts - Execute external scripts
CheckExternalScripts = 1
; CheckDisk - CheckDisk can check various file and disk related things.
CheckDisk = 1
; A set of options to configure the real time checks
[/settings/system/windows/real-time]
; Configure which services has to be in which state
[/settings/system/windows/service mapping]
; TODO
[/settings/system/windows/counters/default]
; TODO
[/settings/system/windows/counters]
; TODO
[/settings/log/file]
; TODO
[/settings/log]
; LOG LEVEL - Log level to use. Available levels are error,warning,info,debug,trace
level = debug
; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S
; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log
; TODO
[/settings/system/windows]
; DEFAULT LENGTH - Used to define the default interval for range buffer checks (ie. CPU).
default buffer length = 1h
; TODO
[/settings/external scripts/scripts/default]
; IGNORE PERF DATA - Do not parse performance data from the output
ignore perfdata = 1
; A list of wrapped scripts (ie. scruts using a template mechanism). The template used will be defined by the extension of the script.
[/settings/external scripts/wrapped scripts]
check_windows_time = check_windows_time.bat.pool.ntp.org $ARG1$ $ARG2$
; TODO
[/settings/external scripts/alias]
; TODO
[/settings/eventlog/real-time/filters/default]
; EMPTY MESSAGE - The message to display if nothing matches the filter (generally considered the ok state).
empty message = eventlog found no records
; MAGIMUM AGE - How long before reporting "ok". If this is set to "false" no periodic ok messages will be reported only errors.
maximum age = 5m
; A set of filters to use in real-time mode
[/settings/eventlog/real-time/filters]
; TODO
[/settings/eventlog/real-time]
; STARTUP AGE - The initial age to scan when starting NSClient++
startup age = 30m
; REAL TIME CHECKING - Spawns a background thread which detects issues and reports them back instantly.
enabled = 0
; LOGS TO CHECK - Comma separated list of logs to check
log = application,system
; DEBUG - Log missed records (useful to detect issues with filters) not useful in production as it is a bit of a resource hog.
debug = 0
; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
[/settings/external scripts/scripts]
restart_service = scripts\restart_service.bat "$ARG1$"
check_windows_time=scripts\check_windows_time.bat $ARG1$
; TODO
[/settings/external scripts/alias/default]
; TODO
[/settings/shared session]
; TODO
[/settings/crash]
; RESTART SERVICE NAME - The url to submit crash reports to
restart target = NSCP
; CRASH ARCHIVE LOCATION - The folder to archive crash dumps in
archive folder = ${crash-folder}
; RESTART - Submit crash reports to nsclient.org (or your configured submission server)
restart = true
; SUBMISSION URL - The url to submit crash reports to
submit url = https://crash.nsclient.org/post
; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder
archive = true
; A set of filters to use in real-time mode
[/settings/system/windows/real-time/checks]
; TODO
[/settings/NSClient/server]
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 0
; PORT NUMBER - Port to use for check_nt.
port = 12489
; PERFORMANCE DATA - Send performance data back to Nagios (set this to 0 to remove all performance data).
performance data = 1
; TODO
[/settings/external scripts]
; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout = 80
; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true
; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true
; TODO
[/paths]
; Path for shared-path - 
shared-path = C:\Program Files\NSClient++
; Path for module-path - 
module-path = ${shared-path}/modules
; Path for crash-folder - 
crash-folder = ${shared-path}/crash-dumps
; Path for exe-path - 
exe-path = C:\Program Files\NSClient++
; Path for certificate-path - 
certificate-path = ${shared-path}/security
; Path for base-path - 
base-path = C:\Program Files\NSClient++
; Files to be included in the configuration
[/includes]
; TODO
[/settings/eventlog]
; DEBUG - Log more information when filtering (useful to detect issues with filters) not useful in production as it is a bit of a resource hog.
debug = 0
; LOOKUP NAMES - Lookup the names of eventlog files
lookup names = 1
; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
buffer size = 131072
; TODO
[/settings/external scripts/wrappings]
; BATCH FILE WRAPPING - 
bat = scripts\\%SCRIPT% %ARGS%
; VISUAL BASIC WRAPPING - 
vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%
; POWERSHELL WRAPPING - 
ps1 = cmd /c echo If (-Not (Test-Path "scripts\%SCRIPT%") ) { Write-Host "UNKNOWN: Script `"%SCRIPT%`" not found."; exit(3) }; scripts\%SCRIPT% $ARGS$; exit($lastexitcode) | powershell.exe /noprofile -command -
; TODO

[/settings/NRPE/server]

; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket.  default-workarounds  Various workarounds for what I understand to be broken ssl implementations no-sslv2  Do not use the SSLv2 protocol. no-sslv3  Do not use the SSLv3 protocol. no-tlsv1  Do not use the TLSv1 protocol. single-dh-use  Always create a new key when using temporary/ephemeral DH parameters. This option must be used to prevent small subgroup attacks, when the DH parameters were not generated using "strong" primes (e.g. when using DSA-parameters).   
ssl options = 

; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket.  none  The server will not send a client certificate request to the client, so the client will not send a certificate. peer  The server sends a client certificate request to the client and the certificate returned (if any) is checked. fail-if-no-cert  if the client did not return a certificate, the TLS/SSL handshake is immediately terminated. This flag must be used together with peer. peer-cert  Alias for peer and fail-if-no-cert. workarounds  Various bug workarounds. single  Always create a new key when using tmp_dh parameters. client-once  Only request a client certificate on the initial TLS/SSL handshake. This flag must be used together with verify-peer   
verify mode = none

; ALLOW INSECURE CHIPHERS and ENCRYPTION - Only enable this if you are using legacy check_nrpe client.
insecure = true
allow arguments = true
allow nasty characters = true

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 1

; PORT NUMBER - Port to use for NRPE.
port = 5666
After you replaced it please restart NSclient(you can do that from the command line or from the GUI windows services menu).
Untitled.png
After that, you may navigate to the /usr/local/nagios/libexec/ folder on your Nagios server and run the following command:

Code: Select all

./check_nt -H 192.168.3.244 -s "12345" -p 12489 -v CPULOAD -l 5,80,90
*Replace the IP address with your windows Server's IP.
You could also run this command:

Code: Select all

 ./check_nrpe -H 192.168.3.244
Let us know if these commands fail or succeed.
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Using NRPE for windows server

Post by npolovenko »

@skypete, Great. Here're the further steps:

1. In Nagios Core server create a new check command definition. Usually, if you navigate to:

Code: Select all

/usr/local/nagios/etc/objects/
You'll see the commands.cfg file. Add the following command inside this file:

Code: Select all

define command {
    command_name    check_nt
    command_line    $USER1$/check_nt -H $HOSTADDRESS$ -s "$ARG1$" -p 12489 -v $ARG2$ $ARG3$ $ARG4$
}
Save and exit.
2. Next, in the same folder create a new host.cfg file, you can name it anything you like. Put the following inside:

Code: Select all

define host {
    host_name              Host name goes here
    address                 192.168.1.10
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    contacts                nagiosadmin
    notification_interval   60
    notification_period     24x7
    notifications_enabled   1
}

define service {
    host_name              Host name goes here
    service_description     CPU Usage
    check_command          check_nt!12345!CPULOAD!-l 5,80,90
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}

define service {
    host_name              Host name goes here
    service_description     Drive C: Disk Usage
    check_command          check_nt!12345!USEDDISKSPACE!-l C -w 80 -c 95
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}

define service {
    host_name              Host name goes here
    service_description      Memory Usage
    check_command          check_nt!12345!MEMUSE!-c 80!!!!!
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}


define service {
    host_name              Host name goes here
    service_description     Uptime
    check_command          check_nt!12345!UPTIME
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}


Don't forget to replace my IP address with your remote server IP address.
Save and exit.

3. Next, you need to include this config file in the main nagios.cfg file(/usr/local/nagios/etc/nagios.cfg).
Find the paragraph that consists of cfg_file paths and add a new one:

Code: Select all

cfg_file=/usr/local/nagios/etc/objects/name of the config file that you created earlier
4. Restart nagios core with:

Code: Select all

service nagios restart
More info on kinds of available checks can be found here: https://support.nagios.com/kb/category.php?id=186
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Hi thanks for this wanted to ask will this use the check_nrpe as well thanks.
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Using NRPE for windows server

Post by npolovenko »

@skypete, It uses check_nt right now, but you could use nrpe instead. You can add check_nrpe command to the commands.cfg file(you might already have it in there).

Code: Select all

define command {
   command_name                             check_nrpe
   command_line                             $USER1$/check_nrpe -H $HOSTADDRESS$ -t 30 -c $ARG1$ $ARG2$
}
Then you'd need to modify service definitions to use nrpe commands instead. Use the link-reference from my previous post to find the commands you're looking for. Or is there a particular nrpe check that you want to add?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

What would go on the new host.cfg file? Just want to run the basic nrpe checks similiar to check_nt but just want to run nrpe instead of check_nt thanks
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Using NRPE for windows server

Post by npolovenko »

@skypete, Here's a few examples:

Code: Select all

define host {
    host_name              Host name goes here
    address                 192.168.1.10
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    contacts                nagiosadmin
    notification_interval   60
    notification_period     24x7
    notifications_enabled   1
}


define service {
    host_name                  Host name goes here
    service_description     Current load
    check_command          check_nrpe!check_cpu
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}

define service {
    host_name              Host name goes here
    service_description     Total Processes
    check_command           check_nrpe!check_process
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}

define service {
    host_name              Host name goes here
    service_description      Uptime
    check_command          check_nrpe!check_uptime!-a 'warn= uptime > 1d' 'crit= uptime > 1d'
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
}



As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

ok I add those services to the .cfg file in objects folder I restarted nagios services and restart the nsclient on the windows server no luck showing up in nagios. My question should I reinstall the client and check enable NRPE server (check_nrpe) and check Insecure legacy mode (required by old check_nrpe)?
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Using NRPE for windows server

Post by npolovenko »

@skypete, Are you saying that the new services are not showing up in the Web Interface or that these checks are not receiving any data? Please run the following command and share the output:

Code: Select all

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Hi yes the new services are not showing up in the web interface in nagios. I did run that command and no errors show up.
Also here is the settings I checked in the nsclient, I reinstalled it due to me not wanting to use the check_nt hope this helps and thank you for your help.
Attachments
Nsclient settings.JPG
skypete
Posts: 98
Joined: Sat Dec 02, 2017 11:44 pm

Re: Using NRPE for windows server

Post by skypete »

Hi could you please post a link of samples of check_nrpe services thanks.
Locked