Page 1 of 1

CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Wed May 15, 2019 3:39 pm
by fodmidoid
Hi Everyone,

I set up a plugin I found on Nagios Exchange called, "Check Windows Updates using Powershell" (link below) on my Nagios Core 4 server.

It is working for all but one of my 28 Windows 2016/2008 R2 servers and I can't figure out why. I set it up exactly the same way as all the other servers. I'm hoping someone here can give help.

Here is the link to the plugin https://exchange.nagios.org/directory/Plugins/Operating-Systems/Windows-NRPE/Check-Windows-Updates-using-Powershell/details

I have attached the script, as well as the nsclient.ini file. Any help would be greatly appreciated. Thanks!

Here is the result of running the following command:
[root@nagioscore objects]# /usr/local/nagios/libexec/check_nrpe -H 10.0.0.xxx -c check_updates
Missing expression after unary operator '-'.
At line:1 char:2
+ -j <<<< oin $htReplace.Keys
$htReplace[$args[0].value] U$htReplace[$args[0].value] p$htReplace[$args[0].value] d$htReplace[$args[0].value] a$htReplace[$args[0].value] t$htReplace[$args[0].value] e$htReplace[$args[0].value] s$htReplace[$args[0].value] :$htReplace[$args[0].value] $htReplace[$args[0].value] 6$htReplace[$args[0].value] $htReplace[$args[0].value] c$htReplace[$args[0].value] r$htReplace[$args[0].value] i$htReplace[$args[0].value] t$htReplace[$args[0].value] i$htReplace[$args[0].value] c$htReplace[$args[0].value] a$htReplace[$args[0].value] l$htReplace[$args[0].value] ,$htReplace[$args[0].value] $htReplace[$args[0].value] 2$htReplace[$args[0].value] 5$htReplace[$args[0].value] $htReplace[$args[0].value] o$htReplace[$args[0].value] p$htReplace[$args[0].value] t$htReplace[$args[0].value] i$htReplace[$args[0].value] o$htReplace[$args[0].value] n$htReplace[$args[0].$htRe] a$htReplace[$args[0].value] l$htReplace[$args[0].value]

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Wed May 15, 2019 4:39 pm
by npolovenko
@fodmidoid, Please replace the existing nsclient.ini file with the one I attached to this post. Then restart the NSCLient service on the windows server.
Open a command prompt as an administrator on your Windows machine and execute the following command:
Code: Select all
powershell.exe Set-ExecutionPolicy Bypass

Then on the nagios server use this command:
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H XXX.XX.XX -t 60 -c check_updates

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Thu May 16, 2019 8:33 am
by fodmidoid
Thanks for the quick reply. I replaced the nsclient.ini file with the one you gave me, but was unable to set the execution policy to Bypass. I think this particular server is running PowerShell version 1, which might explain that, but I can't be sure. I've attached a screenshot of the results and, in its place, thought I'd try running the command, "Set-ExecutionPolicy Unrestricted" and restarted the NSClient++ (x64) service. Then, I ran the command you gave me on the Nagios server, which returned the following results:

[root@nagioscore objects]# /usr/local/nagios/libexec/check_nrpe -H xxx.xxx.xxx -t 60 -c check_updates
CHECK_NRPE: Invalid packet type received from server.

Thanks again.

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Thu May 16, 2019 11:59 am
by npolovenko
@fodmidoid, Can you check if you're able to manually execute the check_windows_updates.ps1 script from the PowerShell terminal? Also, please upload the nsclient.log file.

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Thu May 16, 2019 1:49 pm
by fodmidoid
Here are the result of running it locally in PowerShell, as well as the nsclient.log file. Thanks.

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Thu May 16, 2019 3:08 pm
by npolovenko
@fodmidoid, Looks like Power Shell 1 is not compatible with this particular plugin you chose. Here's the output from my server:
Untitled.png


I suggest looking for non powershell plugin on the exchange portal.
https://exchange.nagios.org/index.php?option=com_mtree&task=search&Itemid=74&searchword=windows%20updates

If you find .bat or .vbs plugin here's the instruction on how to run it with NSClient:
https://support.nagios.com/kb/article.php?id=528

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Fri May 17, 2019 8:41 am
by fodmidoid
npolovenko wrote:@fodmidoid, Looks like Power Shell 1 is not compatible with this particular plugin you chose. Here's the output from my server:
Untitled.png


I suggest looking for non powershell plugin on the exchange portal.
https://exchange.nagios.org/index.php?option=com_mtree&task=search&Itemid=74&searchword=windows%20updates

If you find .bat or .vbs plugin here's the instruction on how to run it with NSClient:
https://support.nagios.com/kb/article.php?id=528


Thanks. I guess I'll have to look through the list and pick something else. Or, alternatively, just wait until we upgrade this server to Server 2016 in a few weeks, which will have the latest version of PowerShell installed.

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Fri May 17, 2019 2:59 pm
by npolovenko
@fodmidoid, Sounds like a good plan.

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Mon May 20, 2019 1:32 pm
by fodmidoid
I found a PowerShell script someone had posted on the web (link below), which checks all servers from a text file and produces a report that shows the last date and time each server was patched, and how many days have passed since the last patch. The report is then emailed in html format and color-coded, based on severity.

I'm wondering if there's a way to incorporate this into Nagios? I would much rather be notified a warning (yellow) if servers haven't been patched in over 30 days, and a critical alert (red) if they haven't been patched in over 90 days.

The script and screenshot are attached and here is the link to the original share:
https://community.spiceworks.com/scripts/show/4223-server-patch-report

Again, any help is greatly appreciated. Thank you very much.

Re: CHECK_WINDOWS_UPDATES - NRPE ERROR

PostPosted: Tue May 21, 2019 4:50 pm
by npolovenko
@fodmidoid, This script just sends an email with the report, right? You might be better off just scheduling this script to automatically run with the windows task scheduler.
Nagios works best with scripts that provide output in the command line. Preferably when the output is not too large so it can fit in the service status table on the home page.
You can definitely modify this script to return output that would be compatible with Nagios, if you'd like and if you have time. This article explains some of the details on how to develop plugins with Nagios.
http://nagios-plugins.org/doc/guidelines.html#PLUGOUTPUT
I'd also recommend opening a source code of a few plugins on the exchange just to see how they were build. (exit codes in particular).
Or you can just wait for the server update and run that original PowerShell script :)