npolovenko wrote:@skypete, Looks like your nsclient.ini file is missing a few config options. Try replacing the whole ini file with mine below.After you replaced it please restart NSclient(you can do that from the command line or from the GUI windows services menu). After that, you may navigate to the /usr/local/nagios/libexec/ folder on your Nagios server and run the following command:Code: Select all
# If you want to fill this file with all available options run the following command: # nscp settings --generate --add-defaults --load-all # If you want to activate a module and bring in all its options use: # nscp settings --activate-module <MODULE NAME> --add-defaults # For details run: nscp settings --help ; TODO [/settings/default] ; Undocumented key password = 12345 ; Undocumented key allowed hosts = 127.0.0.1,::1,192.168.128.130 ; CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server. cache allowed hosts = 1 ; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. timeout = 30 ; TODO [/modules] ; Undocumented key CheckHelpers = 1 ; Undocumented key CheckEventLog = 1 ; Undocumented key CheckNSCP = 1 ; Undocumented key CheckSystem = 1 ; Undocumented key NSClientServer = 1 ; NRPEServer - A server that listens for incoming NRPE connection and processes incoming requests. NRPEServer = 1 ; CheckExternalScripts - Execute external scripts CheckExternalScripts = 1 ; CheckDisk - CheckDisk can check various file and disk related things. CheckDisk = 1 ; A set of options to configure the real time checks [/settings/system/windows/real-time] ; Configure which services has to be in which state [/settings/system/windows/service mapping] ; TODO [/settings/system/windows/counters/default] ; TODO [/settings/system/windows/counters] ; TODO [/settings/log/file] ; TODO [/settings/log] ; LOG LEVEL - Log level to use. Available levels are error,warning,info,debug,trace level = debug ; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. date format = %Y-%m-%d %H:%M:%S ; FILENAME - The file to write log data to. Set this to none to disable log to file. file name = ${exe-path}/nsclient.log ; TODO [/settings/system/windows] ; DEFAULT LENGTH - Used to define the default interval for range buffer checks (ie. CPU). default buffer length = 1h ; TODO [/settings/external scripts/scripts/default] ; IGNORE PERF DATA - Do not parse performance data from the output ignore perfdata = 1 ; A list of wrapped scripts (ie. scruts using a template mechanism). The template used will be defined by the extension of the script. [/settings/external scripts/wrapped scripts] check_windows_time = check_windows_time.bat.pool.ntp.org $ARG1$ $ARG2$ ; TODO [/settings/external scripts/alias] ; TODO [/settings/eventlog/real-time/filters/default] ; EMPTY MESSAGE - The message to display if nothing matches the filter (generally considered the ok state). empty message = eventlog found no records ; MAGIMUM AGE - How long before reporting "ok". If this is set to "false" no periodic ok messages will be reported only errors. maximum age = 5m ; A set of filters to use in real-time mode [/settings/eventlog/real-time/filters] ; TODO [/settings/eventlog/real-time] ; STARTUP AGE - The initial age to scan when starting NSClient++ startup age = 30m ; REAL TIME CHECKING - Spawns a background thread which detects issues and reports them back instantly. enabled = 0 ; LOGS TO CHECK - Comma separated list of logs to check log = application,system ; DEBUG - Log missed records (useful to detect issues with filters) not useful in production as it is a bit of a resource hog. debug = 0 ; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments> [/settings/external scripts/scripts] restart_service = scripts\restart_service.bat "$ARG1$" check_windows_time=scripts\check_windows_time.bat $ARG1$ ; TODO [/settings/external scripts/alias/default] ; TODO [/settings/shared session] ; TODO [/settings/crash] ; RESTART SERVICE NAME - The url to submit crash reports to restart target = NSCP ; CRASH ARCHIVE LOCATION - The folder to archive crash dumps in archive folder = ${crash-folder} ; RESTART - Submit crash reports to nsclient.org (or your configured submission server) restart = true ; SUBMISSION URL - The url to submit crash reports to submit url = https://crash.nsclient.org/post ; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder archive = true ; A set of filters to use in real-time mode [/settings/system/windows/real-time/checks] ; TODO [/settings/NSClient/server] ; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled. use ssl = 0 ; PORT NUMBER - Port to use for check_nt. port = 12489 ; PERFORMANCE DATA - Send performance data back to Nagios (set this to 0 to remove all performance data). performance data = 1 ; TODO [/settings/external scripts] ; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones. timeout = 80 ; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed. allow arguments = true ; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. allow nasty characters = true ; TODO [/paths] ; Path for shared-path - shared-path = C:\Program Files\NSClient++ ; Path for module-path - module-path = ${shared-path}/modules ; Path for crash-folder - crash-folder = ${shared-path}/crash-dumps ; Path for exe-path - exe-path = C:\Program Files\NSClient++ ; Path for certificate-path - certificate-path = ${shared-path}/security ; Path for base-path - base-path = C:\Program Files\NSClient++ ; Files to be included in the configuration [/includes] ; TODO [/settings/eventlog] ; DEBUG - Log more information when filtering (useful to detect issues with filters) not useful in production as it is a bit of a resource hog. debug = 0 ; LOOKUP NAMES - Lookup the names of eventlog files lookup names = 1 ; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. buffer size = 131072 ; TODO [/settings/external scripts/wrappings] ; BATCH FILE WRAPPING - bat = scripts\\%SCRIPT% %ARGS% ; VISUAL BASIC WRAPPING - vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS% ; POWERSHELL WRAPPING - ps1 = cmd /c echo If (-Not (Test-Path "scripts\%SCRIPT%") ) { Write-Host "UNKNOWN: Script `"%SCRIPT%`" not found."; exit(3) }; scripts\%SCRIPT% $ARGS$; exit($lastexitcode) | powershell.exe /noprofile -command - ; TODO [/settings/NRPE/server] ; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket. default-workarounds Various workarounds for what I understand to be broken ssl implementations no-sslv2 Do not use the SSLv2 protocol. no-sslv3 Do not use the SSLv3 protocol. no-tlsv1 Do not use the TLSv1 protocol. single-dh-use Always create a new key when using temporary/ephemeral DH parameters. This option must be used to prevent small subgroup attacks, when the DH parameters were not generated using "strong" primes (e.g. when using DSA-parameters). ssl options = ; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket. none The server will not send a client certificate request to the client, so the client will not send a certificate. peer The server sends a client certificate request to the client and the certificate returned (if any) is checked. fail-if-no-cert if the client did not return a certificate, the TLS/SSL handshake is immediately terminated. This flag must be used together with peer. peer-cert Alias for peer and fail-if-no-cert. workarounds Various bug workarounds. single Always create a new key when using tmp_dh parameters. client-once Only request a client certificate on the initial TLS/SSL handshake. This flag must be used together with verify-peer verify mode = none ; ALLOW INSECURE CHIPHERS and ENCRYPTION - Only enable this if you are using legacy check_nrpe client. insecure = true allow arguments = true allow nasty characters = true ; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled. use ssl = 1 ; PORT NUMBER - Port to use for NRPE. port = 5666
*Replace the IP address with your windows Server's IP.Code: Select all
./check_nt -H 192.168.3.244 -s "12345" -p 12489 -v CPULOAD -l 5,80,90
You could also run this command:Let us know if these commands fail or succeed.Code: Select all
./check_nrpe -H 192.168.3.244
Using NRPE for windows server
Re: Using NRPE for windows server
That worked now all i need to do is have it show up on nagios side now to receive system checks from the windows servers. I know i need to create a template and add the service to it can you point me in the right direction on this thanks.
-
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Using NRPE for windows server
@skypete, Great. Here're the further steps:
1. In Nagios Core server create a new check command definition. Usually, if you navigate to:
You'll see the commands.cfg file. Add the following command inside this file:
Save and exit.
2. Next, in the same folder create a new host.cfg file, you can name it anything you like. Put the following inside:
Don't forget to replace my IP address with your remote server IP address.
Save and exit.
3. Next, you need to include this config file in the main nagios.cfg file(/usr/local/nagios/etc/nagios.cfg).
Find the paragraph that consists of cfg_file paths and add a new one:
4. Restart nagios core with:
More info on kinds of available checks can be found here: https://support.nagios.com/kb/category.php?id=186
1. In Nagios Core server create a new check command definition. Usually, if you navigate to:
Code: Select all
/usr/local/nagios/etc/objects/
Code: Select all
define command {
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -s "$ARG1$" -p 12489 -v $ARG2$ $ARG3$ $ARG4$
}
2. Next, in the same folder create a new host.cfg file, you can name it anything you like. Put the following inside:
Code: Select all
define host {
host_name Host name goes here
address 192.168.1.10
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
contacts nagiosadmin
notification_interval 60
notification_period 24x7
notifications_enabled 1
}
define service {
host_name Host name goes here
service_description CPU Usage
check_command check_nt!12345!CPULOAD!-l 5,80,90
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
define service {
host_name Host name goes here
service_description Drive C: Disk Usage
check_command check_nt!12345!USEDDISKSPACE!-l C -w 80 -c 95
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
define service {
host_name Host name goes here
service_description Memory Usage
check_command check_nt!12345!MEMUSE!-c 80!!!!!
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
define service {
host_name Host name goes here
service_description Uptime
check_command check_nt!12345!UPTIME
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
Save and exit.
3. Next, you need to include this config file in the main nagios.cfg file(/usr/local/nagios/etc/nagios.cfg).
Find the paragraph that consists of cfg_file paths and add a new one:
Code: Select all
cfg_file=/usr/local/nagios/etc/objects/name of the config file that you created earlier
Code: Select all
service nagios restart
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Using NRPE for windows server
Hi thanks for this wanted to ask will this use the check_nrpe as well thanks.
-
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Using NRPE for windows server
@skypete, It uses check_nt right now, but you could use nrpe instead. You can add check_nrpe command to the commands.cfg file(you might already have it in there).
Then you'd need to modify service definitions to use nrpe commands instead. Use the link-reference from my previous post to find the commands you're looking for. Or is there a particular nrpe check that you want to add?
Code: Select all
define command {
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -t 30 -c $ARG1$ $ARG2$
}
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Using NRPE for windows server
What would go on the new host.cfg file? Just want to run the basic nrpe checks similiar to check_nt but just want to run nrpe instead of check_nt thanks
-
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Using NRPE for windows server
@skypete, Here's a few examples:
Code: Select all
define host {
host_name Host name goes here
address 192.168.1.10
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
contacts nagiosadmin
notification_interval 60
notification_period 24x7
notifications_enabled 1
}
define service {
host_name Host name goes here
service_description Current load
check_command check_nrpe!check_cpu
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
define service {
host_name Host name goes here
service_description Total Processes
check_command check_nrpe!check_process
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
define service {
host_name Host name goes here
service_description Uptime
check_command check_nrpe!check_uptime!-a 'warn= uptime > 1d' 'crit= uptime > 1d'
max_check_attempts 5
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contacts nagiosadmin
}
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Using NRPE for windows server
ok I add those services to the .cfg file in objects folder I restarted nagios services and restart the nsclient on the windows server no luck showing up in nagios. My question should I reinstall the client and check enable NRPE server (check_nrpe) and check Insecure legacy mode (required by old check_nrpe)?
-
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Using NRPE for windows server
@skypete, Are you saying that the new services are not showing up in the Web Interface or that these checks are not receiving any data? Please run the following command and share the output:
Code: Select all
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Using NRPE for windows server
Hi yes the new services are not showing up in the web interface in nagios. I did run that command and no errors show up.
Also here is the settings I checked in the nsclient, I reinstalled it due to me not wanting to use the check_nt hope this helps and thank you for your help.
Also here is the settings I checked in the nsclient, I reinstalled it due to me not wanting to use the check_nt hope this helps and thank you for your help.
Re: Using NRPE for windows server
Hi could you please post a link of samples of check_nrpe services thanks.