WMI to MVs Azure

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
Eudes87
Posts: 30
Joined: Wed Oct 09, 2019 8:37 am

WMI to MVs Azure

Post by Eudes87 »

I need to monitor virtual machines on Azure through WMI.

Azure has a virtual machine that is the domain controller replica where the nagios server is.

We follow the documentation steps: https://assets.nagios.com/downloads/nag ... ios-XI.pdf

The user we are using has domain privileges and it works for machines that are out of the azure.

Server Nagios:

Code: Select all

$ nmap <MV  Azure> -p 135

Starting Nmap 6.47 ( http://nmap.org ) at 2019-12-03 14:14 -03
Nmap scan report for 10.x.x.x
Host is up (0.023s latency).
PORT    STATE SERVICE
135/tcp open  msrpc

Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
MV Azure:

Code: Select all

>sc query winmgmt

SERVICE_NAME: winmgmt
        TYPE               : 20  WIN32_SHARE_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
Error:

Code: Select all

$ /usr/local/nagios/libexec/check_wmi_plus.pl -H 10.x.x.x -u 'domain/user' -p 'passwd' -m checkcpu -w '80' -c '90'
UNKNOWN - Plugin Timed out (15 sec). There are multiple possible reasons for this, some of them include - The host 10.x.x.x might just be really busy, it might not even be running Windows.
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: WMI to MVs Azure

Post by scottwilkerson »

Are the ports open in your Azure network security group?
https://docs.microsoft.com/en-us/azure/ ... art-portal
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: WMI to MVs Azure

Post by mcapra »

You could also try using the FQDN, if it's possible:
https://support.nagios.com/forum/viewto ... 17#p290869
Former Nagios employee
https://www.mcapra.com/
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: WMI to MVs Azure

Post by scottwilkerson »

Thanks for the added input @mcapra!
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
Eudes87
Posts: 30
Joined: Wed Oct 09, 2019 8:37 am

Re: WMI to MVs Azure

Post by Eudes87 »

scottwilkerson wrote:Are the ports open in your Azure network security group?
https://docs.microsoft.com/en-us/azure/ ... art-portal
Hello Scott How are you?
I appreciate the return, I checked with the internal teams, We found that there was a physical firewall.
I requested the release of the ports 135, 445/ additional dynamically-assigned ports in 1024-1034 range. (I saw about these ports here: https://support.nagios.com/forum/viewto ... =6&t=52932)
worked perfectly.

in the documentation is quoted only 135 and 5000-5020 (win 2003).

Can you confirm all ports that are required to flush the communication to WMI?
This way I will document it for the security team.

Thanks
Eudes87
Posts: 30
Joined: Wed Oct 09, 2019 8:37 am

Re: WMI to MVs Azure

Post by Eudes87 »

mcapra wrote:You could also try using the FQDN, if it's possible:
https://support.nagios.com/forum/viewto ... 17#p290869
Hello @mcapra
Thanks, but the link topic is blocked for me.
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: WMI to MVs Azure

Post by scottwilkerson »

Eudes87 wrote:
scottwilkerson wrote:Are the ports open in your Azure network security group?
https://docs.microsoft.com/en-us/azure/ ... art-portal
Hello Scott How are you?
I appreciate the return, I checked with the internal teams, We found that there was a physical firewall.
I requested the release of the ports 135, 445/ additional dynamically-assigned ports in 1024-1034 range. (I saw about these ports here: https://support.nagios.com/forum/viewto ... =6&t=52932)
worked perfectly.

in the documentation is quoted only 135 and 5000-5020 (win 2003).

Can you confirm all ports that are required to flush the communication to WMI?
This way I will document it for the security team.

Thanks
I believe you have all the required ports.
Eudes87 wrote:Hello @mcapra
Thanks, but the link topic is blocked for me.
The meat of that post is here
There's also this general purpose WMI troubleshooting document with some steps:
https://support.nagios.com/kb/article/n ... g-579.html

You might also try using the FQDN (it's complicated) for the address instead of the IP address. Sometimes with AD accounts used for authentication, Windows gets fussy if you're attempting to authenticate against the IP address rather than the domain.
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
Eudes87
Posts: 30
Joined: Wed Oct 09, 2019 8:37 am

Re: WMI to MVs Azure

Post by Eudes87 »

I was able to solve all the problems with your support, thanks @mcapra and @scottwilkerson
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: WMI to MVs Azure

Post by scottwilkerson »

Eudes87 wrote:I was able to solve all the problems with your support, thanks @mcapra and @scottwilkerson
Great!

Locking thread
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
Locked