Nagios Support Forum

Posted: **Tue Oct 13, 2015 8:39 pm**

jdalrymple wrote:What was wrong with my command?

jdalrymple wrote:./check_nrpe -H <host> -c check_files -a 'file=C:\\windows\\system32\\dns\\cache.dns' 'critical=written>-600s'

I tested this on a 2008R2 DC and it worked.

Posted: **Wed Oct 14, 2015 6:08 am**

Here is what the nsclient.log file shows.

Code: Select all

2015-10-13 07:30:13: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: Invalid file specified: C:\\windows\\system32\\dns\\cache.dns
2015-10-13 07:30:13: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: File was NOT found!
2015-10-13 07:32:25: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: Invalid file specified: C:\\windows\\system32\\dns
2015-10-13 07:32:25: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: File was NOT found!
2015-10-13 07:33:29: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: Invalid file specified: C:\\windows\\system32\\dns
2015-10-13 07:33:29: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: File was NOT found!
2015-10-13 07:33:35: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: Invalid file specified: C:\\windows\\system32\\dns
2015-10-13 07:33:35: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: File was NOT found!
2015-10-13 07:33:38: error:D:\source\nscp\include\socket/connection.hpp:149: Failed to send data: The file handle supplied is not valid
2015-10-13 07:34:35: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: Invalid file specified: C:\\windows\\system32\\dns
2015-10-13 07:34:35: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: File was NOT found!

I don't have any such directory on D: and everything was installed under C:\Program Files (x86)\NSClient++ any thoughts on how I could change that pathing or how it even got D:\source?

Posted: **Wed Oct 14, 2015 11:43 am**

Not a clue. This wouldn't be the first time I've had to uninstall and reinstall NSCP to make it behave. Any possibility of doing that on this machine?

Posted: **Wed Oct 14, 2015 5:15 pm**

NSClient++ does some funky internal stuff, the D: is normal in the logs.

Just out of curiosity, can you:
Stop NSClient++
Delete the log file
Start NSClient++
Execute the ./check_nrpe command
Show us the exact command executed and the output
Show us the contents of the log file please.

Posted: **Fri Oct 16, 2015 5:59 am**

Code: Select all

./check_nrpe -H <host> -c check_files -a 'file=C:\\windows\\system32\\dns\\cache.dns' 'critical=written>-600s'
No files found

NSClient++ Log entry

Code: Select all

2015-10-16 06:58:42: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: Invalid file specified: C:\\windows\\system32\\dns\\cache.dns
2015-10-16 06:58:42: error:D:\source\nscp\modules\CheckDisk\file_finder.cpp:95: File was NOT found!

Posted: **Fri Oct 16, 2015 12:14 pm**

Show us the contents of the log file please.

jkinning, did you forget to upload the log file after running the commands as suggested by Box293?

Posted: **Fri Oct 16, 2015 1:38 pm**

I can upload the log file but it was exactly copied in the thread above.

Ran this command

Code: Select all

./check_nrpe -H <host> -c check_files -a 'file=C:\\windows\\system32\\dns\\cache.dns' 'critical=written>-600s'
No files found
./check_nrpe -H <host> -c check_files -a 'file=C:\\windows\\system32\\dns\\cache.dns' 'critical=written>-600s'
No files found

Posted: **Fri Oct 16, 2015 2:58 pm**

So I was stumped on page 2, it's just getting worse.

I want to try to lab it mimicking your environment as closely as I can. I know your NSCP version, I don't think I know your version of Windows.

Additionally have you posted this on the developer's forum? He might be interested. He fixes things when they break

https://forums.nsclient.org/

Posted: **Mon Oct 19, 2015 7:26 am**

I have posted on that forum

Code: Select all

https://forums.nsclient.org/t/check-file-modification-time-on-windows-server/3874

I am running Windows 2008R2.

I ran these commands on different directories

Code: Select all

check_nrpe -H <host> -c check_files -a 'file=C:\\gpo.txt' 'critical=written>-600s'
OK: All 1 files are ok|'gpo.txt_written'=1310932869;0;1445257099
check_nrpe -H <host> -c check_files -a 'file=C:\\Windows\\bootstat.dat' 'critical=written>-600s'
OK: All 1 files are ok|'bootstat.dat_written'=1442758207;0;1445257128
check_nrpe -H <host> -c check_files -a 'file=C:\\Windows\\System32\\adprop.dll' 'critical=written>-600s'
OK: All 1 files are ok|'adprop.dll_written'=1290241084;0;1445257159
check_nrpe -H <host> -c check_files -a 'file=C:\\Windows\\System32\\dns\\CACHE.DNS' 'critical=written>-600s'
No files found
check_nrpe -H <host> -c check_files -a 'file=C:\\Windows\\System32\\dns\\ws.txt' 'critical=written>-600s'
No files found
check_nrpe -H <host> -c check_files -a 'file=C:\\Windows\\System32\\drivers\\acpi.sys' 'critical=written>-600s'
No files found
check_nrpe -H <host> -c check_files -a 'file=C:\\Windows\\System32\\drivers\\etc\hosts' 'critical=written>-600s'
OK: All 1 files are ok|'hosts_written'=1244667626;0;1445257329

Posted: **Mon Oct 19, 2015 4:50 pm**

When you look at the C:\Windows\System32\dns directory file permissions, does the SYSTEM account have full control?

Nagios Support Forum

Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp

Re: Check file modification date timestamp