Re: Monitoring Windows Event Logs
Posted: Wed Mar 20, 2013 10:01 am
NSC.ini
NSClient.ini
Code: Select all
[modules]
NRPEListener.dll
NSClientListener.dll
NSCAAgent.dll
CheckWMI.dll
FileLogger.dll
CheckSystem.dll
CheckDisk.dll
CheckEventLog.dll
CheckHelpers.dll
;# NSCLIENT++ MODULES
;# A list with DLLs to load at startup.
; You will need to enable some of these for NSClient++ to work.
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
; * *
; * N O T I C E ! ! ! - Y O U H A V E T O E D I T T H I S *
; * *
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
FileLogger.dll
CheckSystem.dll
CheckDisk.dll
NSClientListener.dll
NRPEListener.dll
SysTray.dll
CheckEventLog.dll
CheckHelpers.dll
CheckWMI.dll
CheckNSCP.dll
;
; Script to check external scripts and/or internal aliases.
;CheckExternalScripts.dll
;
; NSCA Agent if you enable this NSClient++ will talk to NSCA hosts repeatedly (so dont enable unless you want to use NSCA)
;NSCAAgent.dll
;
; LUA script module used to write your own "check deamon".
;LUAScript.dll
;
; RemoteConfiguration IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION ENVIROMNEMTS!
;RemoteConfiguration.dll
; Check other hosts through NRPE extreme beta and probably a bit dangerous! :)
;NRPEClient.dll
; Extreamly early beta of a task-schedule checker
;CheckTaskSched.dll
[crash]
; Archive crash dump files if a crash is detected
;archive=1
; Submit crash reports to a crash report server (this overrrides archive)
;submit=0
; Restart service if a crash is detected
;restart=1
[Settings]
;# OBFUSCATED PASSWORD
; This is the same as the password option but here you can store the password in an obfuscated manner.
; *NOTICE* obfuscation is *NOT* the same as encryption, someone with access to this file can still figure out the
; password. Its just a bit harder to do it at first glance.
;obfuscated_password=I PLACED PASSWORD HERE
;
;# PASSWORD
; This is the password (-s) that is required to access NSClient remotely. If you leave this blank everyone will be able to access the daemon remotly.
;password=secret-password
;
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to the all daemons.
; If leave this blank anyone can access the deamon remotly (NSClient still requires a valid password).
; The syntax is host or ip/mask so 192.168.0.0/24 will allow anyone on that subnet access
;allowed_hosts=127.0.0.1/32
;
;# USE THIS FILE
; Use the INI file as opposed to the registry if this is 0 and the use_reg in the registry is set to 1
; the registry will be used instead.
use_file=1
allowed_hosts=NAGIOS SERVER IP HERE
;
; # USE SHARED MEMORY CHANNELS
; This is the "new" way for using the system tray based on an IPC framework on top shared memmory channels and events.
; It is brand new and (probably has bugs) so dont enable this unless for testing!
; If set to 1 shared channels will be created and system tray icons created and such and such...
;shared_session=0
[log]
;# LOG DEBUG
; Set to 1 if you want debug message printed in the log file (debug messages are always printed to stdout when run with -test)
;debug=1
;
;# LOG FILE
; The file to print log statements to
;file=nsclient.log
;
;# LOG DATE MASK
; The format to for the date/time part of the log entry written to file.
;date_mask=%Y-%m-%d %H:%M:%S
;
;# LOG ROOT FOLDER
; The root folder to use for logging.
; exe = the folder where the executable is located
; local-app-data = local application data (probably a better choice then the old default)
;root_folder=exe
[NSClient]
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to NSClient deamon.
; If you leave this blank the global version will be used instead.
;allowed_hosts=
;
;# NSCLIENT PORT NUMBER
; This is the port the NSClientListener.dll will listen to.
;port=12489
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to all avalible IP adresses.
;bind_to_address=
;
;# SOCKET TIMEOUT
; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out.
;socket_timeout=30
[NRPE]
;# NRPE PORT NUMBER
; This is the port the NRPEListener.dll will listen to.
;port=5666
;
;# COMMAND TIMEOUT
; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.
;allow_arguments=1
;
;# COMMAND ALLOW NASTY META CHARS
; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
;allow_nasty_meta_chars=1
;
;# USE SSL SOCKET
; This option controls if SSL should be used on the socket.
;use_ssl=1
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to all avalible IP adresses.
; bind_to_address=
;
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to NRPE deamon.
; If you leave this blank the global version will be used instead.
;allowed_hosts=
;
;# SCRIPT DIRECTORY
; All files in this directory will become check commands.
; *WARNING* This is undoubtedly dangerous so use with care!
;script_dir=scripts\
;
;# SOCKET TIMEOUT
; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out.
;socket_timeout=30
[Check System]
;# CPU BUFFER SIZE
; Can be anything ranging from 1s (for 1 second) to 10w for 10 weeks. Notice that a larger buffer will waste memory
; so don't use a larger buffer then you need (ie. the longest check you do +1).
;CPUBufferSize=1h
;
;# CHECK RESOLUTION
; The resolution to check values (currently only CPU).
; The value is entered in 1/10:th of a second and the default is 10 (which means ones every second)
;CheckResolution=10
;
;# CHECK ALL SERVICES
; Configure how to check services when a CheckAll is performed.
; ...=started means services in that class *has* to be running.
; ...=stopped means services in that class has to be stopped.
; ...=ignored means services in this class will be ignored.
;check_all_services[SERVICE_BOOT_START]=ignored
;check_all_services[SERVICE_SYSTEM_START]=ignored
;check_all_services[SERVICE_AUTO_START]=started
;check_all_services[SERVICE_DEMAND_START]=ignored
;check_all_services[SERVICE_DISABLED]=stopped
[External Script]
;# COMMAND TIMEOUT
; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.
;allow_arguments=0
;
;# COMMAND ALLOW NASTY META CHARS
; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
;allow_nasty_meta_chars=0
;
;# SCRIPT DIRECTORY
; All files in this directory will become check commands.
; *WARNING* This is undoubtedly dangerous so use with care!
;script_dir=c:\my\script\dir
[Script Wrappings]
vbs=cscript.exe //T:30 //NoLogo scripts\lib\wrapper.vbs %SCRIPT% %ARGS%
ps1=cmd /c echo scripts\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
bat=scripts\%SCRIPT% %ARGS%
[External Scripts]
;check_es_long=scripts\long.bat
;check_es_ok=scripts\ok.bat
;check_es_nok=scripts\nok.bat
;check_vbs_sample=cscript.exe //T:30 //NoLogo scripts\check_vb.vbs
;check_powershell_warn=cmd /c echo scripts\powershell.ps1 | powershell.exe -command -
[External Alias]
alias_cpu=checkCPU warn=80 crit=90 time=5m time=1m time=30s
alias_cpu_ex=checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s
alias_mem=checkMem MaxWarn=80% MaxCrit=90% ShowAll=long type=physical type=virtual type=paged type=page
alias_up=checkUpTime MinWarn=1d MinWarn=1h
alias_disk=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED
alias_disk_loose=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED ignore-unreadable
alias_volumes=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED
alias_volumes_loose=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED ignore-unreadable
alias_service=checkServiceState CheckAll
alias_service_ex=checkServiceState CheckAll "exclude=Net Driver HPZ12" "exclude=Pml Driver HPZ12" exclude=stisvc
alias_process=checkProcState "$ARG1$=started"
alias_process_stopped=checkProcState "$ARG1$=stopped"
alias_process_count=checkProcState MaxWarnCount=$ARG2$ MaxCritCount=$ARG3$ "$ARG1$=started"
alias_process_hung=checkProcState MaxWarnCount=1 MaxCritCount=1 "$ARG1$=hung"
alias_event_log=CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"
alias_file_size=CheckFiles "filter=size > $ARG2$" "path=$ARG1$" MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" max-dir-depth=10
alias_file_age=checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename% %write%"
alias_sched_all=CheckTaskSched "filter=exit_code ne 0" "syntax=%title%: %exit_code%" warn=>0
alias_sched_long=CheckTaskSched "filter=status = 'running' AND most_recent_run_time < -$ARG1$" "syntax=%title% (%most_recent_run_time%)" warn=>0
alias_sched_task=CheckTaskSched "filter=title eq '$ARG1$' AND exit_code ne 0" "syntax=%title% (%most_recent_run_time%)" warn=>0
alias_updates=check_updates -warning 0 -critical 0
check_ok=CheckOK Everything is fine!
[Wrapped Scripts]
;check_test_vbs=check_test.vbs /arg1:1 /arg2:1 /variable:1
;check_test_ps1=check_test.ps1 arg1 arg2
;check_test_bat=check_test.bat arg1 arg2
;check_battery=check_battery.vbs
;check_printer=check_printer.vbs
;check_updates=check_updates.vbs
; [includes]
;# The order when used is "reversed" thus the last included file will be "first"
;# Included files can include other files (be carefull only do basic recursive checking)
;
; myotherfile.ini
; real.ini
[NSCA Agent]
;# CHECK INTERVALL (in seconds)
; How often we should run the checks and submit the results.
;interval=5
;
;# ENCRYPTION METHOD
; This option determines the method by which the send_nsca client will encrypt the packets it sends
; to the nsca daemon. The encryption method you choose will be a balance between security and
; performance, as strong encryption methods consume more processor resources.
; You should evaluate your security needs when choosing an encryption method.
;
; Note: The encryption method you specify here must match the decryption method the nsca daemon uses
; (as specified in the nsca.cfg file)!!
; Values:
; 0 = None (Do NOT use this option)
; 1 = Simple XOR (No security, just obfuscation, but very fast)
; 2 = DES
; 3 = 3DES (Triple DES)
; 4 = CAST-128
; 6 = xTEA
; 8 = BLOWFISH
; 9 = TWOFISH
; 11 = RC2
; 14 = RIJNDAEL-128 (AES)
; 20 = SERPENT
;encryption_method=14
;
;# ENCRYPTION PASSWORD
; This is the password/passphrase that should be used to encrypt the sent packets.
;password=
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to "one" local interface.
; -- not supported as of now --
;bind_to_address=
;
;# LOCAL HOST NAME
; The name of this host (if empty "computername" will be used.
;hostname=
;
;# NAGIOS SERVER ADDRESS
; The address to the nagios server to submit results to.
;nsca_host=192.168.0.1
;
;# NAGIOS SERVER PORT
; The port to the nagios server to submit results to.
;nsca_port=5667
;
;# CHECK COMMAND LIST
; The checks to run everytime we submit results back to nagios
; Any command(alias/key) starting with a host_ is sent as HOST_COMMAND others are sent as SERVICE_COMMANDS
; where the alias/key is used as service name.
;
[NSCA Commands]
;my_cpu_check=checkCPU warn=80 crit=90 time=20m time=10s time=4
;my_mem_check=checkMem MaxWarn=80% MaxCrit=90% ShowAll type=page
;my_svc_check=checkServiceState CheckAll exclude=wampmysqld exclude=MpfService
;host_check=check_ok
;# REMOTE NRPE PROXY COMMANDS
; A list of commands that check other hosts.
; Used by the NRPECLient module
[NRPE Client Handlers]
check_other=-H 192.168.0.1 -p 5666 -c remote_command -a arguments
;# LUA SCRIPT SECTION
; A list of all Lua scripts to load.
;[LUA Scripts]
;scripts\test.lua
Code: Select all
# If you want to fill this file with all avalible options run the following command:
# nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
# nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help
; Undocumented section
[/modules]
CheckDisk - CheckDisk can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckDisk = 1
Event log Checker. - Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
CheckEventLog = 1
Check External Scripts - A simple wrapper to run external scripts and batch files.
CheckExternalScripts = 1
Helper function - Various helper function to extend other checks. This is also only supported through NRPE.
CheckHelpers = 1
Event log Checker. - Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
CheckLogFile = 0
Check NSCP - Checkes the state of the agent
CheckNSCP = 1
CheckSystem - Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem = 1
CheckTaskSched - CheckTaskSched can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckTaskSched = 0
CheckTaskSched2 - CheckTaskSched2 can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckTaskSched2 = 0
; CheckWMI - CheckWMI can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckWMI = 1
GraphiteClient - Graphite client
GraphiteClient = 0
LUAScript - LUAScript...
LUAScript = 0
NRDPClient - Passive check support over NRDP
NRDPClient = 0
NRPE client - NRPE client
NRPEClient = 0
NRPE server - A simple server that listens for incoming NRPE connection and handles them.
NRPEServer = 1
NSCAClient - Passive check support over NSCA.
NSCAClient = 1
NSCA server (no encryption) - A simple server that listens for incoming NSCA connection and handles them.
NSCAServer = 0
NSClient server - A simple server that listens for incoming NSClient (check_nt) connection and handles them. Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
NSClientServer = 1
SMTPClient - Passive check support via SMTP
SMTPClient = 0
Scheduler - A scheduler which schedules checks at regular intervals
Scheduler = 0
SimpleCache module - Caches results for later checking.
SimpleCache = 0
SimpleFileWriter module - FileWriters results for later checking.
SimpleFileWriter = 0
SyslogClient - Passive check support via Syslog
SyslogClient = 0
; Undocumented section
[/settings/default]
; ALLOWED CIPHERS - A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
allowed ciphers = ADH
ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts = 10.1.1.132
; CACHE ALLOWED HOSTS - If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server.
cache allowed hosts = true
; SSL CERTIFICATE -
certificate =
; INBOX - The default channel to post incoming messages on
inbox = inbox
; PASSWORD - Password used to authenticate againast server
password =
; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout = 30
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = true
; VERIFY MODE -
verify mode = none
; A list of aliases available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop)
[/settings/external scripts/alias]
; alias_cpu - Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu
alias_cpu = checkCPU warn=80 crit=90 time=5m time=1m time=30s
; alias_cpu_ex - Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex
alias_cpu_ex = checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s
; alias_disk - Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk
alias_disk = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED
; alias_disk_loose - Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose
alias_disk_loose = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED ignore-unreadable
; alias_event_log - Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log
alias_event_log = CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"
; alias_file_age - Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age
alias_file_age = checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename% %write%"
; alias_file_size - Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size
alias_file_size = CheckFiles "filter=size > $ARG2$" "path=$ARG1$" MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" max-dir-depth=10
; alias_mem - Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem
alias_mem = checkMem MaxWarn=80% MaxCrit=90% ShowAll=long type=physical type=virtual type=paged type=page
; alias_process - Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process
alias_process = checkProcState "$ARG1$=started"
; alias_process_count - Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count
alias_process_count = checkProcState MaxWarnCount=$ARG2$ MaxCritCount=$ARG3$ "$ARG1$=started"
; alias_process_hung - Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung
alias_process_hung = checkProcState MaxWarnCount=1 MaxCritCount=1 "$ARG1$=hung"
; alias_process_stopped - Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped
alias_process_stopped = checkProcState "$ARG1$=stopped"
; alias_sched_all - Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all
alias_sched_all = CheckTaskSched "filter=exit_code ne 0" "syntax=%title%: %exit_code%" warn=>0
; alias_sched_long - Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long
alias_sched_long = CheckTaskSched "filter=status = 'running' AND most_recent_run_time < -$ARG1$" "syntax=%title% (%most_recent_run_time%)" warn=>0
; alias_sched_task - Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task
alias_sched_task = CheckTaskSched "filter=title eq '$ARG1$' AND exit_code ne 0" "syntax=%title% (%most_recent_run_time%)" warn=>0
; alias_service - Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service
alias_service = checkServiceState CheckAll
; alias_service_ex - Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex
alias_service_ex = checkServiceState CheckAll "exclude=Net Driver HPZ12" "exclude=Pml Driver HPZ12" exclude=stisvc
; alias_up - Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up
alias_up = checkUpTime MinWarn=1d MinWarn=1h
; alias_updates - Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates
alias_updates = check_updates -warning 0 -critical 0
; alias_volumes - Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes
alias_volumes = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED
; alias_volumes_loose - Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose
alias_volumes_loose = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED ignore-unreadable
; default - Alias for default. To configure this item add a section called: /settings/external scripts/alias/default
default =
; Section for SMTP passive check module.
[/settings/NRDP/client]
; CHANNEL - The channel to listen to.
channel = NRDP
; HOSTNAME - The host name of this host if set to blank (default) the windows name of the computer will be used.
hostname = auto
; Target definition for: default
[/settings/NRDP/client/targets/default]
; TARGET ADDRESS - Target host address
address =
; RECIPIENT - Recipient of email message
recipient = nscp@localhost
; SENDER - Sender of email message
sender = nscp@localhost
; TEMPLATE - Template for message data
template = Hello, this is %source% reporting %message%!
; TIMEOUT - Timeout when reading/writing packets to/from sockets.
timeout = 30
; Section for NRPE active/passive check module.
[/settings/NRPE/client]
; CHANNEL - The channel to listen to.
channel = NRPE
; Target definition for: default
[/settings/NRPE/client/targets/default]
; TARGET ADDRESS - Target host address
address =
; ALLOWED CIPHERS - A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
allowed ciphers = ADH
; SSL CERTIFICATE -
certificate =
; PAYLOAD LENGTH - Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
payload length = 1024
; TIMEOUT - Timeout when reading/writing packets to/from sockets.
timeout = 30
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = true
; VERIFY MODE -
verify mode = none
; Section for NRPE (NRPEServer.dll) (check_nrpe) protocol options.
[/settings/NRPE/server]
; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true
; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true
PORT NUMBER - Port to use for NRPE.
port = 5666
; Section for NSCA passive check module.
[/settings/NSCA/client]
; CHANNEL - The channel to listen to.
channel = NSCA
; HOSTNAME - The host name of this host if set to blank (default) the windows name of the computer will be used.
hostname = auto
; Target definition for: default
[/settings/NSCA/client/targets/default]
; TARGET ADDRESS - Target host address
address =
; ALLOWED CIPHERS - A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
allowed ciphers = ADH
; SSL CERTIFICATE -
certificate =
; ENCRYPTION METHOD - Number corresponding to the various encryption algorithms (see the wiki). Has to be the same as the server or it wont work at all.
encryption = aes
; PASSWORD - The password to use. Again has to be the same as the server or it wont work at all.
password =
; TIMEOUT - Timeout when reading/writing packets to/from sockets.
timeout = 30
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = false
; VERIFY MODE -
verify mode = none
; Section for NSCA (NSCAServer) (check_nsca) protocol options.
[/settings/NSCA/server]
; ENCRYPTION - Encryption to use
encryption = aes
; PASSWORD - Password to use
password =
; PAYLOAD LENGTH - Length of payload to/from the NSCA agent. This is a hard specific value so you have to "configure" (read recompile) your NSCA agent to use the same value for it to work.
payload length = 512
; PERFORMANCE DATA - Send performance data back to nagios (set this to 0 to remove all performance data).
performance data = true
PORT NUMBER - Port to use for NSCA.
port = 5667
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = false
; Section for NSClient (NSClientServer.dll) (check_nt) protocol options.
[/settings/NSClient/server]
; PERFORMANCE DATA - Send performance data back to nagios (set this to 0 to remove all performance data).
performance data = true
PORT NUMBER - Port to use for check_nt.
port = 12489
; Section for SMTP passive check module.
[/settings/SMTP/client]
; CHANNEL - The channel to listen to.
channel = SMTP
; Target definition for: default
[/settings/SMTP/client/targets/default]
; TARGET ADDRESS - Target host address
address =
; RECIPIENT - Recipient of email message
recipient = nscp@localhost
; SENDER - Sender of email message
sender = nscp@localhost
; TEMPLATE - Template for message data
template = Hello, this is %source% reporting %message%!
; TIMEOUT - Timeout when reading/writing packets to/from sockets.
timeout = 30
; Section for simple cache module (SimpleCache.dll).
[/settings/cache]
; CHANNEL - The channel to listen to.
channel = CACHE
; PRIMARY CACHE INDEX - Set this to the value you want to use as unique key for the cache (host, command, result,...).
primary index = ${alias-or-command}
; Section for system checks and system settings
[/settings/check/task schedule]
; SYNTAX - Set this to use a specific syntax string for all commands (that don't specify one)
default buffer length = %title% last run: %most-recent-run-time% (%exit-code%)
; Configure crash handling properties.
[/settings/crash]
; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder
archive = true
; folder - The archive folder for crash dunpes.
archive folder = ${shared-path}/crash-dumps
; RESTART - Submit crash reports to nsclient.org (or your configured submission server)
restart = true
; RESTART SERVICE NAME - The url to submit crash reports to
restart target = NSClientpp
; SUBMIT CRASHREPORTS - Submit crash reports to nsclient.org (or your configured submission server)
submit = false
; SUBMISSION URL - The url to submit crash reports to
submit url = http://crash.nsclient.org/submit
; Section for the EventLog Checker (CheckEventLog.dll).
[/settings/eventlog]
; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
buffer size = 131072
; DEBUG - Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
debug = false
; LOOKUP NAMES - Lookup the names of eventlog files
lookup names = true
; SYNTAX - Set this to use a specific syntax string for all commands (that don't specify one).
syntax =
; A set of options to configure the real time checks
[/settings/eventlog/real-time]
; DEBUG - Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
debug = false
; REAL TIME CHECKING - Spawns a backgrounnd thread which detects issues and reports them back instantly.
enabled = false
; LOGS TO CHECK - Comma separated list of logs to check
log = application,system
; STARTUP AGE - The initial age to scan when starting NSClient++
startup age = 30m
; A set of filters to use in real-time mode
[/settings/eventlog/real-time/filters]
; Section for external scripts configuration options (CheckExternalScripts).
[/settings/external scripts]
; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = false
; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = false
; SCRIPT DIRECTORY - Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :)
script path =
; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout = 60
; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
[/settings/external scripts/scripts]
; A list of wrappped scripts (ie. using the template mechanism)
[/settings/external scripts/wrapped scripts]
; A list of templates for wrapped scripts
[/settings/external scripts/wrappings]
; BATCH FILE WRAPPING -
bat = scripts\\%SCRIPT% %ARGS%
; POWERSHELL WRAPPING -
ps1 = cmd /c echo scripts\\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
; VISUAL BASIC WRAPPING -
vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%
; Section for graphite passive check module.
[/settings/graphite/client]
; CHANNEL - The channel to listen to.
channel = GRAPHITE
; HOSTNAME - The host name of this host if set to blank (default) the windows name of the computer will be used.
hostname = auto
; Target definition for: default
[/settings/graphite/client/targets/default]
; TARGET ADDRESS - Target host address
address =
; PATH FOR VALUES -
path = system.${hostname}.${check_alias}.${perf_alias}
; Section for configuring the log handling.
[/settings/log]
; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S
; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log
; LOG LEVEL - Log level to use. Avalible levels are error,warning,info,debug,trace
level = info
; Configure log file properties.
[/settings/log/file]
; MAXIMUM FILE SIZE - When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled
max size = 0
; Section for log file checker
[/settings/logfile]
; DEBUG - Log more information to help diagnose errors and configuration problems.
debug = false
; SYNTAX - Set the default syntax to use
syntax =
; A set of options to configure the real time checks
[/settings/logfile/real-time]
; REAL TIME CHECKING - Spawns a backgrounnd thread which waits for file changes.
enabled = false
; A set of filters to use in real-time mode
[/settings/logfile/real-time/checks]
; Section for the LUAScripts module.
[/settings/lua]
; A list of scripts available to run from the LuaSCript module.
[/settings/lua/scripts]
; Section for the Scheduler module.
[/settings/scheduler]
; THREAD COUNT - Number of threads to use.
threads = 5
; Section for the Scheduler module.
[/settings/scheduler/schedules]
; Section for configuring the shared session.
[/settings/shared session]
; LOG LEVEL - Log level to use
enabled = false
; Section for SYSLOG passive check module.
[/settings/syslog/client]
; CHANNEL - The channel to listen to.
channel = syslog
; HOSTNAME - The host name of this host if set to blank (default) the windows name of the computer will be used.
hostname =
; Target definition for: default
[/settings/syslog/client/targets/default]
; TARGET ADDRESS - Target host address
address =
; TODO -
critical severity = critical
; TODO -
facility = kernel
; TODO -
message_syntax = %message%
; TODO -
ok severity = informational
; TODO -
severity = error
; TODO -
tag_syntax = NSCA
; TODO -
unknown severity = emergency
; TODO -
warning severity = warning
; Section for system checks and system settings
[/settings/system/windows]
; DEFAULT LENGTH - Used to define the default intervall for range buffer checks (ie. CPU).
default buffer length = 1h
; Confiure which services has to be in which state
[/settings/system/windows/service mapping]
; A list of avalible remote target systems
[/settings/targets]
; Section for simple file writer module (SimpleFileWriter.dll).
[/settings/writers/file]
; CHANNEL - The channel to listen to.
channel = FILE
; FILE TO WRITE TO - The filename to write output to.
file = output.txt
; PRIMARY CACHE INDEX - Set this to the value you want to use as unique key for the cache (host, command, result,...).
syntax = ${alias-or-command} ${result} ${message}