Page 1 of 2
NSClient++ calling a Powershell script
Posted: Thu Aug 10, 2017 2:50 pm
by jkinning
I am trying to get this Powershell script to run by the NSClient++ agent. This script requires a service account or an account in which is allowed to access this particular database. Do I create an AD account for this or what account does the NSClient++ run under when Nagios calls it?
It expects 4 command line parameters:
QueueType (e.g. DB, DEAD, EVENT, PROCESS, QUEUE))
QueueLimit (the threshold to check – i.e. has the queue depth exceeded this number?)
Dbconn – the database connection string (it presumes that the account running the script has Read access to the ZL database)
Sendto – for testing, an email address to send the results to
(You may enter 0 for the QueueLimit to force the event to trigger. Also, feel free to modify the script so the calling process will receive the expected output/return code.)
The syntax for the script is:
Zl_monitor_filearchiving_queues.ps1 –QueueType “DEAD” –QueueLimit 20 -Dbconn=”SQLTEST_ZLBD_Dev,4000” –sendto
[email protected]
(the sendto is for testing purposes.)
Re: NSClient++ calling a Powershell script
Posted: Thu Aug 10, 2017 4:15 pm
by tgriep
By default, the NSClient++ service is installed and runs using the "Local System account" but if your plugin needs to run as a different user, you could change the login account NSClient++ logs in as.
If you need an AD account to access that database, you can try and use it and see if the NSClient++ service uses that account to run the powershell script.
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 10:11 am
by jkinning
I am able to call the powershell script when I change the logon and run under the service account with access to the database. The script needs 3 arguments -
QueueType (e.g. DB, DEAD, EVENT, PROCESS, QUEUE))
QueueLimit (the threshold to check – i.e. has the queue depth exceeded this number?)
Dbconn – the database connection string
I added the following to my nsclient.ini file:
Code: Select all
check_zl_queue = cmd /c echo scripts/zl_monitor_file_archiving_queues.ps1 $ARG1$ $ARG2$ $ARG3$; exit $LastExitCode | powershell.exe /noprofile -command -
Using the terminal I try to run from the Nagios server
Code: Select all
check_nrpe -H cinzlbd01d -t 30 -c check_zl_queue dead 0 sqltest_zlbd_dev,4000
I get this returned
Code: Select all
C:\Program Files\NSClient++\scripts\zl_monitor_file_archiving_queues.ps1 :
Cannot process argument transformation on parameter 'queueType'. Cannot
convert value to type System.String.
At line:1 char:46
+ scripts/zl_monitor_file_archiving_queues.ps1 $ARG1$,$ARG2$,$ARG3$; exit
$LastExi ...
+ ~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [zl_monitor_file_archiving_queu
es.ps1], ParameterBindingArgumentTransformationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,zl_monitor_
file_archiving_queues.ps1
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 11:19 am
by tgriep
When using check_nrpe to run remote commands that have arguments, you need to specify the -a option in the command and if there are more that one argument, you need to encase them in single quotes.
Try this example and see if if it works.
Code: Select all
check_nrpe -H cinzlbd01d -t 30 -c check_zl_queue -a 'dead 0 sqltest_zlbd_dev,4000'
-a [arglist]
[arglist] = Optional arguments that should be passed to the command,
separated by a space. If provided, this must be the last
option supplied on the command line.
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 11:56 am
by jkinning
When I run the script from the server I get the exit code of 2 which is critical and Nagios would send out a notification. When I run it on the Nagios server terminal as described it looks like the same error.
Code: Select all
check_nrpe -H cinzlbd01d -t 30 -c check_zl_queue -a 'dead 0 sqltest_zlbd_dev,4000'
C:\Program Files\NSClient++\scripts\zl_monitor_file_archiving_queues.ps1 :
Cannot process argument transformation on parameter 'dbconn'. Cannot convert
value to type System.String.
At line:1 char:53
+ scripts/zl_monitor_file_archiving_queues.ps1 dead 0 sqltest_zlbd_dev,4000;
exit ...
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [zl_monitor_file_archiving_queu
es.ps1], ParameterBindingArgumentTransformationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,zl_monitor_
file_archiving_queues.ps1
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 2:31 pm
by tgriep
One more change has to be added to the nsclient.ini file, the options for the powershell script.
Edit the nsclient.ini file and change the command from
Code: Select all
check_zl_queue = cmd /c echo scripts/zl_monitor_file_archiving_queues.ps1 $ARG1$ $ARG2$ $ARG3$; exit $LastExitCode | powershell.exe /noprofile -command -
to
Code: Select all
check_zl_queue = cmd /c echo scripts/zl_monitor_file_archiving_queues.ps1 –QueueType $ARG1$ –QueueLimit $ARG2$ -Dbconn=$ARG3$; exit $LastExitCode | powershell.exe /noprofile -command -
Save the file and restart the nsclient++ service on the windows server.
You may have to edit the above if I missed something.
If you still have errors, can you post the full nsclient.ini file from that server so we can view the settings and the error messages from the nsclient.log file?
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 2:57 pm
by jkinning
Files attached.
Still getting same error.
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 3:29 pm
by tacolover101
tgriep wrote:One more change has to be added to the nsclient.ini file, the options for the powershell script.
Edit the nsclient.ini file and change the command from
Code: Select all
check_zl_queue = cmd /c echo scripts/zl_monitor_file_archiving_queues.ps1 $ARG1$ $ARG2$ $ARG3$; exit $LastExitCode | powershell.exe /noprofile -command -
to
Code: Select all
check_zl_queue = cmd /c echo scripts/zl_monitor_file_archiving_queues.ps1 –QueueType $ARG1$ –QueueLimit $ARG2$ -Dbconn=$ARG3$; exit $LastExitCode | powershell.exe /noprofile -command -
Save the file and restart the nsclient++ service on the windows server.
You may have to edit the above if I missed something.
If you still have errors, can you post the full nsclient.ini file from that server so we can view the settings and the error messages from the nsclient.log file?
one thing to mention, if you're encapsulating anything after -a in single quotes, it will pick up 'dead 0 sqltest_zlibd_dev,4000' all as $ARG1$. try single quoting all of your args out individually.
Re: NSClient++ calling a Powershell script
Posted: Mon Aug 14, 2017 3:48 pm
by tgriep
Thanks tacolover101 for the tip.
What he is saying, the command has to be run line the following example on the XI server
Code: Select all
check_nrpe -H cinzlbd01d -t 30 -c check_zl_queue -a 'dead' '0' 'sqltest_zlbd_dev,4000'
Re: NSClient++ calling a Powershell script
Posted: Tue Aug 15, 2017 7:56 am
by jkinning
Once I did that I was getting this error message
Code: Select all
/check_nrpe -H cinzlbd01d -t 30 -c check_zl_queue -a 'dead' '0' '"sqltest_zlbd_dev,4000"'
Error when opening DB connection -Dbconn=sqltest_zlbd_dev,4000
Exception calling "Open" with "0" argument(s): "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.)"
Exiting with Return code of: 2
The database connection stuff was hard coded and I removed the $ARG3$.
Now when I run it I get this
Code: Select all
check_nrpe -H cinzlbd01d -t 30 -c check_zl_queue -a 'event' '23000'
23186
24096
Exiting with Return code of: 2
Thinking there is something else I need to since Nagios doesn't see this as "critical". Normally I would expect to see CRITICAL: some verbiage or OK:. Is there something else that needs to be done for Nagios to report the Critical, Warning, OK? I thought it just needed the last exit code.