Nagios Support Forum

Hello All,

I am currently trying to monitor a Windows process using check_nrpe with CheckProcState. It is working for the most part but process I am monitoring is not always active and when that occurs the check comes back unknown.

A normal state would be 0 or 1 for number of processes anything above two I need to know resulting in a backup issue we have.

This is the command I am working with:

./check_nrpe -H 192.168.XX.XX -t 30 -c CheckProcState -a MinCritCount=0 MaxCritCount=2 avtar.exe=started

Thank you in advance!
Ryan

That's a tough one. The code expects that a process with that name will always be running. I'm not seeing a way to specify that no exes found is OK.

If it's possible to switch to using NCPA, it will return OK with 0 processes running.

Hello mbellerue,

Thank you for this information! I have been playing around with this and cannot seem to get it to work because I already have port 5666 open for nrpe according to the error I am receiving. Also to be honest I am not sure what it expected for "'ASecretToken'"?

mbellerue wrote:That's a tough one. The code expects that a process with that name will always be running. I'm not seeing a way to specify that no exes found is OK.

If it's possible to switch to using NCPA, it will return OK with 0 processes running.

Code: Select all

root@weylandxi:/usr/local/nagios/libexec# ./check_ncpa.py -H 192.168.145.90 -t 'ASecretToken' -M 'processes' -c 2 -q 'name=cmd.exe'                                           OK: Process count for processes named cmd.exe was 0 | 'process_count'=0;;2;

root@weylandxi:/usr/local/nagios/libexec# ./check_ncpa.py -H 192.168.145.90 -t 'ASecretToken' -M 'processes' -c 2 -q 'name=cmd.exe'
OK: Process count for processes named cmd.exe was 1 | 'process_count'=1;;2; 'cpu'=0.0%;;; 'memory'=0.07%;;; 'memory_vms'=0.0GB;;; 'memory_rss'=0.0GB;;;
Processes Matched
PID: Name: Username: Exe: Memory: CPU
-----------------------------------
6768: cmd.exe: WEYLAND\Administrator: 0.07 % (VMS 0.00 GB, RSS 0.00 GB): 0.00 %

Total Memory: 0.07 % (VMS 0.00 GB, RSS 0.00 GB)
Total CPU: 0.00 %


root@weylandxi:/usr/local/nagios/libexec# ./check_ncpa.py -H 192.168.145.90 -t 'ASecretToken' -M 'processes' -c 2 -q 'name=cmd.exe'
OK: Process count for processes named cmd.exe was 2 | 'process_count'=2;;2; 'cpu'=0.0%;;; 'memory'=0.14%;;; 'memory_vms'=0.0GB;;; 'memory_rss'=0.0GB;;;
Processes Matched
PID: Name: Username: Exe: Memory: CPU
-----------------------------------
1416: cmd.exe: WEYLAND\Administrator: 0.07 % (VMS 0.00 GB, RSS 0.00 GB): 0.00 %
6768: cmd.exe: WEYLAND\Administrator: 0.07 % (VMS 0.00 GB, RSS 0.00 GB): 0.00 %

Total Memory: 0.14 % (VMS 0.00 GB, RSS 0.00 GB)
Total CPU: 0.00 %


root@weylandxi:/usr/local/nagios/libexec# ./check_ncpa.py -H 192.168.145.90 -t 'ASecretToken' -M 'processes' -c 2 -q 'name=cmd.exe'
CRITICAL: Process count for processes named cmd.exe was 3 | 'process_count'=3;;2; 'cpu'=0.0%;;; 'memory'=0.21%;;; 'memory_vms'=0.0GB;;; 'memory_rss'=0.0GB;;;
Processes Matched
PID: Name: Username: Exe: Memory: CPU
-----------------------------------
1416: cmd.exe: WEYLAND\Administrator: 0.07 % (VMS 0.00 GB, RSS 0.00 GB): 0.00 %
5840: cmd.exe: WEYLAND\Administrator: 0.07 % (VMS 0.00 GB, RSS 0.00 GB): 0.00 %
6768: cmd.exe: WEYLAND\Administrator: 0.07 % (VMS 0.00 GB, RSS 0.00 GB): 0.00 %

Total Memory: 0.21 % (VMS 0.00 GB, RSS 0.00 GB)
Total CPU: 0.00 %

RyanMule wrote:Hello mbellerue,

Thank you for this information! I have been playing around with this and cannot seem to get it to work because I already have port 5666 open for nrpe according to the error I am receiving. Also to be honest I am not sure what it expected for "'ASecretToken'"?

My apologies, I did not explain that very well. NCPA is a separate client from NRPE or NSClient++. NCPA was built to work across different platforms, where NRPE was originally meant for Linux hosts, but some third party developers created their own ways to make NRPE checks against Windows.

The NCPA client can be downloaded here,
https://www.nagios.org/ncpa/

NCPA runs on port 5693 by default, so you can have NCPA and NSClient++ installed at the same time, if you need to.