Nagios XI Monitoring Windows Using WMI



Similar documents
FTP Server Configuration

HP Device Manager 4.6

Installing and Configuring Active Directory Agent

Setup non-admin user to query Domain Controller event log for Windows2003

HP Device Manager 4.6

Windows Firewall must be enabled on each host to allow Remote Administration. This option is not enabled by default

Configuring WMI Performance Monitors

QUANTIFY INSTALLATION GUIDE

XStream Remote Control: Configuring DCOM Connectivity

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

NovaBACKUP xsp Version 15.0 Upgrade Guide

Troubleshooting Guide

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

This document describes the installation of the Web Server for Bosch Recording Station 8.10.

intertrax Suite resource MGR Web

Universal Management Service 2015

Creating client-server setup with multiple clients

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

DCOM Setup. User Manual

MONITORING WINDOWS WITH NETCRUNCH 7 P A G E 1

Printing Options. Netgear FR114P Print Server Installation for Windows XP

Configuring WMI on Windows Vista and Windows Server 2008 for Application Performance Monitor

Yale Software Library

TechNote. Contents. Overview. System or Network Requirements. Deployment Considerations

Secunia CSI integrated with WSUS (SCCM)

Freshservice Discovery Probe User Guide

TrueEdit Remote Connection Brief

EventSentry Overview. Part I Introduction 1 Part II Setting up SQL 2008 R2 Express 2. Part III Setting up IIS 9. Part IV Installing EventSentry 11

RSA Security Analytics

USER CONFERENCE 2011 SAN FRANCISCO APRIL Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB

StarWind iscsi SAN Software: Installing StarWind on Windows Server 2008 R2 Server Core

Projetex 9 Workstation Setup Quick Start Guide 2012 Advanced International Translations

How To Install An Archive Service On An Exchange Server (For A Free) With A Free Version Of Ios (For Free) On A Windows Xp Or Windows 7 (For Windows) (For An Ubuntu) (

Version 3.8. Installation Guide

OPC Server Machine Configuration

Team Foundation Server 2012 Installation Guide

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Kaseya Server Instal ation User Guide June 6, 2008

IIS, FTP Server and Windows

Web based training for field technicians can be arranged by calling These Documents are required for a successful install:

Nagios XI Mass Deploy NSClient++

Active Directory Integration: Install and Setup Guide. Insights

DCA Local Print Agent Push Install

523 Non-ThinManager Components

Setting up DCOM for Windows XP. Research

Introduction VITAL SIGNS FROM SAVISION / FAQS Savision B.V. savision.com All rights reserved.

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Connecting and Setting Up Your Laptop Computer

Toolbox 3.3 Client-Server Configuration. Quick configuration guide. User manual. For the latest news. and the most up-todate.

How To Manage Storage With Novell Storage Manager 3.X For Active Directory

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Install MS SQL Server 2012 Express Edition

Enterprise Manager. Version 6.2. Installation Guide

Pearl Echo Installation Checklist

FTP, IIS, and Firewall Reference and Troubleshooting

Setup Guide for Exchange Server

LifeCyclePlus Version 1

Out n About! for Outlook Electronic In/Out Status Board. Administrators Guide. Version 3.x

NetIQ Sentinel Quick Start Guide

Installation Instruction STATISTICA Enterprise Small Business

Windows XP Service Pack 2 Windows Firewall Group Policy Setup for Executive Software Products

InduSoft Web Studio + Windows XP SP2. Introduction. Initial Considerations. Affected Features. Configuring the Windows Firewall

Deep Freeze and Microsoft System Center Configuration Manager 2012 Integration

User Guide Microsoft Exchange Remote Test Instructions

Nexio Connectus with Nexio G-Scribe

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Enabling Remote Management of SQL Server Integration Services

Enterprise. Insights. Active Directory Integration: Installation and Setup Guide. v1.0.5

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Integrating LANGuardian with Active Directory

PrintFleet Local Beacon

Installation Guide: Delta Module Manager Launcher

Migrating MSDE to Microsoft SQL 2008 R2 Express

Quick Start Guide for VMware and Windows 7

DCOM settings for computer-to-computer communication between OPC servers and OPC clients

Installation Guidelines (MySQL database & Archivists Toolkit client)

Network Setup Instructions

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

ilaw Installation Procedure

WhatsUpGold. v3.0. WhatsConnected User Guide

Deep Freeze and Microsoft System Center Configuration Manager 2012 Integration

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

ILTA HANDS ON Securing Windows 7

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Installation Notes for Outpost Network Security (ONS) version 3.2

Core Protection for Virtual Machines 1

Installing Policy Patrol on a separate machine

Installation Instruction STATISTICA Enterprise Server

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

StarWind iscsi SAN Software: Using an existing SAN for configuring High Availability storage with Windows Server 2003 and 2008

Using Remote Desktop to access your Office Computer or Faculty Remote Desktop Server August, 2005 This document consists of two main parts and an

Barracuda Message Archiver Vx Deployment. Whitepaper

FlexSim LAN License Server

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000)

NETWRIX EVENT LOG MANAGER

Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

Configuring a Custom Load Evaluator Use the XenApp1 virtual machine, logged on as the XenApp\administrator user for this task.

Transcription:

Purpose The Industry Standard in IT Infrastructure Monitoring This document describes how to monitor Windows machines with Nagios XI using WMI. WMI (Windows Management Instrumentation) allows for agentless monitoring of Windows machines. Nagios XI supports WMI monitoring, which provides admins with a simple method of monitoring their Windows servers and workstations without having to install or configure agents. Target Audience This document is intended for use by Nagios XI Administrators who want to monitor Windows servers and workstations without having to install an agent. XI Server Requirements Before you can monitor Windows machines using WMI, you must install the WMI client on the Nagios XI server. For instructions on doing this, read the following document from the Nagios Library: Installing The WMI Client For XI http://assets.nagios.com/downloads/nagiosxi/docs/installing_the_wmi_client_for_xi.pdf Windows Machine Requirements You will need to ensure you have the following requirements setup before you can use WMI to monitor and windows server or workstation. WMI service is running WMI user account set up Firewall rules set up We will walk through each of these requirements for the window machine you wish to monitor. You will need to log in as a user with administrator privileges. WMI Service First, verify the WMI service is running on your windows machine: Click Start and choose Run. The window to the right will appear and type services.msc in the Open field. Note: This document was originally written for Windows XP and Windows Server 2003. If you are running a later version of Window or Windows Server, you can skip the Run step in the instructions and instead type the services.msc in the Search field of Start menu. This applies to all the instructions going forward in this document. Page 1

Before you can monitor Windows machines using WMI, you must ensure that the Windows Management Instrumentation service is running. You can configure and start the service in the Computer Management console under the Services section. Verify the service Windows Management Instrument (WMI) is in a status of Started. Configure A WMI User Account On The Windows Machine: Next, configure a WMI user account on the local machine. We'll create a new user account called wmiagent with a password wmiagent as an example. From the command prompt enter: net user wmiagent wmiagent /add Setting WMI permissions WMI requires a valid username and password on the target system. The following steps outline how to add only the permissions needed to the Windows user account. However, you can add the user to be a member of the local administrators group instead. Note: If you wish to monitor multiple computers across the domain, instead add the user to be a member of the Distributed Com Users, Performance Log Users and Performance Monitor Users groups. Adding Remote Activation Privilege to Windows DCOM Next, we need to give our newly created user access to DCOM on the localhost. In order to do this, open Component Services. Click Start, choose Run. Enter DCOMCnfg.exe and click OK. Expand Component Services, and drill down to the local computer. Right click on My Computer and select Properties Page 2

Select COM Security tab, and next choose the Edit Limits... button from the Launch Activation Permissions section. Add the user that will be used by Nagios to monitor this machine, in our case the user is wmiagent. Click Add. Enter wmiagent in the Enter the object name to select and click OK. You will now see wmiagent as a user. Check the Remote Launch and Remote Activation check boxes under Allow. Click OK twice. Adding Remote WMI Access In order for our user to return data remotely from WMI, access to the WMI namespace CIMV2 must be added. Click Start, choose Run, type WMImgmt.msc Right click on WMI Control (local) and select Properties. Page 3

Select the Security tab of the WMI Control Properties. Expand Root, and right click on CIMV2, select Properties Note: In later version of Windows you need to select CMIV2 and click the Security button. Click Add. Enter wmiagent in the Enter the object name to select and click OK. You may need to use the Check Names button to find the correct object. You will now see wmiagent as a user. Check the Enable Account and Remote Enable check boxes under Allow. Click OK twice. Windows Firewall Settings Next, configure the firewall rules specific to the version of windows being monitored. Windows Server 2008 Windows Server 2008 should by default have the correct firewall rules set. To check firewall settings, select Start and type firewall in the search dialog box and hit enter. Page 4

Verify the Inbound Rules exist and are enabled for: DCOM WMI If the WMI rule group does not exist as pictured above, the recommended settings are listed here as outlined by Microsoft. From the command prompt enter: netsh advfirewall firewall add rule dir=in name="dcom" program=%systemroot %\system32\svchost.exe service=rpcss action=allow protocol=tcp localport=135 netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot %\system32\svchost.exe service=winmgmt action = allow protocol=tcp localport=any netsh advfirewall firewall add rule dir=in name ="UnsecApp" program=%systemroot %\system32\wbem\unsecapp.exe action=allow netsh advfirewall firewall add rule dir=out name ="WMI_OUT" program=%systemroot %\system32\svchost.exe service=winmgmt action=allow protocol=tcp localport=any More details about 2008 firewall settings can be found at: http://msdn.microsoft.com/en-us/library/windows/desktop/aa822854(v=vs.85).aspx Windows Server 2003 The following section describes firewall and DCOM port configuration for a 2003 Windows Server. By default DCOM communicates with the client on a random port, so in order to write firewall rules, specifying a port range is also described. Page 5

Click Start, choose Run, type DCOMCnfg.exe Expand Component Services, expand Computers, right-click My Computer, and select Properties. Next, choose the Default Protocols tab Select Properties and click Add. Add a port range for COM services. In our example we selected range from 5000-5020. Depending on your environment, you may want to choose a different range. Page 6

Allow the port range through the windows firewall. This command will open ports from 5000-5020 to match the COM Internet Services Range. From the command prompt enter: FOR /L %I IN (5000,1,5020) DO netsh fire wall add portopening TCP %I "COM"%I Lastly, open DCOM port 135 From the command prompt enter: netsh firewall add portopening TCP 135 "DCOM" Windows XP If you are running a firewall on the Windows machine, you must ensure that the Nagios server can contact the WMI service. To do this, you must open TCP Port 135 on the Windows firewall. Navigate to Start All Programs Accessories System Tools Security Center From the Windows Security Center click on the link to Manage Setting for: Windows Firewalls. Switch to the Exception Tab and click the Add Port Button. The following window will open. Enter WMI for the Name and Port number 135, then click OK. Installing The WMI Monitoring Wizard (For users running Nagios XI 2012 r1.0 and earlier) Now that we have the windows machine set up to connect with WMI, we can now set up Nagios XI to monitor it. To do so we will use the WMI Monitoring Wizard. Installing the WMI Monitoring wizard only applies to users running Nagios XI 2012 r1.0 and earlier. If you are using a later version you can skip this section as the Windows WMI monitoring wizard comes pre-installed on your system. If you need to install the Windows WMI monitoring wizard, you can download the wizard from the following link: Nagios XI Windows WMI Wizard Direct Download http://assets.nagios.com/downloads/nagiosxi/wizards/windowswmi.zip Page 7

To install the wizard in Nagios XI, go to Admin Manage Config Wizards. Browse for the windowswmi.zip that was downloaded above and click the Upload Wizard button. Running The WMI Wizard Once the wizard is installed in Nagios XI, it will be available when you navigate to Configure Run the Monitoring Wizard Windows WMI wizard. The wizard will prompt you for the IP Address of the Windows machine, along with the Username and Password to access the machine. Click Next. The wizard will allow you to select what types of metrics and data should be monitored, along with warning and critical thresholds. New in XI5, WMI will detect disks, services, and processes that are on your machine. This makes it much easier to set up checks for those services. If XI5 is not able to communicate via WMI, the error information will also display. Metrics and data that can be monitored using the WMI wizard include: CPU Usage Memory Usage Page File Usage Disk Usage Service State Process State Event Log Data Once you have selected the checks you want to Page 8

enable, click Next to continue. Customize your monitoring setting as needed and click Finish. The screen shot below shows disk, cpu, memory, service, and additional process monitoring capabilities of the WMI wizard. Troubleshooting If the status information on the Service Detail page is empty (null) or states Install wmic. The problem is probably that the WMIC plugins were not installed properly. Redo the installation steps outlined in the document below: How To Install The WMI Client For Nagios XI http://assets.nagios.com/downloads/nagiosxi/docs/installing_the_wmi_client_for_xi.pdf When the process that is trying to access the namespace does not have the required WMI privileges, you may see errors similar to this one: UNKNOWN - The WMI query had problems. The error text from wmic is: [wmi/wmic.c:212:main()] ERROR: Retrieve result data. NTSTATUS: NT code 0x80041003 - NT code 0x80041003 To fix the issue, log in the remote Windows box (target machine), open the CMD Prompt as an Administrator, and run the following command in order to allow WMI queries: sc sdset SCMANAGER D:(A;;CCLCRPRC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)S:(AU;FA;KA;;;WD) (AU;OIIOFA;GA;;;WD) Sourced from here: http://support.microsoft.com/kb/907460 This command is proven to work on Windows 2003, 2008R2 and 2012R2 no reboot is required. Finishing Up You should now be able to monitor windows workstations and servers using WMI. If you have any issues with your Nagios XI system, please post your questions on the Nagios Support Forum at: http://support.nagios.com/forum/ Page 9

Page 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information