Nagios XI – Configuring The Windows Agent: NSClient ++ Purpose
Nagios XI – Configuring The Windows Agent: NSClient ++ The Industry Standard in IT Infrastructure Monitoring Purpose This document describes the procedures for configuring the Windows agent, NSClient++, to monitor a remote Microsoft Windows desktop or server with Nagios® XI™. This allows organizations to monitor vital metrics and ensure that a specific Windows desktop machine or server is functioning properly. Target Audience This document is intended for use by Nagios Administrators and IT desktop support staff who wish to monitor their Windows machines and are familiar with installing Windows applications and configuring Nagios XI. Agent Overview NSClient++ must be installed on the target Windows machine and configured before Nagios XI can monitor system metrics, services, processes, or performance data on the target machine. If you haven't installed the NSClient++ agent on the remote machine, please, refer to our documentation on installing the XI Windows agent: How To Install NSClient++ for Nagios XI http://assets.nagios.com/downloads/nagiosxi/docs/Installing_The_XI_Windows_Agent.pdf Configuring NSClient++ ver. 0.3.x On your remote host, open the configuration file (“NSC.ini” file) in a text editor for editing. By default, the file is located in: C:\Program Files\NSClient++\NSC.ini. The file has a several sections, denoted with section names in brackets. Let's review the most important sections, and the changes that need to be made. [modules] This is a list of modules to load at startup. The modules can be enabled by uncommenting them (removing the semi-colon “;” in front of the module name). [Settings] This section has generic options for NSClient++. Some of these settings (such as allowed_hosts) are inherited in the sections below so it is probably a better idea to set them here in the "global" section. The most important options under this section are: password: If no password is set, everyone will be able to use this service remotely. allowed_hosts: A comma separated list of host IP addresses that are allowed to connect and query data. You need to add the Nagios XI server's IP here. If this is empty all hosts will be allowed to query data. BEWARE: NSClient++ will not resolve the IP address of DNS entries if the service is set to startup automatically. Use an IP address instead. use_file: Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA US: 1-888-NAGIOS-1 Int'l: +1 651-204-9102 Fax: +1 651-204-9103 Web: www.nagios.com Email: [email protected] Page 1 Copyright © 2014 Nagios Enterprises, LLC Revision 1.0 – April, 2014 Nagios XI – Configuring The Windows Agent: NSClient ++ Has to be set to 1 if you want the file to be read (if set to 0, and the use_reg is set to 1 the registry will be used instead) [log] The default log file is nsclient.log. It is located in the same directory as the NSC.ini file. You can specify whether you want debug messages printed in the log file. debug = 1 file = nsclient.log [NSClient] Under this section you can specify the hosts that are allowed to connect to NSClient++ via NSClient protocol, if you haven't done so in the general “Settings” section above. The port the NSClientListener.dll will listen to is also specified in this section (default port = 12489) as well as the socket timeout. [NRPE] In this section you can specify the hosts allowed to connect via NRPE, the port number (default port = 5666), and a few other options, such as use_ssl, allow_arguments, allow_nasty_meta_chars, etc. The allow_arguments option is similar to the NRPE “don't_blame_nrpe” option. It determines whether arguments are accepted on the incoming socket. The allow_nasty_meta_chars allows NRPE execution of external commands that have “nasty” meta characters, such as “>”, etc. The command_timeout specifies the maximum number of seconds that the NRPE daemon will allow plugins to finish executing before killing them off. [External Script] The options in this section are similar to the ones in the NRPE section. command_timeout=60 allow_arguments=1 allow_nasty_meta_chars=1 [External Scripts] This section contains a list of scripts and their aliases available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments> [External Alias] An alias is an internal command that has been "wrapped" (to add arguments). Aliases are good for defining commands locally or just to simply the nagios configuration. There is a series of "useful" aliases pre-defined in the included configuration file which is a good place to start. Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA US: 1-888-NAGIOS-1 Int'l: +1 651-204-9102 Fax: +1 651-204-9103 Web: www.nagios.com Email: [email protected] Page 2 Copyright © 2014 Nagios Enterprises, LLC Revision 1.0 – April, 2014 Nagios XI – Configuring The Windows Agent: NSClient ++ [NSCA Agent] There are several options available for configuring the NSCA module. The “interval” is the time in seconds between each report sent back to the nagios server. nsca_host is the NSCA (Nagios) server to send report results. nsca_host=<Nagios XI server IP> nsca_port is the NSCA server port (port 5667 is the default port). nsca_port=5667 encryption_method has to be the same as the decryption method used on the NSCA (Nagios) server. You can select a number, corresponding to the encryption algorithm you would like to use. password has to be the same as on the NSCA (Nagios) server. password=<some password> [NSCA Commands] This is a list of commands to run and submit each time we report back to the NSCA server. There are some “pre-defined” commands. If you would like to use them, all you will need to do is to remove the semi-colon “;” to uncomment them. This is just a basic overview of the most common configuration options. For more information on configuring NSClient++ ver. 0.3.x, visit: http://www.nsclient.org/nscp/wiki/doc/configuration/0.3.x Configuring NSClient++ ver. 0.4.x The configuration file in NSClient++ ver. 0.4.x has been renamed from NSC.ini to nsclient.ini. Usually, the file is located in: C:\Program Files\NSClient++\nsclient.ini. When you open the configuration file in a text editor, you will notice that it has fewer options set by default, compared to the old NSC.ini file. You can fill the file in with all available options by opening a DOS Command Prompt, and running the following commands: cd "C:\Program Files\NSClient++” nscp settings --generate --add-defaults –load-all Note: Not all of the modules are supported, yet so don't get alarmed if you see some “Failed to register plugin” errors. The “nsclient.ini” file should now be populated with all of the available configuration options. [/modules] You can enable/disable a module by setting its value to “1” or “0”, for example: CheckDisk = 1 Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA US: 1-888-NAGIOS-1 Int'l: +1 651-204-9102 Fax: +1 651-204-9103 Web: www.nagios.com Email: [email protected] Page 3 Copyright © 2014 Nagios Enterprises, LLC Revision 1.0 – April, 2014 Nagios XI – Configuring The Windows Agent: NSClient ++ CheckEventLog = 1 SMTPClient = 0 Scheduler = 1 [/settings/default] As in the NSC.ini file (ver. 0.3.x), here you can set allowed hosts, password, etc. There are some additional options as well: cache allowed hosts: You can set this to “true” if you want hostnames to be cached for improving speed. inbox: The default channel to post incoming messages on. timeout: Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. use ssl Used to enable/disable SSL encryption [/settings/external scripts/alias] This section contains a list of aliases that are available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop). [/settings/NRPE/server] The options that can be configured here are: allow arguments: This option determines whether or not we will allow clients to specify arguments to commands that are executed. port: Port to use for NRPE (the default port is 5666). allow nasty characters: This option determines whether or not we will allow clients to specify nasty (as in | `&><'"\[]{}) characters in arguments. [/settings/NSCA/server] These are the most commonly used options in this section: encryption: encryption_method has to be the same as the decryption method used on the NSCA (Nagios) server. The available encryption methods are: 0=No Encryption (not safe) 1=XOR 2=DES 3=DES-EDE3 4=CAST-128 6=XTEA 8=Blowfish Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA US: 1-888-NAGIOS-1 Int'l: +1 651-204-9102 Fax: +1 651-204-9103 Web: www.nagios.com Email: [email protected] Page 4 Copyright © 2014 Nagios Enterprises, LLC Revision 1.0 – April, 2014 Nagios XI – Configuring The Windows Agent: NSClient ++ 9=Twofish 11=RC2 14=AES 15=AES 16=AES 20=Serpent 23=GOST performance data: Send performance data back to nagios (set this to 0 to remove all performance data). password: Password to use. Port: Port to use for NSCA (the default port is 5667). This is just a basic overview of the most common configuration options. For more information on configuring NSClient++ ver. 0.4.x, visit: http://www.nsclient.org/nscp/wiki/doc/configuration/0.4.x Basic Troubleshooting Tips The most common problems, regarding the use of NSClient++ with Nagios are: 1. Misconfiguration in NSC.ini/nsclient.ini file, which may include the following: – Modules that you need to use are still commented out – Password is not set or a wrong password is specified on the Nagios side – Nagios server's IP is not added to the “allowed_hosts” line – The “allow_arguments=0”, and you are trying to pass arguments – The “CheckExternalScripts.dll” is commented out, but you are trying to run a script – You forgot to restart the NSClient++ service after modifying the config file ( NSC.ini/nsclient.ini) 2. Firewall issues: – Make sure all ports that need to be open can be access from the Nagios server (port 12489 for NSClient++, port 5666 for NRPE, and port 5667 for NSCA) – You can test if a port is accessible by using telnet or nc. Log into your Nagios Server as root and run one of the following command: telnet <client_IP> <port_number> or nc -zv <client_IP> <port_number> If the port is not accessible you will see a “Connection refused” message. Note: If you don't have telnet or nc installed on the Nagios server, you can install them by running the following command in a terminal: yum install telnet nc -y 3. To troubleshoot issues, you can review the nsclient++ log file (nsclient.log). The file is usually located in: “C:\Program Files\NSClient++\”. You can open it in a text editor for review. You can run a check from your Nagios XI server against the client machine and then check the nsclient.log for errors. 4. A good way to find and solve problems is to run nsclient++ in "test" mode. This is done by stopping the service and starting it in "test" mode. Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA US: 1-888-NAGIOS-1 Int'l: +1 651-204-9102 Fax: +1 651-204-9103 Web: www.nagios.com Email: [email protected] Page 5 Copyright © 2014 Nagios Enterprises, LLC Revision 1.0 – April, 2014 Nagios XI – Configuring The Windows Agent: NSClient ++ You can do this from the DOS Command Prompt (you may need to run it as administrator): In ver 0.3.x: net stop nsclientpp cd "c:\Program Files\NSClient++" nsclient++ /test To exit the “test” mode and start the service, run: exit net start nsclientpp In ver 0.4.x: net stop nscp cd "c:\Program Files\NSClient++" nscp test To exit the “test” mode and start the service, run: exit net start nscp While you are in a “test” mode, you can run a check from the Nagios XI server against the client machine, and observe the output for errors. 5. Upgrading the NSClient++ version is fairly easy but many users have issues with converting the configuration files. According to Michael Medin, there are two options (quote from http://nsclient.org/nscp/discussion/message/2916): 1) Use the old configuration format (rename the file to nsc.ini) 2) Convert it to the new format If you decide to go with option one (use the old format) you have to understand it will not be supported indefinitely and there are a lot of features you will not be able to use. To do this simply rename the file to nsc.ini and make sure there is no nsclient.ini available then it will be used as-is. If you go with option two (convert) there are built-in tools to convert the configuration file for you but they are 95% not 100% so if you have done customizations it is a good idea to look it over to make sure it is still as you expect it. Converting it like so: rename nsclient.ini to nsc.ini make sure you do not have nsclient.ini run: nscp settings --migrate-to ini check generated nsclient.ini for issues backup and delete nsc.ini Finally, if you are still having issues with using Nagios with NSClient++, please, post your questions on the Nagios Support Forums http://support.nagios.com/forum/ Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA US: 1-888-NAGIOS-1 Int'l: +1 651-204-9102 Fax: +1 651-204-9103 Web: www.nagios.com Email: [email protected] Page 6 Copyright © 2014 Nagios Enterprises, LLC Revision 1.0 – April, 2014
© Copyright 2024