Windows Secure Web Server (via WMI)

Description

Monitors HTTPS services on a Windows server using Windows Management Instrumentation (WMI). Nagios Remote Plugin Executor (NRPE) is used by the Nagios server to communicate with the WMI proxy server. This proxy server queries the monitored Windows server for measurements and status using WMI.

 You may want to refer to the WMI Monitoring documentation. This project consists of a collection of script monitors (.vbs for starters) that use the Microsoft .Net Framework and WMI to retrieve performance data from remote Windows hosts without the need for agents on the remote hosts. The nrpe.cfg file on the Windows server maps commands issued by the GroundWork server to scripts in the c:\nrpe_nt directory. Commands issued by this profile are installed with this package. If new NRPE commands are added, this file must be modified. The WMI proxy server must be in the same domain as target monitored Windows server, and must have administrator rights.

Profile Package

This package includes the following files:

  • Profile definition: service-profile-wmi-https.xml

  • Plugin scripts (installed on the GroundWork server): check_nrpe, check_http

  • WMI script (installed on the WMI Proxy server): nrpe_nt.zip

Installation

GroundWork Monitor includes many monitoring profiles for a variety of devices, systems and applications. Some profiles are pre-imported on a new GroundWork installation and others are distributed with the product. The configuration tool is used to import updated profiles and profiles that require additional setup, services can also be imported, see Importing Profiles.

Services Configuration

For plugin details you can run the service help command from within the nagios container. For example: Get to the nagios container from the gw8 directory: docker-compose exec -u 1000 nagios bash, then to the libexec directory: cd /usr/local/nagios/libexec, and enter a service help command e.g., ./check_snmp --help to receive help content.

Service/Command Line/Plugin CommandCommand Parameters

This column lists the Service Definition name, Service Command name with arguments to be passed to the plugin, and the Plugin Command line which is the plugin script called by Nagios for the service.

Command parameters are in the configuration services section with the following names and default values.

  • tcp_https

  • check_https!3!5

  • $USER1$/check_http -t 60 -H $HOSTADDRESS$ -w "$ARG1$" -c "$ ARG2$" -S

Uses check_http plugin to get a web page from $HOSTADDRESS$

  • $ARG1$: Warning seconds, default warning threshold for page load time is 3 seconds

  • $ARG2$: Critical seconds, default critical threshold for page load time is 5 seconds

  • tcp_http_port

  • check_http!3!5!80

  • $USER1$/check_http -t 60 -H $HOSTADDRESS$ -w "$ARG1$" -c "$ARG2$" -p "$ARG3$"

Uses check_http plugin to get a web page from $HOSTADDRESS$

  • $ARG1$: Warning seconds, default warning threshold for page load time is 3 seconds

  • $ARG2$: Critical seconds, default critical threshold for page load time is 5 seconds

  • $ARG3$: HTTP port number, default is 80

  • wmi_service_HTTPFilter

  • check_wmi_service!HTTPFilter

  • $USER1$/check_nrpe -H $USER21$ -t 60 -c get_service -a "$HOSTADDRESS$" "$ARG1$"

Uses check_nrpe plugin to connect to NRPE on $USER21$ and execute the script get_service command as defined in the nrpe.cfg file against the host $HOSTADDRESS$.

  • $ARG1$: Service Name (not Display Name)

  • OK if service is running

  • CRITICAL is service is stopped

  • UNKNOWN is service is not installed

Related Resources