Skip to content

Instantly share code, notes, and snippets.

@dayreiner

dayreiner/icinga2_check_wmi_plus.conf

Created June 11, 2015 21:19
Show Gist options
  • Star 9 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save dayreiner/4f37327146222be0d2c8 to your computer and use it in GitHub Desktop.
Save dayreiner/4f37327146222be0d2c8 to your computer and use it in GitHub Desktop.
Download ZIP
An example check_wmi_plus configuration for Icinga2. Check_wmi_plus (http://www.edcint.co.nz/checkwmiplus/) is a clientless plugin for monitoring Windows systems via WMI with Nagios and other monitoring platforms.
Raw
icinga2_check_wmi_plus.conf
object CheckCommand "check_wmi" {
import "plugin-check-command"
command = [ PluginDir + "/check_wmi_plus.pl" ]
arguments = {
"--inidir" = "$wmi_inidir$"
"-H" = "$host.name$"
"-A" = "$wmi_authfile_path$"
"-m" = "$check_mode$"
"-s" = "$wmi_submode$"
"-a" = "$wmi_arg1$"
"-o" = "$wmi_arg2$"
"-3" = "$wmi_arg3$"
"-4" = "$wmi_arg4$"
"-y" = "$wmi_delay$"
"-w" = "$wmi_warn$"
"-c" = "$wmi_crit$"
"--nodatamode" = {
set_if = "$wmi_nodatamode$"
}
}
vars.wmi_authfile_path = "/etc/icinga2/wmi.auth"
vars.wmi_inidir = "/usr/lib64/nagios/plugins/check_wmi_plus.d"
vars.wmi_nodatamode = false
}
template Service "wmi-service" {
import "generic-service"
check_command = "check_wmi"
check_interval = 1m
retry_interval = 1m
}
apply Service "General: Windows Version" {
import "wmi-service"
vars.check_mode = "info"
vars.wmi_submode = "os"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "General: Network Adapters" {
import "wmi-service"
vars.check_mode = "info"
vars.wmi_submode = "net"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "General: CPU Info" {
import "wmi-service"
vars.check_mode = "info"
vars.wmi_submode = "cpu"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "Disk IO C:" {
import "wmi-service"
vars.check_mode = "checkio"
vars.wmi_submode = "logical"
vars.wmi_arg1 = "C:"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "Free Disk Space" {
import "wmi-service"
vars.check_mode = "checkvolsize"
vars.wmi_arg1 = "."
vars.wmi_arg2 = "1"
vars.wmi_arg3 = "1"
vars.wmi_warn = "80"
vars.wmi_crit = "90"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "CPU Utilization" {
import "wmi-service"
vars.check_mode = "checkeachcpu"
vars.wmi_warn = "80"
vars.wmi_crit = "90"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "CPU Queue Length" {
import "wmi-service"
vars.check_mode = "checkcpuq"
vars.wmi_arg1 = "20"
vars.wmi_delay = "0"
vars.wmi_warn = "10"
vars.wmi_crit = "20"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "AD Replication Status" {
import "wmi-service"
vars.check_mode = "checkad"
vars.wmi_submode = "replication"
vars.wmi_crit = "0"
vars.wmi_nodatamode = true
assign where host.vars.domain_controller
ignore where host.vars.disable_wmi
}
apply Service "AD DNS Statistics" {
import "wmi-service"
vars.check_mode = "checkdns"
vars.wmi_submode = "stats"
vars.wmi_nodatamode = true
assign where host.vars.domain_controller
ignore where host.vars.disable_wmi
}
apply Service "AD DNS A Records" {
import "wmi-service"
vars.check_mode = "checkdns"
vars.wmi_submode = "arecords"
vars.wmi_nodatamode = true
assign where host.vars.domain_controller
ignore where host.vars.disable_wmi
}
apply Service "AD DNS CNAME Records" {
import "wmi-service"
vars.check_mode = "checkdns"
vars.wmi_submode = "cnamerecords"
vars.wmi_nodatamode = true
assign where host.vars.domain_controller
ignore where host.vars.disable_wmi
}
apply Service "Page File Utilization" {
import "wmi-service"
vars.check_mode = "checkpage"
vars.wmi_arg1 = "auto"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "RDP Sessions" {
import "wmi-service"
vars.check_mode = "checkts"
vars.wmi_submode = "sessions"
vars.wmi_warn = "ActiveSessions=0 -w TotalSessions=1"
vars.wmi_crit = "ActiveSessions=1 -c TotalSessions=2"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "IIS: Users" {
import "wmi-service"
vars.check_mode = "checkiis"
vars.wmi_submode = "users"
vars.wmi_arg1 = "_Total"
assign where host.vars.iis_server
ignore where host.vars.disable_wmi
}
apply Service "IIS: Requests" {
import "wmi-service"
vars.check_mode = "checkiis"
vars.wmi_submode = "requests"
vars.wmi_arg1 = "_Total"
assign where host.vars.iis_server
ignore where host.vars.disable_wmi
}
apply Service "IIS: Connections" {
import "wmi-service"
vars.check_mode = "checkiis"
vars.wmi_submode = "connections"
vars.wmi_arg1 = "_Total"
assign where host.vars.iis_server
ignore where host.vars.disable_wmi
}
apply Service "IIS: Errors" {
import "wmi-service"
vars.check_mode = "checkiis"
vars.wmi_submode = "errors"
vars.wmi_arg1 = "_Total"
assign where host.vars.iis_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: General Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "general"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: Buffer Manager" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "buffermanager"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: Latch Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "latches"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: Lock Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "locks"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: SQL Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "sqlstats"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: Wait Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "waits"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: Memory Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "memory"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "MSSQL: Cache Statistics" {
import "wmi-service"
vars.check_mode = "checksql"
vars.wmi_submode = "cache"
if (host.vars.mssql_edition == "Express") {
vars.wmi_arg1 = "MSSQLSQLEXPRESS_MSSQLSQLEXPRESS"
}
assign where host.vars.mssql_server
ignore where host.vars.disable_wmi
}
apply Service "Network Interface: Private" {
import "wmi-service"
vars.check_mode = "checknetwork"
if (!host.vars.private_network_name) {
vars.wmi_arg1 = "PrivateNetwork-A"
} else {
vars.wmi_arg1 = host.vars.private_network_name
}
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
ignore where host.vars.no_private_iface
}
apply Service "Network Interface: Public" {
import "wmi-service"
vars.check_mode = "checknetwork"
if (!host.vars.private_network_name) {
vars.wmi_arg1 = "PublicNetwork-A"
} else {
vars.wmi_arg1 = host.vars.public_network_name
}
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
ignore where host.vars.no_public_iface
}
apply Service "Event Log: System" {
import "wmi-service"
vars.check_mode = "checkeventlog"
vars.wmi_arg1 = "system"
vars.wmi_arg2 = "2"
vars.wmi_arg3 = "1"
vars.wmi_warn = "50"
vars.wmi_crit = "100"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "Event Log: Application" {
import "wmi-service"
vars.check_mode = "checkeventlog"
vars.wmi_arg1 = "application"
vars.wmi_arg2 = "2"
vars.wmi_arg3 = "1"
vars.wmi_warn = "50"
vars.wmi_crit = "100"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
apply Service "Services" {
import "wmi-service"
vars.check_mode = "checkservice"
vars.wmi_arg1 = "auto"
vars.wmi_warn = "0"
vars.wmi_crit = "5"
assign where host.vars.os == "Windows"
ignore where host.vars.disable_wmi
}
# Check for a specific process
apply Service "Jenkins Process" {
import "wmi-service"
vars.check_mode = "checkproc"
vars.wmi_submode = "count"
vars.wmi_arg1 = "jenkins"
vars.wmi_crit = "1:1"
assign where host.name == "jenkins"
}
@chiragkhara
Copy link

Hi,

I have done all the configurations and for setting up the icinga2 service after successfully completing the plugin installs and the wmic install.
When I try to connect to a remote windows host using "wmic" test and the "check_wmi_plus.pl" command line, it gives me successful information.

However, after configuring the service, its giving me a very wierd error and putting my service to UNKNOWN state.
Error is below -
UNKNOWN - The WMI query had problems. The error text from wmic is: [librpc/rpc/dcerpc_connect.c:329:dcerpc_pipe_connect_ncacn_ip_tcp_recv()] failed NT status (c0000017) in dcerpc_pipe_connect_ncacn_ip_tcp_recv
[librpc/rpc/dcerpc_connect.c:790:dcerpc_pipe_connect_b_recv()] failed NT status (c0000017) in dcerpc_pipe_connect_b_recv
[wmi/wmic.c:196:main()] ERROR: Login to remote object.
NTSTATUS: NT_STATUS_NO_MEMORY - Memory allocation error

Do you have any idea on how to debug this problem?

@shoustech3975
Copy link

I was getting that error before this is how I fixed it:

in my /etc/icinga2/conf.d/commands.conf file I had what is pasted below. The -H argument with the variable $host.name$ points to "object host" in the hosts.conf

You can either change the variable object Host = "HOSTSIPADDRESS" or put the PCs name and have it resolved though your local DNS server

object CheckCommand "check_wmi" {
import "plugin-check-command"
command = [ WmiPluginDir + "/check_wmi_plus.pl" ]

arguments = {
"--inidir" = "$wmi_inidir$"
"-H" = "$host.name$"
"-A" = "$wmi_authfile_path$"
"-m" = "$check_mode$"
"-s" = "$wmi_submode$"
"-a" = "$wmi_arg1$"
"-o" = "$wmi_arg2$"
"-3" = "$wmi_arg3$"
"-4" = "$wmi_arg4$"
"-y" = "$wmi_delay$"
"-w" = "$wmi_warn$"
"-c" = "$wmi_crit$"
"--nodatamode" = {
set_if = "$wmi_nodatamode$"
}
}

vars.wmi_authfile_path = "/etc/icinga2/wmi.auth"
vars.wmi_inidir = "/opt/nagios/bin/plugins/check_wmi_plus.d"
vars.wmi_nodatamode = false

}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment