Skip to main content

Alignak checks pack for Windows Management Instrumentation

Project description

Alignak checks package for Windows WMI
======================================

*Checks pack for monitoring hosts with Windows Management Instrumentation (WMI)*


.. image:: https://badge.fury.io/py/alignak_checks_wmi.svg
:target: https://badge.fury.io/py/alignak-checks-wmi
:alt: Most recent PyPi version

.. image:: https://img.shields.io/badge/IRC-%23alignak-1e72ff.svg?style=flat
:target: http://webchat.freenode.net/?channels=%23alignak
:alt: Join the chat #alignak on freenode.net

.. image:: https://img.shields.io/badge/License-AGPL%20v3-blue.svg
:target: http://www.gnu.org/licenses/agpl-3.0
:alt: License AGPL v3

Installation
------------

The installation of this checks pack will copy some configuration files in the Alignak default configuration directory (eg. */usr/local/etc/alignak*). The copied files are located in the default sub-directory used for the packs (eg. *arbiter/packs*).

From PyPI
~~~~~~~~~
To install the package from PyPI:
::

sudo pip install alignak-checks-wmi


From source files
~~~~~~~~~~~~~~~~~
To install the package from the source files:
::

git clone https://github.com/Alignak-monitoring-contrib/alignak-checks-wmi
cd alignak-checks-wmi
sudo pip install .

**Note:** *using `sudo python setup.py install` will not correctly manage the package configuration files! The recommended way is really to use `pip`;)*



Documentation
-------------

Configuration
~~~~~~~~~~~~~

**Note**: this pack embeds the ``wmic`` binary that is not always easy to find for Linux distributions :/


The embedded version of ``wmic`` is only compatible with Linux distros. For Unix (FreeBSD), you can simply install the wmic port:
::

pkg install wmi-client
cd /var/cache/pkg/
tar Jxvf wmi-client-1.3.16_1.txz
# winexe and wmic scripts are available in /usr/local/bin/

The *check_wmi_plus.pl* script assumes that the executable *wmic* is installed in the Alignak plugins directory.
Edit the *check_wmi_plus.conf* configuration file to change the *wmic* location if necessary. The variable to set is **$wmic_command**.

**Note:** The files *check_wmi_plus.pl* and *check_wmi_plus.conf*, located in the */usr/local/var/libexec/alignak*, need some configuration. Edit them and search for the ALIGNAK keyword to find out what is to be configured and set according to your server.

Edit the */usr/local/etc/alignak/arbiter/packs/resource.d/wmi.cfg* file and configure the domain name, user name and password allowed to access remotely to the monitored hosts WMI.
::

#-- Active Directory for WMI
# Replace MYDOMAIN with your domain name or . for local user account
$DOMAIN$=MYDOMAIN
# Replace MYUSER with the WMI authorized user (domain or local user account)
$DOMAINUSERSHORT$=MYUSER
$DOMAINUSER$=$DOMAIN$\\$DOMAINUSERSHORT$
# Replace MYPASSWORD with the WMI authorized user password
$DOMAINPASSWORD$=MYPASSWORD


Install PERL dependencies for check_wmi_plus plugin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
You must install some PERL dependencies for the *check_wmi_plus.pl* script.

On some Linux distros, you can::

su -
apt-get install libnumber-format-perl
apt-get install libconfig-inifiles-perl
apt-get install libdatetime-perl

Or you can use the PERL *cpan* utility::

cpan install Config::IniFiles
cpan install Number::Format
cpan install DateTime


More information is available on `Check WMI Plus Web site<http://edcint.co.nz/checkwmiplus/?q=Installation>`_.


Prepare Windows host
~~~~~~~~~~~~~~~~~~~~
Some operations are necessary on the Windows monitored hosts if WMI remote access is not yet activated.

Create a user account:

- username/password (example): alignak/alignak
- member of following groups: Administrators, Remote DCOM users
- Deactivate interactive login permissions (more secure)

Check that WMI and RPC services are started

The Windows Firewall must allow inbound trafic for:
- Windows Firewall Remote Management (RPC)
- Windows Management Instrumentation (DCOM-In)
- Windows Management Instrumentation (WMI-In)

This page contains more information about remote WMI configuration: https://kb.op5.com/display/HOWTOs/Agentless+Monitoring+of+Windows+using+WMI

Test remote WMI access with the plugins files:
::

# Basic wmic command ...
$ /usr/local/var/libexec/alignak/wmic -U .\\alignak%alignak //192.168.0.20 'Select Caption From Win32_OperatingSystem'

# Alignak plugin command ...
$ /usr/local/var/libexe/alignak/check_wmi_plus.pl -H 192.168.0.20 -u ".\\alignak" -p "alignak" -m checkdrivesize -a '.' -w 90 -c 95 -o 0 -3 1 --inidir=/usr/local/var/libexec/alignak


**Note**: these commands assume that you created an *alignak* user account with *alignak* as a password.

As a default, WMI opens random TCP ports to communicate with the requesting customer. The Windows WMI service can be configured to use only one port as explained here:
https://msdn.microsoft.com/en-us/library/bb219447(v=vs.85).aspx.

An abstract of this article::

To set up a fixed port for WMI
1. Stop the WMI service by typing the command: net stop "Windows Management Instrumentation", or net stop winmgmt
2. At the command prompt, type: winmgmt -standalonehost
3. Restart the WMI service again in a new service host by typing: net start "Windows Management Instrumentation" or net start winmgmt
4. Establish a new port number for the WMI service by typing: netsh firewall add portopening TCP 24158 WMIFixedPort

To undo any changes you make to WMI, type: winmgmt /sharedhost, then stop and start the winmgmt service again.


Alignak configuration
~~~~~~~~~~~~~~~~~~~~~

You simply have to tag the concerned hosts with the template `windows-wmi`.
::

define host{
use windows-wmi
host_name host_windows_wmi
address 127.0.0.1
}

The main `windows-wmi` template declares macros used to configure the launched checks. The default values of these macros listed hereunder can be overriden in each host configuration.
::

_DOMAIN $DOMAIN$
_DOMAINUSERSHORT $DOMAINUSERSHORT$
_DOMAINUSER $_HOSTDOMAIN$\\$_HOSTDOMAINUSERSHORT$
_DOMAINPASSWORD $DOMAINPASSWORD$

_WINDOWS_DISK_WARN 90
_WINDOWS_DISK_CRIT 95
_WINDOWS_EVENT_LOG_WARN 1
_WINDOWS_EVENT_LOG_CRIT 2
_WINDOWS_REBOOT_WARN 15min:
_WINDOWS_REBOOT_CRIT 5min:
_WINDOWS_MEM_WARN 80
_WINDOWS_MEM_CRIT 90
_WINDOWS_ALL_CPU_WARN 80
_WINDOWS_ALL_CPU_CRIT 90
_WINDOWS_CPU_WARN 80
_WINDOWS_CPU_CRIT 90
_WINDOWS_LOAD_WARN 10
_WINDOWS_LOAD_CRIT 20
_WINDOWS_NET_WARN 80
_WINDOWS_NET_CRIT 90
_WINDOWS_EXCLUDED_AUTO_SERVICES
_WINDOWS_AUTO_SERVICES_WARN 0
_WINDOWS_AUTO_SERVICES_CRIT 1
_WINDOWS_BIG_PROCESSES_WARN 25

#Default Network Interface
_WINDOWS_NETWORK_INTERFACE Ethernet

# Now some alert level for a windows host
_WINDOWS_SHARE_WARN 90
_WINDOWS_SHARE_CRIT 95


To set a specific value for an host, declare the same macro in the host definition file.
::

define host{
use windows-wmi
contact_groups admins
host_name sim-vm
address 192.168.0.16

# Specific values for this host
# Change warning and critical alerts level for memory
# Same for CPU, ALL_CPU, DISK, LOAD, NET, ...
_WINDOWS_MEM_WARN 10
_WINDOWS_MEM_CRIT 20

# Exclude some services from automatic start check
# Use a regexp that matches against the short or long service name as it can be seen in the properties of the service in Windows.
# The matching services are excluded in the resulting list.
# Example: (ShortName)|(ShortName)| ... |(ShortName)
_WINDOWS_EXCLUDED_AUTO_SERVICES (IAStorDataMgrSvc)|(MMCSS)|(ShellHWDetection)|(sppsvc)|(clr_optimization_v4.0.30319_32)
}


Bugs, issues and contributing
-----------------------------

Contributions to this project are welcome and encouraged ... `issues in the project repository <https://github.com/alignak-monitoring-contrib/alignak-checks-wmi/issues>`_ are the common way to raise an information.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

alignak_checks_wmi-1.0.0.tar.gz (4.0 MB view details)

Uploaded Source

File details

Details for the file alignak_checks_wmi-1.0.0.tar.gz.

File metadata

File hashes

Hashes for alignak_checks_wmi-1.0.0.tar.gz
Algorithm Hash digest
SHA256 5032afade603b3654b6301b43fc477d170219f4eb2eb26eb0eeb64b308570a93
MD5 0dd6550f63f09c558de76a233bbeeca6
BLAKE2b-256 fffd8101546a51fe8517a596c79bc5ec6f85e65fb332d602045fcea715fef3fb

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page