Icinga2 can be used to monitor Linux machines as we setup in part 2. But what if we wanted to monitor a Windows Server?
The latest version of Icinga2 works with configuration files. Is it important to understand that Icinga2 does not look for a certain configuration (.conf) file. Instead it executes all configuration files located in the conf.d map.
It is best practice to use different files for every type of settings you can set in Icinga2. The different files are there to bring some order in the different types of configuration options you set. It can be one big file if you like. And maybe for a small network it is easier to just use one file.
I will discuss some relevant for this article.
- host.conf
Defined hosts to be monitored. During setup Icinga2 did create one host, the icinga (master) host itself. - services.conf
Defined services to be monitored. - templates.conf
Here are the templates defined. A template is a set of attributes that can be shared between more than one object (host, service, etc). - commands.conf
Defined commands (check something) which are called from the services object.
Installing Icinga2 Windows Node
A good way to start is to copy the hosts.conf file to a new file, e.g. windows-hosts.conf. From there you can change the hostname and ip-address to match that from the new client. But before we do that we know Icinga2 master communicated with an agent on the client/node. So let’s install that.
For this article we use Windows server 2016 standard core. As we move more and more to a GUI-less Windows Server environment it’s seems appropriate.
First open powershell at the command prompt. Then we are going to install the package manager Chocolatey. For more information about chocolatey click here (https://chocolatey.org/)
1 2 3 4 5 |
> powershell ; install chocolatey > iwr https://chocolatey.org/install.ps1 -UseBasicParsing | iex ; install icinga2 > choco install icinga2 |
After the installation you can find icinga2 at: c:\Program Files\ICINGA2\sbin. The local configuration files are in: c:\ProgramData\icinga2\etc\icinga2.
Just like in part 2 on Ubuntu we need to execute the Node Wizard. We use this command:
1 |
> "c:\Program Files\ICINGA2\sbin\Icinga2SetupAgent.exe" |
We use the instance name shown above to generate a setup ticket just like in part 2. On the machine with the Icinga2 master role, we use this command:
1 2 |
# icinga2 pki ticket --cn 'Win2k16-1' f8b29a301a2c9a7f57f0a9ba446aa456100f64ab |
We paste the code in the setup ticket field. Then we proceed by defining the Icinga2 master.
Click next twice. Then the NSClient++ setup is started. Chose next -> generic -> typical
You can choose to install everything. I prefer not to install the webserver. On the Icinag2 master we can use the check_nrpe command to monitor different Windows services.
Configure the new Windows node on the Icinga2 master
As stated earlier the host.conf is a good place to start.
1 2 |
# cp hosts.conf windows-hosts.conf # nano windows-host.conf |
Here is the content of my windows-hosts.conf. Currently it has only one host.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
object Host "WIN2K16-1" { /* Import the default host template defined in `templates.conf`. */ import "generic-host" /* Specify the address attributes for checks e.g. `ssh` or `http`. */ address = "192.168.2.60" /* Set custom attribute `os` for hostgroup assignment in `groups.conf`. */ vars.os = "Windows" /* Define disks and attributes for service apply rules in `services.conf`. */ vars.disks["disk"] = { /* No parameters. */ } vars.disks["disk /"] = { disk_partitions = "/" } } |
After you save this file it’s time to restart icinga2.
1 |
#systemctl restart icinga2 |
We now have added a Windows Server. Icinga2 already uses default PING4 service to monitor the server. If we look closely to the new windows-hosts.conf file there is also a monitoring-rule on the root disk. Which checks the remaining space available on the disk.
Monitoring using NRPE
With the installation on a windows Client we also installed the NSClient++ client which enabled us to use NRPE. But what is NRPE? NRPE stands for the Nagios Remote Plugin Executor. It allows a monitoring master (Icinga2) to run specific checks on the remote node as if it ran locally. This means that checks that only can run locally can be set (checking number of users, load average, disk space usage, whether a DNS call can be processed on the node, and so one). Its overhead is small, making it fast and efficient.
Before we can use NRPE we must install it:
1 2 |
#sudo apt-get --no-install-recommends install nagios-nrpe-plugin #/usr/lib/nagios/plugins/check_nrpe -H 192.168.2.60 |
Where 192.168.2.60 is the IP of the Windows server, you can use the FQDN if you want. The second command checks if the NSClient++ client on the node accepts commands.
When working it returns: I (0.5.0.62 2016-09-14) seem to be doing fine…
If you get an SSL handshake error, you need to change the configuration on the client. The configuration of the NSClient++ is stored at: C:\Program Files\NSClient++\nsclient.ini
You need to add the Icinga2 master to the allowed hosts and set the SSL options like this:
1 2 3 4 5 6 7 |
[/settings/NRPE/server] allowed hosts = 192.168.2.35,127.0.0.1 port = 5666 use SSL = 1 ssl options = no-sslv2,no-sslv3 verify mode = none insecure = true |
Tip: just copy and paste it anywhere in your ncclient.ini file.
Restart the NSClient:
1 2 |
> net stop nscp > net start ncsp |
Try the check_nrpe command again, it should work now.
Configure NRPE in Icinga2
Now that we got NRPE working. Let’s add a NRPE command in Icinga2. Then we create a service which uses the new command. In command.conf add:
1 2 3 4 5 6 7 8 |
object CheckCommand "check_nrpe" { import "plugin-check-command" command = [ PluginDir + "/check_nrpe", "-H", "$address$", "-c", "$remote_nrpe_command$", ] } |
In services.conf add:
1 2 3 4 5 6 |
apply Service "disk-nrpe" { import "generic-service" check_command = "check_nrpe" vars.remote_nrpe_command = "alias_disk" assign where host.vars.os == "Windows" } |
For now we assign it only to our Windows nodes, of which we have currently one. It is important that we use the correct NRPE command. In this case: alias_disk. Which basically works the same as the disk command but will read out all available disks.
For more NSClient++ commands click here and here.
So now we have added a Windows node and added a NRPE command to the Icinga2 Master. In the next part we are going to look at a different technique for monitoring Windows: agentless monitoring using the Check-WMI plus add-on!