ra2 studio - Fotolia

Tip

Perform these steps to monitor Windows Server with Nagios Core

Nagios is no newbie to the server monitoring world, but setting it up for Windows takes a few extra steps. Learn how Nagios Core, originally meant for Linux, can monitor Windows servers.

Adam Bertram
By
Published: 23 Oct 2019

System monitoring is a critical task for IT administrators. Without it, it's impossible to know the state and health of infrastructure. Although there are many monitoring system options, Nagios is one of the most mature -- and most widely adopted.

The open source tool was originally built for Linux, but enterprises can also monitor Windows Server with Nagios, including Windows Server 2016.

Overview of Nagios

What should Nagios monitor? That depends on the role of the server. Every monitoring system should watch CPU, memory, disk space and network activity, as these core metrics combine to provide the overall health of the system. But beyond that, specific monitoring metrics can vary. For example, if an Information Services (IIS) web server is installed, an admin probably would want to monitor the availability of the associated web site or application.

Nagios can support both these scenarios: It can monitor common core metrics, as well as perform the more specific and customized checks that pertain to specific roles and applications. The tool can also monitor across multi-OS environments.

The Nagios monitoring tool comes in two primary versions: Nagios Core and Nagios XI. The former is a free, open source version, and the latter is a commercial version that offers additional features around graphs and reporting, capacity planning and more.

Below is an overview of how to monitor Windows Server with Nagios Core.

Use Nagios agents for Windows monitoring

To monitor Windows Server with Nagios, the Nagios monitoring server must be a Linux system. Once admins install and configure this setup, they can create monitors for Windows machines with the Nagios Remote Data Processor (NRDP) agent.

Although the Nagios server itself installs on a Linux box, admins can install an agent on Windows systems to monitor those systems and report back to the main Nagios server. This agent, the Nagios Cross Platform Agent (NCPA), has a straightforward installation process, as detailed later in this article. Installation of the NCPA is one of the first steps to monitor Windows systems with Nagios -- but, before that, install the NRDP listener to support passive checks. Nagios XI pre-installs this, but for Nagios Core, admins must complete this step manually.

To perform these steps as outlined below, use the Nagios server.

Install the NRDP agent

In this simplified example, we want to install the listener onto the Nagios server, using an Ubuntu system. Replace {version} with the current version of the NRDP service:

apt-get update
apt-get install -y php-xml
cd /tmp
wget -O nrdp.tar.gz https://github.com/NagiosEnterprises/nrdp/archive/{version}.tar.gz
tar xzf nrdp.tar.gz
cd /tmp/nrdp-{version}/
sudo mkdir -p /usr/local/nrdp
sudo cp -r clients server LICENSE* CHANGES* /usr/local/nrdp
sudo chown -R nagios:nagios /usr/local/nrdp
sudo nano /usr/local/nrdp/server/config.inc.php

In the /usr/local/nrdp/server/config.inc.php file, generate a list of tokens permitted to send data. Define one or more tokens -- these are arbitrary and can be set in any way:

$cfg['authorized_tokens'] = array(
    "randomtoken1",
    "randomtoken2",
);

Finally, restart Apache to enable the changes to take effect:

sudo cp nrdp.conf /etc/apache2/sites-enabled/
sudo systemctl restart apache2.service

Test the NRDP agent

Navigate to the Nagios server and the NRDP listener, such as http://10.0.0.10/nrdp. Use the token previously retrieved from the authorized_tokens section of the configuration file /usr/local/nrdp/server/config.inc.php to send the following JSON to test the listener:

{
    "checkresults": [
        {
            "checkresult": {
                "type": "host",
                "checktype": "1"
            },
            "hostname": "myhost",
            "state": "0",
            "output": "Success | perfdata=1;"
        },
        {
            "checkresult": {
                "type": "service",
                "checktype": "1"
            },
            "hostname": "myhost",
            "servicename": "myservice",
            "state": "1",
            "output": "Failure| perfdata=1;"
        }
    ]
}

Install the check_ncpa.py plugin

The check_ncpa.py plugin enables Nagios to monitor the installed NCPAs on the hosts. Follow these steps to install the plugin:

  1. Download the plugin.
  2. Add the file to the standard Nagios Core location, /usr/local/nagios/libexec.

Apply these agent configurations

After the NRDP installation, install the NCPA. Download the installation files and run the install.

For the listener configuration, follow these guidelines:

  • API Token: Create an arbitrary token to query the API interface.
  • Bind IP: Leave as default to listen on all addresses.
  • Bind Port: Leave as default.
  • SSL Version: Leave as default of TLSv1.2.
  • Log Level: Leave as default.

For the NRDP passive configuration, apply the following:

  • URL: Use the IP or host name of the Nagios server that hosts the installed NRDP agent.
  • NRDP Token: Use the token retrieved from /usr/local/nrdp/server/config.inc.php.
  • Hostname: Replace with the host name of the system.
  • Check Interval and Log Level: Leave as default.

Implement Windows monitoring

After agent setup and configuration, the next step is to define the monitoring rules for the Windows Server -- a process that can vary, and can be extensive, depending on an enterprise's needs.

Determine which metrics matter and require monitoring. Then, define alerting intervals and threshold values. Ultimately, monitoring rules will determine the actions admins should take when metrics hit, or back off, from those thresholds. Additionally, define contact groups to customize who receives the notifications.

Create a NCPA check

We need to create a simple command to use the check_ncpa.py plugin, and normally it lives here: /usr/local/nagios/etc/commands.cfg.

define command {
    command_name    check_ncpa
    command_line    $USER1$/check_ncpa.py -H $HOSTADDRESS$ $ARG1$
}

The final step to monitor Windows Server with Nagios is to create a simple CPU check in /usr/local/nagios/etc/ncpa.cfg.

define host {
    host_name               NCPA Host 1
    address                 10.0.0.100
    check_command           check_ncpa!-t 'mytoken' -P 5693 -M system/agent_version
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    contacts                nagiosadmin
    notification_interval   60
    notification_period     24x7
    notifications_enabled   1
    icon_image              ncpa.png
    statusmap_image         ncpa.png
    register                1
}

define service {
    host_name               NCPA Host 1
    service_description     CPU Usage
    check_command           check_ncpa!-t 'mytoken' -P 5693 -M cpu/percent -w 20 -c 40 -q 'aggregate=avg'
    max_check_attempts      5
    check_interval          5
    retry_interval          1
    check_period            24x7
    notification_interval   60
    notification_period     24x7
    contacts                nagiosadmin
    register                1
}

Challenges with Nagios Windows monitoring

Since Nagios was primarily designed for Linux, it does have some Windows monitoring limitations. However, the Nagios agent for Windows has been around and actively developed for a long time. While it might not cover all check use cases, especially around services, Nagios does have an extensive and evolving plugin ability.

Editor's note: To cover more recent Nagios concepts, this article has replaced a previous SearchITOperations article from 2011, Setting up Nagios for Windows Server monitoring, by Sander van Vugt.

Dig Deeper on IT systems management and monitoring