Monitoring the Network Load with Powershell

Monitoring is an important activity in IT operations, it’s essential for correlating the state of all the moving parts of our systems and applications and create a big picture of the health of the whole environment.  Before going down the rabbit hole of complicated monitoring tools and techniques let’s start with define a that monitoring can be subjective and on a case-by-case can be very basic or detailed and can let you choose a specific tool or strategy. There is no one-size-fits-all. This week I needed to implement a custom check to monitor the network load/usage on any Windows OS and instead of looking for a third-party tool and deploying maybe another agent on servers I wrote a Powershell script to perform this activity.

I like to invest time and effort into monitoring especially for on-premises environments. In fact, in these environments, I think it’s more common to find legacy systems or delicate integration between different software solutions and it may need extra-care to support it properly. By contrast, all public/private cloud providers offer infrastructure monitoring as part of the offering, for them is builtin in the platform and it’s required if they want to bill you by the minute.  In my ideal world, I’d like to have similar visibility and granular detail, even if some of these efforts can look overkilled in most of my use cases.

NSCP

What I frequently use even on-prem or on cloud infrastructure is NagiOS, I use it for Linux and Windows and Network device. The Nagios server may require agents if you want to perform white-box monitoring (or inside the box). For Windows OS the Nscp++ agent is capable of monitoring most of the things I need with a little bit of help from PowerShell or batch script or any executable, but the network load on the network interface card is not there out-of-the-box.

In the last 3 years, I’ve created all sorts of custom checks that are specific to the operating system, physical machine or the application installed on the host, but the network load on VMs it was something that I never needed before.

Typeperf

I started to have a look at Typeperf

Get-Counter

but I preferred to use Get-Counter to have the performance of the Network Card (s).

I’ve expanded the value to have more details

On my workstation I have 2 network interfaces, but for the point of view of any VM is on MS Hyper-V that I wanted to monitor the NIC will be always called “microsoft hyper-v network adapter”.

I’ve then followed the practice of creating a custom check and a macro in Nagios, where the state OK/WARNING/CRITICAL is determined by the exit value (0,1,2) and the message is from the output of the command.

Powershell Script

This is really a basic script that could be modified to accept network card manufacturer and warning and critical thresholds as parameters but in my simple case was not required and made the script easier to read and to understand for this article as well.

Depending on your use case it can be useful by itself even without a monitoring tool like Nagios. This would be the output:

I’ve added the percentage and the transfer rate in b/s with separators to make it easier to read.

I’ve deployed the script on the scripts folder (usually C:\Program Files\NSClient++\scripts) and added this to the nsclient.ini file and restarted the nscp service.

On my the Nagios servers, I’ve created the nrpe check for the target servers using the new custom check_nic command.

The powershell script is available on the GitHub repository as usual. Happy network monitoring!

Errata Corrige

After publishing this article, I found out in the documentation of Nagios that I was wrong. The agent via check_nt  offers out-of-the-box access to the performance counters so there is no need to have a Powershell script for performing these types of checks, so you can define a macro similar to this example.

 

One Reply to “Monitoring the Network Load with Powershell”

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.