Nagios is a very powerful open source tool for monitoring networks and infrastructures. The number of plugins available on Nagios Exchange and extensions make this tool essential to not just to be reactive but to create workflows and escalations if needed in a matter of minutes.
The installation and configuration of this tool under a major linux distributions is not difficult.
The default tool for monitoring a Windows network are SCCM/SCOM and OMS, but if your environment is a mixed environment I think personally that Nagios can be considered a safe bet!
NSClient++ is the agent needed for performing some interesting checks on windows and you can leverage your powershell scripting ability to perform custom checks on the environment.
Once installed, copy your powershell script into the script folder of NSClient and add to the nsclient.ini file your script definition :
1 2 3 |
[/settings/external scripts/scripts] ;my_script description my_script = cmd /c echo scripts\my_script.ps1; exit($LastExitCode) | powershell.exe -command - |
Just remember that NSClient will look for the exit code in your powershell script to triage the status:
- exit 0, Normal
- exit 1, Warning
- exit 2, Critical
and use Write-OutPut if you want to provide a more verbose description of the error.
This is a simple example :
1 2 3 4 5 6 7 8 9 10 11 12 |
#Requires -RunAsAdministrator $condition = 1 -eq 1 if ($condition -eq $True) { Write-Output "OK: All good!" exit 0 #Returns OK STATUS } else { Write-Output "CRITICAL: Detailed description..." exit 2 #Returns CRITICAL STATUS } |
Why should you care about writing your own script?
Even if your requirements are standard the probability that you want to monitor and create an escalation event is pretty high. Think about how powerful can be when the event monitored by your powershell script is solved or mitigated by the script itself automatically.
Hi Paolo,
the command handler in the first code block contains a small copy/paste error: the last dash got converted to a broader (Unicode) one. This is not accepted by the Powershell and leads to an error.
…. | powershell.exe -command – # <— this one is wrong
Regards,
Simon
Hi Simon,
Thanks for the comment. It’s not an error, at glance it seems wrong, but if you open a prompt (cmd) and paste the following code using code it won’t throw any error.
It’s a bit convoluted, but if you think that you’re writing a batch script and not in PowerShell you’ll see why it’s working. It’s a good opportunity to explain that.
These are the steps to replicate the behavior and see that is actually correct.
create a test file called “my-test.ps1” on your current folder containing this oneliner:
write-output "It works!"
Open a command prompt window and run the following line:
cmd /c echo my-test.ps1; exit($LastExitCode) | powershell.exe -command -
The result should be this:
D:\>cmd /c echo .\my-test.ps1; exit($LastExitCode) | powershell.exe -command -
it works!
The expression is printing the content of the PowerShell script my-test and passing it to the powershell.exe to get the results which in this case is the exit code and a string. Again I hope it’s more clear.
Thanks,
Regards
Hi Simon,
I’ve now noticed that “–” instead of a “-“. I understood just now what you meant. I will edit that to prevent issues.
To be clear if you paste that character into a cmd-prompt window you should have the same results.