Академический Документы
Профессиональный Документы
Культура Документы
Target Audience
This document is intended for use by Nagios XI Administrators.
Overview
WMI (Windows Management Instrumentation) allows for agentless monitoring of Windows machines. Nagios XI supports WMI monitoring, which provides admins with a simple method of monitoring their Windows servers and workstations without having to install or configure agents.
XI Server Requirements
Before you can monitor Windows machines using WMI, you must install the WMI client on the Nagios XI server. For instructions on doing this, read the following document on the Nagios Library (http://library.nagios.com): Installing The WMI Client For XI
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 1
Revision 1.0 December, 2011
WMI service running WMI user account firewall rules WMI Service
First, verify the correct WMI service is running
Click start, run, type services.msc Start > run > services.msc
Before you can monitor Windows machines using WMI, you must ensure that the Windows Management Instrumentation service is running. You can configure and start the service in the Computer Management console under the Services section. Windows Management Instrument Started
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 2
Revision 1.0 December, 2011
From the windows start menu click start, choose run, type DCOMCnfg.exe start > run > DCOMCnfg.exe
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 3
Revision 1.0 December, 2011
Component Services > My Computer > Properties > COM Security > Launch Activation Permissions > Edit Limits
Under the section Launch and Activation Permissions, click Edit Limits Add the user that will be used by Nagios to monitor this machine, in out case the user is wmiagent Check Remote Launch and Remote Activation
click OK twice
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 4
Revision 1.0 December, 2011
Open WMI control Click start, choose run, type WMImgmt.msc Right click on WMI Control(local) and select properties
start > run > WMImgmt.msc > WMI Control(local) > properties
Select the Security tab of the WMI Control Properties. Expand Root, and right click on CIMV2, select properties
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 5
Revision 1.0 December, 2011
Windows Firewall
Next, configure the firewall rules specific to the version of windows being monitored.
Inbound Rules
DCOM WMI
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 6
Revision 1.0 December, 2011
If the WMI rule group does not exist as pictured above, the recommended settings are listed here as outlined by Microsoft: Start > run > cmd type (or paste) the following in the command window: netsh advfirewall firewall add rule dir=in name="DCOM" program=%systemroot %\system32\svchost.exe service=rpcss action=allow protocol=TCP localport=135 netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot %\system32\svchost.exe service=winmgmt action = allow protocol=TCP localport=any netsh advfirewall firewall add rule dir=in name ="UnsecApp" program=%systemroot %\system32\wbem\unsecapp.exe action=allow netsh advfirewall firewall add rule dir=out name ="WMI_OUT" program=%systemroot %\system32\svchost.exe service=winmgmt action=allow protocol=TCP localport=any
http://msdn.microsoft.com/en-us/library/windows/desktop/aa822854(v=vs.85).aspx
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 7
Revision 1.0 December, 2011
expand Component Services, expand Computers, right-click My Computer, and select properties. Next, choose the Default Protocols tab Component Services > Computers > My Computer > properties > Default Protocols
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 8
Revision 1.0 December, 2011
Allow the port range through the windows firewall. This command will open ports from 5000-5020 to match the COM Internet Services Range. Click start > run > cmd FOR /L %I IN (5000,1,5020) DO netsh fire wall add portopening TCP %I "COM"%I
Lastly, open DCOM port 135 Click start > run > cmd netsh firewall add portopening TCP 135 "DCOM"
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 9
Revision 1.0 December, 2011
Windows XP
If you are running a firewall on the Windows machine, you must ensure that the Nagios server can contact the WMI service. To do this, you must open TCP Port 135 on the Windows firewall.
http://assets.nagios.com/downloads/nagiosxi/wizards/windowswmi.zip
The wizard can be installed under the Manage Config Wizards screen in the Admin section of Nagios XI.
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 10
Revision 1.0 December, 2011
The wizard will prompt you for the address of the Windows machine, along with the credentials used to authenticate.
The wizard will allow you to select what types of metrics and data should be monitored, along with warning and critical thresholds. Metrics and data that can be monitored using the WMI wizard include:
CPU Usage Memory Usage Page File Usage Disk Usage Service State Process State Event Log Data
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 11
Revision 1.0 December, 2011
Troubleshooting
Issue: Nagios showing (null) or Install wmic. Fix: The WMIC plugins were not installed properly. Redo the steps outlined at
http://assets.nagios.com/downloads/nagiosxi/docs/Installing_The_WMI_Client_For_XI.pdf
Nagios Enterprises, LLC P.O. Box 8154 Saint Paul, MN 55108 USA
Page 12
Revision 1.0 December, 2011