Windows Monitoring - netways
Windows Monitoring - netways Windows Monitoring - netways
NSClient++ in the new millenium! ( )Discovering NSClient++ Name: Michael Medin (@mickem) Email: michael@medin.name Blog: http://blog.medin.name Project: NSClient++ Web: http://nsclient.org ∘ •
- Page 3: Michael Medin
- Page 6 and 7: About NSClient++ (the project)
- Page 8 and 9: NSClient++ (What’s new)
- Page 10 and 11: More then a 1000 words
- Page 12 and 13: Building on Linux
- Page 14 and 15: More then a 1000 words
- Page 16 and 17: More then a 1000 words
- Page 18 and 19: Secure monitoring
- Page 21 and 22: Time to get real…
- Page 23 and 24: Contexts help Get help client Act a
- Page 25 and 26: Settings (Configuration) nscp setti
- Page 27 and 28: Time to get real…
- Page 29 and 30: Resulting config from DEMO [/module
- Page 31 and 32: Run the following ./nscp test tail
- Page 33 and 34: Modules CheckLogFile Subscribes to
- Page 35 and 36: Run the following ./nscp test echo
- Page 37: Thank You! michael@medin.name http:
NSClient++ in the new millenium!<br />
( )Discovering NSClient++<br />
Name: Michael Medin (@mickem)<br />
Email: michael@medin.name<br />
Blog: http://blog.medin.name<br />
Project: NSClient++<br />
Web: http://nsclient.org<br />
∘ •
Michael Medin
About NSClient++ (the program)
About NSClient++ (the project)
NSClient++ (What can I do)
NSClient++ (What’s new)
Thank you!
More then a 1000 words
…for windows…
Building on Linux
Building on windows…
More then a 1000 words
…daemon<br />
Tobias Leeger
More then a 1000 words
Secure monitoring
Secure monitoring
Security
Time to get real…
General usage<br />
nscp Display all() available context<br />
nscp --help Get help (can be used in many places)<br />
nscp [options] [-- [module options]]<br />
General usage syntax
Contexts<br />
help Get help<br />
client Act as a client. (think check_nrpe)<br />
Usually aliases we can use instead.<br />
service (un)Install and display windows service<br />
settings Work with configuration<br />
test Find errors and problems<br />
unit Run unit test scripts
Aliases<br />
lua Run lua scripts<br />
python Run python scripts<br />
nrpe Think check_nrpe<br />
nsca Think send_nsca<br />
sys Nice pdh front-end (more to come)<br />
wmi WMI front end<br />
eventlog Add event log message from command line
Settings (Configuration)<br />
nscp settings --help<br />
nscp settings --add-missing --generate [--load-all]<br />
Will update your configuration with ALL keys<br />
nscp settings --add-missing --activate-module <br />
Great way to "enable a new module“<br />
nscp settings --remove-defaults --generate<br />
Will remove all default keys/sections<br />
nscp settings --validate<br />
Show problems with the settings file
check_nrpe<br />
nscp nrpe -- --help<br />
The -- is important<br />
nscp nrpe -- -H 127.0.0.1 -c foo -a foo bar<br />
Execute nrpe query from nsclient++<br />
0.4.2 will introduce:<br />
nrpe_client -H 127.0.0.1 -c foo -a foo bar<br />
nsca_client …<br />
…_client …
Time to get real…
Modules<br />
CheckLogFile<br />
Subscribes to filechanges<br />
SimpleFileWriter<br />
Write notifications to file<br />
NSCAClient<br />
Submit NSCA messages<br />
CheckLogFile<br />
NSCP<br />
NSCA<br />
FILE<br />
NSCAClient<br />
SimpleFileWriter
Resulting config from DEMO<br />
[/modules]<br />
CheckLogFile = enabled<br />
SimpleFileWriter = enabled<br />
[/settings/logfile/real-time/checks/sample]<br />
critical = column2 like 'crit'<br />
destination = FILE<br />
file = ./test.txt<br />
filter = column1 like 'hello'<br />
warning = column2 like 'warn'<br />
[/settings/logfile/real-time]<br />
enabled = true
Resulting config from DEMO<br />
[/modules]<br />
CheckLogFile = enabled<br />
NSCAClient = enabled<br />
SimpleFileWriter = enabled<br />
[/settings/logfile/real-time/checks/sample]<br />
critical = column2 like 'crit'<br />
destination = FILE,NSCA<br />
file = ./test.txt<br />
filter = column1 like 'hello'<br />
warning = column2 like 'warn'<br />
[/settings/logfile/real-time]<br />
enabled = true<br />
[/settings/NSCA/client/targets/default]<br />
address = 127.0.0.1<br />
encryption = xor<br />
password = secret
Run the following<br />
./nscp test<br />
tail –f ./output.txt<br />
echo –e “hello\tworld”<br />
echo –e “hello\twarn”<br />
echo –e “hello\tcrit”
Time to get real…
Modules<br />
CheckLogFile<br />
Subscribes to filechanges<br />
SimpleCache<br />
Store our result<br />
NRPEClient<br />
Accept remote checks (if there is time)<br />
NRPEServer<br />
CheckLogFile<br />
NSCP<br />
CACHE<br />
SimpleCache
Resulting config from DEMO<br />
[/modules]<br />
CheckLogFile = enabled<br />
NSCAClient = enabled<br />
SimpleFileWriter = enabled<br />
SimleCache = enabled<br />
[/settings/logfile/real-time/checks/sample]<br />
critical = column2 like 'crit'<br />
destination = FILE,NSCA,CACHE<br />
file = ./test.txt<br />
filter = column1 like 'hello'<br />
warning = column2 like 'warn'<br />
[/settings/logfile/real-time]<br />
enabled = true<br />
[/settings/NSCA/client/targets/default]<br />
address = 127.0.0.1<br />
encryption = xor<br />
password = secret
Run the following<br />
./nscp test<br />
echo –e “hello\tworld”<br />
echo –e “hello\twarn”<br />
echo –e “hello\tcrit”<br />
In nsclient console execute:<br />
check_cache index=sample
Photo by Olga Berrios
Thank You!<br />
michael@medin.name<br />
http://www. .com/in/mickem<br />
http://blog.medin.name/<br />
http://nsclient.org<br />
facebook.com/nsclient<br />
http://nsclient.org/nscp/conferances/osmc/2012/