Windows Monitoring - netways
Windows Monitoring - netways
Windows Monitoring - netways
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Demo?
Eventlog to syslog forwarder Purpose◦ Forward eventlog errors to syslogserver Required components◦ CheckEventlog• Running in ”active mode”◦ SyslogClient• Setup to forward notifications Experimentalness◦ Medium
The ConceptNSClient++CheckEventlogsyslogsyslogNetworkSyslogClient
Config: Listening for events[/modules]CheckEventLog=1[/settings/eventlog/real-time]enabled=truedestination=syslogfilter=type NOT IN ('success', 'info', 'auditSuccess')log=application,system
Config: Listening for events (Short)[/modules]CheckEventLog=1[/settings/eventlog/real-time]enabled=truedestination=syslog
Config: Forward to syslog[/modules]SyslogClient=1[/settings/syslog/client/targets/default]facility=kerneltag template=NSClientmessage template=%message%host=192.168.0.1
Config: Forward to syslog(short)[/modules]SyslogClient=1[/settings/syslog/client/targets]default=192.168.0.1
Testingnscp eventlog --exec insert--source SQLBrowser--id 3--type warning49230 = 1100 0000 0100 1110(error + 78)--event-argument a --event-argument b--facility 78 --severity error33ab
Demo?
Scripting Purpose◦ Automatically add Nagios configuration Required components◦ PythonScript• Running the script◦ NSCAServer• Responds to submissions◦ NSCAClient• Forwars modified submissions Experimentalness◦ High
The ConceptNSClient++send_nsca Network NSCAServerChannel 1PythonScriptChannel 2nscaNetworkNSCAClient
Configuration: Receive Results[/modules]NSCAServer=1[/settings/nsca/server]port=5668inbox=channel_1encryption=nonepassword=secretallowed hosts=192.168.0.1,127.0.0.1
Config: Forward results[/modules]NSCAClient=1[/settings/nsca/client]channel=channel_2[/settings/nsca/client/targets/default]host=192.168.0.1password=secretencryption=nonetime offset=-1h
Configuration: Setup Python[/modules]PythonScript=1[/settings/python/scripts]f=forward.py
Writing a Scriptfrom NSCP import Registry, Core, log, log_errorimport unicodedatacore = Core.get()def process(channel, source, command, code, message, perf):message = unicodedata.normalize('NFKD', message).encode('ascii','ignore')core.simple_submit('channel_2', command, code,'PythonEnhanced: %s'%message, perf)def init(plugin_id, plugin_alias, script_alias):reg = Registry.get(plugin_id)reg.simple_subscription('channel_1', process)def shutdown():None
Writing a Scriptfrom NSCP import Registry, Corecore = Core.get()def process(channel, src, cmd, code, msg, perf):core.simple_submit('channel_2', cmd, code,'PythonEnhanced: %s'%msg, perf)def init(plugin_id, plugin_alias, script_alias):reg = Registry.get(plugin_id)reg.simple_subscription('channel_1', process)def shutdown():None
Testingnscp nsca–-exec submit-–message “Hello World”--host 192.168.0.1--password secret –-encryption none
Distribute monitoringwith NSClient++Summary
My vision for the future…Should be simple right?Internet Distributed <strong>Monitoring</strong> Network!
Questions?
Thank You!michael@medin.namehttp://www. .com/in/mickemhttp://blog.medin.name/http://nsclient.orgfacebook.com/nsclienthttp://nsclient.org/nscp/conferances/osmc/2011/
Change language