Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Agentless on Windows - Icinga Camp Stockholm 2019

106 views

Published on

Talk by George Koutsogiannakis:
A walkthrough on setting up agentless monitoring for Windows servers from a Linux perspective. What other options are out there, why the method of WMI is selected and what options does WMI provide. The advantages and disadvantages of this solution are then examined as well as how to remediate its shortcomings. Last, a look on the future of monitoring through WMI.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Agentless on Windows - Icinga Camp Stockholm 2019

  1. 1. ❏My name is George ❏Working with Linux for more than 15 years now ❏Usually as a Linux Systems Administrator ❏Write code in bash and python ❏Automate stuff in Ansible ❏Mess a lot with monitoring systems ❏Worked with Nagios, Op5, ME AppManager, Xymon/Hobbit and lately Icinga ❏Try to avoid windows systems
  2. 2. Disclaimer: Icinga agent is a good solution ●Lots of plugins ●Ready-made Templates ●Need to keep it up-to-date! ●Keep automation in mind From the Linux standpoint: You want something similar to by_ssh checks
  3. 3. What is agentless Definition : To obtain data and metrics from systems without installing extra software aka agents While keeping ourselves secure In other words, we want to be lazy and do as less work as possible when it comes to windows systems
  4. 4. What are the options then? ➔SNMP ➔WMI ➔PowerShell ➔SSH
  5. 5. ●Created in the 1980s (v1) ●(almost) all monitoring tools support it ●A lot were based on it ●Best suited for network appliances e.g routers, switches ●Good choice for black boxes e.g UPS, HVAC ●Can be a security nightmare (avoid v1, even v2c) ●Needs to be enabled in windows systems
  6. 6. ●Built-in on windows systems ●Easy to turn on and secure ●Offers plenty of functions out-of-the box ●Perfect for pre-WinSrv 2019 installations ●Linux client is abandonware ●Not versatile, not easily
  7. 7. ●Remote powershelling ●Available for a number of Linux distributions ●Access to COM and WMI layers ●Needs to be secured tightly ●Need to learn to write cmdlets ●Can be also used for accessing Linux systems ●Ultimately versatile and powerful
  8. 8. ●Server & client support since WinSrv 2019 ●Similar to Powershell ●Allows execution of local scripts ●Allows execution of executables ●Security (again!)
  9. 9. Bonus round Passive checks ●Not just for windows ●Rely on results sent to Icingas API ●Won’t mix with DSL ●Last resort method ●Mostly for corner cases
  10. 10. Recap No one-size-fits-all method! Take competence and resources into account Monitoring has evolved Find the best method for your needs Monitor the heck out of it
  11. 11. Thanks for listening!

×