NSClient++
Whats new?
http://nsclient.org
http://nsclient.org
Monitoring
Simplified
How many use NSClient++
NS-whatdid he say?
?#@*&%!
wrong room!
How many like NSClient++?
..pdh collection thread not running…
ERROR: Missing argument exception
PdhCollectQueryData? fail...
simple?
CheckEventLog file=application
file=system MaxWarn=1
MaxCrit=1 "filter=generated gt
-2d AND severity NOT IN
('succ...
dev
worked in ops a long time ago
not ops
work with soa not, C/C++, nagios
Michael Medin
NSClient++
agent
Since 2003?
windowslinux and
modular by design
Highly extensible 0.4.1: 2012-10-xx
0.4.2: 2013-10-xx?
<0.4.0
not ope...
is stable
one-man-band
no company, no commercial version, no payed time
Please
Some times I am busy 
Please
Some times I am busy 
Get your a** over
here and play
NOW!
one-man-band
no company
sponsoring!
donations!
support!
, no commercial version, no payed time
Thank you!
Sockets: ipv6, ssl (true)
New protocols: NRDP, check_mk,Graphite, syslog, smtp
Real-time checks: eventlog, logfiles
Simpli...
0.4.1
Build 90 (2013-02-xx)
◦ nsclient-full.ini
◦ Reload from script
◦ (re)added check_filesize (ie. Check_nt –v FILESIZE)...
0.4.2: The goals
Modern Windows support
Simplifiedmonitoring
Real-time monitoring
Linux checks
0.4.2: The STATUS
Modern Windows support
Simplified monitoring
Real-time monitoring
Linux checks NSCP protocol
Check_xxx c...
0.4.2: Some Examples
Check_os_Version
Check_pagefile
Check_process
NO MORE PDH Check_service
Nrpe_client
Filters
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
filter = (id NOT IN ('3', '4', '6', '11', '16', '23', '24', '27', '29', '36', '46', '47', '50', '56', '134', '142', '219',...
Numbers, constants etc
Key Safe Key Description
= eq Equals
!= ne Not equals
> gt Greater than
< lt Less than
>= ge Greate...
Strings
Key Safe Key Description
= eq Equals
!= ne Not equals
> gt Greater than
< lt Less than
>= ge Greater or equal than...
All good things are three!
Filter
Warning
Critical
Ok
Level Source … …
Error Word … …
Error Excel … …
Info Word … …
Warning Excel … …
Error App1 … …
Warning App1 … …
Error App3...
Display
Custom strings
Supports
top- and detail-syntax
Display
detail- ${source}
top- ${list}
Hello: s: App1, s: App1, s: App3
check_pagefile
"filter=name = 'total
check_uptime
"warn=uptime< -
"crit=uptime< -
check_processprocess=explorer.exe
"warn=...
Simple?
Let me guess
This all seems Like
a lot of typing!
Sensible
defaults!
check_cpu
Just works!
Real time
monitoring
Active monitoring!
Monitored Server
(Windows)
Monitoring Server
(Nagios)
check_cpu
check_uptime
check_mem
check_eventlog
c...
Monitored Server
(Windows)
Monitoring Server
(Nagios)
check_cpu
check_uptime
check_mem
check_eventlog
check_updates
...
.....
Real-time monitoring!
Monitored Server
(Windows)
Monitoring Server
(Nagios)
Error detected in eventlog
Everything is ok
Mo...
CheckLogFile
NSClient++ Core
Linux Kernel
FILE
NSCA NSCAClient
SimpleFileWriter
File
CheckLogFile
NSClient++ Core
Linux Ke...
CheckLogFile
NSClient++ Core
Linux Kernel
FILE
NSCA NSCAClient
SimpleFileWriter
File
CheckLogFile
NSClient++ Core
Linux Ke...
But I use
CheckLogFile
NSClient++ Core
Linux Kernel
FILE
NSCA NSCAClient
SimpleFileWriter
SimpleCacheCACHE
NRPEServer
CheckLogFile
N...
CheckLogFile
NSClient++ Core
Linux Kernel
FILE
NSCA NSCAClient
SimpleFileWriter
SimpleCacheCACHE
NRPEServer
CheckLogFile
N...
But HOW ABOUT
Graphing?
Two options:
1, store/fetch from cache
2, submit passively
but not to Nagios!
apt-get
git clone git://github.com/mickem/nscp.git
mkdir build ; cd build
cmake ../nscp
make
Manually install visual studio, python and cmake
Download and unpack nscp source
python nscpbuildpythonfetchdeps.py
--targ...
Please help with packages!
I will give you free* beer!
*Free as in your free to buy it your self!
Native
Secure
Simple
FastLight weight
A work in progress
check_service computer=192.168.0.1
check_disk drive=192.168.0.1c$
check_task_sched computer=192.168.0.1
check_wmi computer...
Light weight remote deployable agent
Same as psexec
check_cpu
check_memory
check_process
External scripts!
http://nsclient.org
Monitoring
Simplified
simple?
CheckEventLog file=application
file=system MaxWarn=1
MaxCrit=1 "filter=generated gt
-2d AND severity NOT IN
('succ...
simple?
check_eventlog
Photo by Olga Berrios
THANK YOU!
Information about NSClient++
http://nsclient.org
facebook.com/nsclient
Slides, and examples
http://nsclient.org/nscp/confe...
Nagios Conference 2013 - Michael Medin - NSClient++ Whats New
Nagios Conference 2013 - Michael Medin - NSClient++ Whats New
Nagios Conference 2013 - Michael Medin - NSClient++ Whats New
Nagios Conference 2013 - Michael Medin - NSClient++ Whats New
Upcoming SlideShare
Loading in …5
×

Nagios Conference 2013 - Michael Medin - NSClient++ Whats New

1,181 views

Published on

Michael Medin's presentation on NSClient++ Whats New.
The presentation was given during the Nagios World Conference North America held Sept 20-Oct 2nd, 2013 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,181
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • My name is Michael Medin and I am from Stockholm, SwedenNSClient++: I am here to talk about NSClient++ (as always) and about Windows (as always) this timeDifferent: For those of you who have seen me beforeI read this nifty book about how to make awesome presentations.And I am not saying this will be an awesome presentation I am just saying I read this book.Questions: Any questions: feel free to chime in at any time
  • This presentation is called: What’s new, and the resound for that is I sent in my proposal a year ago and I had no idea what to talk about.Had I sent in the proposal now the title would have been: monitoring simplified
  • It is an agent, which means it is designed to be deployed (ish)It has been around since around 2003 (I don’t know)It was for Windows (pre 0.4.0) now it is for Linux and WindowsModular: Which means out of the box it does nothing.Open source (not open core)0.4.1 release last year, 0.4.2 hopefully soon.
  • 0.4.1 is Stable, please use it
  • One man band: This means:I am the one playing the harmonic, the guitar whilst driving the rocket propelled car
  • The reason I mention this is please don’t be angry, sometimes I am busy…
  • I often get questions which I reply “I will fix it tonight” and then I forget…It is not because I hate you or dislike you or think your question was stupid…
  • Sponsoring is available for those who want to get their logo and link on the page.Donations are available for the too-rich-for-their-own-good people out there.And we will be launching support later this year.The goal of the support is to get a better understanding of what is important
  • Thank you to my sponsors
  • Sockets: ipv6 and true ssl (certificate based authentication with real encryption)Protocols: improvements (timeouts for instance), and many new onesReal-time checks: Something I personally like a lotCommand line syntax: Good or bad, it is there!
  • It is important to understand that when 0.4.1 was released it was not the end, since then newer version of NSClient++ has been out as well.So please check back periodically for updates.
  • The kernel sends us an event once the file is updatedWe DON’T!!! Poll (ish)We filter the file for important changes: for instance column1 contains a bad wordWe forward the stste4 (if we found a match) to the various outbound pluginsWe send the event to Nagios
  • CONFIG is easy!
  • The kernel sends us an event once the file is updatedWe Still don’t poll!We store results in a databaseNRPE can quickly poll the cache.
  • CONFIG is still easy!
  • Speaking of Linux: How do I actually get it on Linux?
  • No Packages (yet) but it is simple to build your self
  • Comparing that to windows where it is a pint to build.But a new script in 0.4.1 makes building all dependencies on windows much much simpler.
  • If you love Linux!Please help out and provide me with spec files and packages!
  • Remember this was about making monitoring simple: right
  • Questions?
  • The end!
  • Nagios Conference 2013 - Michael Medin - NSClient++ Whats New

    1. 1. NSClient++ Whats new? http://nsclient.org
    2. 2. http://nsclient.org Monitoring Simplified
    3. 3. How many use NSClient++ NS-whatdid he say? ?#@*&%! wrong room!
    4. 4. How many like NSClient++? ..pdh collection thread not running… ERROR: Missing argument exception PdhCollectQueryData? failed: : - 2147481643: No data to return. Failed to query performance counters: ..pdh collection thread not running… ERROR: Missing argument exception PdhCollectQueryData? failed: : - 2147481643: No data to return. Failed to query performance counters:
    5. 5. simple? CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"
    6. 6. dev worked in ops a long time ago not ops work with soa not, C/C++, nagios Michael Medin
    7. 7. NSClient++
    8. 8. agent Since 2003? windowslinux and modular by design Highly extensible 0.4.1: 2012-10-xx 0.4.2: 2013-10-xx? <0.4.0 not open coreOpen source 0.4.3: 2014-02-xx?
    9. 9. is stable
    10. 10. one-man-band no company, no commercial version, no payed time
    11. 11. Please Some times I am busy 
    12. 12. Please Some times I am busy  Get your a** over here and play NOW!
    13. 13. one-man-band no company sponsoring! donations! support! , no commercial version, no payed time
    14. 14. Thank you!
    15. 15. Sockets: ipv6, ssl (true) New protocols: NRDP, check_mk,Graphite, syslog, smtp Real-time checks: eventlog, logfiles Simplified: Command line syntax Modernized: NRPE, NSCA, check_nt 0.4.1
    16. 16. 0.4.1 Build 90 (2013-02-xx) ◦ nsclient-full.ini ◦ Reload from script ◦ (re)added check_filesize (ie. Check_nt –v FILESIZE) ◦ Encoding support for NRPE ◦ New option: scan-range for CheckEventLog ◦ Various minor bug fixes Build 96 (2013-04-xx) ◦ Reverted external script quoting issues ◦ (re)added check_fileage (ie. Check_nt –v FILEAGE) ◦ Added support for binding to both ipv6 and ipv4 ◦ Various minor bug fixes Build 102 (2013-08-xx) ◦ PDH improvements ◦ Performance data: pass through ◦ Encoding support through out ◦ Various minor bug fixes and enhacements
    17. 17. 0.4.2: The goals Modern Windows support Simplifiedmonitoring Real-time monitoring Linux checks
    18. 18. 0.4.2: The STATUS Modern Windows support Simplified monitoring Real-time monitoring Linux checks NSCP protocol Check_xxx clients
    19. 19. 0.4.2: Some Examples Check_os_Version Check_pagefile Check_process NO MORE PDH Check_service Nrpe_client
    20. 20. Filters
    21. 21. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    22. 22. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    23. 23. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    24. 24. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    25. 25. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    26. 26. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    27. 27. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    28. 28. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … … ( )
    29. 29. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … … (source or level )
    30. 30. filter = (id NOT IN ('3', '4', '6', '11', '16', '23', '24', '27', '29', '36', '46', '47', '50', '56', '134', '142', '219', '267', '270', '1006', '1009', '1014', '1030', '1035', '1036', '1055', '1058', '1071', '1073', '1085', '1102', '1110', '1111', '1112', '1131', '1291', '1500', '3095', '5719', '5722', '5783', '5788', '5789', '6008', '7000', '7001', '7003', '7005', '7009', '7011', '7022', '7023', '7024', '7026', '7030', '7031', '7034', '7038', '7041', '9015', '9018', '9026', '9028', '10009', '10010', '10016', '10149', '12294', '15300', '15301', '24679', '36887', '36888', '40960', '40961', '45056') AND level IN ('error', 'warning')) OR (id IN ('3') AND source NOT IN ('FilterManager') AND level IN ('error', 'warning')) OR (id IN ('4') AND source NOT IN ('q57','L2ND') AND level IN ('error', 'warning')) OR (id IN ('6') AND source NOT IN ('Security-Kerberos') AND level IN ('error', 'warning')) OR (id IN ('11') AND source NOT IN ('Kerberos-Key-Distribution-Center') AND level IN ('error', 'warning')) OR (id IN ('16') AND source NOT IN ('WindowsUpdateClient') AND level IN ('error', 'warning')) OR (id IN ('23') AND source NOT IN ('Eventlog') AND level IN ('error', 'warning')) OR (id IN ('24') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('27') AND source NOT IN ('Eventlog') AND level IN ('error', 'warning')) OR (id IN ('29') AND source NOT IN ('Kerberos-Key-Distribution-Center') AND level IN ('error', 'warning')) OR (id IN ('36') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('46') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('47') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('50') AND source NOT IN ('TermDD','Time-Service') AND level IN ('error', 'warning')) OR (id IN ('56') AND source NOT IN ('TermDD') AND level IN ('error', 'warning')) OR (id IN ('134') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('142') AND source NOT IN ('Time-Service') AND level IN ('error', 'warning')) OR (id IN ('219') AND source NOT IN ('Kernel-pnp') AND level IN ('error', 'warning')) OR (id IN ('267') AND source NOT IN ('Storage-agents') AND level IN ('error', 'warning')) OR (id IN ('270') AND source NOT IN ('Storage-agents') AND level IN ('error', 'warning')) OR (id IN ('1006') AND source NOT IN ('DNS Client Events','GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1009') AND source NOT IN ('picadm') AND level IN ('error', 'warning')) OR (id IN ('1014') AND source NOT IN ('DNS Client Events') AND level IN ('error', 'warning')) OR (id IN ('1030') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1035') AND source NOT IN ('TerminalServices-RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1036') AND source NOT IN ('TerminalServices-RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1055') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1058') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1071') AND source NOT IN ('TerminalServices-RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1073') AND source NOT IN ('USER32') AND level IN ('error', 'warning')) OR (id IN ('1085') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1102') AND source NOT IN ('SNMP') AND level IN ('error', 'warning')) OR (id IN ('1110') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1111') AND source NOT IN ('Server Agents') AND level IN ('error', 'warning')) OR (id IN ('1112') AND source NOT IN ('GroupPolicy') AND level IN ('error', 'warning')) OR (id IN ('1131') AND source NOT IN ('TerminalServices- RemoteConnectionManager') AND level IN ('error', 'warning')) OR (id IN ('1291') AND source NOT IN ('NIC-agents') AND level IN ('error', 'warning')) OR (id IN ('1500') AND source NOT IN ('SNMP') AND level IN ('error', 'warning')) OR (id IN ('3095') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5719') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5722') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5783') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5788') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('5789') AND source NOT IN ('Netlogon') AND level IN ('error', 'warning')) OR (id IN ('6008') AND source NOT IN ('Eventlog') AND level IN ('error', 'warning')) OR (id IN ('7000') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7001') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7003') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7005') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7009') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7011') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7022') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7023') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7024') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7026') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7030') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7031') AND source NOT IN ('service control manager') AND strings not like 'citrix' AND level IN ('error', 'warning')) OR (id IN ('7034') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7038') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('7041') AND source NOT IN ('service control manager') AND level IN ('error', 'warning')) OR (id IN ('9015') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('9018') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('9026') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('9028') AND source NOT IN ('Metaframe') AND level IN ('error', 'warning')) OR (id IN ('10009') AND source NOT IN ('DistributedCOM') AND level IN ('error', 'warning')) OR (id IN ('10010') AND source NOT IN ('DistributedCOM') AND level IN ('error', 'warning')) OR (id IN ('10016') AND source NOT IN ('DistributedCOM') AND level IN ('error', 'warning')) OR (id IN ('10149') AND source NOT IN ('WindowsRemoteManagement') AND level IN ('error', 'warning')) OR (id IN ('12294') AND source NOT IN ('Directory-Services-SAM') AND level IN ('error', 'warning')) OR (id IN ('15300') AND source NOT IN ('HTTPEVENT') AND level IN ('error', 'warning')) OR (id IN ('15301') AND source NOT IN ('HTTPEVENT') AND level IN ('error', 'warning')) OR (id IN ('24679') AND source NOT IN ('Cissesrv') AND level IN ('error', 'warning')) OR (id IN ('36887') AND source NOT IN ('Schannel') AND level IN ('error', 'warning')) OR (id IN ('36888') AND source NOT IN ('Schannel') AND level IN ('error', 'warning')) OR (id IN ('40960') AND source NOT IN ('LSASRV') AND level IN ('error', 'warning')) OR (id IN ('40961') AND source NOT IN ('LSASRV') AND level IN ('error', 'warning')) OR (id IN ('45056') AND source NOT IN ('LSASRV') AND level IN ('error', 'warning'))
    31. 31. Numbers, constants etc Key Safe Key Description = eq Equals != ne Not equals > gt Greater than < lt Less than >= ge Greater or equal than <= le Less or equal than in ( <LIST OF VALUES>) In a given list not in (…) Not in a given list
    32. 32. Strings Key Safe Key Description = eq Equals != ne Not equals > gt Greater than < lt Less than >= ge Greater or equal than <= le Less or equal than in ( <LIST OF VALUES>) In a given list not in (…) Not in a given list like Substring matching regexp Regular expression not like Opposite of like not regexp Opposite of regexp
    33. 33. All good things are three! Filter Warning Critical Ok
    34. 34. Level Source … … Error Word … … Error Excel … … Info Word … … Warning Excel … … Error App1 … … Warning App1 … … Error App3 … …
    35. 35. Display Custom strings Supports top- and detail-syntax
    36. 36. Display detail- ${source} top- ${list} Hello: s: App1, s: App1, s: App3
    37. 37. check_pagefile "filter=name = 'total check_uptime "warn=uptime< - "crit=uptime< - check_processprocess=explorer.exe "warn=working_set > 70m" "detail-syntax=${exe} ws:${working_set},handles: ${handles},user time:${user
    38. 38. Simple?
    39. 39. Let me guess This all seems Like a lot of typing!
    40. 40. Sensible defaults!
    41. 41. check_cpu Just works!
    42. 42. Real time monitoring
    43. 43. Active monitoring! Monitored Server (Windows) Monitoring Server (Nagios) check_cpu check_uptime check_mem check_eventlog check_updates ... ... Monitored Server (Windows) Monitoring Server (Nagios) check_cpu check_uptime check_mem check_eventlog check_updates ... ...
    44. 44. Monitored Server (Windows) Monitoring Server (Nagios) check_cpu check_uptime check_mem check_eventlog check_updates ... ... Monitored Server (Windows) Monitoring Server (Nagios) check_cpu check_uptime check_mem check_eventlog check_updates ... ... Passive monitoring!
    45. 45. Real-time monitoring! Monitored Server (Windows) Monitoring Server (Nagios) Error detected in eventlog Everything is ok Monitored Server (Windows) Monitoring Server (Nagios) Error detected in eventlog Everything is ok
    46. 46. CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter File CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter File No CPU overhead Notified instantly Powerful filtering
    47. 47. CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter File CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter File [/modules] CheckLogFile = enabled NSCAClient = enabled SimpleFileWriter = enabled [/settings/logfile/real-time/checks/my_check] destination = FILE,NSCA file = test.txt warning = column1 like ‘warn’ critical = column2 like ‘crit’ [/settings/NSCA/client/targets/default] address = 10.11.12.13 encryption = aes password = secreter
    48. 48. But I use
    49. 49. CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter SimpleCacheCACHE NRPEServer CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter SimpleCacheCACHE NRPEServer No CPU overhead Powerful filtering Stored in cache Check latest result Fetched instantly
    50. 50. CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter SimpleCacheCACHE NRPEServer CheckLogFile NSClient++ Core Linux Kernel FILE NSCA NSCAClient SimpleFileWriter SimpleCacheCACHE NRPEServer [/modules] CheckLogFile = enabled SimpleCache = enabled NRPEServer = enabled [/settings/logfile/real-time/checks/my_check] destination = CACHE file = test.txt warning = column1 like ‘warn’ critical = column2 like ‘crit’ [/settings/NRPE/server] allowed hosts = 10.11.12.13 allow arguments = true
    51. 51. But HOW ABOUT Graphing?
    52. 52. Two options: 1, store/fetch from cache 2, submit passively but not to Nagios!
    53. 53. apt-get git clone git://github.com/mickem/nscp.git mkdir build ; cd build cmake ../nscp make
    54. 54. Manually install visual studio, python and cmake Download and unpack nscp source python nscpbuildpythonfetchdeps.py --target x64 --cmake-config dist cmake ../nscp msbuild /p:Configuration=RelWithDebInfo NSCP.sln
    55. 55. Please help with packages! I will give you free* beer! *Free as in your free to buy it your self!
    56. 56. Native Secure Simple FastLight weight A work in progress
    57. 57. check_service computer=192.168.0.1 check_disk drive=192.168.0.1c$ check_task_sched computer=192.168.0.1 check_wmi computer=192.168.0.1
    58. 58. Light weight remote deployable agent Same as psexec check_cpu check_memory check_process External scripts!
    59. 59. http://nsclient.org Monitoring Simplified
    60. 60. simple? CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"
    61. 61. simple? check_eventlog
    62. 62. Photo by Olga Berrios
    63. 63. THANK YOU!
    64. 64. Information about NSClient++ http://nsclient.org facebook.com/nsclient Slides, and examples http://nsclient.org/nscp/conferances/nwc/2013/ My Blog http://blog.medin.name

    ×