This article describes how to use Template Check Commands, Service Checks and Host Groups to monitor Windows Server, Domain Controllers, DNS Servers and IIS -- applications that ship with Windows Server. Links to sample templates are also provided. In an enterprise
Windows environment, a thorough understanding of the Operating System
and Applications is required to successfully utilize sets of commands and checks to monitor and diagnose problems.
Nagios/Icinga Template Formats
Although Nagio/Icinga configuration files allow the administrator to insert any properly formatted definition or command into a file ending in .cfg, there are good reasons to observe several formats. First, many of the add-on graphical configuration applications (for instance, NConf discussed here) require only a single type of definition or command in each file. Not only does NConf generate configuration files in this format, it requires them to perform imports. Service Checks are split into two types:- Services -- applied only to single hosts
- Advanced Services -- applied to multiple hosts and/or service groups
It is also easier to troubleshoot configuration errors is a strict format is observed. This need not split each type of command and check into separate and dedicated files. However, experience and portability to graphical configuration applications indicate such a structure is the easiest to use and most compatible.
Therefore, the templates used for this article consist of Check Commands (specifying Windows NRPE Service and Performance Monitoring Counter definitions) and Advanced Services (Service Checks defined with a Host Group assignment). Two examples are provided below:
Check Command
define command {command_name check_WinNRPEPerf_4ArgMax
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -n -p 5666 -c CheckCounter -a "Counter:$ARG1$=$ARG2$" ShowAll MaxWarn=$ARG3$ MaxCrit=$ARG4$
}
Advanced Service
define service {service_description Processor Information Total Percent Utilization
check_command check_WinNRPEPerf_4ArgMax!CPUPercent!\\Processor Information(_Total)\\% Processor Time!80!90
check_period 24x7
notification_period 24x7
hostgroup_name windows-servers
use generic-service
contact_groups +admins
}
Several points deserve explanation. In the Check Command command_line definition, the -n option specifies no SSL, which may or may not apply to specific deployments. The -c option defines the type of command (which must be supported in the NSClient configuration file). The -a command passes specific arguments to the agent. $ARG1$ is the command name. $ARG2$ is the Windows-formatted Performance Counter to be queried. $ARG3$ and $ARG4$ pass warning and critical threshold values to be processed by Nagios/Icinga. The Advanced Service check_command definition the calls the Check Command and specifies the arguments. Finally, the Advanced Service is only applied to hosts belonging to the windows-servers Host Group.
The Importance of Defining Appropriate Sets of Nagios/Icinga Template Information for Windows Enterprises
Windows 2008 R2 Operating System Roles, Role Services and Features
A default
Windows Server installation only installs the software necessary to
operate as a server. Windows then provides "Roles" and "Features" to
provide specific additional functionality. For instance, a Server may
be assigned the "Active Directory Domain Services" and "DNS Server"
roles that includes one set of functionality while another may be
assigned the "Web Server (IIS)" role that includes a different set.
Role Services and Features may also be installed, further adding to the
complexity of defining sets of monitored information. Flowing from the
definitions, the fundamental hardware and OS data may be collected by a
Template "Windows Server 2008 R2." Additional Templates then define
"Active Directory Domain Services," "DNS Server" and "Web Server (IIS)"
Roles and Features.The templates for each Role/Role Service/Feature set should monitor the availability of services using both the Nagios/Icinga Plugins "check_nrpe" to query the OS Services and "check-tcp"/"check_udp" to query the NIC TCP and UDP service(s) in question. The NRPE Services check selected queries all services set to "automatically started" and "disabled"; it returns OK if all services are in the proper state or lists those that are not. The associated TCP and UDP services on ports 389 (LDAP), 636 (LDAPS) and 464 (Kerberos Password), among others, are queried to determine if the Active Directory services necessary for authentication are available. Finally, the data collection includes the Performance Monitoring Counters.
There is still another set of definitions for Templates -- information important for day-to-day monitoring and information important for troubleshooting, trend analysis and scalability design. The second set includes primarily Performance Counters. Thus, for each set of Windows Role data collected, there is a standard set of data including OS service checks, TCP service checks and Performance Counters and a second, more detailed set that includes primarily Performance Counters. Flowing from the examples above, the "Windows Server" Template would provide important day-to-day triggers and performance information while a second, "Windows Server Performance Counters" provides highly detailed data for troubleshooting, trend analysis, etc.
Windows Application Servers
The Windows Operating System (with its Roles, Role Services and Features) is also a platform for additional Servers, such as the Exchange E-Mail and Collaboration Server and SQL Database Server. These servers provide common core software and specialized role-based software; the modular aspect of Windows Application Servers provides fault-tolerance and scalability. For example, Exchange may be deployed on a single server with all roles and services for small-business environments or may be deployed on many servers with roles (individually or in combination) of Mailbox, Hub Transport, Edge Transport, Client Access and Unified Messaging for large enterprises. Microsoft provides design guidelines for large Exchange 2010 deployments here and for large Exchange 2013 deployments here.Template designs for Windows Application Servers must also reflect common and specific sets of data in much the same way as (for example) "Windows Server 2008 R2" is common core functionality and "Active Directory Domain Services" is specific to a role. Windows Application Server Templates thus defined must also provide to "Core" day-to-day Items, Triggers and Performance Counters and also the less-commonly used Performance Counters set of information.
Conclusion
Using the above guidelines, we may define an (incomplete) example set of Templates to be implemented for the Windows Operating System:- Windows Server 2008 R2
- Windows Server 2008 R2 Performance Counters
- DNS Server
- DNS Server Performance Counters
- Active Directory Domain Services
- Active Directory Domain Services Performance Counters
- Web Server (IIS)
- Web Server (IIS) Performance Counters
- Exchange Server Common
- Exchange Server Common Performance Counters
- Exchange Hub Transport Server
- Exchange Hub Transport Server Performance Counters
- Exchange Mailbox Server
- Exchange Mailbox Server Performance Counters
- Exchange Client Access Server
- Exchange Client Access Server Performance Counters
Windows Server Check Commands and Service Checks
Windows Domain Controller Check Commands and Service Checks
Windows DNS Server Check Commands and Service Checks
Windows IIS Check Commands and Service Checks
No comments :
Post a Comment