Search This Blog

Saturday, July 5, 2014

Nagios/Icinga Templates for Windows 2008 R2 OS, Domain Controllers, DNS and IIS Servers

This article describes how to use Template Check Commands, Service Checks and Host Groups to monitor Windows Server, Domain Controllers, DNS Servers and IIS -- applications that ship with Windows Server.  Links to sample templates are also provided.  In an enterprise Windows environment, a thorough understanding of the Operating System and Applications is required to successfully utilize sets of commands and checks to monitor and diagnose problems.

Nagios/Icinga Template Formats

Although Nagio/Icinga configuration files allow the administrator to insert any properly formatted definition or command into a file ending in .cfg, there are good reasons to observe several formats.  First, many of the add-on graphical configuration applications (for instance, NConf discussed here) require only a single type of definition or command in each file.  Not only does NConf generate configuration files in this format, it requires them to perform imports.  Service Checks are split into two types:
  1. Services -- applied only to single hosts
  2. Advanced Services -- applied to multiple hosts and/or service groups
Check Commands are also split into two groups, but they are not used in this article and are not discussed.

It is also easier to troubleshoot configuration errors is a strict format is observed.  This need not split each type of command and check into separate and dedicated files.  However, experience and portability to graphical configuration applications indicate such a structure is the easiest to use and most compatible.

Therefore, the templates used for this article consist of Check Commands (specifying Windows NRPE Service and Performance Monitoring Counter definitions) and Advanced Services (Service Checks defined with a Host Group assignment).  Two examples are provided below:

Check Command

define command {
                command_name                          check_WinNRPEPerf_4ArgMax
                command_line                          $USER1$/check_nrpe -H $HOSTADDRESS$ -n -p 5666 -c CheckCounter -a "Counter:$ARG1$=$ARG2$" ShowAll MaxWarn=$ARG3$ MaxCrit=$ARG4$
}

Advanced Service

define service {
                service_description                   Processor Information Total Percent Utilization
                check_command                         check_WinNRPEPerf_4ArgMax!CPUPercent!\\Processor Information(_Total)\\% Processor Time!80!90
                check_period                          24x7
                notification_period                   24x7
                hostgroup_name                        windows-servers
                use                                   generic-service
                contact_groups                        +admins
}


Several points deserve explanation.  In the Check Command command_line definition, the -n option specifies no SSL, which may or may not apply to specific deployments.  The -c option defines the type of command (which must be supported in the NSClient configuration file).  The -a command passes specific arguments to the agent.  $ARG1$ is the command name.  $ARG2$ is the Windows-formatted Performance Counter to be queried.  $ARG3$ and $ARG4$ pass warning and critical threshold values to be processed by Nagios/Icinga.  The Advanced Service check_command definition the calls the Check Command and specifies the arguments.  Finally, the Advanced Service is only applied to hosts belonging to the windows-servers Host Group.

The Importance of Defining Appropriate Sets of Nagios/Icinga Template Information for Windows Enterprises

Windows 2008 R2 Operating System Roles, Role Services and Features


A default Windows Server installation only installs the software necessary to operate as a server.  Windows then provides "Roles" and "Features" to provide specific additional functionality.  For instance, a Server may be assigned the "Active Directory Domain Services" and "DNS Server" roles that includes one set of functionality while another may be assigned the "Web Server (IIS)" role that includes a different set.  Role Services and Features may also be installed, further adding to the complexity of defining sets of monitored information.  Flowing from the definitions, the fundamental hardware and OS data may be collected by a Template "Windows Server 2008 R2."  Additional Templates then define "Active Directory Domain Services," "DNS Server" and "Web Server (IIS)" Roles and Features.

The templates for each Role/Role Service/Feature set should monitor the availability of services using both the  Nagios/Icinga Plugins "check_nrpe" to query the OS Services and "check-tcp"/"check_udp" to query the NIC TCP and UDP service(s) in question.  The NRPE Services check selected queries all services set to "automatically started" and "disabled"; it returns OK if all services are in the proper state or lists those that are not.  The associated TCP and UDP services on ports 389 (LDAP), 636 (LDAPS) and 464 (Kerberos Password), among others, are queried to determine if the Active Directory services necessary for authentication are available.  Finally, the data collection includes the Performance Monitoring Counters.

There is still another set of definitions for Templates -- information important for day-to-day monitoring and information important for troubleshooting, trend analysis and scalability design.  The second set includes primarily Performance Counters.  Thus, for each set of Windows Role data collected, there is a standard set of data including OS service checks, TCP service checks and Performance Counters and a second, more detailed set that includes primarily Performance Counters.  Flowing from the examples above, the "Windows Server" Template would provide important day-to-day triggers and performance information while a second, "Windows Server Performance Counters" provides highly detailed data for troubleshooting, trend analysis, etc.

Windows Application Servers

The Windows Operating System (with its Roles, Role Services and Features) is also a platform for additional Servers, such as the Exchange E-Mail and Collaboration Server and SQL Database Server.  These servers provide common core software and specialized role-based software; the modular aspect of Windows Application Servers provides fault-tolerance and scalability.  For example, Exchange may be deployed on a single server with all roles and services for small-business environments or may be deployed on many servers with roles (individually or in combination) of Mailbox, Hub Transport, Edge Transport, Client Access and Unified Messaging for large enterprises.  Microsoft provides design guidelines for large Exchange 2010 deployments here and for large Exchange 2013 deployments here.

Template designs for Windows Application Servers must also reflect common and specific sets of data in much the same way as (for example) "Windows Server 2008 R2" is common core functionality and "Active Directory Domain Services" is specific to a role.  Windows Application Server Templates thus defined must also provide to "Core" day-to-day Items, Triggers and Performance Counters and also the less-commonly used Performance Counters set of information.

Conclusion

Using the above guidelines, we may define an (incomplete) example set of Templates to be implemented for the Windows Operating System:

  1. Windows Server 2008 R2
  2. Windows Server 2008 R2 Performance Counters
  3. DNS Server
  4. DNS Server Performance Counters
  5. Active Directory Domain Services
  6. Active Directory Domain Services Performance Counters
  7. Web Server (IIS)
  8. Web Server (IIS) Performance Counters
We may also define an (incomplete) set Templates to be implemented for the Exchange Server 2010 Application Server:
  1. Exchange Server Common
  2. Exchange Server Common Performance Counters
  3. Exchange Hub Transport Server
  4. Exchange Hub Transport Server Performance Counters
  5. Exchange Mailbox Server
  6. Exchange Mailbox Server Performance Counters
  7. Exchange Client Access Server
  8. Exchange Client Access Server Performance Counters
The following links are Templates hosted on the Monitoring Exchange web site.
Windows Server Check Commands and Service Checks
Windows Domain Controller Check Commands and Service Checks
Windows DNS Server Check Commands and Service Checks

Windows IIS Check Commands and Service Checks

No comments :

Post a Comment