WMI DC

WMI Domain Controller (DC) Profile

Table of Contents: Show

This profile monitors Domain Controller performance metrics on a Windows server using Windows Management Instrumentation (WMI). Nagios Remote Plugin Executor (NRPE) is used by the Nagios server to communicate with the WMI proxy server. This proxy server queries the monitored Windows server for measurements and status using WMI.

Additionally, you may want to refer to the WMI documentation. This project consists of a collection of script monitors (.vbs for starters) that use the Microsoft .Net Framework and WMI to retrieve performance data from remote Windows hosts without the need for agents on the remote hosts.

Services Configuration
  • Service - Definitions in Monarch are stored under this name.
  • Command Line - Service command name with arguments to be passed to the plugin.
  • Plugin Command Line - Plugin script called by Nagios for this Service.
  • Extended Info - The Extended Service Info definition, typically used for generating graphs.
    Command lines displayed below are intended to be single line commands.
    Service Command Line Plugin Command Line Extended Info
    wmi_DRAInboundBytesCompBetwSites
    BeforeCompPersec     		check_wmi_counter_counter!Win32_PerfRawData_
    NTDS_NTDS!*!DRAInboundBytesCompressedBetween
    SitesBeforeCompressionPersec!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DRAInboundBytesNotCompressed
    WithinSitePersec     		check_wmi_counter_counter!Win32_PerfRawData_
    NTDS_NTDS!*!DRAInboundBytesNotCompressedWithin
    SitePersec!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DRAInboundObjectUpdates
    RemaininginPacket     		check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!DRAInboundObjectUpdatesRemaining
    inPacket!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DRAPendingReplication
    Synchronizations     		check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!DRAPendingReplication
    Synchronizations!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DRASyncFailureson
    SchemaMismatch     		check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!DRASyncFailuresonSchema
    Mismatch!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DSNotifyQueueSize check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!DSNotifyQueueSize!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DSSecurityDescriptor
    PropagatorRuntimeQueue     		check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!DSSecurityDescriptorPropagator
    RuntimeQueue!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_DSThreadsinUse check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!DSThreadsinUse!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_ErrorsGrantedAccess check_wmi_counter_rawcount!Win32_PerfRawData_
    PerfNet_Server!*!ErrorsGrantedAccess!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_KerberosAuthentications check_wmi_counter_counter!Win32_PerfRawData_
    NTDS_NTDS!*!KerberosAuthentications!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_LDAPActiveThreads check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!LDAPActiveThreads!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_LDAPBindTime check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!LDAPBindTime!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_LDAPClientSessions check_wmi_counter_rawcount!Win32_PerfRawData_
    NTDS_NTDS!*!LDAPClientSessions!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_rawcount -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_NTLMAuthentications check_wmi_counter_counter!Win32_PerfRawData_
    NTDS_NTDS!*!NTLMAuthentications!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_PageFaultsPerSec_lsass check_wmi_counter_counter!Win32_PerfRawData_
    PerfProc_Process!"Name='lsass'"!
    PageFaultsPerSec!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_PageFaultsPerSec_ntfrs check_wmi_counter_counter!Win32_PerfRawData_
    PerfProc_Process!"Name='ntfrs'"!
    PageFaultsPerSec!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_PercentProcessorTime_lsass check_wmi_100nsec_timer!Win32_PerfRawData_
    PerfProc_Process!"Name='lsass'"
    !PercentProcessorTime!20!30     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_100nsec_timer -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_PercentProcessorTime_ntfrs check_wmi_100nsec_timer!Win32_PerfRawData_
    PerfProc_Process!"Name='ntfrs'"!
    PercentProcessorTime!20!30     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_100nsec_timer -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_SAMNonTransitiveMembership
    EvaluationsPersec     		check_wmi_counter_counter!Win32_PerfRawData_
    NTDS_NTDS!*!SAMNonTransitiveMembership
    EvaluationsPersec!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
    wmi_SAMTransitiveMembership
    EvaluationsPersec     		check_wmi_counter_counter!Win32_PerfRawData_
    NTDS_NTDS!*!SAMTransitiveMembership
    EvaluationsPersec!200!400     		$USER1$/check_nrpe -t 60 -H $USER21$ -c get_counter_counter -a $HOSTADDRESS$" "$ARG1$" "$ARG2$" "$ARG3$" "$ARG4$" "$ARG5$" percent_graph
Profile Package

This package includes the following files:

Profile Definitions

  • service-profile-wmi-dc.xml
  • perfconfig-wmi-dc.xml

Plugins Scripts on the GroundWork Server

  • check_nrpe

WMI Scripts on the WMI Proxy Server)

  • nrpe_nt.zip

Performance Graphing Programs

  • percent_graph.cgi
Installation

GroundWork Monitor includes many monitoring profiles for a variety of devices, systems and applications. Profiles already imported on a new GroundWork installation include Service Ping, SNMP Network, and SSH UNIX. The GroundWork Monitor Configuration tool is used to import updated Profiles and Profiles that require additional setup; the Profile XML file and its companion Performance Configuration definition file. Services can also be imported in addition to Service Profiles in the Profile Importer. The import process is documented under GROUNDWORK PROFILES > How to import profiles.

Implementation

This section contains detail settings used by this Profile. These parameters can be altered with the Configuration tool.

Command Parameters

Command parameters are in the Configuration Services section with the following names and default values.

check_wmi_counter_counter

  • Uses check_nrpe plugin to connect to NRPE on $USER21$ and execute the get_counter_counter command as defined in the nrpe.cfg against the host $HOSTADDRESS$.
  • $ARG1$ - WMI Class Name
  • $ARG2$ - Matching Instance (* is all)
  • $ARG3$ - WMI Property for threshold comparison
  • $ARG4$ - Warning threshold
  • $ARG5$ - Critical threshold

check_wmi_counter_rawcount

  • Uses check_nrpe plugin to connect to NRPE on $USER21$ and execute the get_counter_rawcount command as defined in the nrpe.cfg against the host $HOSTADDRESS$.
  • $ARG1$ - WMI Class Name
  • $ARG2$ - Matching Instance (* is all)
  • $ARG3$ - WMI Property for threshold comparison
  • $ARG4$ - Warning threshold
  • $ARG5$ - Critical threshold

check_wmi_100nsec_timer

  • Uses check_nrpe plugin to connect to NRPE on $USER21$ and execute the get_100nsec_timer command as defined in the nrpe.cfg against the host $HOSTADDRESS$.
  • $ARG1$ - WMI Class Name
  • $ARG2$ - Matching Instance (* is all)
  • $ARG3$ - WMI Property for threshold comparison
  • $ARG4$ - Warning threshold
  • $ARG5$ - Critical threshold
Performance Graphing Parameters

The following parameters are used to generate performance charts. These parameters are set using the Configuration>Performance tool in GroundWork Monitor.

Implementation Notes

The steps are:

  • The nrpe.cfg file on the Windows server maps commands issued by the GroundWork server to scripts in the c:\nrpe_nt directory. Commands issued by this profile are installed with this package. If new NRPE commands are added, this file must be modified. Go to the GroundWork Support Portal - GroundWork Connect at www.groundworkconnect.com and search for Installing GroundWork WMI NRPE.
  • The WMI proxy server must be in the same domain as target monitored Windows server, and must have administrator rights.
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.