Gestione di nsclient con Puppet
Jump to navigation
Jump to search
- Funziona con puppet > 3.1
- Sul server, installare il modulo
sudo puppet module install opentable-nsclient --environment testing
sudo puppet module list --environment testing
- Creare la classe per la macchina windows
sudo mkdir -p met_nsclient/{modules,manifests,templates,files}
cd met_nsclient
sudoedit manifests/site.pp
class met_nsclient {
file {'c:/program files/nsclient++/scripts/restart_service.cmd':
ensure => present,
source => 'puppet:///modules/met_nsclient/restart_service.cmd',
source_permissions => ignore
}
class { 'nsclient':
package_source_location => 'http://files.nsclient.org/released',
package_name => 'NSClient++ (x64)',
package_source => 'NSCP-0.4.3.131-x64.msi',
allowed_hosts => [ '192.168.1.5', ],
download_destination => 'c:/temp',
config_template => 'met_nsclient/nsclient.ini.erb',
require => File['c:/program files/nsclient++/scripts/restart_service.cmd'],
}
}
- Copiare i files di supporto:
cat | sudo tee files/restart_service.cmd<<'EOFile'
@echo off
REM MANAGED BY PUPPET 2015030501
net stop %1
net start %1
@exit 0
REM MANAGED BY PUPPET
EOFile
<pre>
<pre>
cat | sudo tee files/restart_service.cmd<<'EOFile'
# MANAGED BY PUPPET 2015030502
# If you want to fill this file with all avalible options run the following command:
# nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
# nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help
; Undocumented section
[/modules]
; CheckDisk - CheckDisk can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckDisk = 1
; Event log Checker. - Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
CheckEventLog = 1
; Check External Scripts - A simple wrapper to run external scripts and batch files.
CheckExternalScripts = enabled
; Helper function - Various helper function to extend other checks. This is also only supported through NRPE.
CheckHelpers = 1
; Check NSCP - Checkes the state of the agent
CheckNSCP = 1
; CheckSystem - Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem = 1
; CheckWMI - CheckWMI can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckWMI = 1
; NRPE server - A simple server that listens for incoming NRPE connection and handles them.
NRPEServer = 1
; NSClient server - A simple server that listens for incoming NSClient (check_nt) connection and handles them. Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
NSClientServer = 1
; Undocumented section
[/settings/default]
; ALLOWED CIPHERS - A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
allowed ciphers = ADH
; ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts = metstor01
; BIND TO ADDRESS - Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses.
bind to =
; CACHE ALLOWED HOSTS - If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server.
cache allowed hosts = true
; SSL CERTIFICATE -
certificate =
; PASSWORD - Password used to authenticate againast server
password =
; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout = 30
; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = true
; VERIFY MODE -
verify mode = none
; A list of aliases available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop)
[/settings/external scripts/alias]
; alias_cpu - Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu
alias_cpu = checkCPU warn=80 crit=90 time=5m time=1m time=30s
; alias_cpu_ex - Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex
alias_cpu_ex = checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s
; alias_disk - Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk
alias_disk = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED
; alias_disk_loose - Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose
alias_disk_loose = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED ignore-unreadable
; alias_event_log - Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log
alias_event_log = CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"
; alias_file_age - Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age
alias_file_age = checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename% %write%"
; alias_file_size - Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size
alias_file_size = CheckFiles "filter=size > $ARG2$" "path=$ARG1$" MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" max-dir-depth=10
; alias_mem - Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem
alias_mem = checkMem MaxWarn=80% MaxCrit=90% ShowAll=long type=physical type=virtual type=paged type=page
; alias_process - Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process
alias_process = checkProcState "$ARG1$=started"
; alias_process_count - Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count
alias_process_count = checkProcState MaxWarnCount=$ARG2$ MaxCritCount=$ARG3$ "$ARG1$=started"
; alias_process_hung - Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung
alias_process_hung = checkProcState MaxWarnCount=1 MaxCritCount=1 "$ARG1$=hung"
; alias_process_stopped - Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped
alias_process_stopped = checkProcState "$ARG1$=stopped"
; alias_sched_all - Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all
alias_sched_all = CheckTaskSched "filter=exit_code ne 0" "syntax=%title%: %exit_code%" warn=>0
; alias_sched_long - Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long
alias_sched_long = CheckTaskSched "filter=status = 'running' AND most_recent_run_time < -$ARG1$" "syntax=%title% (%most_recent_run_time%)" warn=>0
; alias_sched_task - Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task
alias_sched_task = CheckTaskSched "filter=title eq '$ARG1$' AND exit_code ne 0" "syntax=%title% (%most_recent_run_time%)" warn=>0
; alias_service - Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service
alias_service = checkServiceState CheckAll
; alias_service_ex - Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex
alias_service_ex = checkServiceState CheckAll "exclude=Net Driver HPZ12" "exclude=Pml Driver HPZ12" exclude=stisvc
; alias_up - Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up
alias_up = checkUpTime MinWarn=1d MinWarn=1h
; alias_updates - Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates
alias_updates = check_updates -warning 0 -critical 0
; alias_volumes - Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes
alias_volumes = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED
; alias_volumes_loose - Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose
alias_volumes_loose = CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED ignore-unreadable
; default - Alias for default. To configure this item add a section called: /settings/external scripts/alias/default
default =
; Files to be included in the configuration
[/includes]
; Section for NRPE (NRPEServer.dll) (check_nrpe) protocol options.
[/settings/NRPE/server]
; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true
; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true
; PORT NUMBER - Port to use for NRPE.
port = 5666
; Section for NSClient (NSClientServer.dll) (check_nt) protocol options.
[/settings/NSClient/server]
; PERFORMANCE DATA - Send performance data back to nagios (set this to 0 to remove all performance data).
performance data = true
; PORT NUMBER - Port to use for check_nt.
port = 12489
; Configure crash handling properties.
[/settings/crash]
; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder
archive = true
; folder - The archive folder for crash dunpes.
archive folder = ${shared-path}/crash-dumps
; RESTART - Submit crash reports to nsclient.org (or your configured submission server)
restart = true
; RESTART SERVICE NAME - The url to submit crash reports to
restart target = NSClientpp
; SUBMIT CRASHREPORTS - Submit crash reports to nsclient.org (or your configured submission server)
submit = false
; SUBMISSION URL - The url to submit crash reports to
submit url = http://crash.nsclient.org/submit
; Section for the EventLog Checker (CheckEventLog.dll).
[/settings/eventlog]
; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
buffer size = 131072
; DEBUG - Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
debug = false
; LOOKUP NAMES - Lookup the names of eventlog files
lookup names = true
; SYNTAX - Set this to use a specific syntax string for all commands (that don't specify one).
syntax =
; A set of options to configure the real time checks
[/settings/eventlog/real-time]
; DEBUG - Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
debug = false
; REAL TIME CHECKING - Spawns a backgrounnd thread which detects issues and reports them back instantly.
enabled = false
; LOGS TO CHECK - Comma separated list of logs to check
log = application,system
; STARTUP AGE - The initial age to scan when starting NSClient++
startup age = 30m
; A set of filters to use in real-time mode
[/settings/eventlog/real-time/filters]
; Section for external scripts configuration options (CheckExternalScripts).
[/settings/external scripts]
; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true
; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = false
; SCRIPT DIRECTORY - Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :)
script path =
; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout = 60
; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
[/settings/external scripts/scripts]
check_ntp=scripts\\check_windows_time.bat pool.ntp.org 30 60
restart-service=scripts\\restart_service.cmd "$ARG1$"
; A list of wrappped scripts (ie. using the template mechanism)
[/settings/external scripts/wrapped scripts]
; A list of templates for wrapped scripts
[/settings/external scripts/wrappings]
; BATCH FILE WRAPPING -
bat = scripts\\%SCRIPT% %ARGS%
; POWERSHELL WRAPPING -
ps1 = cmd /c echo scripts\\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
; VISUAL BASIC WRAPPING -
vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%
; Configure log properties.
[/settings/log]
; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S
; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log
; LOG LEVEL - Log level to use. Avalible levels are error,warning,info,debug,trace
level = info
; Configure log file properties.
[/settings/log/file]
; MAXIMUM FILE SIZE - When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled
max size = 0
; Section for configuring the shared session.
[/settings/shared session]
; LOG LEVEL - Log level to use
enabled = false
; Section for system checks and system settings
[/settings/system/windows]
; DEFAULT LENGTH - Used to define the default intervall for range buffer checks (ie. CPU).
default buffer length = 1h
; Confiure which services has to be in which state
[/settings/system/windows/service mapping]
; A list of avalible remote target systems
[/settings/targets]
# MANAGED BY PUPPET
EOFile
- Assegnare la classe all'host
sudoedit /etc/puppet/environemnt/testing/manifests/site.pp
node 'winclient.metrica.priv' {
include met_nsclient
}