=====Divers=====
Een servicecheck doen op een Windows service met een $-teken in de naam vereist dat je de enkele $-teken verdubbelt en tussen quotes plaatst, bijv. MSSQL"$$"FOLD. \\

=====**WIP** Howto: installatie Nagios op OpenBSD voor monitoren Windows hosts **WIP**=====
Installeer OpenBSD volgens de FAQ en Nagios met NRPE volgens [[http://www.kernel-panic.it/openbsd/nagios/|deze handleiding]].

Open /var/www/etc/nagios/nagios.cfg en uncomment de regel voor commands.cfg en hosts.cfg. \\
Open /var/www/etc/nagios/cgi.cfg en uncomment de regels om de nagiosadmin de juiste view rechten te geven. \\

Open /var/www/etc/nagios/commands.cfg
Voeg onderaan toe:
<code>
###############################
# Eigen nrpe checks           #
###############################

define command {
    command_name    CheckDriveSize
    command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c CheckDriveSize -a Drive=$ARG1$ ShowAll MaxWarn=$ARG2$ MaxCrit=$ARG3$
}

define command {
    command_name    CheckAllDrives
    command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c CheckDriveSize -a CheckAll FilterType=FIXED FilterType=REMOTE MinWarn=$ARG1$ MinCrit=$ARG2$
}

define command {
    command_name    CheckSystemEventLog
    command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c CheckEventLog System warn.require.eventType=error warn.require.eventType=warning critical.require.eventType=error critical.exclude.eventType=info truncate 1024 description
}

define command {
    command_name    CheckCPU
    command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c CheckCPU warn=$ARG1$ crit=$ARG2$ Time=$ARG3$
}
</code>
Open /var/www/etc/nagios/hosts.cfg en voeg toe:
<code>
define host {
    use linux-server
    host_name desktop-01
    alias DESKTOP-01
    address 10.0.0.2
}

define service {
    use local-service
    host_name desktop-01
    service_description Ruimtegebruik C-schijf
    check_command CheckDriveSize!C!50%!75%
}

define servcie {
    use local-service
    host_name desktop-01
    service_description Alle schijven kwart vrij
    check_command CheckAllDrives!25%!50%
}

define service {
    use local-service
    host_name desktop-01
    service_description Meldingen in System Event Log
    check_command CheckSystemEventLog
}

define service {
    use local-service
    host_name desktop-01
    service_description CPU gebruik
    check_command CheckCPU!70%!90%!5m
}
</code>  

Check configuratie:

<code>
# /usr/local/sbin/nagios -v /var/www/etc/nagios/nagios.cfg
</code>

Alles ok?
Dan:

<code>
# /usr/local/sbin/nagios -d /var/www/etc/nagios/nagios.cfg
</code>

Ga vervolgens naar [[http://trac.nakednuns.org/nscp/|deze site]] en download de laatste versie van NSClient++. \\
Pak deze uit op de server naar C:\Program Files\NSClient++.
Voer het volgende uit in een command prompt:

<code>
C:\Program Files\NSClient++>NSClient++.exe /install
</code>

Open nsc.ini in dezelfde directory en pas aan naar onderstaand voorbeeld.

<code>
[modules]
;# NSCLIENT++ MODULES
;# A list with DLLs to load at startup.
;  You will need to enable some of these for NSClient++ to work.
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
; *                                                               *
; * N O T I C E ! ! ! - Y O U   H A V E   T O   E D I T   T H I S *
; *                                                               *
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
FileLogger.dll
CheckSystem.dll
CheckDisk.dll
NSClientListener.dll
NRPEListener.dll
;SysTray.dll
CheckEventLog.dll
CheckHelpers.dll
;CheckWMI.dll
;
; RemoteConfiguration IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION ENVIROMNEMTS!
;RemoteConfiguration.dll

[Settings]
;# OBFUSCATED PASSWORD
;  This is the same as the password option but here you can store the password in an obfuscated manner.
;  *NOTICE* obfuscation is *NOT* the same as encryption, someone with access to this file can still figure out the 
;  password. Its just a bit harder to do it at first glance.
;obfuscated_password=Jw0KAUUdXlAAUwASDAAB
;
;# PASSWORD
;  This is the password (-s) that is required to access NSClient remotely. If you leave this blank everyone will be able to access the daemon remotly.
;password=secret-password
;
;# ALLOWED HOST ADDRESSES
;  This is a comma-delimited list of IP address of hosts that are allowed to talk to the all daemons.
;  If leave this blank anyone can access the deamon remotly (NSClient still requires a valid password).
;  The syntax is host or ip/mask so 192.168.0.0/24 will allow anyone on that subnet access
;allowed_hosts=127.0.0.1/32
allowed_hosts=10.0.0.1
;
;# USE THIS FILE
;  Use the INI file as opposed to the registry if this is 0 and the use_reg in the registry is set to 1 
;  the registry will be used instead.
use_file=1

[log]
;# LOG DEBUG
;  Set to 1 if you want debug message printed in the log file (debug messages are always printed to stdout when run with -test)
;debug=1
;
;# LOG FILE
;  The file to print log statements to
;file=NSC.log
;
;# LOG DATE MASK
;  The format to for the date/time part of the log entry written to file.
;date_mask=%Y-%m-%d %H:%M:%S


[NSClient]
;# ALLOWED HOST ADDRESSES
;  This is a comma-delimited list of IP address of hosts that are allowed to talk to NSClient deamon.
;  If you leave this blank the global version will be used instead.
;allowed_hosts=
;
;# NSCLIENT PORT NUMBER
;  This is the port the NSClientListener.dll will listen to.
;port=12489
;
;# BIND TO ADDRESS
;  Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
;  Leaving this blank will bind to all avalible IP adresses.
;bind_to_address=
;
;# SOCKET TIMEOUT
;  Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out.
;socket_timeout=30


[Check System]
;# CPU BUFFER SIZE
;  Can be anything ranging from 1s (for 1 second) to 10w for 10 weeks. Notice that a larger buffer will waste memory 
;  so don't use a larger buffer then you need (ie. the longest check you do +1).
;CPUBufferSize=1h
;
;# CHECK RESOLUTION
;  The resolution to check values (currently only CPU).
;  The value is entered in 1/10:th of a second and the default is 10 (which means ones every second)
;CheckResolution=10
;
;# CHECK ALL SERVICES
;  Configure how to check services when a CheckAll is performed.
;  ...=started means services in that class *has* to be running.
;  ...=stopped means services in that class has to be stopped.
;  ...=ignored means services in this class will be ignored.
;check_all_services[SERVICE_BOOT_START]=ignored
;check_all_services[SERVICE_SYSTEM_START]=ignored
;check_all_services[SERVICE_AUTO_START]=started
;check_all_services[SERVICE_DEMAND_START]=ignored
;check_all_services[SERVICE_DISABLED]=stopped


[NRPE]
;# NRPE PORT NUMBER
;  This is the port the NRPEListener.dll will listen to.
;port=5666
;
;# COMMAND TIMEOUT
;  This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
;  This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.
allow_arguments=1
;
;# COMMAND ALLOW NASTY META CHARS
;  This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
;allow_nasty_meta_chars=0
;
;# USE SSL SOCKET
;  This option controls if SSL should be used on the socket.
;use_ssl=1
;
;# BIND TO ADDRESS
;  Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
;  Leaving this blank will bind to all avalible IP adresses.
; bind_to_address=
;
;# ALLOWED HOST ADDRESSES
;  This is a comma-delimited list of IP address of hosts that are allowed to talk to NRPE deamon.
;  If you leave this blank the global version will be used instead.
allowed_hosts=10.0.0.1
;
;# SCRIPT DIRECTORY
;  All files in this directory will become check commands.
;  *WARNING* This is undoubtedly dangerous so use with care!
;script_dir=scripts\
;
;# SOCKET TIMEOUT
;  Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out.
;socket_timeout=30



[NRPE Handlers]
;# COMMAND DEFINITIONS
;# Command definitions that this daemon will run.
;# Can be either NRPE syntax:
;command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
;# Or simplified syntax:
;test=c:\test.bat foo $ARG1$ bar
;check_disk1=/usr/local/nagios/libexec/check_disk -w 5 -c 10
;# Or even loopback (inject) syntax (to run internal commands)
;# This is a way to run "NSClient" commands and other internal module commands such as check eventlog etc.
;check_cpu=inject checkCPU warn=80 crit=90 5 10 15
;check_eventlog=inject CheckEventLog Application warn.require.eventType=error warn.require.eventType=warning critical.require.eventType=error critical.exclude.eventType=info truncate=1024 descriptions
;check_disk_c=inject CheckFileSize ShowAll MaxWarn=1024M MaxCrit=4096M File:WIN=c:\ATI\*.*
;# But be careful:
; dont_check=inject dont_check This will "loop forever" so be careful with the inject command...
;# Check some escapings...
; check_escape=inject CheckFileSize ShowAll MaxWarn=1024M MaxCrit=4096M "File: foo \" WIN=c:\\WINDOWS\\*.*"
;# Some real world samples
;nrpe_cpu=inject checkCPU warn=80 crit=90 5 10 15
;nrpe_ok=scripts\ok.bat
;check_multi_line=scripts\multi_line.bat
;#
;# The sample scripts
;#
;check_long=scripts\long.bat
;check_ok=scripts\ok.bat
;check_nok=scripts\xlong.bat
;check_vbs=cscript.exe //T:30 //NoLogo scripts\check_vb.vbs


; [includes]
;# The order when used is "reversed" thus the last included file will be "first"
;# Included files can include other files (be carefull only do basic recursive checking)
;
; myotherfile.ini
; real.ini
</code>
Start vervolgens de NSClient++ service via de services.msc of met het commando:
<code>
C:\Program Files\NSClient++>NSClient++.exe /start
</code>