How to monitor Windows Servers and Microsoft Softwares through WMI with Cacti under Linux

Published:
Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state is abnormal besides an alert the monitoring activity also means to verify the state this same service through graphs.

In the market there are several tools to do this tasks, there are two tools open source that do this task very well, Nagios and Cacti. The first one, Nagios, can monitor services state and computer information like, OS, HDD, processor, network, communication ports, specific services, etc, and warn the administrators by e-mail, sms, sounds, screen messages, etc; and the second one, Cacti, it can be said that it's an evolution of Nagios. Cacti basically do the same thing that Nagios but it generates graph reports of the monitored services, all the information that Cacti collects is storage at a database, usually MySQL, so this way the administrator can have a large space time of data, like at some point you need to generate a graph of the activity of the SMTP service of Exchange 2003 during the period of March to June; Cacti is able to do this.

Cacti Information:
website: http://www.cacti.net
License: Opensource
Requirements: RRDTool, MySQL, PHP and a Web Server.
Complete Documentation: http://docs.cacti.net/manual:087

Usually Cacti is installed at Linux and it's administration can be done by the web interface. I'm not enter the details of how Cacti works, but to summarize this Cacti can be divided into 5 parts and the Cacti website gives us a great overview and reproduced below :

1 - What is Cacti?

Cacti is a complete frontend to RRDTool, it stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain Graphs, Data Sources, and Round Robin Archives in a database, cacti handles the data gathering. There is also SNMP support for those used to creating traffic graphs with MRTG.

2 - Data Sources

To handle data gathering, you can feed cacti the paths to any external script/command along with any data that the user will need to "fill in", cacti will then gather this data in a cron-job and populate a MySQL database/the round robin archives.

Data Sources can also be created, which correspond to actual data on the graph. For instance, if a user would want to graph the ping times to a host, you could create a data source utilizing a script that pings a host and returns it's value in milliseconds. After defining options for RRDTool such as how to store the data you will be able to define any additional information that the data input source requires, such as a host to ping in this case. Once a data source is created, it is automatically maintained at 5 minute intervals.

3 - Graphs

Once one or more data sources are defined, an RRDTool graph can be created using the data. Cacti allows you to create almost any imaginable RRDTool graph using all of the standard RRDTool graph types and consolidation functions. A color selection area and automatic text padding function also aid in the creation of graphs to make the process easier.

Not only can you create RRDTool based graphs in cacti, but there are many ways to display them. Along with a standard "list view" and a "preview mode", which resembles the RRDTool frontend 14all, there is a "tree view", which allows you to put graphs onto a hierarchical tree for organizational purposes.

4 - User Management

Due to the many functions of cacti, a user based management tool is built in so you can add users and give them rights to certain areas of cacti. This would allow someone to create some users that can change graph parameters, while others can only view graphs. Each user also maintains their own settings when it comes to viewing graphs.

5 - Templating

Lastly, cacti is able to scale to a large number of data sources and graphs through the use of templates. This allows the creation of a single graph or data source template which defines any graph or data source associated with it. Host templates enable you to define the capabilities of a host so cacti can poll it for information upon the addition of a new host.
Indented text reproduced from Cacti website.

Most of information is collected by Cacti by scripts and SNMP, is also import to remember that SNMP versions 1 and 2 are not safe because all the data is transported uncoded and it's better to use SNMP version 3 due to the data encryption that ensures that data is transfered with security. But at Windows platform most of the important data of the OS and Microsoft Softwares, SQL Server, Exchange Server, etc, are collected through WMI.

More information at:
http://msdn.microsoft.com/en-us/library/aa394582%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/aa384642%28v=vs.85%29.aspx
http://en.wikipedia.org/wiki/Windows_Management_Instrumentation

Because of this to have a real monitoring structure of Windows Server and it's softwares it's necessary to make Cacti collected and interpret data collected by the WMI at Windows.

For this at the Linux server that you have Cacti installed and configured you need to install the WMI plugin. Most of the Linux distribution repositories already have a WMI plugin but unfortunately due to compatibility issues most of them doesn't work so make it work you to compile one by hand.

Download the plugin, it's available at: http://dev.zenoss.org/svn/trunk/inst/externallibs/ , in the there is a list of packages, you need to download the wmi-1.3.13.tar.bz2 package. Unpack and compile it by following the commands:
# tar -jxvf wmi-1.3.13.tar.bz2
                      # cd wmi-1.3.13
                      # make

Open in new window

After the command make the compiler will compile the program, probably will have a dependency lib problem, usually you will need to download two libs, m4 and autoconf download and install the latest version available. After the installation the WMI plugin will be installed at /bin by the name of wmic, there is no man page for it so if you have doubts about the parameters use command wmic --h.

Ok, now you have the WMI plugin installed you must add the script that will call the wmic and pass the information to Cacti, wmic is the one responsible to connect to the Windows Server and use collect the data from WMI service. We don't need to create a plugin for that, another colleague already did it so you will use it.

Download the script from http://www.parkingdenied.com/download/8/

After downloading and unpacking the file, the folder 0.0.6.r101 will be created and inside it there will be 2 folders, templates and tools, and more 4 files including the file wmi.php, this file is the script that calls wmic and pass the data to Cacti. You must put the script into the Cacti script folder, usually by default located at /usr/share/cacti/site/scripts/.

Now you must import the templates into Cacti, the templates are located in the folder templates inside the folder extracted from the script file. In the folder there are templates for Windows, IIS, Exchange Server and SQL Server. The script uses a file to pass the authentication parameters to wmic, you'll need to create a file with following format
username=<your username>
password=<your password>
domain=<your domain or local group>
The file must have only these 3 lines and no spaces, and the user put in the username parameters must have administrative rights or must be insert into permission group /root/CIMV2 of the properties of WMI console at the server monitored. The file can created at anywhere but to better use and organization create it inside the folder /etc/cacti. To create the folder and set the permissions use the following commands
# mkdir -p /etc/cacti
                      # mkdir -p /var/log/cacti/wmi
                      # chown cacti:cacti /etc/cacti -R
                      # chown cacti:cacti /var/log/cacti/wmi -R
                      # chmod 700 /etc/cacti -R
                      # chmod 700 /var/log/cacti/wmi -R

Open in new window

After have created the folders, have set the permissions and put the rights files in the right places the templates can be imported.

At the Cacti web console administration go to the tab console and then at left column go to menu Import Templates and import the templates that you need. After importing go to the menu Data Templates under Templates and select the template recently imported, after this the template configuration page will be displayed, at this page you need add the name of the graph and insert the location of the credential file, in this box put the location that you created the authentication file at Cacti Server.

After all this you be able to generate graphs reports from Windows through Cacti under Linux.

The script used in this tutorial was created by Ross Fawcett http://www.parkingdenied.com and is distributed under the GPL license.
For more references about Cacti go to: http://forums.cacti.net
For more templates got to:
http://forums.cacti.net/about15067.html
http://www.debianhelp.co.uk/cactitemplates.htm
0
9,763 Views

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.