| Version 4 (modified by anonymous, 6 years ago) (diff) |
|---|
TracNav
Modules
- overview
Checks and commands
- overview
CauseCrashes...
CheckNSCP...
CheckDisk...
CheckLogFile...
CheckEventLog...
CheckSystem...
CheckHelpers...
CheckTaskSched...
CheckTaskSched2...
CheckWMI
Scripting Languages?...
Servers and protocols?...
Utilities and tools?...
Documentation...
Guides...
Information...
Sponsoring...
Donate...
CheckWMI
CheckWMI is part of the wiki:CheckWMI module.
New version that is *a lot* more usefull (i hope). It is still alpha need to do more testing but I would like to get some initialö feedback on the syntax and such. Also feel free to try it out and report bugs to me (might wanna keep track of memory and such as I have not done so myself yet)
The syntax for this is Similar to CheckEventLog but simpliefied in regards to syntax so I hope it shall be easier to use and udnerstand.
This check enumerates all rows returned from your query filtering results and check the count against a set war and crit threshold. If you want to check a value there will soon be a separet check for that. This is designed to find "anomalies" in result-sets.
| Option | Values | Description |
| filter | any, all | Specify the way you want to filter things. (See section below) Not yet implemented (default is all) |
| truncate | length of the returned set | This will truncate the output after the specified length. As NRPE can only handle 1024 chars you need to truncate the output. |
| MaxWarn | number of records | The maximum records to allow before reporting a warning state. |
| MaxCrit | number of records | The maximum records to allow before reporting a critical state. |
| <mode>filter-<type>:<Column> | <filter value> | A number of strings to use for filtering the event log |
Filters
Capturing result entries (or discarding them) are done with filters. There are three kinds of filters.
- positive requirments (+) All these filters must match or the row is discarded.
- negative requriments (-) None of these filters can match (if any do the row is discarded).
- normal matches (.) If this matches the line is included.
The syntax of the filter is: <mode>filter-<type>:<Column>=<expression>
Filter <Mode>s
| <mode> | title | description |
| + | required filter | If you miss this filter the line is discarded |
| . | normal filter | If a hit the line is included |
| - | negative filter | If a line hits this it is discarded |
Filter <Type>s
| <type> | Value | Description |
| string | string expression? | Match the column againast a string expression |
| numeric | numeric expression? | Match the column againast a numeric expression |
Filter <Columns>s
A Column (if specified) will make the filter woirk againast a specific column in the result set.
string expression
A string expression is a key followed by a string that specifies a string expression. Currently substr and regexp are supported. Thus you enter filter.message=regexp:(foo|bar) to enter a regular expression and filter-message=substr:foo to enter a substring patter match.
Examples
Check to see if there is 2 CPUs present (or cores)
CheckWMI MaxCrit=3 MinWarn=1 "Query:load=Select * from win32_Processor"
Check to see that no CPU has less then 2.66GHz frequency
CheckWMI MinCrit=1 MinWarn=1 "Query:load=Select CurrentClockSpeed from win32_Processor" +filter-numeric:CurrentClockSpeed=<2659
(I know these are not very usefull, but hopefully they will give you an idea how to do things, there a *a lot* of things to check via the WMI so you ought to be able to do most things you want.)
