Version 13 (modified by san, 3 years ago) (diff)

--

TracNav

Feel free to add your own real-world configurations and such here.

For instance if you have a check to see if a specific application is working, let others know how you did it...

Automatic Push Scripts

I'm running a smallish enviroment where I have deployed NSClient to roughly 40 servers. I've found that pushing changes to all the servers is very very painful. To resolve this I've created a couple of cmd files which automate this process. In our enviroment this process is scheduled to run at 1am.

Additional logic could be added to this system so that NSClient is only reinstalled when changes to source files are detected.

Note: This solution opens several vulenerabilites and should only be employed on trusted networks. Use at your own risk.

Setup

  • On your file server create a share called \Daily_Install

Child folder setup: 

\Daily_Install
\Daily_Install\NSClient_Latest
\Daily_Install\NSClient_Latest\Modules
  • Create a dedicated user who only has access to this location via the share, and folders security permissions
  • Create and install the scripts below

Daily Install

Create this script and have it scheduled to run at a particular time. Use a system account which is limited to access the source files... this should reduce the hack-ability.

You'll need to assign a specific user and password to run this script. 

 @echo off
 echo map drive
 net use i: \\fileserver\Daily_Install /persistent:no
 I:
 echo.
 echo Install NSClient++
 call "i:\NSClient_Latest\Install_NSClient.cmd"
 c:
 echo.
 echo Unmap drive
 net use i: /DELETE

Install_NSClient.cmd

Create this script and place into \NSClient_Latest 

 @echo off
 cd \NSClient_Latest
 if not exist %WINDIR%\system32\NSClient_Latest\NSClient++.exe goto skip01
 echo removing old version
 %WINDIR%\system32\NSClient_Latest\NSClient++ /uninstall
 rmdir /s /q %WINDIR%\system32\NSClient_Latest
 :skip01
 echo.
 echo installing latest version
 mkdir %WINDIR%\system32\NSClient_Latest
 %WINDIR%\system32\NSClient_Latest\modules
 copy "*" "%WINDIR%\system32\NSClient_Latest"
 copy "modules" "%WINDIR%\system32\NSClient_Latest\modules"
 if exist %COMPUTERNAME%.ini copy "%COMPUTERNAME%.ini" "%WINDIR%\system32\NSClient_Latest\NSC.ini"
 %WINDIR%\system32\NSClient_Latest\NSClient++ /install
 %WINDIR%\system32\NSClient_Latest\NSClient++ /start
 cd \

Computer Specific INI Files

If you want to setup a special INI file for a computer, then copy the NSC.ini and call it <machine name>.ini, then include this file in the \Daily_Install\NSClient_Latest dir.

The install script will apply this special INI file to the specific machine at run-time.

Pushing WMI information via client VBS script

From: san
Date: 20100310
Objective: Push WMI information from client to NAGIOS server (nsca running on NAGIOS server).
Thought as a workaround for http://nsclient.org/nscp/ticket/197 - obviously this can be expanded.

Requires:

  • Changes to NSC.ini on client
  • VBS script on client
  • NSCA server on receiving NAGIOS server

nagios_vbs-antivirusuptodate2.vbs

Create this script and place into "PATHTONSCA++\scripts" on the client. Please excuse the horrible code. 

Const wbemFlagReturnImmediately = &h10
Const wbemFlagForwardOnly = &h20
strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\SecurityCenter")
Set colItems = objWMIService.ExecQuery("SELECT * FROM antivirusProduct", "WQL", _
    wbemFlagReturnImmediately + wbemFlagForwardOnly)

For Each objItem In colItems
	If objItem.OnAccessScanningEnabled = True Then
		myOnAccessScanningEnabled = "true"
		myMsg = 1
	End If
	If objItem.productUptoDate = True Then
		myProductUptoDate = "true"
		myMsg = myMsg+1
	End If
Next 

If myOnAccessScanningEnabled = "true" AND myProductUptoDate = "true" Then
	myExit = 0
	WScript.Echo "OK: OnAccessScanningEnabled - "& myOnAccessScanningEnabled &", productUptoDate - "& myProductUptoDate
ElseIf myOnAccessScanningEnabled = "" OR myProductUptoDate = "" Then
	WScript.Echo "WARNING: OnAccessScanningEnabled - "& myOnAccessScanningEnabled  & _
		", productUptoDate - "& myProductUptoDate
	myExit = 1 'WARNING
Else 
	WScript.Echo "ERROR: OnAccessScanningEnabled - "& myOnAccessScanningEnabled  & _
		", productUptoDate - "& myProductUptoDate
	myExit = 2 'ERROR
End If
wscript.quit(myExit)

NSC.ini

[modules]
CheckExternalScripts.dll
...
[External Scripts]
allow_nasty_meta_chars=1
script_win-antivirus = c:\WINDOWS\SYSTEM32\cscript.exe //T:10 //NoLogo scripts\nagios_vbs-antivirusuptodate2.vbs
...
[NSCA Commands]
check_win-antivirus = script_win-antivirus ShowAll
...