Before you can monitor Windows devices with Zenoss, you must ensure that:
DCOM is enabled for WMI connections
SNMP agent is enabled
If your system is running Windows Vista, for example, follow these steps to see if the SNMP agent is enabled:
From the Start menu list, right-click Computer, and then select Manage from the list of options.
From the Computer Management panel navigation area, expand Services and Applications, and then select Services.
The Services list appears.
Locate the listing for SNMP Service. If it does not show a status of "Started," then click Start (the service).
If SNMP Service does not appear in the list, then you may have to enable the SNMP feature (from the "Turn Windows features on and off" selection in the Control Panel).
Optionally, you can use SNMP InformantTM to collect CPU, memory, and disk I/O statistics. SNMP Informant agents collect information from Windows devices via WMI on the server where they are installed, and then convert system, state, and operational data into SNMP OIDs for broadcast. Zenoss can then process the SNMP OID information and generate events and alerts based on this information. See the section titled Monitoring Windows Performance with SNMP Informant (in this chapter) for more information.
If you are using Zenoss Enterprise, SNMP Informant is not needed (its functionality is included in these versions).
You must set the following zProperties to collect information from Windows servers. In Zenoss, navigate to the zProperties for each device, and then set the appropriate values for:
zWmiMonitorIgnore - Tuns on or off all WMI monitoring. Set the value of Ignore to False to turn on Windows monitoring.
Zenoss recommends that you set this zProperty at the Server/Windows class level, so that any device placed in this class has Windows monitoring automatically enabled.
zWinUser - Must be set as the local admin. The format for zWinUser is:
.\Username - The format to use when the account is a local account.
DOMAIN\Username - The format for a Domain account.
zWinPassword - Enter the password used to remotely log in to the Windows machine.
Follow these steps to test the WMI connections on the Windows server:
Run wbemtest.
Click “Connect…”
In the Namespace field, enter:
\\HOST\root\cimv2
Enter login information in the User and Password fields.
Click Query.
Enter “select * from win32_service” to return a dialog with a list of services on the device.
Zenoss can gather additional, detailed OS and hardware information from Windows devices if you have these agents installed on your Windows device:
Dell Open Manage Agent
HP Insight Management Agent
Zenoss uses ZenWin to perform Windows Service Monitoring over WMI. ZenWin monitors the up and down availability of Windows services.
The WinServiceMap WMI plugin is included in zCollectorPlugins on the /Server/Windows device class. WinServiceMap retrieves all services that can be monitored on a device, regardless of whether it is up or down.
Windows services are (by default) not monitored. To monitor a specific Windows service, follow these steps:
In Zenoss, navigate to the Windows device, and then click the OS tab.
Click the service you want to monitor, and then set the vale of monitor to True.
If you do not see the service you want to monitor in the list, then you can add it. Select Add WinService from the WinServices table menu.
Zenoss uses ZenEventlog to collect WMI event log events. Enable the following zProperties to define how Windows event log events are processed and monitored:
zWinEventLog - Tells Zenoss whether or not to read the event log into the system.
zWinEventLogMinSeverity - Sets the minimum severity to collect from the Windows event log. The lowest number indicates the highest severity (1 is the most severe; 5 is least severe).
Zenoss can use information from SNMP Informant to collect SNMP information from Windows devices.
Install the free version of SNMP Informant from this location:
To make sure SNMP Informant is running and set up correctly, run this command to walk the SNMP Informant MIB:
snmpwalk -v1 -c<community> <server> 1.3.6.1.4.1.9600
This command will return some performance information if SNMP Informant is configured and running correctly.
Once this is configured properly, Zenoss gathers and uses SNMP information the same as any other device sending SNMP traps.
You can use winexe commands to run commands on monitored Windows servers from within Zenoss.
Usage:
$ZENHOME/bin/winexe [options] //host [command]
Options | Use |
---|---|
--uninstall | Uninstall winexe service after remote execution. |
--reinstall | Reinstall winexe service before remote execution. |
--system | Use SYSTEM account. |
--runas=[DOMAIN\]USERNAME%PASSWORD | Run as user (IMPORTANT! password is sent in cleartext over net). |
Help Options | Use |
---|---|
-?, --help | Show this help message. |
--usage | Display brief usage message. |
Common samba options | Use |
---|---|
-d, --debuglevel=DEBUGLEVEL | Set debug level. |
--debug-stderr | Send debug output to STDERR. |
-s, --configfile=CONFIGFILE | Use alternative configuration file. |
--option=name=value | Set smb.conf option from command line. |
-l, --log-basename=LOGFILEBASE | Basename for log/debug files. |
--leak-report | enable talloc leak reporting on exit. |
--leak-report-full | enable full talloc leak reporting on exit. |
-V, --version | Print version. |
Connection Options | Use |
---|---|
-R, --name-resolve=NAME-RESOLVE-ORDER | Use these name resolution services only. |
-O, --socket-options=SOCKETOPTIONS | Socket options to use. |
-n, --netbiosname=NETBIOSNAME | Primary netbios name. |
-W, --workgroup=WORKGROUP | Set the workgroup name. |
--realm=REALM | Set the realm name. |
-i, --scope=SCOPE | Use this Netbios scope. |
-m, --maxprotocol=MAXPROTOCOL | Set max protocol level. |
Authentication Options | Use |
---|---|
-U, --user=[DOMAIN\]USERNAME[%PASSWORD] | Set the network user name. |
-N, --no-pass | Do not ask for a password. |
--password=STRING | Password |
-A, --authentication-file=FILE | Get the credentials from a file. |
-S, --signing=on|off|required | Set the client signing state. |
-P, --machine-pass | Use stored machine account password (implies -k). |
--simple-bind-dn=STRING | DN to use for a simple bind. |
-k, --kerberos=STRING | Use Kerberos. |
--use-security-mechanisms=STRING | Restricted list of authentication mechanisms available for use with this authentication. |