Windows Server 2003 Baselining Linux Cacti

Original Article HERE

When trying to diagnose problems with any system one of the first steps should be to looks at differences between the current running values and the baseline for that system. The windows performance monitor exposes many counters that are useful, and the output can be logged to various output formats like CSV, and even SQL databases.

Making this data easier to read makes it a lot more useful. The method discussed here will help to get any windows performance monitor counter data into a system that can easily graphically display the data.

Cacti is an open source application that makes use of RRD (round-robin database). RRD stores time series data in a format that enables it to keep several views of the data without a growing footprint from the log data. Once the system is setup the database size should not change. MRTG is a commonly used application that makes use or RRD for storeing it’s data and uses it’s graphical tools to make charts. Cacti is another system that uses RRD, but offers a much more user friendly way of setting up and viewing the counters.

Installation

  1. Install the rPath Cacti appliance (I assume that you already know how to do that)
  2. Login to the console with username root, no password
  3. use the passwd command to set a real password for root (you can now login via ssh if you prefer)
  4. Download the linux scripts to access the windows client data
    1. cd /srv/cacti/scripts
    2. wget http://s3.golfballs.com/linux/cacti/check_nt
    3. wget http://s3.golfballs.com/linux/cacti/check_nt_wrapper.pl
    4. chmod 755 check_nt
    5. modify the check_nt_wrapper.pl password variable to be some new password that you will use on your clients
  5. Install the windows service
    1. download the NS Client service http://s3.golfballs.com/linux/cacti/WindowsNSClient.zip
    2. unzup the contents into a nsclient folder under program files
    3. use the command pNSClient /install to install the service
    4. start the client by going to window services and look for “Nagios Agent” and start that process : Note on some of my windows server 2003 services I was prompted to allow this service to run. If the process doesn’t start check to see if you missed that popup.
    5. Set the client password in the registry by using regedit, and navigating to the HKEY_LOCAL_MACHINE\SOFTWARE\NSClient\Params and entering a value in the password key
  6. Login to the cacti web interface of the rpath machine using the username and password of admin / admin
  7. on the left menu select “Import Templates” and import the following template http://s3.golfballs.com/linux/cacti/cacti_host_template_windows_2003_host.xml

Configuration

  1. Under Management / Devices you can add a new device or host
    1. Description is a friendly name for the server that will be used on the graphs
    2. Hostname is the ip or name of the computer to connect to
    3. If you remove “public” from the SNMP community if will not try to use SNMP to connect to the host
    4. If you use the Host Template for Windows it will create a group of all counters, so I usually manualy add the ones I want for each system, but you could make a template for all of your SQL servers, one for application servers and so on
  2. Time to create some graphs
    1. After Creating the device, you can click it’s name to take you to the device management screen.
    2. Under “Associated Graph Templates” you can select a pre-defined graph.
    3. If you select a template like Disk Usage you will be prompted later to specify what disk you want to monitor.
    4. Once you have a list of graphs you can click “New Graphs” on the left hand menu, Select your host, then create the graphs.

After these steps, cacti will start to gather information every 5 minutes. you will want to modify the graph tree to add your new hosts and probably format them by type and location or both (since you can list the same host in multiple nodes.)

The perl script used in this post were adapted from this cacti forum post

The windows host template was also provided from that post with minor changes to fit the perl changes.

Bad Behavior has blocked 162 access attempts in the last 7 days.