I wanted to have Nagios monitor the status of McAfee Virus-Scan
on our servers. I wanted to ensure that I knew of any installations where the
Agent, Virus-Scan, Engine or DATs were not at a version that they should be.
To that end I decided to write a bit of PowerShell code to
use in conjunction with NSClient++ that we use for monitoring our Windows
servers.
You can download the PowerShell script from GitHub here:-
Put the downloaded script into your scripts folder in your
NSClient++ installation location... e.g.:-
“C:\Program Files\NSClient++\scripts”
The PowerShell script will check registry keys for McAfee
based on the following parameters which need to be supplied:-
-AgentVersion
-VScanVersion
-EngineVersion
-WarnDays
-CritDays
If the values of the supplied parameters do not match then a
Warning or Critical level will be raised back to Nagios.
To execute from within NSClient++ the following should be in
the NSClient++.ini file:-
[NRPE Handlers]
check_mcafee_status = cmd /c echo
scripts\Check_McAfee_Status.ps1 -AgentVersion 5.0.4.283 -VScanVersion 8.8.0.1599
-EngineVersion 5800.7501 -WarnDays 2 -CritDays 5; exit($lastexitcode) | powershell.exe -command –
The bold numbers above should be changed to match your
requirements.
On the check_nrpe command include the -t 60, since it can
take longer than the standard 10 seconds to run.
I have tested this with the following x86 & x64 versions
of NSClient++ version 0.4.4.16
NSClient++ version 0.5.0.62 on the below Operating Systems.
Windows Server 2003
Windows Server 2003 R2
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
No comments:
New comments are not allowed.