How to Configure Windows Server 2019 with Nagios
Nagios is a widely-used open-source infrastructure monitoring platform that can monitor Windows Server 2019 hosts for availability, performance, and service health. Integration is achieved through the NSClient++ agent installed on Windows servers, which responds to Nagios check commands over NRPE (Nagios Remote Plugin Executor) or NSCP protocol. This guide covers installing and configuring NSClient++ on Windows Server 2019, defining host and service checks in Nagios, and setting up alerting.
Architecture Overview
The monitoring architecture consists of a Nagios Core or Nagios XI server on Linux, and NSClient++ agents deployed on each Windows Server 2019 host. Nagios sends check requests to the agent over TCP port 5666 (NRPE) or 12489 (NSCP). The agent executes local checks and returns status codes: 0 = OK, 1 = WARNING, 2 = CRITICAL, 3 = UNKNOWN. Alternatively, passive checks can be used where the agent pushes results to Nagios via NSCA.
Installing NSClient++ on Windows Server 2019
# Download NSClient++ (example for version 0.5.2.35)
Invoke-WebRequest -Uri "https://github.com/mickem/nscp/releases/download/0.5.2.35/NSCP-0.5.2.35-x64.msi" `
-OutFile "C:TempNSCP.msi"
# Install silently with default settings
msiexec /i C:TempNSCP.msi /quiet ALLOWED_HOSTS=192.168.1.100 CONF_NRPE=1 CONF_WEB=0 NRPE_PORT=5666
# Or install via command line with all monitoring modules
msiexec /i C:TempNSCP.msi /quiet `
ALLOWED_HOSTS=192.168.1.100,192.168.1.101 `
CONF_NRPE=1 `
CONF_CHECKS=1 `
CONF_NSCLIENT=1 `
CONF_SCHEDULER=0 `
CONF_WEB=0Configuring NSClient++ (nsclient.ini)
The main configuration file is located at C:Program FilesNSClient++nsclient.ini. Configure it for your Nagios server:
[/settings/default]
; Allow connections from Nagios server(s)
allowed hosts = 192.168.1.100, 192.168.1.101
; Password for authentication (use same in Nagios config)
password = YourStrongNagiosPassword
[/modules]
; Enable NRPE server module
NRPEServer = enabled
CheckSystem = enabled
CheckDisk = enabled
CheckEventLog = enabled
CheckHelpers = enabled
CheckExternalScripts = enabled
[/settings/NRPE/server]
port = 5666
use ssl = true
allow arguments = true
allow nasty characters = false
[/settings/system/windows/checks/cpu]
time = 5m
time = 1h
warning = 80
critical = 90
[/settings/system/windows/checks/memory]
warning = 80
critical = 90Restart the NSClient++ service after editing:
Restart-Service -Name nscp
Get-Service -Name nscp | Select-Object Name, StatusConfiguring Windows Firewall for NSClient++
# Allow NRPE port through Windows Firewall
New-NetFirewallRule `
-Name "NSClient-NRPE" `
-DisplayName "NSClient++ NRPE" `
-Direction Inbound `
-Protocol TCP `
-LocalPort 5666 `
-RemoteAddress 192.168.1.100,192.168.1.101 `
-Action Allow `
-Profile Domain,Private
# Verify the rule
Get-NetFirewallRule -Name "NSClient-NRPE" | Select-Object Name, Enabled, DirectionDefining Nagios Host and Service Checks
On the Nagios server, define the Windows host and service checks. Create a configuration file at /etc/nagios/conf.d/windows_server_2019.cfg:
define host {
use windows-server
host_name ws2019-prod-01
alias Windows Server 2019 Production
address 192.168.1.200
check_command check-host-alive
max_check_attempts 3
check_interval 5
retry_interval 1
check_period 24x7
notification_interval 60
notification_period 24x7
contact_groups admins
}
define service {
use generic-service
host_name ws2019-prod-01
service_description CPU Load
check_command check_nrpe!check_cpu!-a "warning=80 critical=90 time=5m"
check_interval 5
retry_interval 2
max_check_attempts 4
}
define service {
use generic-service
host_name ws2019-prod-01
service_description Memory Usage
check_command check_nrpe!check_memory!-a "warning=80 critical=90"
}
define service {
use generic-service
host_name ws2019-prod-01
service_description Disk C:
check_command check_nrpe!check_drivesize!-a "drive=c: warning=80 critical=90"
}
define service {
use generic-service
host_name ws2019-prod-01
service_description Windows Services
check_command check_nrpe!check_service!-a "service=W32Time warn_if=stopped crit_if=stopped"
}Monitoring Windows Event Logs via NSClient++
# In nsclient.ini - monitor Application event log for errors
[/settings/eventlog/real-time/filters/app-errors]
log = Application
filter = level in ('error','critical')
severity = error
maximum age = 5m
ok message = No errors in Application logOn the Nagios side, add the event log check:
define service {
use generic-service
host_name ws2019-prod-01
service_description Application Event Log Errors
check_command check_nrpe!check_eventlog!-a "log=Application file=eventlog.db warn_if=error crit_if=critical"
check_interval 5
}Setting Up Email Alerting in Nagios
# /etc/nagios/conf.d/contacts.cfg
define contact {
contact_name server-admin
alias Server Administrator
email [email protected]
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r,f,s
host_notification_options d,u,r,f,s
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
}
define contactgroup {
contactgroup_name admins
alias Nagios Administrators
members server-admin
}After defining all configuration files, validate the Nagios configuration and reload:
/usr/sbin/nagios -v /etc/nagios/nagios.cfg
systemctl reload nagiosUse Nagios’s built-in reporting features to generate availability reports for Windows Server 2019 hosts, showing uptime percentages and incident history. These reports are valuable for SLA documentation and capacity planning discussions with management.
