How to Configure Windows Server 2016 with Nagios
Nagios is one of the most widely deployed open-source monitoring platforms in enterprise environments. It provides comprehensive monitoring for servers, network devices, services, and applications, with a flexible plugin architecture that makes it highly extensible. Integrating Windows Server 2016 with Nagios gives your operations team real-time visibility into server health, with alerting for downtime, performance thresholds, and service failures. This guide covers the installation and configuration of the Nagios agent on Windows Server 2016 and the setup of monitoring checks on the Nagios server.
Understanding the Nagios Architecture for Windows
Nagios monitors Windows servers using one of two primary methods. The first method uses NSClient++ (NSClient plus plus), a lightweight agent installed on the Windows server that exposes monitoring data over the network. The second method uses passive checks via NSCA (Nagios Service Check Acceptor) where the Windows server sends check results to Nagios rather than Nagios polling the server. For most environments, the active check model using NSClient++ is recommended and is the focus of this guide.
NSClient++ communicates with Nagios using either the legacy NRPE protocol or the more modern NSClient protocol. It can also be queried using the check_nt plugin from older Nagios configurations. The current recommended approach uses the NSClient++ REST API or the check_nrpe plugin.
Installing NSClient++ on Windows Server 2016
Download the latest NSClient++ MSI installer from the official NSClient++ website or from the GitHub releases page. The installer is available as both a 32-bit and 64-bit package; use the 64-bit version for Windows Server 2016. Copy the installer to the Windows Server 2016 system and run it from an elevated command prompt or PowerShell:
msiexec /i NSCP-0.5.2.35-x64.msi /passive ADDLOCAL=ALL CONF_NRPESERVER=1 CONF_CHECKS=1 CONF_NSCLIENT=1 CONF_NSCA=0 CONF_WEB=1 NSCLIENT_PWD="YourSecurePassword" ALLOWED_HOSTS="192.168.1.50"Replace 192.168.1.50 with the IP address of your Nagios server and set a strong password for the NSClient++ password. The ALLOWED_HOSTS parameter restricts which servers are permitted to query this NSClient++ instance, which is an important security control.
After installation, the NSClient++ service should be running. Verify the service status:
Get-Service -Name "NSClientpp" | Select-Object Name, Status, StartTypeConfiguring NSClient++ for Monitoring
The NSClient++ configuration file is located at C:Program FilesNSClient++nsclient.ini. Open this file in a text editor to customize the monitoring configuration. Key sections to configure include the modules to load, the allowed hosts, and the checks to expose.
A minimal NSClient++ configuration for Windows Server 2016 monitoring looks like this. Edit the nsclient.ini file with these settings:
[/settings/default]
allowed hosts = 192.168.1.50
password = YourSecurePassword
[/modules]
CheckDisk = enabled
CheckEventLog = enabled
CheckExternalScripts = enabled
CheckHelpers = enabled
CheckNSCP = enabled
CheckSystem = enabled
CheckTaskSched = enabled
NRPEServer = enabled
NSClientServer = enabled
WEBServer = enabled
[/settings/NRPE/server]
port = 5666
use ssl = true
allow arguments = true
allow nasty characters = falseRestart the NSClient++ service after making configuration changes:
Restart-Service -Name "NSClientpp"Configuring the Nagios Server for Windows Monitoring
On the Nagios server (typically running on Linux), configure the Windows Server 2016 host and its associated service checks. Create a host definition file for the Windows server. On the Nagios server, create or edit a file such as /etc/nagios/conf.d/windows_servers.cfg:
define host {
use windows-server
host_name ws2016-prod01
alias Windows Server 2016 Production 01
address 192.168.1.100
max_check_attempts 3
check_period 24x7
notification_interval 30
notification_period 24x7
}
define service {
use generic-service
host_name ws2016-prod01
service_description CPU Load
check_command check_nt!CPULOAD!-l 5,80,90
}
define service {
use generic-service
host_name ws2016-prod01
service_description Memory Usage
check_command check_nt!MEMUSE!-w 80 -c 90
}
define service {
use generic-service
host_name ws2016-prod01
service_description C: Drive Space
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}
define service {
use generic-service
host_name ws2016-prod01
service_description Windows Services
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
}Using NRPE for Advanced Checks
For more sophisticated monitoring beyond the basic check_nt checks, use the NRPE protocol with NSClient++. Install the check_nrpe plugin on the Nagios server if not already present. Then configure check commands that use NRPE to run checks on the Windows server:
define command {
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -p 5666 -c $ARG1$ -a $ARG2$
}
define service {
use generic-service
host_name ws2016-prod01
service_description Event Log Errors
check_command check_nrpe!check_eventlog!file=application maxWarn=0 maxCrit=10 filter=level='error'
}Configuring Firewall Rules for Nagios Monitoring
Windows Server 2016 firewall must allow inbound connections from the Nagios server on the NSClient++ and NRPE ports. Create the required firewall rules using PowerShell:
New-NetFirewallRule -DisplayName "Nagios NSClient" -Direction Inbound -Protocol TCP -LocalPort 12489 -RemoteAddress 192.168.1.50 -Action Allow
New-NetFirewallRule -DisplayName "Nagios NRPE" -Direction Inbound -Protocol TCP -LocalPort 5666 -RemoteAddress 192.168.1.50 -Action Allow
New-NetFirewallRule -DisplayName "Nagios NSClient Web" -Direction Inbound -Protocol TCP -LocalPort 8443 -RemoteAddress 192.168.1.50 -Action AllowAfter configuring the firewall rules, reload Nagios on the monitoring server and verify that the Windows Server 2016 host and services appear correctly in the Nagios web interface. Test each check manually using the Nagios web UI’s “Re-schedule the next check” option or from the command line using check_nrpe to confirm data is being collected successfully.
