爲什麼要使用Windows機器上的被動檢查而不是主動檢查?您可以使用PowerShell查詢事件日誌並將其發送到icinga2沒有問題...
喜歡的東西:
apply Service for (eventname => eventlog in host.vars.eventlog) {
import "generic-service"
check_command = "nsclient_windows"
vars.nrpe_command = "check_eventlog"
vars.nrpe_arguments = [ eventlog["eventid"], eventlog["msg"] ]
import "service-instructions"
assign where host.vars.hasEventLog == true
}
object CheckCommand "nsclient_windows" {
import "plugin-check-command"
command = [ PluginDir + "/check_nrpe" ]
arguments = {
"-H" = "$nrpe_address$"
"-p" = "$nrpe_port$"
"-c" = "$nrpe_command$"
"-n" = {
}
vars.hasEventLog = true
vars.eventlog ["EventLog_XXX"] = { eventid="XXX", msg="Added_user_to_local_group"}
希望它能幫助!