check-winservice - Nagios compatible check plugin for Windows services
check-winservice [ [ --service service[,service ...] ] ... ] [ [ --state state[,state ...] ] ... ] [ [ --startmode startmode[,startmode ...] ] ... ] [ --fingerprint [fingerprint] ] [--warning threshold] [--critical threshold] [--verbose] [--help]
check-winservice is a Nagios plugin to monitor services on the local Windows system. You can filter services based on name, state or start mode. Negation is also possible. check-winservice has also a service snapshot fingerprint capability which may help you to monitor changes on service configurations.
Specifies services you want to monitor. You can supply comma separated values as well as multiple --service options. In addition, you may exclude a service by prepending a ! (like !alerter). Optional. Defaults to all services.
Specifies service states you want to monitor. You can supply comma separated values as well as multiple --state options. In addition, you may negate a state by prepending a ! (like !running). Available state values (case insensitive):
- running
- stopped
- paused
- start pending
- stop pending
- continue pending
- pause pending
- unknownOptional. Defaults to all states.
Specifies service start modes you want to monitor. You can supply comma separated values as well as multiple --startmode options. In addition, you may negate a start mode by prepending a ! (like !auto). Available start mode values (case insensitive):
- auto
- manual
- disabled
- boot
- systemOptional. Defaults to all start modes.
Generates a service snapshot fingerprint for the selected set of services. A service snapshot fingerprint is simply an MD5 digest of a string consisting of concatenated values of following properties for each selected service:
- Name, DisplayName, PathName, ServiceType, Started, StartMode, StartName, State, Status, Descriptionprints the fingerprint if no parameter is specified. Otherwise it checks if the given fingerprint matches the current fingerprint for the selected services. Returns CRITICAL if it is a mismatch, OK otherwise. That way, you can get an indication about a possible unauthorized service configuration change.
Returns WARNING exit code if the selected number of services is above the threshold. Optional.
Returns CRITICAL exit code if the selected number of services is above the threshold. Optional.
Produces some output for debugging or to see individual values of samples. Multiple values are allowed.
Produces a help message.
check-winservice --startmode auto --state !running --critical 0Returns CRITICAL if there exists automatic services which are not running.
check-winservice --service TroubleMaker1,TroubleMaker2 --state running --critical 0Returns CRITICAL if services TroubleMaker1 or TroubleMaker2 are running.
check-winservice --critical 1 -startmode boot,system -service !BootA,!BootB,!SystemCReturns CRITICAL if there is at least one service except service BootA, BootB and SystemC, which is configured to start during boot or system phase.
check-winservice --warning 200 --critical 300Returns WARNING or CRITICAL if the number of defined services exceeds 200 or 300 respectively.
check-winservice --startmode !manual --service Manual1,Manual2 --service Manual3 --critical 0Returns CRITICAL if services Manual1, Manual2 or Manual3 are not configured to run manually.
check-winservice --fingerprint --state runningPrint the service snapshot fingerprint for running services.
check-winservice --fingerprint xxxxxxxxxxxxxxxxxxxxxxx --state runningReturns CRITICAL if the specified fingerprint xxxxxxx does not match the service snapshot fingerprint of running services
0 OK
1 WARNING
2 CRITICAL
3 UNKNOWNTevfik Karagulle http://www.itefix.no
This program is distributed under the Artistic License. http://www.opensource.org/licenses/artistic-license.php
Version 1.1, October 2011
- Bug fix: Improper combination of multiple negated elements in the generated WQL string.