<< The Internet's Dirty Little Secret(s) | Home | Retreat! Let's call this one v2.5? >>

MRTG and WMI

When we last left our hero MRTG, he was doing simple SNMP Gets and spitting out some fairly basic graphs.  While this is terribly useful already, MRTG (and sidekick Routers2.cgi) is capable of much more.  In this installment of the MRTG article series, I will be demonstrating how to tap into the power of WMI to further enhance your MRTG experience.

For the purposes of this article, I will be assuming that you have a working MRTG system already running.  If you need help with that, please see the previous article in this series: Installing MRTG on a Windows Platform.

Using WMI with MRTG:

WMI, for those who are unfamiliar with it, is Windows Management Instrumentation.  It is a capability of every Microsoft operating system since NT version 4, and is enabled by default on all current operating systems.  Unlike SNMP, which is “secured” in a disastrous manner (simple community passwords which are sent in the clear), WMI harnesses the built-in authentication methods of the operating system and is much more secure.  You can also pull metrics from many more objects using WMI than is possible on SNMP.  And if that wasn't enough already, Microsoft makes available an SNMP provider for WMI, which allows you to pull SNMP information through the WMI interface.  (For more information on WMI, please have a look at Microsoft's WMI site)

But WMI isn't used just to instrument the operating system, no.  All Microsoft enterprise-class products expose metrics to the WMI providers, enabling application-level metrics to be graphed.  You want to know how many connections your SQL server is currently hosting?  WMI can tell you.  You want to know how many files have been downloaded from your FTP site in the past 24 hours?  WMI can tell you.  You want to know how many errors your web site is encountering?  You got it, ask WMI.

Enough talk, let's see it in action, eh?

MRTG is not capable of fetching WMI information directly, so it will be necessary to write a short script for the metric you are interested in graphing.  (I will be providing a number of useful scripts during the course of this demonstration, and they can all be found in a zipped collection at the end of this article.)

Let's start with a simple one:  Processor Load.

Consider the following script (I put a .txt extension on it for ease of use): procLoad.vbs

This is quite a simple script.  All it does is take the machine name provided on the command line and fetch the current processor load.  Note the Impersonate directive; you must make sure the account you are using to start your CRON service on the MRTG system has permission to run WMI queries on the TARGET system.  If Cron doesn't have permission to query WMI on the target system, MRTG will not get any data to graph.  Remember, WMI relies on OS security.

Open a command window and give the script a shot to ensure it can pull data from the target system.  On a command line, simply run

cscript procload.vbs machine_name

You will want to fix any errors before proceeding.

Now that we have our script working (right?), let's look at what needs to change in our MRTG config file.  Remember, previously we fetched processor usage on a Windows system with the following line in our .cfg file:

Target[CPU]: .1.3.6.1.4.1.311.1.1.3.1.1.2.1.3.1.48&.1.3.6.1.4.1.311.1.1.3.1.1.2.1.3.1.48:public@machine_name

With WMI, the Target line changes to:

Target[CPU]: `cscript //nologo \VBScripts\procLoad.vbs machine_name`

Note that we have specified the location where cscript.exe can find the vbs script, and we have also wrapped the whole command in single quotes.  Both of these are important.

Save the cfg file and you're finished.  How easy was that?

If you want to get fancy, you can even pull data from 2 different machines in a script.  Let's say you had a webfarm, for instance, with 2 servers sharing the load.  In order to see how many ASP sessions were active on both machines, you would have a script similar to the one I lovingly call aspsessions.vbs.  And then your target line in the MRTG cfg file would look like:

Target[ASPSessions]: `cscript //nologo \VBScripts\aspsessions.vbs machine1 machine2`

Done and done!

“Dang, Beau, that *was* easy!” I hear you saying, “But how do I know what can be queried in WMI, and what all the objects are called?”  Fret not, gentle reader, for the heroes at Microsoft's Script Center have delivered unto us a miracle called the “Scriptomatic”.  The Scriptomatic, when executed on the target system, will display all WMI objects that can be queried on the system, including any application-specific providers.  Note that it MUST be run on the system you are expecting to monitor to get a complete list of objects for that system.  But don't worry, the Scriptomatic is only a single file, and doesn't need to be installed or registered or anything.  Just run it.

I have just scratched the surface of what is possible when you combine WMI and MRTG together.  I hope this article has encouraged you to explore the capabilities of WMI further, and discover all the useful information it now exposes.

Here are some additional scripts you can play with:

Memory Usage
Current HTTP Users
Current Disk Queue Length
Current Disk Usage
Current SQL Connections

All Scripts plus Scriptomatic (zipped)

 

Print | posted @ Sunday, January 25, 2009 1:39 AM

Comments on this entry:

Gravatar # re: MRTG and WMI
by Pål Sletsjøe at 6/11/2004 1:30 AM
Great article, could you also post the mrtg.cfg file used for this? I`m having trouble graphing SQL connections.
  
Gravatar # re: MRTG and WMI
by Beau at 6/11/2004 10:17 PM
Give this a shot:

http://bmonday.com/archive/2004/06/11/804.aspx

Hope that helps!
Beau
  
Gravatar # re: MRTG and WMI
by Pål Sletsjøe at 6/17/2004 2:11 AM
Works nice, thank you!
  
Gravatar # re: MRTG and WMI
by Dan Foxley at 7/1/2004 5:53 PM
Where should the VBS directory be placed?
  
Gravatar # re: MRTG and WMI
by Dan Foxley at 7/1/2004 8:31 PM
Seems the procLoad.vbs reports 32% no matter the load, anything i'm missing? I've flipped the # just in case I was getting the 101 reading. Are the statitiscs updated in the RRD files, do the RRD files grow in size?
  
Gravatar # re: MRTG and WMI
by Dan Foxley at 7/2/2004 8:53 AM
All of the WMI scripts give a value of 32%. Any suggestions?
  
Gravatar # re: MRTG and WMI
by Beau at 7/2/2004 9:37 AM
Dan, drop me an email so we can talk. beaumonday@qwest.net. The location of the vbscripts dir is not important, so long as you indicate the full path in your MRTG config files. The RRD files should stay a constant size (65k, I believe). What happens when you run the VBScripts manually? Thanks.
  
Gravatar # re: MRTG and WMI
by Nav at 7/16/2004 8:25 AM
Can you please provide me the full cfg file for MRTG with WMI as presently i am only monitoring network interfaces with MRTG, but i want to monitor windows 2000 servers also. Thanks
  
Gravatar # re: MRTG and WMI
by robert at 11/24/2004 12:28 PM
hi,

MRTG is great but im starting this and copied the files from the MS site but the WMI lantraffic.vbs won't seam to work. all the other file above. will work see my graf.

' Run this script at the command prompt by typing
' cscript lanTraffic.vbs

set oSvc = GetObject("winmgmts:root\cimv2")

wqlQuery = "select BytesReceivedPersec,BytesSentPersec,PacketsReceivedPersec,PacketsSentPersec from Win32_PerfRawData_Tcpip_NetworkInterface where Name = 'Realtek-RTL8139-Family-PCI-Fast-Ethernet-NIC'"

for each oData in oSvc.ExecQuery(wqlQuery)
for each oProperty in oData.Properties_
if oProperty.Name = "BytesReceivedPersec" then
bytesReceived = oProperty.Value
elseif oProperty.Name = "BytesSentPersec" then
bytesSent = oProperty.Value
end if
next
next

wscript.echo bytesReceived
wscript.echo bytesSent

wscript.echo Date() & " " & Time()

wscript.echo "Bytes Received"
wscript.echo "Bytes Sent"
every time i run this there will be no info available.

thnx,

robert
  
Gravatar # re: MRTG and WMI
by Karl Davidson at 1/14/2005 5:08 PM
Maybe I am missing something here.

My mrtg.log shows this message whenever it updates.

2005-01-14 17:06:21 -- WARNING: Problem with External get 'cscript //nologo procLoad.vbs 10.28.4.16':
Expected a Number for 'out' but nothing'

2005-01-14 17:06:21 -- ERROR: Target[boasfo6-cpu][_OUT_] ' $$target[1]{$mode} ' did not eval into defined data

I have my procload.vbs file right in my c:\mrtg\mrtg\bin directory where my confs are for testing purposes.

My conf for that host reads:

Target[BOASFO6-CPU]: `cscript //nologo procLoad.vbs 10.28.4.16`
  
Gravatar # re: MRTG and WMI
by Karl Davidson at 1/14/2005 5:09 PM
karldavidson@ g m a i l .com
  
Gravatar # re: MRTG and WMI
by Rus at 5/16/2005 3:11 PM
The article is very helpful, but I am still having trouble with my mrtg.cfg file...(I'm new to all this!)

I'm trying to get MRTG to graph the CPU load, without much luck. Can someone please post the full mrtg.cfg file required to do this?

Thanks!
  
Gravatar # re: MRTG and WMI
by Emmett Keyser at 9/30/2005 10:15 AM
regarding the comment about 'Expected a Number for 'out' but nothing' - I get this message when I poll a machine with only one proc. Basically the script only produces one figure but mrtg is expecting two. This may or may not be the case with you.

For informational purposes I'll post a snippet of mrtg.cfg for the procload I'm using.

________

#
# Windows Processor Utilization (WMI) ******
#

Unscaled[******.wmi.processorLoad]: ymwd
YLegend[******.wmi.processorLoad]: % Utilization
Options[******.wmi.processorLoad]: growright,gauge
Target[******.wmi.processorLoad]: `cscript //nologo \VBScripts\procLoad.vbs ******`
MaxBytes[******.wmi.processorLoad]: 100
Title[******.wmi.processorLoad]: ******.hf.local: NT Processor Load
ShortLegend[******.wmi.processorLoad]: %
Legend1[******.wmi.processorLoad]: Proc #1 Load in next minute
Legend2[******.wmi.processorLoad]: Proc #2 Load in next minute N/A
Legend3[******.wmi.processorLoad]: Maximal 5 Minute Proc #1 Load
Legend4[******.wmi.processorLoad]: Maximal 5 Minute Proc #2 Load N/A
LegendI[******.wmi.processorLoad]: &nbsp;Load Proc #1:
LegendO[******.wmi.processorLoad]: &nbsp;Load Proc #2 N/A:
PageTop[******.wmi.processorLoad]: <H1>Processor Utilization</H1>
<TABLE>
<TR><TD>System:</TD> <TD>********** in SF</TD></TR>
<TR><TD>WMI Script:</TD> <TD>C:\>cscript procLoad.vbs</TD></TR>
<TR><TD>Via WMIC:</TD> <TD>C:\>wmic cpu get LoadPercentage</TD></TR>
</TABLE>

________

I've been using WMI for about half a year and it works great. Hope this info helps someone out.
  
Gravatar # re: MRTG and WMI
by Dan at 12/7/2005 12:45 PM
This is good stuff.

What if my mrtg is running on a Unix box? is there a way to pass windows credentials to the script?
  
Gravatar # re: MRTG and WMI
by Dingo Xu at 1/23/2007 1:35 AM
I had the same question with Karl Davidson ,I didn't known this reason,Thanks a lot
  
Gravatar # re: MRTG and WMI
by Dingo Xu at 1/23/2007 1:36 AM
My Email & MSN :Dingo21th@Y a h o o.com.cn
  

Your comment:

Title:
Name:
Email:
Website:
 
Italic Underline Blockquote Hyperlink
 
 
Please add 1 and 6 and type the answer here: