Ad Widget

**Tenzer** · 26-02-2008, 16:18

What would you like to monitor?
That the service is running?
That the virus definitions are up-to-date?
If the service has found any viruses?

**rs26** · 26-02-2008, 17:43

I want to know if the service is running or not. I've a Antivirus Server but the web interface is not running very well.

But if it's possible to do more that monitoring service

**siemt74** · 27-02-2008, 09:45

Hi,
You can use this item with Windows Service State Value map:

service_state[tmlisten]

**rs26** · 27-02-2008, 11:58

I'm going to use it. I tell you if it's running. Thanks

**rs26** · 27-02-2008, 12:09

Thanks, it works perfectly !

**rs26** · 27-02-2008, 16:48

I would like to do the same operation with emule.

I want to know if users are using the p2p program.

But there is no service with emule. It's just a process.

Any idea ?

**sdwilders** · 01-04-2008, 01:47

Antivirus Definitions

I can monitor antivirus services are running quite easily and I understand it is quite easy to enable a trigger if a file changes - but how do you run a trigger if a file isn't changed?

I want to fire a trigger if a virus definition file isn't changed in say 7 days.

**rolandsym** · 01-04-2008, 19:43

from a command prompt you can run this....

wmic /NAMESPACE:\\root\SecurityCenter PATH AntiVirusProduct get productUptoDate

If the antivirus is security center aware than it will report whether it is up to date with a true and a false when it is not. you can also "Get DisplayName" or "Get versionNumber"

Hope this helps,
RolandSym

**sdwilders** · 01-04-2008, 23:26

Super, that gives me the required response from a command line. Is there an "easy" way to add an item in Zabbix that will execute and collect the result of this? or would I need to add a custom script to each and every agent? (bearing in mind there are thousands!)

**rolandsym** · 02-04-2008, 00:03

zabbix_agentd.conf

UserParameter=antivirus.uptodate,wmic /NAMESPACE:\\root\SecurityCenter PATH AntiVirusProduct GET productuptoDate | findstr /V "productUptoDate"

this will get you just true or false and not the extra line.

would be example of the line you would add to the end of zabbix_agentd.conf which can be done with a simple echo command and >>.

It would be great if there were some predefined WMI items that zabbix could grab because Vista and 2008 have a lot more WMI information. I've been playing with the zabbix_client a little but not much luck.

Hope it helps,
RolandSym

**sdwilders** · 02-04-2008, 18:39

There are only a set number of different antivirus programmes between all my clients so I think I will try and create a trigger that fires if the definition file checksum is unchanged for say 7 days. I'll see if I can get this going and post back my item/trigger that I used.

**Jason** · 29-04-2008, 15:22

Hmmm Is this example for servers or just XP?

I just get an invalid namespace when I try this on a server. It'd be really useful to have this working for servers somehow

**rolandsym** · 29-04-2008, 20:45

not server

yes for xp pro sp2, vista... and I believe win 2008. Windows 2003 doesn't have a security center. I don't recall off the top of my head whether Win 2003 R2 has security center or not.

Rolandsym

**rolandsym** · 30-04-2008, 02:02

not server

yes for xp pro sp2, vista... and I believe win 2008. Windows 2003 doesn't have a security center. I don't recall off the top of my head whether Win 2003 R2 has security center or not.

Rolandsym

Ad Widget

Monitoring Antivirus on Windows

Monitoring Antivirus on Windows

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment