naparuba
6th May 2008, 12:42
Hi, I post some WMI requests that are quite usefull to me to monitors windows systems. You can use theses request with tools like Nc_net or nrpe_nt. Some requests are not ok with w2k.
See if all automatic services are up:
SELECT Name,State,StartMode FROM Win32_Service WHERE StartMode="Auto"
The only exeption I know is SysmonLog, it's in automatic mode but sopped. You can make it a manual service.
Cpu load:
SELECT LoadPercentage FROM Win32_Processor
>90%=problem
Disk I/O:
SELECT Name,DiskReadsPersec,DiskReadBytesPersec,DiskWrite sPersec,DiskWriteBytesPersec FROM Win32_PerfFormattedData_PerfDisk_PhysicalDisk
It's just for graph. not w2k.
Disk queue lenght:
SELECT Name,CurrentDiskQueueLength FROM Win32_PerfFormattedData_PerfDisk_PhysicalDisk
>2 = disks too slow.
Disk space:
SELECT Name,FreeSpace,Size FROM Win32_LogicalDisk WHERE drivetype=3 and volumename!='Swap'
change Swap with the partition label of your swap partition (if you do not have a swap partition, create one :) )
Physical memory usage:
SELECT FreePhysicalMemory,TotalVisibleMemorySize FROM Win32_OperatingSystem
Then:
$usedPhysical = $totalvisible - $freephysical;
$pctPhysicalUsed = $usedPhysical * 100 / $totalvisible;
% of network brandwith use:
SELECT Name,BytesTotalPersec,CurrentBandwidth FROM Win32_PerfFormattedData_Tcpip_NetworkInterface
Too hight? too much network access.
Network interface usage:
SELECT DatagramsReceivedPersec,DatagramsSentPersec,Fragme ntationFailures FROM Win32_PerfFormattedData_Tcpip_IPv4
Just for graphs.
Network queue:
SELECT Name,OutputQueueLength FROM Win32_PerfFormattedData_Tcpip_NetworkInterface
>2? too much network access
Processor queue:
SELECT ProcessorQueueLength FROM Win32_PerfFormattedData_PerfOS_System
>10 = too much load on the server
Processor usage:
SELECT PercentInterruptTime,PercentDPCTime,PercentPrivile gedTime Win32_PerfFormattedData_PerfOS_Processor WHERE Name='_Total'
*PercentInterruptTime > 50%? too much network I/O
*PercentPrivilegedTime > 20%? too much disk I/O
Swap usage:
SELECT AllocatedBaseSize,CurrentUsage FROM Win32_PageFileUsage
Swap? bad bad bad. (>20%)
reboot (uptime):
SELECT SystemUpTime FROM Win32_PerfFormattedData_PerfOS_System
<3600= reboot in the previous hour
File creation:
SELECT LastModified FROM CIM_Datafile WHERE name="C:\myfile.txt"
Too see the creation date of a file
If you have some others, I take :)
Nap
See if all automatic services are up:
SELECT Name,State,StartMode FROM Win32_Service WHERE StartMode="Auto"
The only exeption I know is SysmonLog, it's in automatic mode but sopped. You can make it a manual service.
Cpu load:
SELECT LoadPercentage FROM Win32_Processor
>90%=problem
Disk I/O:
SELECT Name,DiskReadsPersec,DiskReadBytesPersec,DiskWrite sPersec,DiskWriteBytesPersec FROM Win32_PerfFormattedData_PerfDisk_PhysicalDisk
It's just for graph. not w2k.
Disk queue lenght:
SELECT Name,CurrentDiskQueueLength FROM Win32_PerfFormattedData_PerfDisk_PhysicalDisk
>2 = disks too slow.
Disk space:
SELECT Name,FreeSpace,Size FROM Win32_LogicalDisk WHERE drivetype=3 and volumename!='Swap'
change Swap with the partition label of your swap partition (if you do not have a swap partition, create one :) )
Physical memory usage:
SELECT FreePhysicalMemory,TotalVisibleMemorySize FROM Win32_OperatingSystem
Then:
$usedPhysical = $totalvisible - $freephysical;
$pctPhysicalUsed = $usedPhysical * 100 / $totalvisible;
% of network brandwith use:
SELECT Name,BytesTotalPersec,CurrentBandwidth FROM Win32_PerfFormattedData_Tcpip_NetworkInterface
Too hight? too much network access.
Network interface usage:
SELECT DatagramsReceivedPersec,DatagramsSentPersec,Fragme ntationFailures FROM Win32_PerfFormattedData_Tcpip_IPv4
Just for graphs.
Network queue:
SELECT Name,OutputQueueLength FROM Win32_PerfFormattedData_Tcpip_NetworkInterface
>2? too much network access
Processor queue:
SELECT ProcessorQueueLength FROM Win32_PerfFormattedData_PerfOS_System
>10 = too much load on the server
Processor usage:
SELECT PercentInterruptTime,PercentDPCTime,PercentPrivile gedTime Win32_PerfFormattedData_PerfOS_Processor WHERE Name='_Total'
*PercentInterruptTime > 50%? too much network I/O
*PercentPrivilegedTime > 20%? too much disk I/O
Swap usage:
SELECT AllocatedBaseSize,CurrentUsage FROM Win32_PageFileUsage
Swap? bad bad bad. (>20%)
reboot (uptime):
SELECT SystemUpTime FROM Win32_PerfFormattedData_PerfOS_System
<3600= reboot in the previous hour
File creation:
SELECT LastModified FROM CIM_Datafile WHERE name="C:\myfile.txt"
Too see the creation date of a file
If you have some others, I take :)
Nap