monitoring - Windows Server 2003 SNMP Disk I/O OID's

17
2014-04
  • Kev

    It's been about few years since I went near SNMP and I now need to capture some metrics from Windows Servers via SNMP.

    The last time I did something like this I used iReasoning's MIB Browser to discover some APC networked power outlets OID's.

    I vaguely remember having to load a MIB file for the APC's into the MIB browser and seeing the OID's for various metrics.

    What MIB file(s) do I need to load to discover the OID's for Windows Server 2003 and 2008 disk metrics?

  • Answers
  • sysadmin1138

    The top of the Windows disk SNMP tree is .1.3.6.1.2.1.25.2.3.1, also known as ".iso.org.dod.internet.mgmt.mib-2.host.hrStorage.hrStorageTable" When I built an SNMP script to grab these kinds of metrics, it was pretty obvious which sub-OIDs belonged to cluster size, allocated space, free space, and volume name.

    The one gotcha to be aware of is that Windows does not present directory-mounted volumes this way. So if you have a volume mounted to "F:\Backups", you'll see "F:\" in the list, but not "F:\Backups". The only way I found to grab that data was to delve into WMI.

  • Kev

    Whilst there are some metrics available under the SNMP tree described by sysadmin1138, lots of performance stats aren't available out of the box.

    It seems you either have to build your own MIB's from Performance Monitor counters:

    PERF2MIB.EXE: Performance Monitor MIB Builder Tool

    Or use a third party SNMP extensions such as SNMP Informant which will expose these metrics:

    SNMP Informant


  • Related Question

    Monitor a Windows Server using SNMP
  • Mike McClelland

    How hard can this be? I want to get the current CPU performance from a remote Win 2k3 machine. I need to use SNMP because the machine is behind a firewall.

    Assumptions:

    • I understand networking/can configure any kind of IP address/port forwarding/firewall/stuff.
    • I understand SNMP - I know how to use my tool to get a value from an OID on a target machine.
    • I know what I want to do with the result from my SNMP request.
    • I have enabled SNMP on the Windows Server, configured the relevant IP security/community stuff.
    • I can already ask the Windows server standard stuff using SNMP about how many disks/network interfaces it has etc.

    Question: - What OID do I used to simply ask current performance usage.

    I have spent many hours asking Google - clearly asking the wrong question :S .... How hard can this be?


  • Related Answers
  • voretaq7

    Use snmpwalk to see what the machine is reporting, and pick what looks appropriate :-)

    For CPU utilization, the Host Resources MIB provides a SNMP Table at 1.3.6.1.2.1.25.3.3 which lists each CPU and it's current percent utilization, but these values can be somewhat misleading (100% doesn't always mean your system is overloaded).

    www.oidview.com is a good place to go MIB-browsing, and will give you the MIB entity name as well as the OID.

  • mfinni

    There isn't any OID for 'performance usage', you will need to do your own investigation and determine what you want to capture - a lot of stuff from the HOSTS MIB (CPU, RAM, disk space) are common, but you may also care about specific things that are hardware-specific (vendor-specific RAID card for example.)

    What tool are you using? Nagios, OpenNMS, and MRTG have templates for common scenarios.

    Also, keep in mind that if you're using SNMP v2, your community strings are cleartext.

  • Mathieu Chateau

    You can use Cacti, on Linux or Windows, to manage snmp data & graph. It will discover oid by itself (using preloaded templates) and generate graphes for you (daily / monthly...) It's open source

  • RobW

    You might consider using getif.exe or a mib browser to see what the machine is exposing.

    The oid for generic processor info from one of the RFC mibs is:

    .1.3.6.1.2.1.25.3.3.1
    

    but you'll need to drill in to determine multiprocessor. On one of my single processor servers the oid is:

    .1.3.6.1.2.1.25.3.3.1.2.1
    

    YMMV.

    An excellent source of snmp info is:

    http://www.wtcs.org/snmp4tpc/testing.htm

    As mentioned elsewhere, once you get the data, MRTG, Cacti, Nagios (et al) are great ways to show historical information, and to get a picture of the server health of your network.

    Rob

  • Abhijeet Kasurde

    I'm using Nagios with Nagios graphs which give me the opportunity to monitor CPU, MEM and Disk load in time, on Windows side I use NSClient++ to connect to Nagios server

    1. For CPU I use check_nt_cpuload, this is a Nagios plugin,
    2. For memory I use check_memory
    3. I'm using SNMP for checking free disk space, also for checking used memory by a single process, I'm also using SNMP for checking how much a process is taking from CPU. Also I have setup Nagios to send emails when a trash-hold is reached (e.g., Memory on server 1 is critical).

    It took me about 5 days to have it working and now I have logs for about 10 mounts and I can tell how much server was loaded in a specific period of time

  • Abhijeet Kasurde

    Use Nagios which will be installed in a Linux server. It has a lot of plugins built to monitor system performances (CPU/RAM/HDD). Then install NRPE on your Windows Server. The Nagios/NRPE should be started on your windows server. Nagios also has a capability of triggering an alarm whenever threshold you have set is reached, and send an email alert to the one who administers the system.

    You may also use Cacti which also uses SNMP. It has plugins to monitor system performances. Compared to Nagios, Cacti has graphical presentation of current system performance which can update in real time.