I am sure this is a stretch, but I will ask anyway: Is there a way I can use the Librenms to monitor Windows workstations and servers for missing updates and events?
Thanks
1 Like
Hi,
for Windows Servers, a Nagios plugin might help:
We’re using in our organization Check-Available-Updates in combination with NSClient++.
In nsclient.ini, the script has to be added in [/settings/external scripts/...].
On LibreNMS host, the Nagios NRPE Plugin has to be installed to perform those NRPE Checks (Debian 12: apt -y install nagios-nrpe-plugin).
In LibreNMS, you can set up a Service using Nagios / NRPE Plugin for the Check-Available-Updates script.
Specific alert rules (warning or critical) checking only this specific “service” can be setup like this:
Please note: This is not displayed in “Apps” because this data is not returned by SNMP.
For Windows Events, eventually Graylog is helpful to collect all Windows Event data (incl. Sysmon if installed).
From my understanding, Logs generated by LibreNMS can also be forwarded to Graylog (https://docs.librenms.org/Extensions/Graylog/), but I did not try it out by myself.