How-to monitor files single files or filegroups on Windows
File monitoring is key for application monitoring — this guide covers use cases and configuration on how to accomplish this on Windows systems.
LAST TESTED ON CHECKMK 2.3.0P1
With Checkmk, you can monitor single files for pure existence, their age, size, etc. But it is also sometimes necessary to group several files into one service and impose those rules and thresholds on such a filegroup.
Configuration of the agent
First, we must tell the agent which files should be monitored. This can be done with the Checkmk agent bakery in Checkmk Enterprise, Enterprise Free, and managed service edition. In Checkmk RAW Edition, this needs to be done manually.
With agent bakery (Enterprise editions):
To create a new rule, go to Setup → Agents → Windows, Linux, Solaris, AIX → Agent rules → Count, size, and age of files and specify which files to be included:
Take a look at the inline help for possible patterns.Bake & Sign the agents to deploy the new agent configuration.
Without agent bakery (RAW edition):
Paths and files are case-sensitive, even in the Windows agent.
In the file
C:\ProgramData\checkmk\agent\check_mk.user.yml, create afileinfosection like this:fileinfo: enabled: true path: - c:\temp\*.txt - c:\path\to\file.dat.
Restart the Checkmk agent
Monitoring of single files
Rediscover your host, and you will find the single files that you configured in Step 1, and you can add them to monitoring:
After that, you can create rules to specify how to monitor those files.
.Click on the "hamburger" menu of that service, then "Parameters for this service."
.Click "Size and age of single files" to create a rule
For example, this is with a threshold for the maximum age.
Monitoring of file groups
Sometimes it is desired not to monitor the individual files but a file group instead. To do this, you need to create a rule on the type "File Grouping Patterns" There, you have to specify a name for the group, "Include Patterns," and optionally "Exclude Patterns."
Go to Setup → Services → Service monitoring rules → Grouping Patterns → Add rule
.After a Re-Discovery, the single file services will vanish, and the file group will appear, and you can add the new service to the monitoring
.Create a rule by clicking on the "hamburger menu" → Parameters for this service
.Click "Size, age, and count of file groups" to create a rule as desired
Example
Special case: file(s) does not exist during discovery
Sometimes you have a special use case where the single files or files that are part of file groups do not exist (during discovery). E.g., you want to monitor the quarantine directory of antivirus software, which should normally be empty.
As the Checkmk Discovery can only discover things that exist during the discovery process, we have a logical problem.
To circumvent this issue, you have to create the rules from above. These rules are called Size and age of single files and Size, age, and count of file groups and are not in the Discovery rule section of the setup menu but in the Enforced services part of the setup.
The rules can be found here:
Setup → Services → Enforced services → Size and age of single files
Setup → Services → Enforced services → Size, age, and count of file groups
By creating such an enforced rule, you can force Checkmk to create a service check, and you can monitor files that are not present during discovery.