New Qualification – JNCIA-FWV

Today I sat and passed, after a long time of putting it off, my JNCIA (Juniper Networks Certified Internet Associate) Firewall/VPN Exam.

This now means that I have a qualification in the firewall technology that we are using at work. Hopefully I can play with some of the more funky stuff they use and work towards my JNCIS now 🙂

Check E-Trust Antivirus Definitions

Following on from my Symantec AV check I have written a first version of a similar check for E-Trust virus definitions. The format and structure to the check is the same as this check but it should return the relevant information for Computer Assoicates E-Trust Antivirus product.

For details on installation and configuration please check out the previous post. For the source code please check out the details below. If you wish to download this from Monitoring Exchange please use this link.

Failing hard disk

I had a small shock this evening when I noticed that one of the iSCSI mounts to my lab servers was not working as expected. I could see a folder structure but no data in the folder. I have had issues in the past because the iSCSI mount is a dynamic disk (Yes I know now that I should have left it a basic disk but I have not got enough space to move the relevant data off, covert to basic and move it back again) and when I reboot the server that it mounts to I have to reactivate the disk manually and recreate the appropriate shares. This issue was different.

I logged onto the admin interface for my NAS (Thecus 5200BR Pro) and checked the disk status to find the following screen

I hadnt been notified that my Nas was not 100% healthy so this was quite a shock. Clicking further on the Warning I had the following screen confront me

I think this is why I have some errors on my server. I shut down all the VMs and powered the NAS back on to do a file system check which it seemed to pass but it only checks the file system and not the iSCSI mounts that exist.

I rebooted the NAS again into normal operating mode and powered my ESX servers back on, logged back into my server with the iSCSI mount and reactivated the local disk and shared the folders again. Data was there 🙂

I dont trust that this wont happen again so I have purchsed a further two 1TB Western Digital hard drives from my preferred supplies ( and am having them shipped to work so I can get them installed as soon as possible in my lab. I think I am also going to take this as a chance to move the iSCSI mount away from the existing setup and onto a new iSCSI array that is mounted on a dedicated iSCSI LAN and hopefully improve performance a little bit.

Publishing scripts to Monitoring Exchange

As I start to write/modify more checks and scripts for monitoring applications in Nagios/Opsview I have decided to share these as much as possible with the community so they can enjoy, and if necessary, improve the scripts I have written. I have decided to use the website to host my scripts (as well as detailing them on this blog) as I have found a number of good scripts here that do what I wanted them to.

All the scripts should appear as projects under my profile (wibble) with a link back to the same script on the blog here.  I will also endeavour to post the link to Monitoring Exchange in the bottom of the blog post.

Nagios/Opsview: Check Symantec AV Definitions

This morning whilst deploying a modified version of the Symantec Anti-Virus check from I noticed that on my 64-bit hosts that the check was not returning the correct data and instead of the expected output I was receiving the following error code:

Initially I thought this could be a change due to the new installs being Symantec Endpoint Protection compared to the previous times I had implemented this using Symantec Anti-Virus 10.x but the SEP installs on the 32-bit systems were working fine however the 64-bit versions were not.

A quick look in the registry showed me that the value that is read by the script is not there on the 64-bit version and has been moved to another location (HKEY_LOCAL_MACHINESOFTWAREWow6432NodeSymantecSharedDefsDefWatch). I sat down with the script and quickly wrote in some extra code that would allow me to change the search path depending on the Operating System Architecture. I also added in some more error checking so if the key didnt exist then rather than exiting with an OK status it returns an UNKNOWN status and a relevant error message.

As I use NSClient++ to enable me to monitor my Windows servers I simply save the script to the NSClient++scripts folder and add the following line into my NSCI.ini under [NRPE Handlers]

Then from within Nagios or Opsview define the command for check_nrpe

check_nrpe -H $HOSTADDRESS$ -c check_av -a 2 3

The full script is listed below and is also available on Monitoring Exchange (link):