github mickem/nscp 0.11.32
on GitHub

pre-release3 hours ago

What's Changed

This release is focused on three things:

  1. More built-in checks – a real check_net family, a real
    Windows registry checker, and real-time metrics on Linux.
  2. A much nicer Web UI – modern theme, filtering, settings diff
    dialog and a proper dashboard.
  3. A large documentation overhaul – restructured manual, every
    command has a samples page, and the HTTP client used by the
    Op5/Elastic clients has been modernized.

✨ New features

CheckSystem (Windows) – registry checks

Two new commands let you monitor the Windows registry directly from
NSClient++ instead of relying on external scripts. They support
recursion, exclude lists, 32/64-bit (WoW64) views, custom filters and
the usual warn=/crit= expression syntax.

  • check_registry_key – verify that a key exists, count
    sub-keys/values, watch its last-write time.
  • check_registry_value – read a single value (or enumerate all
    values under a key), assert its type, size or content.

Examples: 

# Just verify a key exists (default crit = "not exists")
check_registry_key "key=HKLM\Software\Microsoft\Windows NT\CurrentVersion"
OK: All 1 registry key(s) are ok.

# Watchdog: alert when the key has not been written for over 30 days
check_registry_key "key=HKLM\Software\NSClient" \
    "warn=age > 7d" "crit=age > 30d or not exists"

# Recursive enumeration of every immediate sub-key, with exclusions
check_registry_key "key=HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" \
    recursive max-depth=1 exclude=KB5005463 exclude=KB5005539

# Type assertion on a single value
check_registry_value "key=HKLM\Software\NSClient" value=InstallVersion \
    "crit=type != 'REG_SZ' or not exists"

# Numeric DWORD comparison
check_registry_value "key=HKLM\System\CurrentControlSet\Services\W32Time\Config" \
    value=MaxPollInterval "warn=int_value > 14" "crit=int_value > 17"

# Force the 32-bit (WoW64) view
check_registry_key "key=HKLM\Software\NSClient" view=32

CheckNet – five new (cross-platform) checks

CheckNet has graduated from a placeholder into a full network-check
module. Five new commands have been added, all using the new internal
http::simple_client and all unit-tested:

  • check_tcp – open a TCP socket to one or more host/port pairs,
    optionally send a payload and require an expected substring.
  • check_dns – resolve a hostname and optionally assert which
    addresses come back.
  • check_http – fetch one or more URLs, check status code,
    response time and body content; supports custom headers and
    user-agent.
  • check_ntp_offset – query one or more NTP servers and alert on
    offset / stratum.
  • check_connections – Windows-side TCP/UDP connection table
    inspection (counts per protocol/family/state).

Examples: 

# Single host TCP probe
check_tcp host=127.0.0.1 port=8443

# Multiple hosts in one call
check_tcp host=www.google.com host=www.ibm.com port=443 timeout=2000

# SMTP banner check (send + expect)
check_tcp host=smtp.gmail.com port=25 send="EHLO nsclient.org" expect="250"

# DNS resolution with expected address
check_dns host=google.com expected-address=172.217.20.174

# HTTP with body match and tighter latency thresholds
check_http url=https://nsclient.org/ expected-body="NSClient" \
    "warn=time > 500 or code >= 400" \
    "crit=time > 2000 or code >= 500 or result != 'ok'"

# NTP offset against multiple servers
check_ntp_offset "servers=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org" timeout=2000

# Alert on too many sockets stuck in TIME_WAIT
check_connections "filter=protocol = 'tcp' and state = 'TIME_WAIT'" \
    "warn=count > 200" "crit=count > 1000"

All five also work over NRPE, e.g.: 

check_nscp_client --host 192.168.56.103 --command check_http \
    --argument "url=https://nsclient.org/"

CheckSystem (Linux) – real-time metrics

The Linux build of CheckSystem now ships with the same real-time
metric collection that has been available on Windows for a long time:
CPU, memory, disk, network and load are sampled in the background and
exposed both to dashboards/metrics and to real-time filters
(filter=... rules that fire when a threshold is crossed).

No new commands are exposed by name – existing real-time filter
configuration just works on Linux now.

Web UI – refresh

The bundled web interface has been heavily reworked:

  • Modern theme with active-navigation highlighting and a redesigned
    login page.
  • Filterable lists for Modules, Queries and Settings.
  • Settings diff dialog – the "settings changed" widget can now show exactly which keys changed.

🐛 Fixes / smaller improvements

  • Op5Client: fixed a 401 path and several reponse → response
    typos.
  • Unified the various http clients meaning Op5Client and ElasticClient should now work better.

📚 Documentation

The documentation has had its biggest pass in years:

  • Restructured manualconcepts/, checks-in-depth/,
    scenarios/, tutorial/ and reference/ are now clearly
    separated; mkdocs navigation rebuilt accordingly.
  • New scenario guides: disk space, event log, external scripts,
    network checks, passive monitoring, service monitoring, Windows
    server health.
  • New "checks in depth" pages: filters, performance data, syntax,
    thresholds.
  • Rewritten REST API reference (info, login, modules,
    queries).
  • **Many commands now has samples with copy-pasteable
    examples and expected output, including all new commands listed
    above.

⚠️ Upgrade notes

  • The documentation tree was reorganized; bookmarks/links might not be valid.

Full Changelog: 0.11.31...0.11.32

Check out latest releases or
releases around mickem/nscp 0.11.32

Don't miss a new nscp release

NewReleases is sending notifications on new releases.

Get notifications