SKOOR Documentation

WMI

Function	Query a remote host using WMI for certain pre-defined values
Alarming	Disk: Free space, Used space, Free size, Used size, Total size, Disk time %, Disk info NW-Interface: Received, Sent, Packet in error, Packet out error, Utilization, Bandwidth Process: Cpu usage, Mem usage, Physical mem usage, Number of processes, Number of threads, Number of handles Service: Service state Time: Offset, Timestamp

Function

Query a remote host using WMI for certain pre-defined values

Alarming

Disk: Free space, Used space, Free size, Used size, Total size, Disk time %, Disk info

NW-Interface: Received, Sent, Packet in error, Packet out error, Utilization, Bandwidth

Process: Cpu usage, Mem usage, Physical mem usage, Number of processes, Number of threads, Number of handles

Service: Service state

Time: Offset, Timestamp

To be able to run remote WMI queries against a Windows host, the following prerequisites must be met:

The user account used for the WMI request must be configured on the job's device object using the properties
- WMI User
- WMI Password
The user account must have permissions to run remote WMI queries against the host. See the following article for details: https://technet.microsoft.com/en-us/library/cc771551(v=ws.11).aspx
The Windows firewall on the remotee host must allow incoming WMI requests, e.g. Windows Management Instrumentation (WMI-In)

WMI device object

The job's parent device must have the following properties added to allow authentication against the remote host:

WMI detail

WMI parameters

Parameter	Description
Mode	Choose one of the following Disk: Read details on disk usage on a specific disk volume (see values below) NW-Interface: Read details on network throughput on a specific network interface (see values below) Process: Read details on memory usage, threads and handles on a specific process (see values below) Service: Read the state of a specific Windows service (see values below) Time: Read the time offset (in s) between the remote host and the SKOOR collector configured for this job
Name	Depends on choice of Mode above. Disk: Enter the disk's name, e.g. C: NW-Interface: Enter the name of the network interface as stated in Windows Device manager (not in the Network adapters view), or enter % to read all interface names and read data from the first network interface Process: Enter the name of the process, e.g. explorer.exe Service: Enter the name of the service (its name or caption) Time: No entry needed

Parameter

Description

Mode

Choose one of the following

Disk: Read details on disk usage on a specific disk volume (see values below)

NW-Interface: Read details on network throughput on a specific network interface (see values below)

Process: Read details on memory usage, threads and handles on a specific process (see values below)

Service: Read the state of a specific Windows service (see values below)

Time: Read the time offset (in s) between the remote host and the SKOOR collector configured for this job

Name

Depends on choice of Mode above.

Disk: Enter the disk's name, e.g. C:

NW-Interface: Enter the name of the network interface as stated in Windows Device manager (not in the Network adapters view), or enter % to read all interface names and read data from the first network interface

Process: Enter the name of the process, e.g. explorer.exe

Service: Enter the name of the service (its name or caption)

Time: No entry needed

WMI values and alarm limits

Value / Alarm limit	Description
Disk: Free space	Free disk space percentage
Disk: Used space	Used disk space percentage
Disk: Free size	Free disk space in GByte
Disk: Used size	Used disk space in GByte
Disk: Total size	Total disk space in GByte
Disk: Disk time %	The Average disk queue length counter multiplied by 100
Disk: Disk info	The disk volume's label
NW-Interface: Received	The amount of incoming network traffic on the network interface (in kByte/s)
NW-Interface: Sent	The amount of outgoing network traffic on the network interface (in kByte/s)
NW-Interface: Packet in error	The percentage of packet errors for the incoming traffic
NW-Interface: Packet out error	The percentage of packet errors for the outgoing traffic
NW-Interface: Utilization	The percentage of bandwidth utilization
NW-Interface: Bandwidth	The speed currently configured on the network interface (in MBit/s)
Process: Cpu usage	The amount of CPU time used by the process (in %)
Process: Mem usage	The amount of memory used by the process(es) in MByte
Process: Physical mem usage	The percentage of physical memory used by the process(es)
Process: Number of processes	The number of processes found which match the process name given
Process: Number of threads	The number of threads used by the process(es)
Process: Number of handles	The number of handles used by the process(es)
Service: Service state	The current service state. Can be one of Stopped Start pending Stop pending Running Continue pending Pause pending Paused Not installed Unknown
Time: Offset	The time offset (in s) between the remote host and the SKOOR collector configured for this job
Time: Timestamp	The remote time (e.g. 12.12.2017 15:42:32)
Error code	Generic job error code (see section Job error codes)

WMI examples

Example 1 - Read disk C:

Mode	Disk
Name	C:

Output 1

Example 2 - Read process explorer.exe

Mode	Process
Name	explorer.exe

Output 2

Example 3 - Read status of Dhcp service

Mode	Service
Name	Dhcp

Output 3

Example 4 - Read time offset

Mode	Time

Output 4

Example 5 - Read network interface details

Mode	NW-Interface
Name	HP Ethernet 1Gb 4-port 331i Adapter

WMI