Monitor Windows (Local and Azure) via WinRM from Cacti on Linux

[jab50]

Hope this starts a discussion as couldnt find anything about using cacti like this.
So this started as expanding to monitor Azure servers, but discovered MS dosent permit SNMP in Azure.
Looked at WMI but WMI is depreciated. (This will use the cacti WMI plugin just to hold credentials, could really do with its own simpler plugin though) .
So go for Windows remote management protocol WinRM.
Discovered its possible via the python winrm module.
Note there is a powershell module for Unix but it dosent appear to support Invoke-Command so a dead end, this might be easier from a Windows hosted cacti installation (remote poller?) and calling powershell directly.
Started in basic auth mode and unencrypted traffic and eventually managed to get working with kerberos and HTTPS traffic, if you can follow this topic for long enough. (lots of help online related to Ansible and Windows which applies)

From Ubuntu box running V22, with cacti 1.2.25 (latest) (Started with 1.2.24 so should work with that)
Attachment contains file winrm_poller.py place in /scripts folder set correct permissions. Loads of comments in it to help use.
Import the template file cacti_host_template_winrm_windows_computer.xml which has graphs and data input for memory/cpu/network/disk (cpu data+graph template for 2, 4 or 7 core cpu if your host is different just make another with matching templates)
Its not clever enough to auto index so if you have 2 or 4 or 7 CPU needs separate data input queries. Likewise need to add each disk separately, and provide a name for the network interface. If somebody can write script server indexed stuff that would improve it.

Install Python Min version 3.10. (and pywinrm, mysql-connector-python, mysqlclient, phpserialize)
Add your connecting user and credentials in the WMI Queries>>Authentication tab
If its a domain account use <name>@YOURDOMAIN (domain must be in caps!)
For each host to query select the appropriate user, and disable SNMP collection

Add a new host and select the WinRM device template
Start off by getting the memory query to work with console call its the simplest one. If this returns some numbers the rest is cacti setup stuff.
python3 /var/www/html/cacti/scripts/winrm_poller.py hostid --wrmswitch=memory --debug --printlog

If host is domain joined must setup to use kerberos (but will work over HTTP not recommended)
If going beyond basic and HTTP access install certificate stuff - comments in code file.

I did domain join the Ubuntu server but im not clear if that is necessary.
Edit the /etc/krb5.conf to define your domain if not done by domain join

Published the cacti server cert with GPO
Manually on each host (can also do this in GPO)
winrm set winrm/config/service '@{AllowUnencrypted="false"}'
winrm set winrm/config/service/auth '@{Basic="false"}'

Follow this post https://adamtheautomator.com/winrm-for-ansible/ to get more info about adding a cert

Start the fun.
John