Hello,
it's possible to know if Windows Firewall is enabled on Windows Server devices? I can't find this kind of sensors.
Thanks, regards.
Article Comments
Hello,
thanks for your quick reply.
After check it, firewall service is always running but you can enable or disable firewall without affect firewall service.
My exactly question is how to check if firewall is enabled for three environments: domain, private and public.
Thanks in advance, regards.
Dec, 2020 - Permalink
Thank you for the clarification.
I'm afraid that there is no native sensors to monitor that information, however you have the possibility to use the custom sensors as explained below:
The information is available via the WMI protocol and therefore, you have the possibility to use the sensor above to execute a custom WQL file to get the information you want. The class which provides the firewall profiles status is MSFT_NetFirewallProfile , located in the following namespace: root/StandardCimv2.
To use the WMI Custom sensor, please follow the steps below:
- Create a new wql file (Windows Firewall Status.wql for example) on the PRTG server
- Copy the following query in it and save the file.
SELECT Enabled FROM MSFT_NetFirewallProfile WHERE Name = '<#PH1>'
- Move that file under "C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors\WMI WQL scripts"
- Add a new WMI Custom sensor
- Configure the settings as the following
- Namespace: root/StandardCimv2 - WQL File: Select the file you created - Placeholder <#PH1>: Write the firewall profile you want to monitor (Public, Private or Domain)
- Save the configuration
Then, you should get 0 or 1 depending on the status of the firewall profile (enabled or not). To make the information more meaningful, you can configure the lookup to prtg.standardlookups.boolean.statetrueok in the channel settings, or create your own lookup (Custom lookups).
The WMI Custom sensor only allows to get the status of one profile only. To get a channel for each of them (Public, Private, Domain) I invite you to write a small PowerShell script which would use the cmdlet Get-NetFirewallProfile .
To return the information in PRTG, please have a look to the following manual: https://www.paessler.com/manuals/prtg/custom_sensors#advanced_sensors
If you have questions, let us know.
Regards.
Dec, 2020 - Permalink
Hello,
thank you so much! it works perfectly and so easy following your procedure.
King regards.
Dec, 2020 - Permalink
Hello again,
it's possible to combine the three sensors only in one? During configuration settings on WMI custom sensor exits three variables: <#PH1>, <#PH2> and <#PH3>. It's one could be: Private, Public and Domain.
Do you know the correct syntax for the query?
SELECT Enabled FROM MSFT_NetFirewallProfile WHERE Name = '<#PH1>' , '<#PH2>' , '<#PH3>'
thanks in advance, regards.
Dec, 2020 - Permalink
Hello Roberto,
I'm afraid that it's not possible to return many values with the WMI Custom sensor. Therefore, to get all firewall profiles status, you have to use the EXE/Script Advanced sensor with a custom PowerShell script. Please, have a look to my previous post regarding this matter.
Regards.
Dec, 2020 - Permalink
Hello Roberto,
Thank you for your message.
Indeed, to monitor the Windows Firewall service on your servers, you can use the following sensors:
- WMI Service
- SNMP Windows service
If you have further questions, let us know.
Kind regards.
Dec, 2020 - Permalink