It appears that LogicMonitor only supports monitoring Windows hosts time using ntpq.exe (which isn't installed on Windows by default). Please add time monitoring for Windows servers using w32tm (which is in Server 2008 and newer). We need to be able to monitor when a Windows host's time is skewed by more than 5 minutes.
ntpq.exe can be found at: C:Program Files (x86)LogicMonitorAgentlibntpq.exe for a windows collector. If it does not exist within the lib directory this usually indicates that a datasource that makes use of that file was never used (once the script is needed, it will be downloaded from the LogicMonitor servers into that directory).
The ntpq.exe that is in the collector is there for the windows collector to monitor NTP service on non-windows devices (e.g. routers, switches, linux hosts, etc). Not to monitor Windows systems time skew. The best way to monitor Windows systems for time is with event log monitoring. The default windows event logs for the system log and severity of error will alert you to time issues.
Can you clarify monitoring Windows time by using event logs? Also, itd be great to use w32tm since this is what MS supports.
Whenever windows has issues with its time service, it will record this in the system event log, which the default event log monitors would pick up. See e.g. http://technet.microsoft.com/en-us/library/cc756597(v=ws.10).aspx
However, I can see the utility of directly monitoring offset via w32tm.exe
Can you email the output of w32tm /monitor from one server in your domain directly to steve@logicmonitor.com? (And also note how long that command takes to return)
Thanks
The other possibility is w32tm /query which does allow you to query some information from a remote machine about itu2019s time configuration and sync. The only catch is as far as I have seen it does not return the offset. It does however return the information as to whether it is synchronized and when it last synchronized with a time server.
Weve found that LogicMonitor is unable to determine issues with NTP for Windows hosts, though it is capable of monitoring this on linux / unix hosts.
We switched to using the meinberg ntp service on our windows servers as: Download the NTP service (not the monitor) from here:
http://www.meinberg-usa.com/support/downloads/ntp-software-download.htm
So we now do this. Import Win_TimeOffset from core.
Blog about it at http://www.logicmonitor.com/blog/2015/07/10/windows-its-about-time/
