Nagios

Monitor your network with nagios

Installation (Server)

# server:
aptitude install nagios2

# to configure a password for your default webinterface 
# user nagiosadmin run:
dpkg-reconfigure nagios2-common

Access your webinterface at http://localhost/nagios2/

Verify your configuration:

nagios2 -v /etc/nagios2/nagios.cfg

External Commands

taken from /usr/share/docs/nagios2/README.Debian

Nagios 2 is not configured to look for external commands in the default configuration as a security feature. To enable external commands, you need to allow the web server write access to the nagios command pipe. the simplest way of doing this is to set check_external_commands=1 in your nagios configuration, and then change the permissions in a way which will be maintained across package upgrades (otherwise dpkg will overwrite your permission changes). The following is the recommended approach:

  • activate external command checks in the nagios configuration. this can be done by setting heck_external_commands=1 in the file /etc/nagios2/conf.d/extcommands_nagios2.cfg.
  • perform the following commands to change directory permissions and to make the changes permanent:
/etc/init.d/nagios2 stop
dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios2/rw
dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios2
/etc/init.d/nagios2 start

Installation (Linux client)

# client:
aptitude install nagios-plugins nagios-nrpe-server sudo

/etc/nagios/nrpe.cfg

server_port=5666
nrpe_user=nagios
nrpe_group=nagios
dont_blame_nrpe=0
debug=0
command_timeout=60
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
include=/etc/nagios/nrpe_local.cfg

/etc/nagios/nrpe_local.cfg

command_prefix=/usr/bin/sudo
allowed_hosts=127.0.0.1,nagios.domain.tld

command[check_disk_srv]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /srv
command[check_disk_root]=/usr/lib/nagios/plugins/check_disk -w 20 -c 10 -p /
command[check_md_raid]=/usr/lib/nagios/plugins/check_md_raid

/etc/sudoers

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults        env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root        ALL=(ALL) ALL
nagios      ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/

Make sure the check_nrpe plugin on the server can talk to the nrpe daemon on the remote host:

# exec on the nagios monitoring host:
/usr/lib/nagios/plugins/check_nrpe -H 192.168.0.8

You should get back a string that tells you the version of nrpe running on the remote host.

Installation (Windows client)

Download nrpe_nt.0.8b-bin.zip and nrpe_nt_plugins.zip and extract them to c:\nagios_nt

Edit nrpe.cfg as shown below:

c:\nagios_nt\bin\nrpe.cfg

#############################################################################
# Sample NRPE Config File 
#
# NOTES:
# This is a sample configuration file for the NRPE_NT service.  It needs to be
# located on the remote host that is running the NRPE_NT service, not the host
# from which the check_nrpe client is being executed.
#############################################################################

#blowfish_secret=pipexcommunications

# PORT NUMBER
# Port number we should wait for connections on.

server_port=5666

# SERVER ADDRESS
# Address that nrpe should bind to in case there are more than one interface
# and you do not want nrpe to bind on all interfaces.

#server_address=192.168.0.2

# ALLOWED HOST ADDRESSES
# This is a comma-delimited list of IP address of hosts that are allowed
# to talk to the NRPE daemon.
#
# NOTE: The daemon only does rudimentary checking of the client's IP
#       address.

allowed_hosts=nagios.domain.tld

# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE_NT service will allow clients
# to specify arguments to commands that are executed
# *** ENABLING THIS OPTION IS A SECURITY RISK! *** 
#
# Values: 0=do not allow arguments, 1=allow command arguments

dont_blame_nrpe=0

# DEBUGGING OPTION
# This option determines whether or not debugging messages are logged to the
# eventlog.
# Values: 0=debugging off, 1=debugging on

debug=0

# COMMAND TIMEOUT
# This specifies the maximum number of seconds that the NRPE_NT service will
# allow plugins to finish executing before killing them off.

command_timeout=30

# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an external config file.

#include=<somefile.cfg>

# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from config files (with a
# .cfg extension) in one or more directories (with recursion).
#NOTE: This option is currently ignored with NRPE_NT!
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>


# COMMAND DEFINITIONS
# Command definitions that this daemon will run.  Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of <command_name>
# it will execute the command specified by the <command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must reside
# on the machine that this daemon is running on!  The examples below
# assume that you have plugins installed in a D:\NRPE_NT
# directory.  Also note that you will have to modify the definitions below
# to match the argument format the plugins expect.  Remember, these are
# examples only!

# The following examples use no command arguments...

command[nt_check_disk_c]=C:\nagios_nt\bin\diskspace_nrpe_nt.exe c: 70 90
#command[nt_check_disk_d]=C:\nagios_nt\bin\diskspace_nrpe_nt.exe d: 70 90
#command[nt_check_disk_e]=C:\nagios_nt\bin\diskspace_nrpe_nt.exe e: 70 90
command[nt_cpuload]=C:\nagios_nt\bin\cpuload_nrpe_nt.exe 50 80
command[nt_memload]=C:\nagios_nt\bin\memload_nrpe_nt.exe 70 90
command[nt_service]=C:\nagios_nt\bin\service_nrpe_nt.exe "Event Log,DNS Client"
command[nt_eventlog]=C:\nagios_nt\bin\eventlog_nrpe_nt.exe -m 7200 -s "Service Control Manager"

# The following examples allow user-supplied arguments and can
# only be used if NRPE_NT  was compiled with support for 
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'...

#command[check_arg]=D:\NRPE_NT\testarg.cmd $ARG1$
#command[check_arg]=D:\NRPE_NT\testarg.exe -H $ARG1$ -p $ARG2$

Install the nt service:

c:\nagios_nt\bin\nrpe_nt -i

Open Port 5666 in your Windows firewall.

Make sure your service ist really started (reboot).

networking/nagios.txt · Last modified: 2009-04 by tb
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready