nagios(3)
TRANSCRIPT
-
Documentation of
Topic: Nagios Core 3.3.1 Network Monitoring
YYFMarch 1, 2012GZZ
Ministry of Education, Youth and Sport, #201, Norodom Blvd., Phnom Penh Kingdom of Cambodia
website: www.moeys.gov.kh, Email: [email protected]
Fax: +855 23 210 134
Kingdom of Cambodia
National Religion King
YYZZMinistry of Education, Youth and Sport
Department of Information and ASEAN Affairs
ICT in Education Office
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 2 of 77
VERSION DATE DESCRIPTION
V1.0 FEBROURY 01, 2012 NAGIOS CORE AND PLUGINS INSTALATION
V1.0 FEBROURY 02, 2012
Document History
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 3 of 77
1. About Nagios Core .......................................................................................................................... 6
1.1. What is Nagios Core? ...........................................................................................................................................6
1.2. Downloading the Latest Version .........................................................................................................................6
2. Quick Start Installation Guide....................................................................................................... 6
2.1. Introduction ..........................................................................................................................................................6
2.2. What You Will End Up? ......................................................................................................................................7
2.3. Prerequisites..........................................................................................................................................................7
2.4. Step 1: Create Account Information ...................................................................................................................7
2.5. Step 2: Download Nagios and the Plugins ..........................................................................................................8
2.6. Step 3: Compile and Install Nagios .....................................................................................................................8
2.7. Step 4: Customize Configuration ........................................................................................................................9
2.8. Step 5: Configure the Web Interface ..................................................................................................................9
2.9. Step 6: Compile and Install the Nagios Plugins ...............................................................................................11
2.10. Step 7: Start Nagios ............................................................................................................................................11
2.11. Step 8: Modify SELinux Setting ........................................................................................................................12
2.12. Step 9: Login to the Web Interface ...................................................................................................................13
2.13. Step 10: Other Modifications.............................................................................................................................14
2.14. Step 11:Your Done ............................................................................................................................................15
2.15. Nagios Virtual Host ............................................................................................................................................15
3. How to monitor a Linux/Unix machine (NRPE addon) ............................................................ 18
3.1. Introduction ........................................................................................................................................................18
3.2. Overview..............................................................................................................................................................19
3.3. Installation and Setup NRPE on Remote Server .............................................................................................19
3.4. SetupNagios Monitoring Host Server ...............................................................................................................23
3.5. Customizing Your Configuration......................................................................................................................31
3.5.1. Remote Host Configuration .............................................................................................................................31
3.5.2. Monitoring Host Configuration .......................................................................................................................32
3.6. NRPE Option Help .............................................................................................................................................33
4. How to monitor a Windows machine .......................................................................................... 35
4.1. Introduction ........................................................................................................................................................35
Table of Content
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 4 of 77
4.2. Overview..............................................................................................................................................................35
4.3. What's Already Done For You ..........................................................................................................................36
4.4. Prerequisites........................................................................................................................................................36
4.5. Installing the Windows Agent............................................................................................................................37
4.6. Configuring Nagios.............................................................................................................................................40
4.7. Password Protection ...........................................................................................................................................43
4.8. Restarting Nagios................................................................................................................................................44
5. How to monitor a router/switch................................................................................................... 45
5.1. Introduction ........................................................................................................................................................45
5.2. Overview..............................................................................................................................................................45
5.3. Steps .....................................................................................................................................................................46
5.4. What's Already Done For You ..........................................................................................................................46
5.5. Prerequisites........................................................................................................................................................47
5.6. Configuring Nagios.............................................................................................................................................47
5.7. Monitoring Services............................................................................................................................................48
5.8. Monitoring Packet Loss and RTA.....................................................................................................................48
5.9. Monitoring SNMP Status Information .............................................................................................................48
5.10. Monitoring Bandwidth / Traffic Rate...............................................................................................................49
5.11. Restarting Nagios................................................................................................................................................50
6. How to monitor a network printer .............................................................................................. 51
6.1. Introduction ........................................................................................................................................................51
6.2. Overview..............................................................................................................................................................51
6.3. Steps .....................................................................................................................................................................52
6.4. What's Already Done For You ..........................................................................................................................52
6.5. Prerequisites........................................................................................................................................................52
6.6. Configuring Nagios.............................................................................................................................................53
6.7. Restarting Nagios................................................................................................................................................54
7. How to monitor a publicly available service (HTTP,FTP,SSH,etc.) ........................................ 55
7.1. Introduction ........................................................................................................................................................55
7.2. Plugins For Monitoring Service.........................................................................................................................55
7.3. Creating A Host Definition ................................................................................................................................56
7.4. Creating Service Definitions ..............................................................................................................................56
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 5 of 77
7.5. Monitoring HTTP...............................................................................................................................................56
7.6. Monitoring FTP ..................................................................................................................................................62
7.7. Monitoring SSH ..................................................................................................................................................63
7.8. Monitoring SMTP...............................................................................................................................................64
7.9. Monitoring POP3................................................................................................................................................66
7.10. Monitoring IMAP ...............................................................................................................................................67
7.11. Restarting Nagios ss............................................................................................................................................69
8. Parent and Childs Relationship................................................................................................... 70
8.1. Introduction ........................................................................................................................................................70
5.2. Configuration......................................................................................................................................................70
9. Icon Images.................................................................................................................................... 72
10. Trouble shooting ........................................................................................................................... 76
10.1. Verifying Your Configuration ...........................................................................................................................76
11. Reference........................................................................................................................................ 77
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 6 of 77
1. About Nagios Core
1.1. What is Nagios Core?
Nagios Core is an Open Source system and network monitoring application. It watches
hosts and services that you specify, alerting you when things go bad and when they get better.
Nagios Core was originally designed to run under Linux, although it should work under most
other unices as well.
Some of the many features of Nagios Core include:
Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.) Monitoring of host resources (processor load, disk usage, etc.) Simple plugin design that allows users to easily develop their own service checks Parallelized service checks Ability to define network host hierarchy using "parent" hosts, allowing detection of and
distinction between hosts that are down and those that are unreachable
Contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method)
Ability to define event handlers to be run during service or host events for proactive problem resolution
Automatic log file rotation Support for implementing redundant monitoring hosts Optional web interface for viewing current network status, notification and problem history,
log file, etc.
1.2. Downloading the Latest Version
FYou can check for new versions of Nagios Core at http://www.nagios.org/download.
2. Quick Start Installation Guide
2.1. Introduction
This guide is intended to provide you with simple instructions on how to install Nagios from
source (code) on Fedora and have it monitoring your local machine inside of 20 minutes. No
advanced installation options are discussed here - just the basics that will work for 95% of users
who want to get started.
These instructions were written based on a standard CentOS 6.0 version Linux distribution.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 7 of 77
2.2. What You Will End Up?
If you follow these instructions, here's what you'll end up with:
Nagios and the plugins will be installed underneath /usr/local/nagios Nagios will be configured to monitor a few aspects of your local system (CPU load, disk
usage, etc.)
The Nagios web interface will be accessible at http://localhost/nagios/
2.3. Prerequisites
During portions of the installation you'll need to have root access to your machine.
You also need to give it a static IP address.
Make sure you've installed the following packages on your Fedora installation before
continuing.
Apache PHP GCC compiler GD development libraries
You can use yum to install these packages by running the following commands (as root):
[root@cent60 ~]# yum install httpdphp [root@cent60 ~]# yum install gccglibcglibc-common
[root@cent60 ~]# yum install gdgd-devel
2.4. Step 1: Create Account Information
Become the root user.
[vannath@cent60 ~]$ su -l
Password:
[root@cent60 ~]#
Create a new nagios user account and give it a password.
[root@cent60 ~]# useradd -m nagios
[root@cent60 ~]# passwdnagios
Changing password for user nagios.
New password:
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is too simple
Retype new password:
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 8 of 77
passwd: all authentication tokens updated successfully.
[root@cent60 ~]#
Create a new nagcmd group for allowing external commands to be submitted through the web
interface. Add both the nagios user and the apache user to the group.
[root@cent60 ~]# groupaddnagcmd
[root@cent60 ~]# usermod -a -G nagcmdnagios
[root@cent60 ~]# usermod -a -G nagcmd apache
[root@cent60 ~]#
2.5. Step 2: Download Nagios and the Plugins
Create a directory for storing the Nagios Core from downloads.
[root@cent60 ~]#
[root@cent60 ~]# mkdir -p /opt/NagiosCore3.3
[root@cent60 ~]# cd /opt/NagiosCore3.3/
[root@cent60 NagiosCore3.3]#
Download the source code tarballs of both Nagios and the Nagios plugins (visit
http://www.nagios.org/download/ for links to the latest versions). These directions were tested
with Nagios 3.3.1 and Nagios Plugins 1.4.15.
Make that you Server can access to internet.
[root@cent60 NagiosCore3.3]# wgethttp://prdownloads.sourceforge.net/
sourceforge/nagios/ nagios-3.3.1.tar.gz
[root@cent60 NagiosCore3.3]# wgethttp://prdownloads.sourceforge.net/
sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz
2.6. Step 3: Compile and Install Nagios
Extract the Nagios source code tarball.
[root@cent60 NagiosCore3.3]# ll
total 3724
-rw-r--r--. 1 root root 1714630 Dec 14 14:56 nagios-3.3.1.tar.gz
-rw-r--r--. 1 root root 2095419 Dec 14 14:57 nagios-plugins-1.4.15.tar.gz
[root@cent60 NagiosCore3.3]# tar xvf nagios-3.3.1.tar.gz
[root@cent60 NagiosCore3.3]# ll
total 3728
drwxr-xr-x. 16 nagiosnagios 4096 Jul 26 2011nagios
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 9 of 77
-rw-r--r--. 1 root root 1714630 Dec 14 14:56 nagios-3.3.1.tar.gz
-rw-r--r--. 1 root root 2095419 Dec 14 14:57 nagios-plugins-1.4.15.tar.gz
[root@cent60 NagiosCore3.3]# cdnagios
[root@cent60 nagios]#
Run the Nagios configure script, passing the name of the group you created earlier like so:
[root@cent60 nagios]# ./configure --with-command-group=nagcmd
Compile the Nagios source code.
[root@cent60 nagios]# make all
Install binaries, init script, sample config files and set permissions on the external command
directory.
[root@cent60 nagios]# make install
[root@cent60 nagios]# make install-init
[root@cent60 nagios]# make install-config
[root@cent60 nagios]# make install-commandmode
Don't start Nagios yet - there's still more that needs to be done......
2.7. Step 4: Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These
sample files should work fine for getting started with Nagios. You'll need to make just one
change before you proceed.....
Edit the /usr/local/nagios/etc/objects/contacts.cfgconfig file with your favorite editor and
change the email address associated with the nagiosadmin contact definition to the address
you'd like to use for receiving alerts.
[root@cent60 nagios]# vim /usr/local/nagios/etc/objects/contacts.cfg
# emailnagios@localhost ;
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 10 of 77
[root@cent60 nagios]# make install-webconf
[root@cent60 nagios]#
Create a nagiosadmin account for logging into the Nagios web interface. Remember the
password you assign to this account - you'll need it later.
[root@cent60 nagios]# htpasswd -c /usr/local/nagios/htpasswd.usersnagiosadmin
New password:
Re-type new password:
Adding password for user nagiosadmin
[root@cent60 nagios]#
Restart Apache to make the new settings take effect.
[root@cent60 nagios]# servicehttpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: apr_sockaddr_info_get() failed for cent60
httpd: Could not reliably determine the server's fully qualified domain name,
using 127.0.0.1 for ServerName
[ OK ]
[root@cent60 nagios]# servicehttpd status
httpd (pid 1610) is running...
[root@cent60 nagios]#
You will experience with above httpd error message so fix is issue we have go and edit file
/etc/httpd/conf/httpd.conf
[root@cent60 conf]# pwd
/etc/httpd/conf
[root@cent60 conf]# vimhttpd.conf
# redirections work in a sensible way.
#
#ServerName www.example.com:80
ServerName*:80
#
# UseCanonicalName: Determines how Apache constructs self-referencing
[root@cent60 nagios]# servicehttpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 11 of 77
[root@cent60 nagios]#
2.9. Step 6: Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
[root@cent60 NagiosCore3.3]# tar xvf nagios-plugins-1.4.15.tar.gz
[root@cent60 NagiosCore3.3]# ll
total 3732
drwxr-xr-x. 16 nagiosnagios 4096 Feb 1 23:08 nagios
-rw-r--r--. 1 root root 1714630 Dec 14 14:56 nagios-3.3.1.tar.gz
drwxrwxrwx. 16 nagios root 4096 Jul 28 2010nagios-plugins-1.4.15
-rw-r--r--. 1 root root 2095419 Dec 14 14:57 nagios-plugins-1.4.15.tar.gz
[root@cent60 NagiosCore3.3]#cd nagios-plugins-1.4.15
Compile and install the plugins.
[root@cent60 nagios-plugins-1.4.15]# ./configure --with-nagios-user=nagios --
with-nagios-group=nagios
[root@cent60 nagios-plugins-1.4.15]# make
[root@cent60 nagios-plugins-1.4.15]# make install
2.10. Step 7: Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.
[root@cent60 nagios-plugins-1.4.15]# chkconfig --add nagios
[root@cent60 nagios-plugins-1.4.15]# chkconfignagios on
[root@cent60 nagios-plugins-1.4.15]#
Verify the sample Nagios configuration files.
[root@cent60 nagios-plugins-1.4.15]# /usr/local/nagios/bin/nagios -v
/usr/local/nagios/etc/nagios.cfg
Checking global event handlers...
Checking obsessive compulsive processor commands...
Checking misc settings...
Total Warnings: 0
Total Errors: 0
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 12 of 77
Things look okay - No serious problems were detected during the pre-flight
check
[root@cent60 nagios-plugins-1.4.15]#
If there are no errors, start Nagios.
[root@cent60 nagios-plugins-1.4.15]#
[root@cent60 nagios-plugins-1.4.15]# servicenagios start
Starting nagios: done.
[root@cent60 nagios-plugins-1.4.15]# servicenagios restart
Running configuration check...done.
Stopping nagios: done.
Starting nagios: done.
[root@cent60 nagios-plugins-1.4.15]#
2.11. Step 8: Modify SELinux Setting
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by
default. This can result in "Internal Server Error" messages when you attempt to access the
Nagios CGIs.
See if SELinux is in Enforcing mode.
[root@cent60 nagios-plugins-1.4.15]# getenforce
Enforcing
[root@cent60 nagios-plugins-1.4.15]#
Put SELinux into Permissive mode.
[root@cent60 nagios-plugins-1.4.15]# getenforce 0
Enforcing
[root@cent60 nagios-plugins-1.4.15]#
To make this change permanent, you'll have to modify the settings in /etc/selinux/config and
reboot.
[root@cent60 nagios-plugins-1.4.15]# vim /etc/selinux/config
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
[root@cent60 nagios-plugins-1.4.15]# reboot
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 13 of 77
Instead of disabling SELinux or setting it to permissive mode, you can use the following
command to run the CGIs under SELinux enforcing/targeted mode:
[root@cent60 nagios-plugins-1.4.15]# chcon -R -t httpd_sys_content_t
/usr/local/nagios/sbin
[root@cent60 nagios-plugins-1.4.15]# chcon -R -t httpd_sys_content_t
/usr/local/nagios/share/
[root@cent60 nagios-plugins-1.4.15]#
For information on running the Nagios CGIs under Enforcing mode with a targeted policy, visit
the Nagios Support Portal or Nagios Community Wiki.
2.12. Step 9: Login to the Web Interface
You should now be able to access the Nagios web interface at the URL below. You'll be
prompted for the username (nagiosadmin) and password you specified earlier.
Open web browser enter http://192.168.10.1/nagios
If you still cannot access no Nagios Server check your firewall and disable it.
[root@cent60 ~]#
[root@cent60 ~]# system-config-firewall-tui
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 14 of 77
Click on the "Service Detail" navbar link to see details of what's being monitored on your local
machine. It will take a few minutes for Nagios to check all the services associated with your
machine, as the checks are spread out over time.
2.13. Step 10: Other Modifications
Make sure your machine's firewall rules are configured to allow access to the web server if you
want to access the Nagios interface remotely.
Configuring email notifications is out of the scope of this documentation. While Nagios is
currently configured to send you email notifications, your system may not yet have a mail
program properly installed or configured. Refer to your system documentation, search the web,
or look to the Nagios Support Portal or Nagios Community Wiki for specific instructions on
configuring your system to send email messages to external addresses. More information on
notifications can be found here.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 15 of 77
2.14. Step 11:Your Done
Congratulations! You sucessfully installed Nagios. Your journey into monitoring is just
beginning. You'll no doubt want to monitor more than just your local machine.
2.15. Nagios Virtual Host
We dont want to access to Nagios with 192.168.10.1/nagiso we want to use domain name
instead like nagios.vannath.lab
The Virtual Host configuration file will create during installing Nagios in
/etc/httpd/conf.d/nagios.conf
[root@cent60 conf.d]# pwd
/etc/httpd/conf.d
[root@cent60 conf.d]# vimnagios.conf
# SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
# Last Modified: 11-26-2005
#
# This file contains examples of entries that need
# to be incorporated into your Apache web server
# configuration file. Customize the paths, etc. as
# needed to fit your system.
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
# Orderdeny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
Alias /nagios "/usr/local/nagios/share"
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 16 of 77
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Orderdeny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
And then edit this file as the following:
# SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
# Last Modified: 11-26-2005
#
# This file contains examples of entries that need
# to be incorporated into your Apache web server
# configuration file. Customize the paths, etc. as
# needed to fit your system.
ServerAdmin [email protected]
DocumentRoot /usr/local/nagios/share
ServerNamenagios.vannath.lab
ErrorLog logs/dummy-host.example.com-error_log
CustomLog logs/dummy-host.example.com-access_log common
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
# Orderdeny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 17 of 77
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
Alias /nagios "/usr/local/nagios/share"
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Orderdeny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
The next thing to do is add CNAME record on your DNS Server
[root@cent60 conf.d]# vim /var/named/vannath.lab.zone
$TTL 1D
@ IN SOA cent60.vannath.lab. root.vannath.lab. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS cent60.vannath.lab.
cent60 A 192.168.10.1
nagios CNAME cent60.vannath.lab.
OK now let try access to nagios using domain name nagios.vannath.lab
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 18 of 77
Alright, now we can access Nagios with domain name
3. How to monitor a Linux/Unix machine (NRPE addon)
3.1. Introduction
This document describes how you can monitor "private" services and attributes of Linux/UNIX
servers, such as:
CPU load Memory usage
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 19 of 77
Disk usage Logged in users Running processes etc.
Publicly available services that are provided by Linux servers (HTTP, FTP, SSH, SMTP, etc.)
can be monitored easily by following the documentation on monitoring publicly available
services.
3.2. Overview
There are several different ways to monitor attributes or remote Linux/Unix servers. One is by
using shared SSH keys and the check_by_ssh plugin to execute plugins on remote servers. This
method will not be covered here, but can result in high load on your monitoring server if you
are monitoring hundreds or thousands of services. The overhead of setting up/destroying SSH
connections is the cause of this.
Another common method of monitoring remote Linux/Unix hosts is to use the NRPE addon.
NRPE allows you to execute plugins on remote Linux/Unix hosts. This is useful if you need to
monitor local resources/attributes like disk usage, CPU load, memory usage, etc. on a remote
host.
Use th NRPE daemon to execute Nagios plugins on the remote server and report back to the
monitoring host server.
3.3. Installation and Setup NRPE on Remote Server
1. Create Nagios user account on remote server to monitored
[root@cent61 ~]# useraddnagios
[root@cent61 ~]# passwdnagios
Changing password for user nagios.
New password:
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is too simple
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 20 of 77
Retype new password:
passwd: all authentication tokens updated successfully.
[root@cent61 ~]#
2. Download and Install Nagios Plugins
from http://www.nagios.org/download/download.php
[root@cent61 ~]# mkdir -p /opt/Nagios
[root@cent61 ~]# cd /opt/Nagios/
[root@cent61 Nagios]#
Save file to directory /opt/Nagios. As of this writing Nagios 3.3.1 (Stable) and Nagios Plugins
1.4.15 (Stable)
Extract Files:
[root@cent61 Nagios]# tarxvf nagios-plugins-1.4.15.tar.gz
[root@cent61 Nagios]# ll
total 2456
drwxrwxrwx. 16 501 root 4096 Jul 28 2010 nagios-plugins-1.4.15
-rw-r--r--. 1 root root 2095419 Dec 14 14:57 nagios-plugins-1.4.15.tar.gz
-rw-r--r--. 1 root root 411768 Jan 29 14:02 nrpe-2.13.tar.gz
[root@cent61 Nagios]# cd nagios-plugins-1.4.15
[root@cent61 nagios-plugins-1.4.15]#
3. Compile and Configure Nagios Plugins
You need the openssl-devel,GCC compiler and GD development libraries package installed to
compile plugins with ssl support.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 21 of 77
[root@cent61 nagios-plugins-1.4.15]# yum install openssl-devel [root@cent61 nagios-plugins-1.4.15]# yum install gccglibcglibc-common
[root@cent61 nagios-plugins-1.4.15]# yum install gdgd-devel Install Plugin:
[root@cent61 nagios-plugins-1.4.15]# ./configure --with-nagios-user=nagios --
with-nagios-group=nagios
[root@cent61 nagios-plugins-1.4.15]# make
[root@cent61 nagios-plugins-1.4.15]# make install
The permissions on the plugin directory and the plugins will need to be changed to nagios user
[root@cent61 nagios-plugins-1.4.15]# chownnagios.nagios /usr/local/nagios/
[root@cent61 nagios-plugins-1.4.15]# chown -R nagios.nagios
/usr/local/nagios/libexec/
[root@cent61 nagios-plugins-1.4.15]#
Package xinted is needed
[root@cent61 nagios-plugins-1.4.15]# yum install xinetd
4. Download and Install NRPE Daemon
As of this writing NRPE 2.13 (Stable)
Extract the Files:
[root@cent61 Nagios]# tar xvf nrpe-2.13.tar.gz
[root@cent61 Nagios]# ll
total 2460
drwxrwxrwx. 16 501 root 4096 Feb 2 19:32 nagios-plugins-1.4.15
-rw-r--r--. 1 root root 2095419 Dec 14 14:57 nagios-plugins-1.4.15.tar.gz
drwxr-xr-x. 8 nagiosnagios 4096 Nov 12 01:50 nrpe-2.13
-rw-r--r--. 1 root root 411768 Jan 29 14:02 nrpe-2.13.tar.gz
[root@cent61 Nagios]# cd nrpe-2.13
5. Compile and configure NRPE
[root@cent61 nrpe-2.13]# ./configure
*** Configuration summary for nrpe 2.13 11-11-2011 ***:
General Options:
-------------------------
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 22 of 77
Review the options above for accuracy. If they look okay,
type 'make all' to compile the NRPE daemon and client.
[root@cent61 nrpe-2.13]#
[root@cent61 nrpe-2.13]# make all
[root@cent61 nrpe-2.13]# make install-plugin
[root@cent61 nrpe-2.13]# make install-daemon
[root@cent61 nrpe-2.13]# make install-daemon-config
[root@cent61 nrpe-2.13]# make install-xinetd
6. Post NRPE Configuration
Edit Xinetd NRPE entry:
Add Nagios Monitoring server to the only_from directive
[root@cent61 nrpe-2.13]# vim /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
servicenrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 192.168.10.1
}
Edit services file entry ,Add entry for nrpe daemon
[root@cent61 nrpe-2.13]# vim /etc/services
sfmsso 5635/tcp # SFM Authentication Subsystem
sfm-db-server 5636/tcp # SFMdb - SFM DB server
nrpe5666/tcp# NRPE
amqps 5671/tcp # amqp protocol over TLS/SSL
Restart Xinetd and Set to start at boot:
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 23 of 77
[root@cent61 nrpe-2.13]# chkconfigxinetd on
[root@cent61 nrpe-2.13]# servicexinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[root@cent61 nrpe-2.13]#
7. Test NRPE Daemon Install
Check NRPE daemon is running and listening on port 5666: Output should be: as here
[root@cent61 nrpe-2.13]# netstat -at | grepnrpe
tcp 0 0 *:nrpe *:* LISTEN
[root@cent61 nrpe-2.13]#
Check NRPE daemon is functioning: Output should be NRPE version:
[root@cent61 nrpe-2.13]# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.13
[root@cent61 nrpe-2.13]#
8. Open Port 5666 on Firewall
Make sure to open port 5666 on the firewall of the remote server so that the Nagios monitoring
server can access the NRPE daemon.
3.4. SetupNagios Monitoring Host Server
1. Downlad and Install NRPE Plugin
From http://www.nagios.org/download/download.php
As of this writing NRPE 2.13 (Stable)
Save file to directory /opt/NagiosCore3.3
[root@cent60 NagiosCore3.3]# ll
total 4136
drwxr-xr-x. 16 nagiosnagios 4096 Feb 1 23:08 nagios
-rw-r--r--. 1 root root 1714630 Dec 14 14:56 nagios-3.3.1.tar.gz
drwxrwxrwx. 16 nagios root 4096 Feb 2 00:09 nagios-plugins-1.4.15
-rw-r--r--. 1 root root 2095419 Dec 14 14:57 nagios-plugins-1.4.15.tar.gz
-rw-r--r--. 1 root root 411768 Jan 29 14:02 nrpe-2.13.tar.gz
[root@cent60 NagiosCore3.3]#
Extract the Files:
[root@cent60 NagiosCore3.3]# tar xvf nrpe-2.13.tar.gz
[root@cent60 NagiosCore3.3]# cd nrpe-2.13
2. Compile and Configure NRPE
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 24 of 77
You need the openssl-devel package installed to compile NRPE with ssl support.
[root@cent60 nrpe-2.13]# yum install openssl-devel
[root@cent60 nrpe-2.13]# ./configure
*** Configuration summary for nrpe 2.13 11-11-2011 ***:
General Options:
-------------------------
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios
Review the options above for accuracy. If they look okay,
type 'make all' to compile the NRPE daemon and client.
[root@cent60 nrpe-2.13]# make all
[root@cent60 nrpe-2.13]# make install-plugin
3. Test Connection to NRPE daemon on Remote Server
Lets now make sure that the NRPE on our Nagios server can talk to the NRPE daemon on the
remote server we want to monitor. Replace with the remote servers IP
address.
[root@cent60 nrpe-2.13]# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.2
NRPE v2.13
[root@cent60 nrpe-2.13]#
If you encounter a problem check firewall on the remote Server.
[root@cent60 nrpe-2.13]# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.2
Connection refused or timed out
[root@cent60 nrpe-2.13]#
Make sure that the firewall is disable on the remote linux Server
[root@cent61 nrpe-2.13]# system-config-firewall-tui
Firewall Configuration
A firewall protects against unauthorized
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 25 of 77
network intrusions. Enabling a firewall blocks
all incoming connections. Disabling a firewall
allows all connections and is not recommended.
Firewall: [ ] Enabled
OK Customize Cancel
4. Create NRPE Command Definition
A command definition needs to be created in order for the check_nrpe plugin to be used by
nagios. Add the following:
[root@cent60 nrpe-2.13]# vim /usr/local/nagios/etc/objects/commands.cfg
##################################################################################
# NRPE CHECK COMMAND #
# Command to use NRPE to check remote host systems
##################################################################################
define command{
command_namecheck_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
D
5. Create Linux Object template
In order to be able to add the remote linux machine to Nagios we need to create an object
template file adn add some object definitions.
Create new linux-box-remote object template file:
[root@cent60 nrpe-2.13]# vim /usr/local/nagios/etc/objects/linux-box-remote.cfg
Add the following and replace the values host_name alias address with the values that
match your setup:
The host_name you set for the define_host section must match the host_name in the
define_service section
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 26 of 77
define host{
namelinux-box-remote ; Name of this template
use generic-host ; Inherit default values
check_period 24x7
check_interval 5
retry_interval 1
max_check_attempts 10
check_command check-host-alive
notification_period 24x7
notification_interval 30
notification_optionsd,r
contact_groups admins
register 0 ; DONT REGISTER THIS - ITS A TEMPLATE
}
define host{
uselinux-box-remote ; Inherit default values from a template
host_name Cent61 ; The name we're giving to this server
alias Cent61 ; A longer name for the server
address 192.168.10.2 ; IP address of the server
}
define service{
use generic-service
host_name Cent61
service_description CPU Load
check_commandcheck_nrpe!check_load
}
define service{
use generic-service
host_name Cent61
service_description Current Users
check_commandcheck_nrpe!check_users
}
define service{
use generic-service
host_name Cent61
service_description /dev/hda1 Free Space
check_command check_nrpe!check_hda1
}
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 27 of 77
define service{
use generic-service
host_name Cent61
service_description Total Processes
check_commandcheck_nrpe!check_total_procs
}
define service{
use generic-service
host_name Cent61
service_description Zombie Processes
check_commandcheck_nrpe!check_zombie_procs
Activate the linux-box-remote.cfg template:
[root@cent60 ~]# vim /usr/local/nagios/etc/nagios.cfg
####### Definitions for monitoring remote Linux machine #########
cfg_file=/usr/local/nagios/etc/objects/linux-box-remote.cfg
################
Verify Nagios Configuration Files
[root@cent60 ~]# /usr/local/nagios/bin/nagios -v
/usr/local/nagios/etc/nagios.cfg
Checking obsessive compulsive processor commands...
Checking misc settings...
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight
check
[root@cent60 ~]#
Restart Nagios:
[root@cent60 ~]# servicenagios restart
Running configuration check...done.
Stopping nagios: done.
Starting nagios: done.
[root@cent60 ~]#
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 28 of 77
Check Nagios Monitoring server that the remote linux box was added and is being monitored !
6. Trouble Shooting
On Status Information you will encounter error message DISK CRITICAL - /dev/hda1 is not
accessible: No such file or directory
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 29 of 77
Solution you need you check you systems hard disk architecture on the remote server
[root@cent61 ~]# df -h
FilesystemSize Used Avail Use% Mounted on
/dev/sda2 9.9G 382M 9.0G 4% /
tmpfs 504M 0 504M 0% /dev/shm
/dev/sda1 97M 24M 69M 26% /boot
/dev/sda5 3.9G 973M 2.7G 27% /usr
/dev/sr0 4.4G 4.4G 0 100% /mnt/iso/dvd
[root@cent61 ~]#
As you can the systems hard disk architecture is sda not hda so change it to fix this.
[root@cent61 ~]# vim /usr/local/nagios/etc/nrpe.cfg
#command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p
/dev/hda1
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -
p/dev/sda2
OK now the problem is fixed
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 30 of 77
You see on Service manu it display /dev/hda1 it is not really on exactly systems Change
command to the right one. This is done on the remote server
[root@cent61 ~]# vim /usr/local/nagios/etc/nrpe.cfg
#command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p
/dev/hda1
command[check_disk_root]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p
/dev/sda2
And thenon Nagios Server change as the following
[root@cent60 objects]# pwd
/usr/local/nagios/etc/objects
[root@cent60 objects]# vimlinux-box-remote.cfg
define service{
use generic-service
host_name Cent61
# service_description /dev/hda1 Free Space
# check_command check_nrpe!check_hda1
service_description Root Partition
check_commandcheck_nrpe!check_disk_root
}
Then restart nagios service
[root@cent60 objects]# servicenagios restart
Running configuration check...done.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 31 of 77
Stopping nagios: done.
Starting nagios: done.
[root@cent60 objects]#
Atfter that is should look as the following
3.5. Customizing Your Configuration
You'll might want to monitor more services on the remote Linux/Unix box than those that are
described in thisdocumentation. This is easy to accomplish
Anytime you want to monitor a new service on a remote host using the NRPE addon, you have
to do two things:
Add a new command definition to the nrpe.cfg file on the remote host Add a new service definition to your Nagios configuration on the monitoring
host
Let's say you want to monitor the swap usage on the remote Linux/Unix host. Here are the steps
you'd need tofollow...
3.5.1. Remote Host Configuration
You can use the check_swap plugin to monitor swap usage on the machine. Assuming you
followed theinstallation instructions in this document, the check_swap plugin should already be
installed in/usr/local/nagios/libexec
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 32 of 77
Login as the nagios user on the remote host.
Run the check_swap plugin manually and tweak the command line options to specify the
desired warning andcritical free swap space thresholds. Make sure the full command line
returns the expected output you want fromthe plugin. For this example, let's say you want a
critical alert if swap free space is less than 10% and a warning iffree space is less than 20%.
Here's the command line that would accomplish that:
[root@cent61 etc]# /usr/local/nagios/libexec/check_swap -w 20% -c 10%
SWAP OK - 100% free (1023 MB out of 1023 MB) |swap=1023MB;204;102;0;1023
[root@cent61 etc]#
Now that you know the command line that should be execute, open the NRPE configuration
file.
[root@cent61 etc]# pwd
/usr/local/nagios/etc
[root@cent61 etc]# vimnrpe.cfg
Add a new check_swap command definition that uses the command line from above and save
the file.
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c
200
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%
# The following examples allow user-supplied arguments and can
If you're running the NRPE daemon as a standalone daemon you'll need to restart it. If you're
running it under theinetd/xinetdsuperserver you don't need to do anything more.
3.5.2. Monitoring Host Configuration
On the monitoring host, you need to define a new service for monitoring the swap usage on the
remote host. Addthe following entry to one of your object configuration files
define service{
use generic-service
host_name Cent62
service_description Swap Partition
check_commandcheck_nrpe!check_swap
}.
Notice that the check commands is passing check_swap to check_nrpe command definition.
This will cause the NRPE daemon to run the check_swap command that was definded in the
nrpe.cfg file on the remote host in the previous step.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 33 of 77
Next, verify your Nagios configuration files and restart Nagios.
[root@cent60 etc]# /usr/local/nagios/bin/nagios -v
/usr/local/nagios/etc/nagios.cfg
Checking misc settings...
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight
check
[root@cent60 etc]#
[root@cent60 etc]# servicenagios restart
Running configuration check...done.
Stopping nagios: done.
Starting nagios: done.
[root@cent60 etc]#
Thats it! You are now monitoring a new service on the remote host using the NRPE addon
3.6. NRPE Option Help
For more option about NRPE you can use -h when executed NRPE script
[root@cent61 libexec]# cd /usr/local/nagios/libexec/
[root@cent61 libexec]# ls
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 34 of 77
check_aptcheck_flexlmcheck_mailqcheck_oraclecheck_ssmtp
check_breezecheck_ftpcheck_mrtgcheck_overcrcheck_swap
check_by_sshcheck_httpcheck_mrtgtrafcheck_pingcheck_tcp
check_clamdcheck_icmpcheck_nagioscheck_popcheck_time
check_clustercheck_ide_smartcheck_nntpcheck_procscheck_udp
check_dhcpcheck_ifoperstatuscheck_nntpscheck_realcheck_ups
check_digcheck_ifstatuscheck_nrpecheck_rpccheck_users
check_diskcheck_imapcheck_ntcheck_sensorscheck_wave
check_disk_smbcheck_ircdcheck_ntpcheck_simap negate
check_dnscheck_jabbercheck_ntp_peercheck_smtpurlize
check_dummycheck_loadcheck_ntp_timecheck_spop utils.pm
check_file_agecheck_logcheck_nwstatcheck_ssh utils.sh
[root@cent61 libexec]#
[root@cent61 libexec]# ./check_dhcp -h
check_dhcp v1.4.15 (nagios-plugins 1.4.15)
Copyright (c) 2001-2004 Ethan Galstad ([email protected])
Copyright (c) 2001-2007 Nagios Plugin Development Team
This plugin tests the availability of DHCP servers on a network.
Usage:
check_dhcp [-v] [-u] [-s serverip] [-r requestedip] [-t timeout]
[-i interface] [-m mac]
Options:
-h, --help
Print detailed help screen
-V, --version
Print version information
-v, --verbose
Show details for command-line debugging (Nagios may truncate output)
-s, --serverip=IPADDRESS
IP address of DHCP server that we must hear from
-r, --requestedip=IPADDRESS
IP address that should be offered by at least one DHCP server
-t, --timeout=INTEGER
Seconds to wait for DHCPOFFER before timeout occurs
-i, --interface=STRING
Interface to to use for listening (i.e. eth0)
-m, --mac=STRING
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 35 of 77
MAC address to use in the DHCP request
-u, --unicast
Unicast testing: mimic a DHCP relay, requires -s
Send email to [email protected] if you have questions
regarding use of this software. To submit patches or suggest improvements,
send email to [email protected]
[root@cent61 libexec]#
4. How to monitor a Windows machine
4.1. Introduction
This document describes how you can monitor "private" services and attributes of Windows
machines, such as:
Memory usage CPU load Disk usage Service states Running processes etc.
Publicly available services that are provided by Windows machines (HTTP, FTP, POP3, etc.)
can be monitored easily by following the documentation on monitoring publicly available
services.
4.2. Overview
Monitoring private services or attributes of a Windows machine requires that you install an
agent on it. This agent acts as a proxy between the Nagios plugin that does the monitoring and
the actual service or attribute of the Windows machine. Without installing an agent on the
Windows box, Nagios would be unable to monitor private services or attributes of the Windows
box.
For this example, we will be installing the NSClient++ (http://sourceforge.net/projects/nscplus/)
addon on the Windows machine and using the check_nt plugin to communicate with the
NSClient++ addon. The check_nt plugin should already be installed on the Nagios server if you
followed the quickstart guide.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 36 of 77
The NSClient++ agent must be installed on the target Windows machine and configured before
Nagios can monitor system metrics, services, processes, or performance data on the target
machine
4.3. What's Already Done For You
To make your life a bit easier, a few configuration tasks have already been done for you:
A check_nt command definition has been added to the commands.cfg file. This allows you to use the check_nt plugin to monitor Window services.
A Windows server host template (called windows-server) has already been created in the templates.cfg file. This allows you to add new Windows host definitions in a simple
manner.
The above-mentioned config files can be found in the /usr/local/nagios/etc/objects/ directory.
You can modify the definitions in these and other definitions to suit your needs better if you'd
like. However, I'd recommend waiting until you're more familiar with configuring Nagios
before doing so. For the time being, just follow the directions outlined below and you'll be
monitoring your Windows boxes in no time.
4.4. Prerequisites
The first time you configure Nagios to monitor a Windows machine, you'll need to do a bit of
extra work. Remember, you only need to do this for the *first* Windows machine you monitor.
Edit the main Nagios config file.
[root@cent60 ~]# vim /usr/local/nagios/etc/nagios.cfg
Remove the leading pound (#) sign from the following line in the main configuration file:
# Definitions for monitoring a Windows machine
cfg_file=/usr/local/nagios/etc/objects/windows.cfg
Save the file and exit.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 37 of 77
What did you just do? You told Nagios to look to the /usr/local/nagios/etc/objects/windows.cfg
to find additional object definitions. That's where you'll be adding Windows host and service
definitions. That configuration file already contains some sample host, hostgroup, and service
definitions. For the *first* Windows machine you monitor, you can simply modify the sample
host and service definitions in that file, rather than creating new ones.
4.5. Installing the Windows Agent
Before you can begin monitoring private services and attributes of Windows machines, you'll
need to install an agent on those machines. I recommend using the NSClient++ addon, which
can be found at http://sourceforge.net/projects/nscplus. These instructions will take you through
a basic installation of the NSClient++ addon, as well as the configuration of Nagios for
monitoring the Windows machine.
Download the NSClient++ installer package to the target machine you wish to install it on.
Run the NSClient++ MSI installer package to initiate the installation. The welcome screen will
appear. Click Next to continue to the next step
Read through the End User License Agreement. Once you have agreed to its terms, check the
acceptance box and click Next to continue.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 38 of 77
You may customize the installation options on the next screen if you wish. No changes are
required for an working installation of the agent. Click Next to continue.
If an existing NSClient++ installation exists on the target machine, you will have the option of
using the old configuration file. This option is not enable if this is the first time you are
installing the client. Click Next to continue
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 39 of 77
In the next step you will need to configure the NSClient++ agent. These steps are important!
Make sure you:
Enter the IP address of the Nagios Core server in the Allowed hosts box. Enter a password in the NSClient password box that will be required for
communication between the Nagios server and the Windows machine.
Check the following boxes in the Modules to load section: Enable common check plugins Enable nsclient server (check_nt)
Click Next to continue.
Click the Install button on the next screen to begin the installation.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 40 of 77
When the installation completes, make sure to check the Start service option and click Finish
to complete the setup.
The NSClient++ agent will now be running as a service, which means the Windows machine is
ready to be monitored with Nagios.
4.6. Configuring Nagios
Now it's time to define some object definitions in your Nagios configuration files in order to
monitor the new Windows machine.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 41 of 77
Open the windows.cfg file for editing.
[root@cent60 ~]# vim /usr/local/nagios/etc/objects/windows.cfg
Add a new host definition for the Windows machine that you're going to monitor. If this is the
*first* Windows machine you're monitoring, you can simply modify the sample host definition
in windows.cfg. Change the host_name, alias, and address fields to appropriate values for the
Windows box.
# Change the host_name, alias, and address to fit your situation
define host{
use windows-server ; Inherit default values from a
template
host_name w2k81 ; The name we're giving to this host
alias Windows Server 2008; A longer name associated with the
host
address 192.168.10.3 ; IP address of the host
}
Good. Now you can add some service definitions (to the same configuration file) in order to tell
Nagios to monitor different aspects of the Windows machine. If this is the *first* Windows
machine you're monitoring, you can simply modify the sample service definitions in
windows.cfg.
Note: Replace "w2k81" in the example definitions below with the name you specified in the
host_name directive of the host definition you just added.
Add the following service definition to monitor the version of the NSClient++ addon that is
running on the Windows server. This is useful when it comes time to upgrade your Windows
servers to a newer version of the addon, as you'll be able to tell which Windows machines still
need to be upgraded to the latest version of NSClient++.
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description NSClient++ Version
check_command check_nt!CLIENTVERSION
}
Add the following service definition to monitor the uptime of the Windows server.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 42 of 77
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description Uptime
check_command check_nt!UPTIME
}
Add the following service definition to monitor the CPU utilization on the Windows server and
generate a CRITICAL alert if the 5-minute CPU load is 90% or more or a WARNING alert if
the 5-minute load is 80% or greater.
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description CPU Load
check_command check_nt!CPULOAD!-l 5,80,90
}
Add the following service definition to monitor memory usage on the Windows server and
generate a CRITICAL alert if memory usage is 90% or more or a WARNING alert if memory
usage is 80% or greater.
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description Memory Usage
check_command check_nt!MEMUSE!-w 80 -c 90
}
Add the following service definition to monitor usage of the C:\ drive and D:\drive on the
Windows server and generate a CRITICAL alert if disk usage is 90% or more or a WARNING
alert if disk usage is 80% or greater.
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description C:\ Drive Space
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 43 of 77
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description D:\ Drive Space
check_command check_nt!USEDDISKSPACE!-l d -w 80 -c 90
}
Add the following service definition to monitor the W3SVC service state on the Windows
machine and generate a CRITICAL alert if the service is stopped.
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description W3SVC
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
}
Add the following service definition to monitor the Explorer.exe process on the Windows
machine and generate a CRITICAL alert if the process is not running.
define service{
use generic-service
# host_name winserver
host_name w2k81
service_description Explorer
check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
}
That's it for now. You've added some basic services that should be monitored on the Windows
box. Save the configuration file.
4.7. Password Protection
If you specified a password in the NSClient++ configuration file on the Windows machine,
you'll need to modify the check_nt command definition to include the password. Open the
commands.cfg file for editing.
[root@cent60 ~]# vim /usr/local/nagios/etc/objects/commands.cfg
[root@cent60 ~]#
Change the definition of the check_nt command to include the "-s " argument
(where PASSWORD is the password you specified on the Windows machine) like this:
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 44 of 77
# 'check_nt' command definition
define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -s 1234567 -
v $ARG1$ $ARG2$
}
Save the file.
4.8. Restarting Nagios
You're done with modifying the Nagios configuration, so you'll need to verify your
configuration files and restart Nagios.
If the verification process produces any errors messages, fix your configuration file before
continuing. Make sure that you don't (re)start Nagios until the verification process completes
without any errors!
[root@cent60 ~]# /usr/local/nagios/bin/nagios -v
/usr/local/nagios/etc/nagios.cfg
Checking misc settings...
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight
check
[root@cent60 ~]#
[root@cent60 ~]# service nagios restart
Running configuration check...done.
Stopping nagios: done.
Starting nagios: done.
[root@cent60 ~]#
Ok now we monitor it !
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 45 of 77
5. How to monitor a router/switch
5.1. Introduction
This document describes how you can monitor the status of network switches and routers. Some
cheaper "unmanaged" switches and hubs don't have IP addresses and are essentially invisible on
your network, so there's not any way to monitor them. More expensive switches and routers
have addresses assigned to them and can be monitored by pinging them or using SNMP to
query status information.
I'll describe how you can monitor the following things on managed
switches, hubs, and routers:
Packet loss, round trip average SNMP status information Bandwidth / traffic rate
5.2. Overview
Monitoring switches and routers can either be easy or more involved - depending on what
equipment you have and what you want to monitor. As they are critical infrastructure
components, you'll no doubt want to monitor them in at least some basic manner.
Switches and routers can be monitored easily by "pinging" them to determine packet loss, RTA,
etc. If your switch supports SNMP, you can monitor port status, etc. with the check_snmp
plugin and bandwidth (if you're using MRTG) with the check_mrtgtraf plugin.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 46 of 77
The check_snmp plugin will only get compiled and installed if you have the net-snmp and net-
snmp-utils packages installed on your system. Make sure the plugin exists in
/usr/local/nagios/libexec before you continue. If it doesn't, install net-snmp and net-snmp-utils
and recompile/reinstall the Nagios plugins.
5.3. Steps
There are several steps you'll need to follow in order to monitor a new router or switch. They
are:
Perform first-time prerequisites Create new host and service definitions for monitoring the device Restart the Nagios daemon
5.4. What's Already Done For You
To make your life a bit easier, a few configuration tasks have already been done for you:
Two command definitions (check_snmp and check_local_mrtgtraf) have been added to the commands.cfg file. These allows you to use the check_snmp and check_mrtgtraf
plugins to monitor network routers.
A switch host template (called generic-switch) has already been created in the templates.cfg file. This allows you to add new router/switch host definitions in a simple
manner.
The above-mentioned config files can be found in the /usr/local/nagios/etc/objects/ directory.
You can modify the definitions in these and other definitions to suit your needs better if you'd
like. However, I'd recommend waiting until you're more familiar with configuring Nagios
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 47 of 77
before doing so. For the time being, just follow the directions outlined below and you'll be
monitoring your network routers/switches in no time.
5.5. Prerequisites
The first time you configure Nagios to monitor a network switch, you'll need to do a bit of extra
work. Remember, you only need to do this for the *first* switch you monitor.
Edit the main Nagios config file.
[root@cent60 etc]# vim /usr/local/nagios/etc/nagios.cfg
# Definitions for monitoring a router/switch
cfg_file=/usr/local/nagios/etc/objects/switch.cfg
Save the file and exit.
What did you just do? You told Nagios to look to the /usr/local/nagios/etc/objects/switch.cfg to
find additional object definitions. That's where you'll be adding host and service definitions for
routers and switches. That configuration file already contains some sample host, hostgroup, and
service definitions. For the *first* router/switch you monitor, you can simply modify the
sample host and service definitions in that file, rather than creating new ones.
5.6. Configuring Nagios
You'll need to create some object definitions in order to monitor a new router/switch.
Open the switch.cfg file for editing.
[root@cent60 etc]# vim /usr/local/nagios/etc/objects/switch.cfg
Add a new host definition for the switch that you're going to monitor. If this is the *first* switch
you're monitoring, you can simply modify the sample host definition in switch.cfg. Change the
host_name, alias, and address fields to appropriate values for the switch.
# Define the switch that we'll be monitoring
define host{
use generic-switch ; Inherit default values from a template
# host_name linksys-srw224p ; The name we're giving to this switch
host_name icteo-sw01 ; The name we're giving to this switch
alias ICTEO Switch 01 ; A longer name associated with the
switch
address 192.168.10.10 ; IP address of the switch
hostgroups switches ; Host groups this switch is associated with
}
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 48 of 77
5.7. Monitoring Services
Now you can add some service definitions (to the same configuration file) to monitor different
aspects of the switch. If this is the *first* switch you're monitoring, you can simply modify the
sample service definition in switch.cfg.
Note: Replace "linksys-srw224p" in the example definitions below with the name you specified
in the host_name directive of the host definition you just added.
5.8. Monitoring Packet Loss and RTA
Add the following service definition in order to monitor packet loss and round trip average
between the Nagios host and the switch every 5 minutes under normal conditions.
# Create a service to PING to switch
define service{
use generic-service ; Inherit values from a template
# host_name linksys-srw224p ; The name of the host the
service is associated with
host_name icteo-sw01 ; The name we're giving to this switch
service_description PING ; The service description
check_command check_ping!200.0,20%!600.0,60% ; The command
used to monitor the service
normal_check_interval 5 ; Check the service every 5 minutes under
normal conditions
retry_check_interval 1 ; Re-check the service every minute until
its final/hard state is determined
}
This service will be:
CRITICAL if the round trip average (RTA) is greater than 600 milliseconds or the packet loss is 60% or more
WARNING if the RTA is greater than 200 ms or the packet loss is 20% or more OK if the RTA is less than 200 ms and the packet loss is less than 20%
5.9. Monitoring SNMP Status Information
If your switch or router supports SNMP, you can monitor a lot of information by using the
check_snmp plugin. If it doesn't, skip this section.
Add the following service definition to monitor the uptime of the switch.
-
Ministry of Education, Youth and Sports.#201, Norodom Blvd.,
Phnom Penh, Kingdom of Cambodia
Website: www.moeys.gov.khFax: +855 23 210 134
CentOS6_Nagios_Core_3.3.x_V0.0.docx
March 1, 2012 By Vannath KANN Page 49 of 77
# Monitor uptime via SNMP
define service{
use generic-service ; Inherit values from a template
# host_name linksys-srw224p
host_name icteo-sw01 ; The name we're giving to this switch
service_description Uptime
check_command check_snmp!-C public -o sysUpTime.0
}
In the check_command directive of the service definition above, the "-C public" tells the plugin
that the SNMP community name to be used is "public" and the "-o sysUpTime.0" indicates
which OID should be checked.