In my experience you want to add a nagios user in your mysql db. Grant it priv types that your check will use like "SELECT, PROCESS, REPLICATION CLIENT" ? You might want to tighten the grant down to a specific ip only or range of your nagios server as well.
On Wed, Mar 1, 2017 at 11:36 AM, John Fowler <john.fow...@connection.com> wrote: > Hello, > > > > I have a question regarding the check_mysql plug-in. I’m not a Linux > admin and have had little experience with Nagios. > > > > I am a MySQL DBA and have noticed access denied messages in the MySQL > error log on servers where we are using the check_mysql Nagios plug-in. The > check is scheduled to happen every 5 minutes and that is the frequency I'm > seeing these authentication failure messages in the MySQL error log. > > > > The command that's getting issued every 5 minutes is as follows: > > $USER1$/check_mysql -H $HOSTADDRESS$ -n > > > > The user associated with the message is not root, but rather the user > account associated with our Linux admin who set up the Nagios service > check. I'd like to prevent these messages from being constantly written to > the error log and creating a lot of "white noise". I understand the "-n" > switch in the command above is to ignore authentication failure and just > check MySQL connectivity. But the authentication failures are causing > repeating access denied messages to get written to the MySQL error log. > > > > What is the best practice for using the check_mysql plug-in? Do we have to > create a user account for the Nagios account performing the check? Is there > any other way to check MySQL connectivity without a MySQL account? > > > > Thanks, > > John > > >
