Re: [Nagios-users] Odd Problem with check_yum on one server...
It would appear to be an selinux problem. On Mon, Sep 16, 2013 at 4:43 AM, Andreas Ericsson a...@op5.se wrote: On 2013-09-13 19:46, Sean Alderman wrote: I apologize... I should have pasted that, but I thought the fact that I could execute the check_yum script as the nrpe user on the host with the problem would have implied that it functions as expected. Yum is located where we would expect it to be on a standard CentOS machine. Then it seems like you're running nrpe in a chroot jail or a limited container, where /usr/bin/yum doesn't exist. -- Andreas Ericsson andreas.erics...@op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton 300 College Park Dayton, Ohio 45469-1530 (937) 229-5088 salderm...@udayton.edu *We are not some casual and meaningless product of evolution. Each of us is the result of a thought of God. Each of us is willed. Each of us is loved. Each of us is necessary.* - BXVI -- LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99! 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13. http://pubads.g.doubleclick.net/gampad/clk?id=58041151iu=/4140/ostg.clktrk___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Splunk Integration Question...
From what I can tell, after trying it, the query string appended to the splunk_url parameter referneces Nagios specific things... e.g. https://*splunk_url*/?q=search?%20*hostname*%20* Nagios_command_description * So, the implication is that somehow splunk has data about nagios checks, by name. For my environment, splunk uses short names. We set this up to avoid having a mix of both short names and fqdns in the host field since most of our splunk data is sourced from syslog which doesn't provide fqdn. Because of this clicking the link for this in Nagios would result in splunk on the FQDN and producing no results. The other issue is that at this point, splunk has no data about nagios checks, so searching the check name, also does nothing for us. So I hope you can see why I'm confused about the purpose of this integration. On Tue, Sep 10, 2013 at 3:12 PM, Frost, Mark {BIS} mark.fro...@pepsico.comwrote: Huh. Where did those new options come from? They weren’t in the cgi.cfg docs the last time I looked J. ** ** I agree, it’s not terribly clear to me what that option does, but it does reference “Splunk IT” which is a special Splunk package that you can use for Splunk benchmarking. That still doesn’t make it clear what it’s used for. ** ** I see a second parameter, “splunk_url” that lets you specify the URL for your Splunk server. ** ** Maybe it just somehow says to pepper the logs with your Splunk URL in appropriate places. ** ** Mark ** ** *From:* Sean Alderman [mailto:salderm...@udayton.edu] *Sent:* Tuesday, September 10, 2013 1:34 PM *To:* Nagios Users List *Subject:* Re: [Nagios-users] Splunk Integration Question... ** ** Just what's in the nagios doc on CGI.cfg. The doc is lacking about what it does, so I guess I'm a little curious what that config is about. - Sean Alderman Senior Engineer, UDit Systems Integration This message had been brought to you by Android Bionic. On Sep 10, 2013 1:10 PM, Frost, Mark {BIS} mark.fro...@pepsico.com wrote: Sean, Can you describe what you’re doing for Splunk integration with Nagios? I’ve used Splunk with Nagios in a couple different ways, but I’m not aware of any single standard for doing so. Originally, I just had Splunk run a scheduled search, which would trigger a script which sent a passive check result back to a Nagios service via NSCA. That way – having Nagios process passive check results from Splunk – was the only way I could see to do that. Recently, I played around a bit with writing scripts that made use of Splunk’s REST API so the checks could be run as active checks from Nagios. (I always prefer active checks). I set this up for only one check, but once I got it working it worked pretty well. As a side note, I’m still a little on the fence about whether or not I really want to have Nagios find problems through Splunk and then alert on them or have Splunk find an alert on them directly without using Nagios at all… Are you referring to another way of making Splunk and Nagios talk together? Mark *From:* Sean Alderman [mailto:salderm...@udayton.edu] *Sent:* Monday, September 09, 2013 1:12 PM *To:* nagios-users@lists.sourceforge.net *Subject:* [Nagios-users] Splunk Integration Question... Greetings, I was hoping I might find someone who's got the splunk integration actively working. I'm running Nagios Core (via EPEL) and Splunk 5.0.3 on OracleLinux 6.4. When I edit cgi.cfg and enable splunk integration, then set the splunk URL to https://mysplunkserver:8000/en-US/app/search/flastimeline, I notice the nagios URLs look like: https:// mysplunkserver:8000/en-US/app/flashtimeline?q=search%20test1.udayton.edu%20nagios plugin check. I have two questions... · Is there a way I can make nagios use the hostname only, not the FQDN? We use short names in splunk so we don't a mix of fqdn and short names since we use both forwarders and syslog as input. · What data is this query looking for, is it expected that I should have my nagios log in splunk? The nagios plugin check in the query doesn't seem useful to me, unless there's splunk data specifically tied to that check, and I'm hoping someone could provide an example. Kind regards, -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk
[Nagios-users] Odd Problem with check_yum on one server...
Greetings, I'm hoping someone might be able to provide a hint on this issue. Its strange, it happens only on one of my CentOS 6.4 servers. Nagios server reports /usr/bin/yum not found when executing the following test: [root@nagios ~]# sudo -u nagios /usr/lib64/nagios/plugins/check_nrpe -H test.example.com -c check_yum -a noarg UNKNOWN: /usr/bin/yum cannot be found Over on test.example.com: [root@test ~]# ps -ef|grep nrpe|grep -v grep nrpe 20038 1 0 Sep10 ?00:00:22 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d [root@test ~]# sudo -u nrpe /usr/lib64/nagios/plugins/check_yum YUM OK: 0 Security Updates Available. 15 Non-Security Updates Available | Again, I have other CentOS servers monitored using the same check_yum command configured on the Nagios server, they all work fine - including the Nagios server itself which is monitored through nrpe. Thank you for your time and consideration, kind regards, -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton salderm...@udayton.edu *We are not some casual and meaningless product of evolution. Each of us is the result of a thought of God. Each of us is willed. Each of us is loved. Each of us is necessary.* - BXVI -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Odd Problem with check_yum on one server...
I apologize... I should have pasted that, but I thought the fact that I could execute the check_yum script as the nrpe user on the host with the problem would have implied that it functions as expected. Yum is located where we would expect it to be on a standard CentOS machine. [root@test ~]# rpm -qa|grep yum yum-3.2.29-40.el6.centos.noarch yum-utils-1.1.30-14.el6.noarch yum-metadata-parser-1.1.2-16.el6.x86_64 yum-plugin-fastestmirror-1.1.30-14.el6.noarch yum-plugin-security-1.1.30-14.el6.noarch [root@test ~]# which yum /usr/bin/yum Thanks, On Fri, Sep 13, 2013 at 11:00 AM, Tech Support supp...@voipbusiness.uswrote: It seems to me that yum is simply located somewhere else on that server. Try “which yum”. Regards; John ** ** *From:* Sean Alderman [mailto:salderm...@udayton.edu] *Sent:* Friday, September 13, 2013 10:13 AM *To:* Nagios Users List *Subject:* [Nagios-users] Odd Problem with check_yum on one server... ** ** Greetings, I'm hoping someone might be able to provide a hint on this issue. Its strange, it happens only on one of my CentOS 6.4 servers. Nagios server reports /usr/bin/yum not found when executing the following test: [root@nagios ~]# sudo -u nagios /usr/lib64/nagios/plugins/check_nrpe -H test.example.com -c check_yum -a noarg UNKNOWN: /usr/bin/yum cannot be found ** ** Over on test.example.com: [root@test ~]# ps -ef|grep nrpe|grep -v grep nrpe 20038 1 0 Sep10 ?00:00:22 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d [root@test ~]# sudo -u nrpe /usr/lib64/nagios/plugins/check_yum YUM OK: 0 Security Updates Available. 15 Non-Security Updates Available | Again, I have other CentOS servers monitored using the same check_yum command configured on the Nagios server, they all work fine - including the Nagios server itself which is monitored through nrpe. Thank you for your time and consideration, kind regards, -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton salderm...@udayton.edu *We are not some casual and meaningless product of evolution. Each of us is the result of a thought of God. Each of us is willed. Each of us is loved. Each of us is necessary.* - BXVI -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton 300 College Park Dayton, Ohio 45469-1530 (937) 229-5088 salderm...@udayton.edu *We are not some casual and meaningless product of evolution. Each of us is the result of a thought of God. Each of us is willed. Each of us is loved. Each of us is necessary.* - BXVI -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Splunk Integration Question...
Just what's in the nagios doc on CGI.cfg. The doc is lacking about what it does, so I guess I'm a little curious what that config is about. - Sean Alderman Senior Engineer, UDit Systems Integration This message had been brought to you by Android Bionic. On Sep 10, 2013 1:10 PM, Frost, Mark {BIS} mark.fro...@pepsico.com wrote: Sean, ** ** Can you describe what you’re doing for Splunk integration with Nagios? I’ve used Splunk with Nagios in a couple different ways, but I’m not aware of any single standard for doing so. ** ** Originally, I just had Splunk run a scheduled search, which would trigger a script which sent a passive check result back to a Nagios service via NSCA. That way – having Nagios process passive check results from Splunk – was the only way I could see to do that. ** ** Recently, I played around a bit with writing scripts that made use of Splunk’s REST API so the checks could be run as active checks from Nagios. (I always prefer active checks). I set this up for only one check, but once I got it working it worked pretty well. ** ** As a side note, I’m still a little on the fence about whether or not I really want to have Nagios find problems through Splunk and then alert on them or have Splunk find an alert on them directly without using Nagios at all… ** ** Are you referring to another way of making Splunk and Nagios talk together? ** ** Mark ** ** *From:* Sean Alderman [mailto:salderm...@udayton.edu] *Sent:* Monday, September 09, 2013 1:12 PM *To:* nagios-users@lists.sourceforge.net *Subject:* [Nagios-users] Splunk Integration Question... ** ** Greetings, I was hoping I might find someone who's got the splunk integration actively working. I'm running Nagios Core (via EPEL) and Splunk 5.0.3 on OracleLinux 6.4. When I edit cgi.cfg and enable splunk integration, then set the splunk URL to https://mysplunkserver:8000/en-US/app/search/flastimeline, I notice the nagios URLs look like: https:// mysplunkserver:8000/en-US/app/flashtimeline?q=search%20test1.udayton.edu%20nagios plugin check. I have two questions... **· **Is there a way I can make nagios use the hostname only, not the FQDN? We use short names in splunk so we don't a mix of fqdn and short names since we use both forwarders and syslog as input. **· **What data is this query looking for, is it expected that I should have my nagios log in splunk? The nagios plugin check in the query doesn't seem useful to me, unless there's splunk data specifically tied to that check, and I'm hoping someone could provide an example. Kind regards, -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] Splunk Integration Question...
Greetings, I was hoping I might find someone who's got the splunk integration actively working. I'm running Nagios Core (via EPEL) and Splunk 5.0.3 on OracleLinux 6.4. When I edit cgi.cfg and enable splunk integration, then set the splunk URL to https://mysplunkserver:8000/en-US/app/search/flastimeline, I notice the nagios URLs look like: https:// mysplunkserver:8000/en-US/app/flashtimeline?q=search%20test1.udayton.edu%20nagios plugin check. I have two questions... - Is there a way I can make nagios use the hostname only, not the FQDN? We use short names in splunk so we don't a mix of fqdn and short names since we use both forwarders and syslog as input. - What data is this query looking for, is it expected that I should have my nagios log in splunk? The nagios plugin check in the query doesn't seem useful to me, unless there's splunk data specifically tied to that check, and I'm hoping someone could provide an example. Kind regards, -- Sean M. Alderman Senior Engineer, UDit Systems Integration and Engineering University of Dayton -- Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58041391iu=/4140/ostg.clktrk___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null