Re: [Nagios-users] check_dhcp seems not working
jmose...@corp.xanadoo.com wrote: Christian Iñiguez challenger_jos...@yahoo.com.mx wrote: Hi Everyone I have a linux server as dhcp server and it's working very well, and I'd like to monitoring it with nrpe plugin and check_dhcp. The problem here is the outcome of check_dhcp is always: CRITICAL: No DHCPOFFERs were received. But the server is working alright. The command line is: check_dhcp -s serverip -t 30 What am I doing wrong? Any suggest? Thanks in advance! I have no idea which flavor of DHCP you are running (probably ISC's), but I don't think you are going to be able to run check_dhcp from the DHCP server itself. The DHCP server will see an incoming requeset from itself and probably block it. Therefore, using the nrpe method of doing these checks is a moot point. If your Nagios server is on the same network as the DHCP server, just run check_dhcp from the Nagios box. If you're running Nagios on a different network than the DHCP server and there is a firewall in between, you'll probably have to do several things: 1. Open up a hole in the firewall to allow the Nagios server to request a DHCP address from the DHCP server 2. Have a DHCP relay statement on the router's interface your Nagios server connects to so it knows to which server to relay the DHCP request to 3. Setup a small DHCP subnet on the DHCP server in the same IP range as the Nagios server so it can offer a valid IP address I actually have the same problem as Christian, and it does NOT work even though Nagios is running on a different box on the same network as the DHCP server. In fact, the Nagios box actually gets its IP address from the same DHCP server that I would like to monitor (ISC DHCP server 3.0.6 on a SuSE 10.3). I've seen the same problem before against a Windows DHCP server, too, never been able to make check_dhcp work. check_dhcp -v prints this: DHCP socket: 3 Hardware address: 00:0c:29:0e:28:4f DHCPDISCOVER to 255.255.255.255 port 67 DHCPDISCOVER XID: 2138668641 (0x7F797E61) DHCDISCOVER ciaddr: 0.0.0.0 DHCDISCOVER yiaddr: 0.0.0.0 DHCDISCOVER siaddr: 0.0.0.0 DHCDISCOVER giaddr: 0.0.0.0 send_dhcp_packet result: 548 No (more) data received (nfound: 0) Result=ERROR Total responses seen on the wire: 0 Valid responses for this machine: 0 CRITICAL: No DHCPOFFERs were received. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_dhcp seems not working
Christian, actually, your question prompted me to try it again. Turned out that it was the firewall software on my Nagios box that blocked the DHCP request. As soon as I turned it off, check_dhcp worked. I'm not yet sure which ports to open to make it work with the firewall on. So far, I tried ports 67 and 68 for both TCP and UDP, but that seems not to be enough. Christian Iñiguez wrote: Exactly Kevin, you are right - Mensaje original De: Kevin Keane subscript...@kkeane.com CC: nagios-users@lists.sourceforge.net Enviado: jueves, 15 de enero, 2009 13:39:47 Asunto: Re: [Nagios-users] check_dhcp seems not working jmose...@corp.xanadoo.com wrote: Christian Iñiguez challenger_jos...@yahoo.com.mx wrote: Hi Everyone I have a linux server as dhcp server and it's working very well, and I'd like to monitoring it with nrpe plugin and check_dhcp. The problem here is the outcome of check_dhcp is always: CRITICAL: No DHCPOFFERs were received. But the server is working alright. The command line is: check_dhcp -s serverip -t 30 What am I doing wrong? Any suggest? Thanks in advance! I have no idea which flavor of DHCP you are running (probably ISC's), but I don't think you are going to be able to run check_dhcp from the DHCP server itself. The DHCP server will see an incoming requeset from itself and probably block it. Therefore, using the nrpe method of doing these checks is a moot point. If your Nagios server is on the same network as the DHCP server, just run check_dhcp from the Nagios box. If you're running Nagios on a different network than the DHCP server and there is a firewall in between, you'll probably have to do several things: 1. Open up a hole in the firewall to allow the Nagios server to request a DHCP address from the DHCP server 2. Have a DHCP relay statement on the router's interface your Nagios server connects to so it knows to which server to relay the DHCP request to 3. Setup a small DHCP subnet on the DHCP server in the same IP range as the Nagios server so it can offer a valid IP address I actually have the same problem as Christian, and it does NOT work even though Nagios is running on a different box on the same network as the DHCP server. In fact, the Nagios box actually gets its IP address from the same DHCP server that I would like to monitor (ISC DHCP server 3.0.6 on a SuSE 10.3). I've seen the same problem before against a Windows DHCP server, too, never been able to make check_dhcp work. check_dhcp -v prints this: DHCP socket: 3 Hardware address: 00:0c:29:0e:28:4f DHCPDISCOVER to 255.255.255.255 port 67 DHCPDISCOVER XID: 2138668641 (0x7F797E61) DHCDISCOVER ciaddr: 0.0.0.0 DHCDISCOVER yiaddr: 0.0.0.0 DHCDISCOVER siaddr: 0.0.0.0 DHCDISCOVER giaddr: 0.0.0.0 send_dhcp_packet result: 548 No (more) data received (nfound: 0) Result=ERROR Total responses seen on the wire: 0 Valid responses for this machine: 0 CRITICAL: No DHCPOFFERs were received. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] problem check_dell plugin
My guess is that the path environment is different when run under Nagios, and check_dell.pl can't find the Dell OpenManage software. I'm not sure exactly how it works on Unix, but the Windows version of check_dell uses OpenManage to actually do the checking. Seth Simmons wrote: I'm having a problem using the dell plugin (from http://www.itefix.no/i2/check_dell, nothing useful in the forum) If I run the plugin (as nagios) on the box, it works fine. $ perl check_dell.pl --storage DELL STORAGE OK - Controller battery 0:ok Controller perc 5/i integrated:ok Enclosure backplane:ok virtual disk 0:ok However, through nagios, it shows (null) and I can't figure out what I'm doing wrong. Here are the commands I have: define command{ command_namecheck_chassis command_line/usr/bin/perl /usr/local/nagios/libexec/check_dell.pl --chassis } define command{ command_namecheck_storage command_line/usr/bin/perl /usr/local/nagios/libexec/check_dell.pl --storage } -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_dhcp seems not working
Thank you! In my case, the server-side firewall works without a problem. The server does hand out DHCP addresses all the time. It was the client-side firewall (i.e., the one on the Nagios server) that blocked the DHCP request, even though I opened both ports 67 and 68 for both TCP and UDP. It happened both with broadcast DHCP requests and with directed ones (using the -s serverip arg). Oddly enough, I didn't see anything at all in the firewall log that would indicate what was blocked. James Miller wrote: Sorry for the top post 1. Lease Request - The client sends a broadcast requesting an IP address 2. Lease Offer - The server sends the above information and marks the offered address as unavailable. The message sent is a DHCPOFFER broadcast message. 3. Lease Acceptance - The first offer received by the client is accepted. The acceptance is sent from the client as a broadcast (DHCPREQUEST message) including the IP address of the DNS server that sent the accepted offer. Other DHCP servers retract their offers and mark the offered address as available and the accepted address as unavailable. 4. Server lease acknowledgement - The server sends a DHCPACK or a DHCPNACK if an unavailable address was requested. All DHCP packets travel as UDP datagrams; all client-sent packets have source port 68 and destination port 67; all server-sent packets have source port 67 and destination port 68. For example, a server-side firewall should allow the following types of packets: * Incoming packets from 0.0.0.0 or dhcp-pool to dhcp-ip * Incoming packets from any address to 255.255.255.255 * Outgoing packets from dhcp-ip to dhcp-pool or 255.255.255.255 where dhcp-ip represents any address configured on a DHCP server host and dhcp-pool stands for the pool from which a DHCP server assigns addresses to clients Jim Kevin Keane wrote: Christian, actually, your question prompted me to try it again. Turned out that it was the firewall software on my Nagios box that blocked the DHCP request. As soon as I turned it off, check_dhcp worked. I'm not yet sure which ports to open to make it work with the firewall on. So far, I tried ports 67 and 68 for both TCP and UDP, but that seems not to be enough. Christian Iñiguez wrote: Exactly Kevin, you are right - Mensaje original De: Kevin Keane subscript...@kkeane.com CC: nagios-users@lists.sourceforge.net Enviado: jueves, 15 de enero, 2009 13:39:47 Asunto: Re: [Nagios-users] check_dhcp seems not working jmose...@corp.xanadoo.com wrote: Christian Iñiguez challenger_jos...@yahoo.com.mx wrote: Hi Everyone I have a linux server as dhcp server and it's working very well, and I'd like to monitoring it with nrpe plugin and check_dhcp. The problem here is the outcome of check_dhcp is always: CRITICAL: No DHCPOFFERs were received. But the server is working alright. The command line is: check_dhcp -s serverip -t 30 What am I doing wrong? Any suggest? Thanks in advance! I have no idea which flavor of DHCP you are running (probably ISC's), but I don't think you are going to be able to run check_dhcp from the DHCP server itself. The DHCP server will see an incoming requeset from itself and probably block it. Therefore, using the nrpe method of doing these checks is a moot point. If your Nagios server is on the same network as the DHCP server, just run check_dhcp from the Nagios box. If you're running Nagios on a different network than the DHCP server and there is a firewall in between, you'll probably have to do several things: 1. Open up a hole in the firewall to allow the Nagios server to request a DHCP address from the DHCP server 2. Have a DHCP relay statement on the router's interface your Nagios server connects to so it knows to which server to relay the DHCP request to 3. Setup a small DHCP subnet on the DHCP server in the same IP range as the Nagios server so it can offer a valid IP address I actually have the same problem as Christian, and it does NOT work even though Nagios is running on a different box on the same network as the DHCP server. In fact, the Nagios box actually gets its IP address from the same DHCP server that I would like to monitor (ISC DHCP server 3.0.6 on a SuSE 10.3). I've seen the same problem before against a Windows DHCP server, too, never been able to make check_dhcp work. check_dhcp -v prints this: DHCP socket: 3 Hardware address: 00:0c:29:0e:28:4f DHCPDISCOVER to 255.255.255.255 port 67 DHCPDISCOVER XID: 2138668641 (0x7F797E61) DHCDISCOVER ciaddr: 0.0.0.0 DHCDISCOVER yiaddr: 0.0.0.0 DHCDISCOVER siaddr: 0.0.0.0 DHCDISCOVER giaddr: 0.0.0.0 send_dhcp_packet result: 548 No (more) data received (nfound: 0
Re: [Nagios-users] Nagios compatibility
You are looking at two completely separate issues. chkconfig doesn't have much to do with nagios; it is a Redhat specific file. chkconfig doesn't care about nagios.cfg. It will install any service/daemon. What it is looking for is a shell script in, I believe, /etc/init.d. This shell script must accept the arguments start and stop (and should also accept a few other ones). So what the error message is telling you is there is no shell script /etc/init.d/nagios. This shell script - you probably need to write it yourself - is responsible for actually starting nagios. It is also a Redhat-specific one. On SUSE, the shell script will look similar but be subtly different. Nagios won't work until you get this running, so it is not really surprising that you can't log in right now. My recommendation: throw out the nagios you did (just keep the files in the /usr/local/nagios/etc directory), and instead find nagios as an already-compiled RPM. There really is very little reason to ever run your own compiled software except to learn. On a production server, it is outright dangerous to do so because you won't get any software updates. Khairuzzamri wrote: Hi everyone, I'm a newbie on linux and nagios. Need your help on this. I'm using Redhat 9 and have installed Nagios 3.0.3., step by step according to Nagios 3.0 Jumpstart guide for linux (www.thegeekstuff.com http://www.thegeekstuff.com). Installation run smoothly, but I cannot add the nagios to the startup routine: [r...@localhost]# chkconfig –add nagios [r...@localhost]# chkconfig nagios on Both give 'error reading information on service nagios: No such file or directory'. But when I verify the nagios configuration files: [r...@localhost]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg It stated 'No warning no errors'. 1 more thing if I'm go to the nagios page, even I'm providing the correct username and password, it wont let me in. Am I missing something here, or is Nagios 3.0.3 is not compatible with Redhat 9? Thanks regards, Zamri, -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Nagios compatibility
Andy Shellam wrote: My recommendation: throw out the nagios you did (just keep the files in the /usr/local/nagios/etc directory), and instead find nagios as an already-compiled RPM. There really is very little reason to ever run your own compiled software except to learn. On a production server, it is outright dangerous to do so because you won't get any software updates. For the record, I disagree with this statement. Compiling your own software means you can get updates as quick as they come out from the people who write it. Sure you have to keep on top of the updates yourself, but that's where a tool such as www.update-scout.com comes in extremely handy. In theory, that may be true, and for some people this does matter. In practical terms, though, more often than not, the opposite happens: somebody downloads the source code, throws it on a shared drive, writes a howto and everybody recompiles off these versions no matter how stale they are. I used to work for a company in 2003 that ran RedHat 7.0 (a 1990s version of RH). Because it didn't include Postgres, they compiled Postgres from source - by the time I started there, those sources were two years old. And they ran a major telephone exchange and billing system off that setup. My boss would have thrown a fit if I had proposed to install a newer version of Postgres, because that would have meant having to re-test the whole application. At least, with an RPM, the vendor would do most of the testing for us. And also let's not forget the complexity of the upgrade process itself. Upgrading an RPM takes a few seconds - especially when you are using automatic updates. Recompiling? Maybe half an hour if you are good. In my experience package repositories (such as those used by Debian's apt-get) are not well maintained - for example the OpenSSL version currently in there is 0.9.8c which was released in September 2006. There have been 6 security advisories since. Similarly the Apache2 package is version 2.2.3 - I'm running 2.2.11 now. Actually, I think this is an advantage rather than a drawback, for most users (you may well have specific needs, and of course I can't tell you what's right for you!) For most software, the bleeding edge is also where the bleeding is happening ;-) There is a reason the enterprise Linux versions (SuSE, RedHat) have release cycles of 3 years, and the open versions have release cycles of 18 months or so. Vendors will backport security patches, but quite honestly I would rather have a stable system than one that needs to be recompiled on a near daily basis - especially for production use. My openSUSE 10.3 server currently has 757 RPMs installed. With recompiling modules as they come out, configuration management would become a nightmare. On a weekly basis, I'd have to ask: why isn't my software working any more, and which of the 17 modules recompiled yesterday is responsible? No thanks. I want to leave the compatibility testing to the vendor. My Nagios server (on openSUSE 11.0) is still using 3.0.3. I'm sure I could easily find the 3.0.6 RPMs if there was a compelling reason for it. But so far, I don't see it. If I really do need a newer version than the vendor has - I can usually find it precompiled as an RPM. As a SUSE guy, I usually find it on opensuse.org. I'm usually very reluctant to do this because it cuts me off from the vendor's update cycle, but sometimes I really have no choice. Fortunately, I've only had to do it for four or five RPMs. Compiling your own software also allows you to add in extra features that the packagers didn't deem necessary, and gives you more control over the build. Granted. I actually have found one single situation where this benefit would have made a difference; one RPM has a bug (the openSUSE developers forgot to support Kerberos in saslauthd). It's exceedingly rare, at least for me - and in this case, the impact was small enough, so recompiling still doesn't YMMV, of course. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https
Re: [Nagios-users] Nagios - LDAP/RSA authentication
There is no such thing as a session in Nagios. It simply uses plain HTTP authentication. That means that the user name and password is sent with every single HTTP request; request are not tied together the way you might be used to from online banking sites and the like. What you are observing could be due to a couple of different factors, but it is almost certainly neither LDAP, Apache nor Nagios, but rather the Web browser. - The most likely cause: you say that the RSA passwords change frequently. When the RSA password changes, the browser has no way of knowing that, and will continue to send the old password. This is rejected, and the browser then pops up the login dialog. - The browser may for some reason think that it is connecting to a different server, where the user name and password are no longer valid. - The browser may for some reason actually forget the user name and password. Mohammed Al-Kout wrote: Warner, the session seems to be expiring after ( 10-20) and nagios asks for reauthentication, ( we are using RSA passwords that change frequently so the LDAPCAche does not apply in our case ) are you using mod_auth_ldap ? what are the parameters you use in the httpd.conf for LDAP Cache settings Best Regards -- Mohammed Al-Kout On Wed, Jan 21, 2009 at 16:22, Werner Flamme werner.fla...@ufz.de mailto:werner.fla...@ufz.de wrote: Mohammed Al-Kout [21.01.2009 14:00]: Hello, i'm running Nagios 3.0.1 on Apache 2.0.52 its been running on a local userfile for sometime, recently i switched to LDAP authentication with mod_auth_ldap its working fine, the problem is i'm getting the authentication popup every 10-20 mins, is there a way to stop this or set a longer interval ? i'm not sure what is causing this popup to reappear ( LDAP , Apache or Nagios ) if anyone has an idea please lemme know Neither of them. We use LDAP auth for years, and there are no such popups. Regards, Werner -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_httpfor webbasedauthentication
Actually, the response HTML usually ISN'T a login success page. Most of the time, with form-based login, the user name and password will be submitted to the same URL (in your case, signin.do). The Web server will then return a page (typically, completely empty) with a status code of 302 (instead of the normal 200) and another URL in one of the headers. A Web browser will interpret the 302 as redirect, please go to this new URL instead. So when you click on the Logon button, the browser will actually do not one but two (or sometimes even three or more) HTTP requests. Only the last one would contain the welcome venu text. I'm not sure if check_http is smart enough to follow redirects; my guess is that it is not; it's designed to be very simple. You may have to either rely on status code 302 (which will also happen when login failed), or you will have to find (or write your own) a plugin that will follow redirects. Venugopal S wrote: Hi Joerge, As you said welcome venu is not in the response in spite of giving valid credentials. That is why I am wondering ! Even I gave the -v switch and found in the HTML response that welcome venu is not found. And the response HTML is the same as signin.do. It must have thrown me the login success page isn't it ? Venu -Original Message- From: Joerg Linge [mailto:pitchf...@ederdrom.de] Sent: Friday, January 23, 2009 11:20 AM Cc: nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] Using nagios check_httpfor webbasedauthentication Venugopal S schrieb: Hi Marc, * This is my command in commands.cfg : * / define command{ / / command_namecheck_http / / command_line$USER1$/check_http -I $HOSTADDRESS$ / / } / I executed the following command : ./check_http -I 199.107.237.196 -H ww12.1800flowers.com -u /signin.do -p 80 -P email= svenugop...@gmail.compassword=podhum -s welcome venu and it threw HTTP CRITICAL - string not found|time=0.080070s;;;0.00 size=38300B;;;0 Any idea why ? Add -v to you test a analyze te response. There is no string welcome venu in the response. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null This email message and its attachments may contain CONFIDENTIAL AND PRIVILEGED INFORMATION intended for the sole use of the addressee(s). If you have received it in error, please contact the sender by return email, notify your system manager and destroy the original message and any copies thereof. Any review, use, disclosure or distribution is unlawful. Please check this email and any attachments for the presence of viruses. The Company accepts no liability for any damage caused by any virus transmitted by this email. The views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of the company. The Company reserves the right to monitor, review and store the content of all messages sent to or from this e-mail address. www.aztecsoft.com -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
Re: [Nagios-users] Nagios - LDAP/RSA authentication
What is the setting for refresh_rate in your cgi.cfg? Mohammed Al-Kout wrote: Keven, Yes when nagios is doing nothing it sits exactly for 10 mins i managed to make it 30 mins by changing the LDAPCacheTTL parameter in httpd.conf but it only gave me time upto 30 mins then started giving authentication errors because it was checking against the cached password. we are using RSA through LDAP for the majority of our services to have a secure ad centralized user DB, we have a group of users with different permissions thats why the default user wouldn't work in our case. i was hoping to find the parameter that sets the 10min idle timeout for the browser/nagios/ldap combo Best Regards -- Mohammed Al-Kout On Sat, Jan 24, 2009 at 14:53, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: If the RSA password really changes every minute, your Web browser should ask for a new password every minute with the next HTTP request. If Nagios simply sits there and you don't do anything, I believe it refreshes every five to ten minutes. So that is when the browser would ask for the new password. If you are actually working with it and clicking on links, then it would probably ask for a password earlier. BTW, could you post this back to the mailing list rather than me personally? Other people may have great ideas on it, too, and this type of discussion should also be archived. What might help here is something along the lines of Kerberos, but I believe Apache does not support it, at least not out of the box. The other possibility is to have some kind of front end that handles authentication and then forwards the HTTP requests to Nagios. In Nagios, you could then use the default-user to allow access for anyone (you wouldn't be able to restrict access by group or so, though). Personally, I think that for Nagios purposes, you should ditch RSA and go back to a local password file for nagios. I suspect using RSA with Nagios actually reduces rather than increases the security. This is because an attacker could potentially see many different passwords, and use that to deduct information about the sequence of RSA keys and possibly in the end predict the next one. RSA is pretty strong overall, so this is not a huge risk, but something to keep in mind. Mohammed Al-Kout wrote: Keven, The rsa password changes every 1 min,the nagios session timeouts ( i.e requires re authentication ) every 10 mins, all i need is is there a way to change this value to stay longer than 10 mins ? like 2-3 hours for example. Best Regards -- Mohammed Al-Kout On Sat, Jan 24, 2009 at 11:57, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: Of course you wouldn't get it with the local passwd file, because that password never changes. It's not the LDAP Cache settings, but the fact that your RSA passwords themselves are changing frequently - presumably every ten minutes - as you said earlier. Mohammed Al-Kout wrote: Keven, we didn't get the reauthenticate window when we had the local passwd file once we enabled ldap authentication its repopping at exactly 10 mins it has something to do with the LDAP Cache settings. Best Regards -- Mohammed Al-Kout On Fri, Jan 23, 2009 at 15:32, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: There is no idle timeout when using HTTP authentication, because there are no sessions involved that would be idle. Each request stands on its own, and is separately authenticated. Mohammed Al-Kout wrote: What about the idle timeout ? Best Regards -- Mohammed Al-Kout On Thu, Jan 22, 2009 at 09:49, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript
Re: [Nagios-users] Nagios - LDAP/RSA authentication
Also, does your user database support Kerberos? If so, you could try to use apache's mod_kerb and use a Kerberos ticket instead of the changing RSA password for authentication. That solves the security problem I mentioned earlier, as well as having to retype the password all the time. You will need a Kerberos-enabled browser (Internet Explorer supports it, I believe - not sure about any of the others). Also, it will probably not work if there are too many firewalls around. Mohammed Al-Kout wrote: Keven, Yes when nagios is doing nothing it sits exactly for 10 mins i managed to make it 30 mins by changing the LDAPCacheTTL parameter in httpd.conf but it only gave me time upto 30 mins then started giving authentication errors because it was checking against the cached password. we are using RSA through LDAP for the majority of our services to have a secure ad centralized user DB, we have a group of users with different permissions thats why the default user wouldn't work in our case. i was hoping to find the parameter that sets the 10min idle timeout for the browser/nagios/ldap combo Best Regards -- Mohammed Al-Kout On Sat, Jan 24, 2009 at 14:53, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: If the RSA password really changes every minute, your Web browser should ask for a new password every minute with the next HTTP request. If Nagios simply sits there and you don't do anything, I believe it refreshes every five to ten minutes. So that is when the browser would ask for the new password. If you are actually working with it and clicking on links, then it would probably ask for a password earlier. BTW, could you post this back to the mailing list rather than me personally? Other people may have great ideas on it, too, and this type of discussion should also be archived. What might help here is something along the lines of Kerberos, but I believe Apache does not support it, at least not out of the box. The other possibility is to have some kind of front end that handles authentication and then forwards the HTTP requests to Nagios. In Nagios, you could then use the default-user to allow access for anyone (you wouldn't be able to restrict access by group or so, though). Personally, I think that for Nagios purposes, you should ditch RSA and go back to a local password file for nagios. I suspect using RSA with Nagios actually reduces rather than increases the security. This is because an attacker could potentially see many different passwords, and use that to deduct information about the sequence of RSA keys and possibly in the end predict the next one. RSA is pretty strong overall, so this is not a huge risk, but something to keep in mind. Mohammed Al-Kout wrote: Keven, The rsa password changes every 1 min,the nagios session timeouts ( i.e requires re authentication ) every 10 mins, all i need is is there a way to change this value to stay longer than 10 mins ? like 2-3 hours for example. Best Regards -- Mohammed Al-Kout On Sat, Jan 24, 2009 at 11:57, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: Of course you wouldn't get it with the local passwd file, because that password never changes. It's not the LDAP Cache settings, but the fact that your RSA passwords themselves are changing frequently - presumably every ten minutes - as you said earlier. Mohammed Al-Kout wrote: Keven, we didn't get the reauthenticate window when we had the local passwd file once we enabled ldap authentication its repopping at exactly 10 mins it has something to do with the LDAP Cache settings. Best Regards -- Mohammed Al-Kout On Fri, Jan 23, 2009 at 15:32, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: There is no idle timeout when using HTTP authentication, because there are no sessions involved that would be idle. Each request stands on its own, and is separately authenticated. Mohammed Al-Kout wrote: What about the idle timeout
Re: [Nagios-users] Alternatives for check_ping
Marc Powell wrote: On Jan 24, 2009, at 9:08 AM, Ton Machielsen wrote: - Does anybody have a good check-host-alive definition that works from the jail? That's going to depend on the configuration of the jail and the types of devices you are intending to monitor. check-host-alive doesn't have to be a ping test, it's just the most common and useful test. How about check_tcp to a port that you know is supposed to be open on the monitored system? Second to check_ping, that is probably the most basic check you could do. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSClient++: Connection Refused, again and again, with default config
Connection closed by foreign host really suggests that the connection could be established, but NSClient closes it immediately. Check for a typo in the allowed host configuration. The rest is just general networking troubleshooting, in case I'm wrong on that. First, a stupid question: you say that netstat shows that port 12489 is listening - but is it listening on the right interface/IP address? It may only be listening on 127.0.0.1 - localhost. Can you ping from the Linux host to the Windows machine? If you can't, it's a network connectivity issue. Check cables, routers etc. While you are at it, also check that you are using the correct DNS name, and that it maps to the correct IP address. I've sometimes connected to the wrong workstation by accident. If you CAN ping from the Linux host to the Windows machine, try connecting to port 12489 from the Windows machine itself. Try both connecting to localhost, and to the IP address of the windows machine. If either one of these succeed, double-check that there really is no firewall on the Windows machine. Also try connecting to port 12489 from another workstation connected to the same network switch. If that succeeds, there might be a router/firewall somewhere in your network that blocks this traffic. 44kbps wrote: Hi people of the world :P I'm just running the NSclient on a Windows machine. I got the default configuration of the NSC.ini but I have an error in the nagios: Connection refused I modified the NSC.ini to run the client on the 12489 port, and I add the IP of the nagios server on allowed host. I have no information about the client version, the cpu or some information in the nagios. I run a netstat in the windows machine and I get the listening port at 12489 but when I try to connect from telnet on the linux (nagios) machine I've got a Connection closed by foreign host. I scan the machine with the nmap. It don't show the 12489 open of filtered. What can be wrong? In the Windows machine there are no firewall. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] How to dtermine disk space in Linux
I'm not sure what 3 plugins you are trying. I am using a bash script with a little df and awk thrown in: The whole script does a lot more, but the key part is this: The critical and warn percentages are in $CDISKUSAGE and $WDISKUSAGE, respectively. Note that this will check all file systems, including CDROM, removable disks, etc. So you may need to modify the call to df a bit to make it work for you. Hint: try the -t or -x arguments to check only the file systems you are interested in. function checkdiskspace() { local retval df -Ph | awk { if(int(\$5)=$CDISKUSAGE) { print \CRIT\, \$0,\br\ } else if (int(\$5)=$WDISKUSAGE) {print \WARN\, \$0,\br\ } } /tmp/$$ cat /tmp/$$ retval=0 grep ^CRIT /tmp/$$ /dev/null if [ $? -eq 0 ] then retval=2 else grep ^WARN /tmp/$$ /dev/null if [ $? -eq 0 ] then retval=1 else echo All disks OK fi fi rm -f /tmp/$$ return $retval } Edwin Zoeller wrote: I hope someone can help and explain this to me. I am trying to use one of three plugins for Nagios to check disk space on a Linux file system. When I plug in values that I thinks would work, I don't understand what its telling me. Can someone shed some lite. I am used to the plugins on Solaris which you can set up a percentage, much easier. Thanks -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] skip monitoring every 4 weeks
What you are describing is, in more generic terms, a maintenance window. I'm actually using a very different approach for the same basic problem: I schedule downtime for that maintenance window. Now Nagios doesn't support recurring scheduled downtimes directly. The solution is a script (this one has hardcoded 2 hours scheduled downtime - change as needed). #!/bin/bash # schedules downtime for the host given in $1 now=$(date +%s) read host read comment # the host may need to be capitalized. To find the correct version, parse the Nagios config files: fixed_host=$(grep -ri host_name.*$host /etc/nagios/objects | uniq | awk '{ print $3; }') NAGIOSCMD=[$now] SCHEDULE_AND_PROPAGATE_TRIGGERED_HOST_DOWNTIME;$fixed_host;$now;$(($now+7200));1;0;7200;Kevin Keane;$comment echo -e $NAGIOSCMD \n /var/spool/nagios/nagios.cmd In my case, the backup script also calls this one. You may instead want to use cron, or you could invoke it from a shutdown script in the server being rebooted, remotely via ssh. Assaf Flatto wrote: Hello I have a situation where i need to turn of monitoring for server while they are being rebooted , this is done during the weekend , and the person doing the reboots is not one that has access to the nagios . i know that Version 3 placed the functionality of alternating and dynamic scheduling in the timeperiods definitions , but after reading the online documentation , i'm not realy clear on ho i can achieve my gaol. I need the monitoring for a server to be stopped during a period (specific times TBD ) every 4th weekend , (Sunday or Saturday , again yet to be determined ). I understand that I need to define a time period and add an exclude to the time period the host in question has defined . My issue is with the correct format of the skipped timeperiod . Is what I'm defining below correct in format and functionality - if not in strict content ? define timeperiod{ timeperiod_name weekend-off Sunday /28 00:00-24:00 } define timeperiod{ timeperiod_name box-reboot use 24x7 exclude offweekend } Thanks -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] time travel
Looks like a time zone issue to me. Apparently Last Check displays in GMT for you. Maybe Nagios itself runs on GMT, and Apache in PST? Peter Lecki wrote: Take a look at the times shown in the attached screenshot. Current time is earlier than the last check time??? The time shown in the Last Check column is in the future! :) Peter ea92660h -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] Nagios 3 RPMs for CentOS?
So far, I've been running Nagios on opensuse, but am moving to a CentOS 5.2 (x86_64) server now. Unfortunately, I can't seem to find any recent Nagios RPMs for that OS (and for various reasons, I can't compile from source). I did find some 2.x RPMs, but really prefer to use the 3.x release. Any ideas? Thanks! -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Nagios 3 RPMs for CentOS?
Thank you very much - and also thank you very much, Allan! Andrea Gabellini wrote: Kevin, if you enable rpmforge (https://rpmrepo.org/RPMforge), you can find nagios 3.0.6 Andrea Kevin Keane wrote: So far, I've been running Nagios on opensuse, but am moving to a CentOS 5.2 (x86_64) server now. Unfortunately, I can't seem to find any recent Nagios RPMs for that OS (and for various reasons, I can't compile from source). I did find some 2.x RPMs, but really prefer to use the 3.x release. Any ideas? Thanks! -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check-host-alive check
Look in the configuration files instead - probably in commands.cfg. Nagios doesn't just use the plugins, but rather looks up the check in the configuration file, and the configuration file then tells it which plugin to actually run. mar...@absi.be wrote: Hello all can anyone help me with this; there a few hosts mostly adsl or sdsl routers dat have critical state with plugin timed out. the critical error is : check-host-alive critical plugin timed out after 10 seconds. i cannot find in nagios plugins directory any check named check-host-alive, it seems to be an embedded nagios check when the host is defined? despite this the host is up. can someone help me how does it work and where is this check-host-alive check stored in a regular nagios install under solaris 10. thank you very much for your help Mario Garcia Ortiz/ABSI -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] question about check_snmp
You should be able to download the source code from the same place where you got the plugins. It may not answer your question, though, since some of the output messages may well come from other layers that check_snmp calls, such as from net_snmp. Sergio Ariel wrote: First of all, I wanna congratulate everyone has developed Nagios' plugins. They did a great job. I need to know all possibles output messages check_snmp plugin can show. Please, if somebody has the source code send it to me. Thanks a lot. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Problem with web interface
Or the cgi-bin directory is not configured for execution. Look up option ExecCGI in the Apache documentation. MAD wrote: May be that's because PHP is not installed on your system ? Marc-André - Original Message - *From:* Pravin Kumar mailto:electricpra...@gmail.com *To:* nagios-users@lists.sourceforge.net mailto:nagios-users@lists.sourceforge.net *Sent:* Friday, February 13, 2009 10:25 AM *Subject:* [Nagios-users] Problem with web interface Dear All, I am trying to install nagios in ubuntu.When I try to connect to my server through the url http://myserver/nagios ,its prompting me to open or save a file. Not sure where I am making the mistake. Your help on this is highly appreciated. Regards, Pravin. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] DISK CRITICAL - /home/user/.gvfs is not accessible: Permission denied
These two problems really are not Nagios problems at all. In both cases, the error messages actually tell you what's wrong. Going backwards: connection refused means that some SSH client (or maybe a Nagios check) was trying to connect to an SSH server, but whatever SSH server it was trying to connect to wasn't running. Are you using a check_ssh check anywhere in Nagios? Make sure it connects to the right server, make sure that all the required firewall ports are open, etc. Permission denied means, well, that the permission was denied. That may be perfectly legit; the user that nagios is running under may simply not have permission to that directory. Warning: DO NOT simply relax permissions without talking to whoever set up the permissions in the first place or understanding what is really happening. It would solve the error, but at the same time, you might compromise security. Anthony Bronsdon wrote: I’ve installed Nagios 3.0.2. I have two service problems on my local host that nagios is installed on: 1) Disk Space - DISK CRITICAL - /home/user/.gvfs is not accessible: Permission denied 2) SSH – connection refused. How do I fix these problems please? Anthony anth...@ahern.com mailto:anth...@ahern.com -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] So its running how I like it
There are several ways, depending on exactly what you want to accomplish and why you want to do it. Ultimately, think about what makes a Nagios server run perfectly. Primarily, it's the configuration files, probably in /etc/nagios, right? So you would want to tar those up to start with. You may have added some of your own plugins. Don't forget any scripts that you may have created. Any customized icons, graphics, etc. Don't forget the Apache configuration changes and any Apache modules you may need. And remember any user names that you may have created for nagios to run under. Once you have all the various customizations that you did to accomplish where you are now, you have several options: The closest to what you are asking for is probably to simply put all the customizations into a tar file (or similar). When you need to install afresh, simply install your choice of operating system. Then untar the nagios file you prepared earlier, and everything *should* be back in place (with the possible exception of file ownerships and permissions). Theory being what it is, you will probably have to do a little bit of touchup. Another possibility is to create a live CD. In that case, Linux never gets installed, it runs right off the CD. Of course status changes, as well as some configuration information (such as IP address) has to be on a hard disk or memory stick. You can make as many copies of it as you need. Or you could virtualize your Nagios server. That is what I did. Moving or copying Nagios to another server is as simple as copying a directory with about ten files (a couple GB of data, so it does take a little while). Copying will obviously also mean a few configuration changes. Martyn wrote: But how can I make an install ISO that will allow me to install afresh to a new server, ask for username, password IP address and so on. Then once the install is complete a I a running Nagios Server. Thanks Martyn -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] Specifying hostgroup in the host?
I am running nagios 3.0.6, and would like to find a better way to manage my hostgroups. In Nagios, you usually create a hostgroup by specifying all the relevant hosts in the hostgroup object. What I would like to do is instead tell each host object which hostgroup it belongs to. This is so that I don't have to touch the hostgroup definition when I add new hosts. Is this possible? Or is there some other way to accomplish the same goal? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Service linked to hostgroup / notifications
This isn't really a Nagios issue any more - but here is my experience with this issue: I used to have the same problem with VMWare Server 1.x. Haven't seen it happen in version 2.x, so upgrading might be a good idea if there is no reason for you not to do it. In 1.x, the problem of clock desynchronization really was quite dramatic. The real problem was that the clock drifts so fast that it exceeds ntp's threshold for how much it will adjust. IOW, ntp just plain can't keep up with the extreme clock drift by VMWare. My workaround: create a cron job that as much as every ten minutes restarted the ntp daemon. On restart, ntp will synchronize the time regardless of what the differential is. Of course, the ten minute interval would sometimes be substantially different from actual ten minutes, but that doesn't really matter much here. During these ten minutes, the clock may still drift quite a bit, but at least it will get corrected fairly quickly. David Fontaine wrote: NTP is configured for every server, except for some virtual machines synchronizing their clocks with the host on which they are running. It happened once or twice that the clock got desynchronized, even using NTP so I just want to make sure everything is in sync by monitoring the servers with nagios. On Thu, Feb 26, 2009 at 7:48 PM, Lee Azzarello l...@dropio.com mailto:l...@dropio.com wrote: On Thu, Feb 26, 2009 at 1:17 PM, David Fontaine dav.fonta...@gmail.com mailto:dav.fonta...@gmail.com wrote: Hello, I am monitoring a few dozen of servers and I'm really satisfied with nagios. This is a great tool. However, there's one (actually more than one) thing that I can't figure out : I define a service : define service{ use generic-service hostgroup_name linux-servers service_description Time check_command check_time!public } This service applies to a host group so that I don't have to define the service for each server. The command doesn't matter but for completeness here's what it does : it compares the time on a remote server (snmp) to the local time and report the difference. Going out on a limb here...have you considered using the Network Time Protocol to keep all your host's clocks in sync with an Internet scale network of federated time servers available to you for free? I'm using NTP on a network of 40 hosts and I never have worried about their clocks getting out of sync. -lee -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_http question
You could write your own plugin - a simple bash script - that calls the original check_http, tests the result, and then outputs whatever you need. Should be about five or six lines of code. Don't forget to return the same exit code as what you got from check_http. # call the regular plugin here output=$(./check_http .) result=$? # output whatever you need. You can of course also make it conditional with # if [ $result -eq 0 ] or similar. Get as fancy as you want, just keep the output to a single line. echo $url $output exit $? Put it into your plugin directory, make it executable, and use that instead of the original call to check_http. Don't you love how customizable Nagios is? Andrew Davis wrote: I've enabled check_http for quite a few hosts, including testing for custom ports, URL's, and sites needing authentication. So far, so good. However, one issue in the Nagios interface is bothering me. If I drill in on a host, then the HTTP link for the test, it only shows OK. It DOES NOT show the full URL that was tested. For example, for one of my hosts, I had to test for a non-standard port, SSL, a directory structure, and authentication (-I $HOSTNAME -p 8099 -u /dir/dir/dir/file.php -a user:password. All worked in the sense that the test returned an OK status, but I have no visual way of seeing the tested URL within Nagios. In contrast, doing a similar test in BB (which I'm migrating away from), shows the full URL that was tested. Am I simply missing something here? Is there a way of seeing the full URL/string that was tested with the check_http command? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCLIENT
You don't have to purchase one. If you want to do the editing manually, use Microsoft's Orca. http://support.microsoft.com/kb/255905 Or if you want to automate it, look into MakeMSI. http://dennisbareis.com/makemsi.htm This scripting language is a bit quirky, but it works. That said, I'm currently working on a complete Nagios client including install package that may do just about the same thing (and a few more things). You can already download it from Sourceforge, although the burn the server IP address into the MSI functionality isn't implemented yet. One thing I did differently from NSClient is that I am using HTTPS to submit the results (an older version also supported SSH, but I have not re-implemented that in the latest version). That lets me avoid firewall issues. It is based on NSClient++ with quite a few enhancements. http://sourceforge.net/projects/tntmonitoring/ Martyn wrote: Can anybody recommend an MSI editor, I would like to add the IP address of the server before I send the client MSI out, if I have to purchase one I do not mind. Cheers Martyn -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCLIENT
Hi Martyn, The client itself actually is quite stable; I have it running on several of my customer's servers for a few months now - maybe two years if you count the old versions. It is a fairly small piece of software written in C++ (the original version was written in VBS) and have yet to see it crash or cause any problems. The main value of the client - aside from my own innovation of using HTTPS to submit the passive check results - is that it packages quite a few third-party plugins, including NSClient++, and their configurations into a single installer package. What isn't stable about it is the exact specification, behavior and which plugins get packaged and how they are configured; I expect that there will be ongoing changes. The interface between the TNTMonitoring client and Nagios should be fairly stable - it is simply the standard NSCA protocol, but running over HTTPS PUT requests. On the receiving end, a simple PHP script accepts the results and puts it to the Nagios command file. The source code for TNTMonitoring contains an older version of that script; I should really be updating that. Also the documentation is really somewhat insufficient. The current installer will ask a number of questions before installing everything. One of the improvements I'm working on is to come up with a quiet version that simply installs without asking any questions - basically, what you've been asking for. Martyn wrote: Thanks very much for the reply. I will also take a look at your client too, how stable is it at present? Cheers -Original Message- From: Kevin Keane [mailto:subscript...@kkeane.com] Sent: 02 March 2009 23:37 Cc: nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] NSCLIENT You don't have to purchase one. If you want to do the editing manually, use Microsoft's Orca. http://support.microsoft.com/kb/255905 Or if you want to automate it, look into MakeMSI. http://dennisbareis.com/makemsi.htm This scripting language is a bit quirky, but it works. That said, I'm currently working on a complete Nagios client including install package that may do just about the same thing (and a few more things). You can already download it from Sourceforge, although the burn the server IP address into the MSI functionality isn't implemented yet. One thing I did differently from NSClient is that I am using HTTPS to submit the results (an older version also supported SSH, but I have not re-implemented that in the latest version). That lets me avoid firewall issues. It is based on NSClient++ with quite a few enhancements. http://sourceforge.net/projects/tntmonitoring/ Martyn wrote: Can anybody recommend an MSI editor, I would like to add the IP address of the server before I send the client MSI out, if I have to purchase one I do not mind. Cheers Martyn -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent
Re: [Nagios-users] NSCLIENT
Hi Martyn, The client itself actually is quite stable; I have it running on several of my customer's servers for a few months now - maybe two years if you count the old versions. It is a fairly small piece of software written in C++ (the original version was written in VBS) and have yet to see it crash or cause any problems. The main value of the client - aside from my own innovation of using HTTPS to submit the passive check results - is that it packages quite a few third-party plugins, including NSClient++, and their configurations into a single installer package. What isn't stable about it is the exact specification, behavior and which plugins get packaged and how they are configured; I expect that there will be ongoing changes. The interface between the TNTMonitoring client and Nagios should be fairly stable - it is simply the standard NSCA protocol, but running over HTTPS PUT requests. On the receiving end, a simple PHP script accepts the results and puts it to the Nagios command file. The source code for TNTMonitoring contains an older version of that script; I should really be updating that. Also the documentation is really somewhat insufficient. The current installer will ask a number of questions before installing everything. One of the improvements I'm working on is to come up with a quiet version that simply installs without asking any questions - basically, what you've been asking for. Martyn wrote: Thanks very much for the reply. I will also take a look at your client too, how stable is it at present? Cheers -Original Message- From: Kevin Keane [mailto:subscript...@kkeane.com] Sent: 02 March 2009 23:37 Cc: nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] NSCLIENT You don't have to purchase one. If you want to do the editing manually, use Microsoft's Orca. http://support.microsoft.com/kb/255905 Or if you want to automate it, look into MakeMSI. http://dennisbareis.com/makemsi.htm This scripting language is a bit quirky, but it works. That said, I'm currently working on a complete Nagios client including install package that may do just about the same thing (and a few more things). You can already download it from Sourceforge, although the burn the server IP address into the MSI functionality isn't implemented yet. One thing I did differently from NSClient is that I am using HTTPS to submit the results (an older version also supported SSH, but I have not re-implemented that in the latest version). That lets me avoid firewall issues. It is based on NSClient++ with quite a few enhancements. http://sourceforge.net/projects/tntmonitoring/ Martyn wrote: Can anybody recommend an MSI editor, I would like to add the IP address of the server before I send the client MSI out, if I have to purchase one I do not mind. Cheers Martyn -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent
Re: [Nagios-users] Exchange 2003 MIBs
Look into using NSClient++ and use it to access the Windows performance counters to get this type of information. Microsoft's support of SNMP is not all that great. If you don't want to install anything on the Exchange server, you could also look into using WMI to get the same information remotely. I'm not sure about how to integrate that with Nagios, though. Eric Chatham wrote: Greetings! Does anyone know where I can find MIB sheets for Exchange 2003? We would like to monitor things like inforomation store and such in Nagios. Thank you. Eric Chatham -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_ping to monitor all IP's of a firewall
You can do the same thing in services as you did in hosts. First, define a new check command in commands.cfg: # 'check_ping_ip' command definition define command{ command_namecheck_ping_ip command_line$USER1$/check_ping -H $ARG1$ -w $ARG2$ -c $ARG3$ -p 5 } And then add the services you need: define host { host_name Prod-firewall use generic-switch address xx.xx.xx.40 hostgroups firewall } define service { host_name Prod-firewall service_Description Ping_1 use generic-service check_period 24x7 notification-interval 240 notification_period 24x7 check_command check_ping_ip!xx.xx.xx.40!3000.0,80%!5000.0,100% } define service { host_name Prod-firewall service_Description Ping_1 use generic-service check_period 24x7 notification-interval 240 notification_period 24x7 check_command check_ping_ip!xx.xx.xx.41!3000.0,80%!5000.0,100% } and so on asa...@gmail.com wrote: Hi, I've a question on how to monitor multiple IP's of a firewall device using check_ping in Nagios. Example, I have a firewall (prod-fireall) has 6 ip's associated with it so in host.cfg i should do like this define host{ host_name Prod-firewall-0 use generic-switch address xx.xx.xx.40 hostgroups firewall } define host{ host_name Prod-firewall-1 use generic-switch address xx.xx.xx.41 hostgroups firewall } define host{ host_name Prod-firewall-2 use generic-switch address xx.xx.xx.42 hostgroups firewall } like I need to assign different hostname per each ip address but in the nagios interface, this looks a long list of host name that we dont want to have. Is there any way that I can have a single hostname showing in nagios interface and that should monitor all IPs associated with it? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_ping to monitor all IP's of a firewall
I can only guess, but it sounds as if all the service checks are still using check_ping instead of your new command check_ping_ip. Either that, or check_ping_ip is misdefined; make sure that the argument to -H in your command is $ARG1$, not the host IP address. You may want to turn on logging and check the Nagios log files to see what commands are actually being issued. asa...@gmail.com wrote: Kevin, I did what you suggested, now I can one hostname and underneath I can see services as ping_1, ping_2,. to monitor other ips in the same host/device. this looks kool. But I tried to shut down one server that relates to the IP ( i added my test server IP here to check), I can still see that the host's IP is up and running in Nagios. And when I down the actual hostname ie Prod-firewall all the services related to that host were down. It looks the solution you gave me is not working. Any idea? Thanks On Thu, Mar 5, 2009 at 2:26 PM, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: You can do the same thing in services as you did in hosts. First, define a new check command in commands.cfg: # 'check_ping_ip' command definition define command{ command_namecheck_ping_ip command_line$USER1$/check_ping -H $ARG1$ -w $ARG2$ -c $ARG3$ -p 5 } And then add the services you need: define host { host_name Prod-firewall use generic-switch address xx.xx.xx.40 hostgroups firewall } define service { host_name Prod-firewall service_Description Ping_1 use generic-service check_period 24x7 notification-interval 240 notification_period 24x7 check_command check_ping_ip!xx.xx.xx.40!3000.0,80%!5000.0,100% } define service { host_name Prod-firewall service_Description Ping_1 use generic-service check_period 24x7 notification-interval 240 notification_period 24x7 check_command check_ping_ip!xx.xx.xx.41!3000.0,80%!5000.0,100% } and so on asa...@gmail.com mailto:asa...@gmail.com wrote: Hi, I've a question on how to monitor multiple IP's of a firewall device using check_ping in Nagios. Example, I have a firewall (prod-fireall) has 6 ip's associated with it so in host.cfg i should do like this define host{ host_name Prod-firewall-0 use generic-switch address xx.xx.xx.40 hostgroups firewall } define host{ host_name Prod-firewall-1 use generic-switch address xx.xx.xx.41 hostgroups firewall } define host{ host_name Prod-firewall-2 use generic-switch address xx.xx.xx.42 hostgroups firewall } like I need to assign different hostname per each ip address but in the nagios interface, this looks a long list of host name that we dont want to have. Is there any way that I can have a single hostname showing in nagios interface and that should monitor all IPs associated with it? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] New to Nagios - Watching Services
Try looking into NSClient++ for all kinds of elaborate monitoring possibilities. I am using it to check for stopped services, among other things. K-Dawg wrote: Hi, I am very new to Nagios but am trying to convince my company that Nagios is the way to go instead of our current monitoring application that we pay a lot for and is VERY basic. I have a series of items that I need to get Nagios to do so I am excited to be learning it and will probably frequent this list. To start with, how do I specify to watch a service in Windows? For example, I want to watch the Backup Exec remote agent on a series of servers and be paged if for some reason it is not started. Do I need an add on for this or can I simply specify it in the Windows Cfg file? Thanks. Kevin -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] snmp monitoring of RICOH / DEVELOP
I'm actually writing a plugin for monitoring printers. Currently, I have only tested it with HP printers, but at least in theory it should work with Ricoh and others as well, since it uses standard SNMP. If you want to try it out, download http://sourceforge.net/projects/tntnagiosplugin/ I would actually appreciate feedback about what printers it does or does not work with. One catch: the plugin only runs on Windows, so it is not directly useful for the majority of nagios users (I wrote it primarily for my own needs). Also, the only thing it currently monitors is toner level. Doug Veldhuisen wrote: I tried once to get RICOH Savin Printers checked via Nagios. Searched high and low for something and never did find anything that was already developed. Figured I was going to have to write my own stuff. Now I’m trying the same thing with Toshiba printers, nothing there either. If someone has a way to utilize “Check_hpjd” for non HP printers, lets pool the knowledge on this subject. Doug *From:* Trnka Tomas [mailto:tomas.tr...@podravka.cz] *Sent:* Thursday, March 05, 2009 7:38 AM *To:* nagios-users@lists.sourceforge.net *Subject:* [Nagios-users] snmp monitoring of RICOH / DEVELOP Anyone have experience with snmp monitoring of RICOH / DEVELOP printers ? i like to have results something like from Check_hpjd …. Thanks in advance for your notes -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] logout for nagios web interface
No, unfortunately it is not that easy. The problem is really not a Nagios problem, but an HTTP authentication problem. Nagios uses HTTP authentication, and that means that the user name and password are sent with every single request. So when you try to reset this variable, it will get set right back to what it was the next time the user requests a page. HTTP authentication did not envision ever logging out; that is one of the reasons why most Web sites today use Web forms and session-based logins instead. I think there are tricks around this problem with HTTP Auth, though. shadih rahman wrote: All, Is it possible to create logout for nagios web interface. As far as I understand, it is just matter of resetting the $_REMOTE_USER apache variable. Can someone please provide some guidance on this. Thanks -- Cordially, Shadhin Rahman -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] free Page table entries
It's a Windows performance monitor counter. Basically, it is used to figure out how well your memory management is working. To actually monitor it, you would probably use NSClient++ (you can also access it differently, but NSClient++ is the most common approach). Martyn wrote: I have been asked to see if Nagios can monitor free PTEs, I'm going to hit Goole to find out what they are but thought I would ask the group who know everything first Cheers Martyn -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] free Page table entries
To see all available performance monitors, simply open the Performance Monitor application (perfmon.exe) and click on the + icon. In this case, the performance monitor you'd want is under Memory and is called Free System Page Table Entries. It is one of the more commonly monitored counters, so you can probably google for it. If you include NSClient++ in your search, you'll get a lot of Nagios-specific information about it. My TNTMonitoring agent also monitors it, BTW. You could download it and simply take a look at the configuration file to see how to call it (btw, the plugin I'm using to connect to NSClient++ is another GPL project of mine - basically just a port to Windows of the standard NSClient++ plugin). Martyn wrote: Thanks for the reply, do you know of which one I would monitor, this is all pretty new to me. Thanks Martyn -Original Message- From: Kevin Keane [mailto:subscript...@kkeane.com] Sent: 10 March 2009 18:07 Cc: nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] free Page table entries It's a Windows performance monitor counter. Basically, it is used to figure out how well your memory management is working. To actually monitor it, you would probably use NSClient++ (you can also access it differently, but NSClient++ is the most common approach). Martyn wrote: I have been asked to see if Nagios can monitor free PTEs, I'm going to hit Goole to find out what they are but thought I would ask the group who know everything first Cheers Martyn -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSClient++ and .Net
Actually, .Net 1.1, 2.0 SP2, 3.0 SP2 and 3.5 SP1 (and, coming soon, 4.x) should be installed on pretty much all well-maintained Windows XP and Windows 2003 systems. These versions coexist nicely. Microsoft has been pushing them out as part of their update packages, so the only reason they might not be installed is that either an administrator specifically excluded them from installing due to some incompatibility (which is rare; I haven't heard of any problems), or hasn't been diligent about doing Windows updating in the first place. On all the servers I manage, I use WSUS and have these updates pushed out automatically. Or if you prefer, run Windows Update, and you will get all of these versions of .Net. That said, for Nagios purposes, I am not very fond of using .Net. The reason is that it has a huge footprint - and that means, more memory, slower loading times, and a host of other issues. Of the plugins I use in TNTMonitoring, those that do use .Net are well over 1 MB *each*. Those that don't use it are a few dozen KB each. Obviously, I'm looking to replace those big plugins at some point. It might be less severe for an agent that runs continuously than for a plugin that is started once. Andrew Davis wrote: If I recall, Windows 2000 Server didn't include .Net, but you could install it. Windows 2003 Server included .Net 1.x, but you could additionally add .Net 2.x. Now it seems that Server 2008 includes .Net 2.x by default and you can install .Net 3.x, though MS finall got smart and just did one big rollup package so you don't have to have .Net 1.x and 2.x both installed, etc. So my question is this: right now we're mostly Server 2003, but migrating to Server 2008. NSClient++ 4.x requires .Net 2.x, but will it work with .Net 3.x on Server 2008? Anyone know? Anyone tried? Thanks, -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Return code of 127 is out of bounds - plugin may be missing error
Return code 127 means that Nagios wasn't able to start the plugin executable - as you already found out from your googling, it usually means that either the plugin is missing altogether, is in a different directory from where Nagios expects it, or that it is not executable for the nagios user. Note that it could also be permissions on one of the directories on the path to the plugin. In most distributions I have seen, plugins are either in /usr/lib/nagios/plugins, or in /usr/lib64/nagios/plugins. Maybe Fruity somehow changed the directory from lib64 to lib or vice versa? You say that some checks are working and some aren't. Find one of the plugins that works, and one that doesn't, and compare the permissions and file locations. And finally, if you have turned on one of the hardening mechanisms (such as SELinux or AppArmor), a plugin may not be executable even with the right permissions. Since you say it happened when you used Fruity, my first guess is that it somehow changed the directory where Nagios looks for plugins. Fritsch, Kurt wrote: I inherited a Nagios system and I am by no means an expert in its configuration, so I apologize in advance. What I have been seeing for the last few days is that some of the services I’m monitoring are returning the following error for every host: (Return code of 127 is out of bounds - plugin may be missing) Some services are performing checks just fine, but others (most importantly check_ping) give the above error. I’ve tried googling this and gotten some ideas about file permissions and making sure the Nagios.cfg file points to the directory where the plugins are located, but I can’t seem to get this fixed. This all started when I was using the Fruity interface to make some host changes and upload them to Nagios, I’m not sure if something got corrupted. The Nagios service starts up without any errors. Any ideas? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Monitoring IBM server-hardware (x3650) running Windows
https://sourceforge.net/projects/tntnagiosplugin/Windows SNMP is really not all that useful in my experience. I have a feeling that Microsoft would like it to go away in favor of their proprietary MOM. What you may be able to use to get to hard disk failure information is WMI. In fact, I wrote a plugin that checks the SMART information (not RAID, though) on either one host, or all workstations in a domain (it will need appropriate permissions, which translates to either administrator access or the Local System account). You can find that plugin in my tnt_nagios_plugins project on SourceForge. I'll be happy to create a plugin to check the IBM raid controller as long as you can provide me with the needed documentation and either do the testing for me or give me access to a development server for testing. Klaus Umbach wrote: Hi, How can I monitor the hardware in IBM servers running Windows, especially the physical harddrives? I can't see anything via SNMP that makes sense and the IBM Director Agents sends no traps if a drive fails. I played around with check_serveraid, changed the ssh-stuff to winexe, but I don't like that solution because it needs an administrative account to execute ipssend.exe AND it doesn't work an all servers (sometimes it says Found 0 IBM ServeRAID controller(s)., which is definitly a lie!) Before that inconsistency I even thought about compiling it with pp and run it via NRPE. My current workaround is checking the application-eventlog and filter for the source substr:ServeRAID. Has anybody found a better solution? Cheers Klaus -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Monitoring IBM server-hardware (x3650) running Windows
The way the check_dell plugin works that I'm using to monitor Dell servers is that it bypasses SNMP altogether, and simply calls Dell's reporting utility and parses out the results. As long as there is a similar IBM utility, maybe you can use that instead of SNMP? Klaus Umbach wrote: On 16/03/09 10:07, Kevin Keane wrote: https://sourceforge.net/projects/tntnagiosplugin/Windows SNMP is really not all that useful in my experience. I have a feeling that Microsoft would like it to go away in favor of their proprietary MOM. What you may be able to use to get to hard disk failure information is WMI. I asked the IBM OIDs of the IBM Director, it is not a specific windows issue, SNMP is not helpfull here. :-( In fact, I wrote a plugin that checks the SMART information (not RAID, though) on either one host, or all workstations in a domain (it will need appropriate permissions, which translates to either administrator access or the Local System account). You can find that plugin in my tnt_nagios_plugins project on SourceForge. I'll be happy to create a plugin to check the IBM raid controller as long as you can provide me with the needed documentation and either do the testing for me or give me access to a development server for testing. If I knew where to get this information, I could write the plugins myself :-) -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Monitoring IBM server-hardware (x3650) running Windows
Klaus Umbach wrote: On 17/03/09 02:01, Kevin Keane wrote: The way the check_dell plugin works that I'm using to monitor Dell servers is that it bypasses SNMP altogether, and simply calls Dell's reporting utility and parses out the results. As long as there is a similar IBM utility, maybe you can use that instead of SNMP? yes, there is one: ipssend.exe, but sometimes it says, there is no controller, but I know, there is one. It seems to me that if even IBM's own utility does not reliably recognize the controller, either there is no way to do it, or - more likely - you have some kind of hardware problem already. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Direct: 760-721-8339 Office: 866-642-7116 kke...@4nettech.com http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] monitoring remote networks
Mark Weaver wrote: How do I use this same Nagios server to monitor remote client networks using the NSClient? As others have already pointed out, fundamentally, it doesn't matter whether the client is on the same network segment, or behind a router. However, in reality, when you are talking about a remote network, most of the time you are actually talking about a network that has one or more firewalls in front of them. Very often, you have a firewall from your local network to the Internet, and a second firewall from the Internet to the remote network. And firewalls indeed will interfere with with Nagios. Severely. There are several options for dealing with that: - Establish a VPN between the local and the remote network. Obviously, you can only do that when the two networks completely trust each other. Also, if you have several remote networks connecting that way, you may inadvertently open security holes between two remote networks. - Establish an SSH tunnel that just forwards the NRPE requests from the local to the remote client. Requires that the remote client trusts you enough to establish an SSH connection. Also requires that you have a way to monitor the tunnel, and reestablish it if it goes down. - Open the appropriate ports on the firewalls to allow NRPE traffic through. You don't want to do that - monitoring information can be quite sensitive, and you don't want it traveling over the Internet in plain text. There may be more ways to deal with the firewall problem. The way I solved it is by writing a wrapper around NSClient++ that uses NSCA (i.e., passive checks) instead of NRPE, and then wraps the NSCA packages in HTTPS. It's primarily for my own in-house use (which is why the documentation leaves to be desired), but it is an open source project on SourceForge; look for the project name tntmonitoring. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] monitoring remote networks
Mark Weaver wrote: Kevin Keane wrote: Mark Weaver wrote: How do I use this same Nagios server to monitor remote client networks using the NSClient? As others have already pointed out, fundamentally, it doesn't matter whether the client is on the same network segment, or behind a router. However, in reality, when you are talking about a remote network, most of the time you are actually talking about a network that has one or more firewalls in front of them. Very often, you have a firewall from your local network to the Internet, and a second firewall from the Internet to the remote network. And firewalls indeed will interfere with with Nagios. Severely. There are several options for dealing with that: - Establish a VPN between the local and the remote network. Obviously, you can only do that when the two networks completely trust each other. Also, if you have several remote networks connecting that way, you may inadvertently open security holes between two remote networks. - Establish an SSH tunnel that just forwards the NRPE requests from the local to the remote client. Requires that the remote client trusts you enough to establish an SSH connection. Also requires that you have a way to monitor the tunnel, and reestablish it if it goes down. - Open the appropriate ports on the firewalls to allow NRPE traffic through. You don't want to do that - monitoring information can be quite sensitive, and you don't want it traveling over the Internet in plain text. There may be more ways to deal with the firewall problem. The way I solved it is by writing a wrapper around NSClient++ that uses NSCA (i.e., passive checks) instead of NRPE, and then wraps the NSCA packages in HTTPS. It's primarily for my own in-house use (which is why the documentation leaves to be desired), but it is an open source project on SourceForge; look for the project name tntmonitoring. Thank you Keven... this sounds like a good direction to take. How do I address the need to do active checks on machines on the remote network behind their firewall, or is there more configuration that can be done to the NSClient than I'm currently aware of? Mark TNTMonitoring can call any plugin you like. It simply uses the standard plugin API (i.e., it uses the standard return codes and takes the results from stdout). So if you want an active check, just add the corresponding plugin to TNTMonitoring's plugin directory (Windows, not Linux, executables of course) and add a .config file for it in the main TNTMonitoring directory. It will then get called every five minutes, along with all the other plugins. In fact, two of the my own plugins can scan the whole Windows domain up to, I think, 60 or so computers (there is a Windows limit that I haven't yet bothered to get around), and report on the status of the antivirus software and the hard disk health, respectively. I ship them with TNTMonitoring, but they are also in a separate Sourceforge project. I think NSClient++ also has similar functionality for calling any plugin you like and submit the results, but of course then you are restricted to NSCA as a transport. That is why I am not using NSClient++ for that purpose. From the Nagios server's perspective, it will of course still be a passive check. It has to be; in fact, one of my design goals was to allow all checks to run as passive checks and eliminate the need for active checks within the remote network. The only way to make it an active check would be to bidirectionally connect the two networks, and that is something you would want to avoid from a security perspective. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v
Re: [Nagios-users] check_smtp und SMTPS
Dirk H. Schulz wrote: Marc Powell schrieb: On Mar 20, 2009, at 9:57 AM, Dirk H. Schulz wrote: Hi Folks, I am trying to check a mailserver using SSL: ./check_smtp -H my.server.tld -S -p 465 CRITICAL - Socket timeout after 10 seconds ./check_tcp -H my.server.tld -p 465 TCP OK - 0.002 second response time on port 465|time=0.001616s;;; 0.00;10.00 SMTPS ist in productive use on that server, as you can see check_tcp can reach the port, but check_smtp claims not to reach the SMTPS service. It seems to work as advertised. What do you see with verbose mode for check_smtp -- check_smtp -H my.server.tld -S -p 465 -v HELOCMD: EHLO nagios.server.tld CRITICAL - Socket timeout after 10 seconds That is all. It looks like check_smtp sends a EHLO but does not get anything back. Strange. I have to check with kerio support, I guess. Dirk You are using the wrong plugin. check_smtp does not understand SSL-protected SMTP. Use the check_ssmtp plugin instead; that is what I am using for this purpose. The -S option turns on TLS (also known as starttls), not SSL. They are *almost* the same, with one critical difference: with TLS, the initial conversation (the EHLO and one or two more commands and responses) occurs in plain text, and THEN the client and the server negotiate encryption. That way, you can run encrypted and unencrypted traffic at the same time over the same port (25 or 587). On port 465, the server turns on encryption first, and then expects the EHLO to already be encrypted. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Nagios and email
It's probably Nagios. Does the blizzard of emails stop when you stop the Nagios service? How about stopping the Nagios server, turning off all notifications in the configuration files, and then restarting it? Peter Doherty wrote: Hello, I have a kind of custom nagios setup, so maybe this is a byproduct of that... I had to reboot my nagios server today, and it didn't come right back up. By the time it did, it realized that the service checks weren't fresh, and started sending out lots of notifications. I stopped sendmail to keep from flooding my inbox...so here's the question: I just want to clear out the outgoing email queue. mailq and sendmail -bp both show nothing queued up. When I restart sendmail, it starts sending again. Has nagios passed all the emails over to sendmail, and I just need to clear out sendmail's queue, or is nagios holding onto them while sendmail isn't running, and then once it sees sendmail running, it starts dumping email into the queue? Which is it, and how do I clear them from the queue? Thank you. --Peter -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Nagios and Inventory Application
Can you define integrate a bit more? I am using OpenAudit. It is not integrated, although I could see that displaying Nagios status information within OpenAudit, or conversely automatically adding hosts to nagios might make sense. But I know of no way to do either of these things. Gonçalo Almeida wrote: Hi people, I would like to know if there is some addon/plugin to integrate some inventory application with nagios. Thanks. -- Greetings, Gonçalo Almeida -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE vs. check_by_ssh
I think you are comparing apples and oranges here, because in most situations that I can think of, the decision is dictated by the network topology. If you are exclusively on a trusted private network, check_by_ssh really doesn't offer any benefits. Conversely, if your topology involves the Internet or some other untrusted network (WiFi), then you wouldn't want NRPE in the first place. The only exception to the above that I can think of is when it comes to deciding between using check_by_ssh over an untrusted network, vs. NRPE through some other kind of tunnel or VPN. But in that case, you'd incur encryption overhead either way, and the comparison is very different from the question you asked. All that said: I don't have any first-hand experience, but I suspect that the impact of establishing 2200 ssh connections in a five-minute span (assuming that you are using a five-minute check interval) is pretty substantial. The main impact actually lies in establishing and tearing down the connections, key negotiations etc.; the encryption during the data phase probably has only limited impact because most checks only transmit a few bytes back and forth. SSH does much better with longer-duration connections when the keys are already exchanged. This is even more true if you have a router-based VPN, because in that case the overhead is offloaded to a different machine. So if you have the option of sending the checks as NRPE through one or a few long-term VPNs: you are probably going to be better off. Of course, in the big picture, your mileage may vary. Christopher McAtackney wrote: Hi all, I was wondering if someone could give a brief overview of the pros / cons of using NRPE to monitor my remote hosts versus using the check_by_ssh command? I'm aware that check_by_ssh increases the CPU overhead, but I'm not clear on the level of impact here - does this increase the load on the monitoring machine in direction relation to the number of hosts being monitored? For example, if I was using check_by_ssh to monitor, say, 2000 services spread across 200 hosts, would I experience significant slowdown on my monitoring machine? Cheers for any info, Chris -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE vs. check_by_ssh
Hi Idriss, What I think? I think I learned something new! Thanks for telling me about the NRPE-with-SSL option; I was not aware of that. That said, I suspect that the overhead for SSL and SSH will be very similar, because under the hood they use quite similar algorithms. I want to say, they actually use the same, but I'm not sure if that is true. At least the way the connections are established are the same. Regards, Kevin Idriss ARABBAJ wrote: Hi Kevin, I carefully read your speech about this subject and I found you a lot of insist on security offering by ssh, but you can also configure nrpe to work with ssl so I think we will have no difference at this level, then what do you think? best regards 2009/3/25 Kevin Keane subscript...@kkeane.com: I think you are comparing apples and oranges here, because in most situations that I can think of, the decision is dictated by the network topology. If you are exclusively on a trusted private network, check_by_ssh really doesn't offer any benefits. Conversely, if your topology involves the Internet or some other untrusted network (WiFi), then you wouldn't want NRPE in the first place. The only exception to the above that I can think of is when it comes to deciding between using check_by_ssh over an untrusted network, vs. NRPE through some other kind of tunnel or VPN. But in that case, you'd incur encryption overhead either way, and the comparison is very different from the question you asked. All that said: I don't have any first-hand experience, but I suspect that the impact of establishing 2200 ssh connections in a five-minute span (assuming that you are using a five-minute check interval) is pretty substantial. The main impact actually lies in establishing and tearing down the connections, key negotiations etc.; the encryption during the data phase probably has only limited impact because most checks only transmit a few bytes back and forth. SSH does much better with longer-duration connections when the keys are already exchanged. This is even more true if you have a router-based VPN, because in that case the overhead is offloaded to a different machine. So if you have the option of sending the checks as NRPE through one or a few long-term VPNs: you are probably going to be better off. Of course, in the big picture, your mileage may vary. Christopher McAtackney wrote: Hi all, I was wondering if someone could give a brief overview of the pros / cons of using NRPE to monitor my remote hosts versus using the check_by_ssh command? I'm aware that check_by_ssh increases the CPU overhead, but I'm not clear on the level of impact here - does this increase the load on the monitoring machine in direction relation to the number of hosts being monitored? For example, if I was using check_by_ssh to monitor, say, 2000 services spread across 200 hosts, would I experience significant slowdown on my monitoring machine? Cheers for any info, Chris -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently
Re: [Nagios-users] NRPE vs. check_by_ssh
Wouldn't the SSL certificates provide authentication comparable to SSH keys? I'm not familiar with how NRPE uses SSL, but I would assume that you could also use client certificates? Michael Medin wrote: Sorry to barge in (without reading the thread but...) Security wise NRPE lacks any form of authentication which is something SSH has so in this regard SSH is the more secure one... // Michael Medin Idriss ARABBAJ skrev: Hi Kevin, I carefully read your speech about this subject and I found you a lot of insist on security offering by ssh, but you can also configure nrpe to work with ssl so I think we will have no difference at this level, then what do you think? best regards 2009/3/25 Kevin Keane subscript...@kkeane.com: I think you are comparing apples and oranges here, because in most situations that I can think of, the decision is dictated by the network topology. If you are exclusively on a trusted private network, check_by_ssh really doesn't offer any benefits. Conversely, if your topology involves the Internet or some other untrusted network (WiFi), then you wouldn't want NRPE in the first place. The only exception to the above that I can think of is when it comes to deciding between using check_by_ssh over an untrusted network, vs. NRPE through some other kind of tunnel or VPN. But in that case, you'd incur encryption overhead either way, and the comparison is very different from the question you asked. All that said: I don't have any first-hand experience, but I suspect that the impact of establishing 2200 ssh connections in a five-minute span (assuming that you are using a five-minute check interval) is pretty substantial. The main impact actually lies in establishing and tearing down the connections, key negotiations etc.; the encryption during the data phase probably has only limited impact because most checks only transmit a few bytes back and forth. SSH does much better with longer-duration connections when the keys are already exchanged. This is even more true if you have a router-based VPN, because in that case the overhead is offloaded to a different machine. So if you have the option of sending the checks as NRPE through one or a few long-term VPNs: you are probably going to be better off. Of course, in the big picture, your mileage may vary. Christopher McAtackney wrote: Hi all, I was wondering if someone could give a brief overview of the pros / cons of using NRPE to monitor my remote hosts versus using the check_by_ssh command? I'm aware that check_by_ssh increases the CPU overhead, but I'm not clear on the level of impact here - does this increase the load on the monitoring machine in direction relation to the number of hosts being monitored? For example, if I was using check_by_ssh to monitor, say, 2000 services spread across 200 hosts, would I experience significant slowdown on my monitoring machine? Cheers for any info, Chris -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_icmp/ping works but native ping fails
What does fails mean in this context? Timeout? No route to host? Does this happen for all hosts, or just for one host? Does it happen for local hosts on your own subnet as well as for remote hosts behind a router? Richard Aseltine wrote: Looks like I need an education here. check_icmp and check_ping can check a particular device but native ping fails. Any help with understanding this would be great.. Thanks Dick Internet Explorer 8 – Now Available. Faster, safer, easier. Download FREE now! http://clk.atdmt.com/MRT/go/141323790/direct/01/ -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE vs. check_by_ssh
Christopher McAtackney wrote: 2009/3/25 Kevin Keane subscript...@kkeane.com: I think you are comparing apples and oranges here, because in most situations that I can think of, the decision is dictated by the network topology. If you are exclusively on a trusted private network, check_by_ssh really doesn't offer any benefits. Conversely, if your topology involves the Internet or some other untrusted network (WiFi), then you wouldn't want NRPE in the first place. The only exception to the above that I can think of is when it comes to deciding between using check_by_ssh over an untrusted network, vs. NRPE through some other kind of tunnel or VPN. But in that case, you'd incur encryption overhead either way, and the comparison is very different from the question you asked. All that said: I don't have any first-hand experience, but I suspect that the impact of establishing 2200 ssh connections in a five-minute span (assuming that you are using a five-minute check interval) is pretty substantial. The main impact actually lies in establishing and tearing down the connections, key negotiations etc.; the encryption during the data phase probably has only limited impact because most checks only transmit a few bytes back and forth. SSH does much better with longer-duration connections when the keys are already exchanged. This is even more true if you have a router-based VPN, because in that case the overhead is offloaded to a different machine. So if you have the option of sending the checks as NRPE through one or a few long-term VPNs: you are probably going to be better off. Of course, in the big picture, your mileage may vary. Firstly, thanks for the detailed explanation of the issues involved in this choice Kevin, it's been very helpful. I'm curious though, could you elaborate on why NRPE is unsuitable if communication with my remote hosts is going to go via the Internet? Is it not sufficient that NRPE uses SSL? This may be more of a network security question than a Nagios one, but I've no real experience in either area unfortunately, so I appreciate any info you can give here. No, you are right. I wasn't aware that NRPE could use SSL. In that case, NRPE would be pretty much the same in terms of performance as SSL. That said, I am generally concerned from a security standpoint about any kind of active checks going over the Internet. This is because if you are monitoring, in your example, 200 hosts, you have to poke holes into 200 firewalls (or into one firewall, and then set up SSL or SSH keys on 200 hosts). That's 200 potential security holes all over the place with little or no control, and on machines that may not necessarily be hardened for access from the outside world. Worse - active checks, by nature, cause a program to be launched and executed on the monitored client, and usually with very high permissions. You said that you check 2000 services, so that's 2000 plugins (give or take a few). What if a hacker found a way to compromise one of your 2000 plugins? You'd have a privilege escalation issue along with remote-launch capability. On 200 clients. Because of these concerns, I am using passive checks almost exclusively over the Internet (except for publicly available services such as HTTP or SMTP, of course); I wrote an agent that resides on the client as a wrapper around the excellent NSClient++ and performs the actual checks. It then forwards the checks to the Nagios server via NSCA over HTTPS. A second benefit is that this agent collects about 40 or so check results, and then sends all of them at once through a single SSL connection. That reduces the overhead of establishing a secure connection by a factor of 40. BTW, the agent is available as Open Source. Go to http://www.tntmonitoring.com . -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE vs. check_by_ssh
Michael Medin wrote: Kevin Keane skrev: Wouldn't the SSL certificates provide authentication comparable to SSH keys? I'm not familiar with how NRPE uses SSL, but I would assume that you could also use client certificates? I am no expert but AFAIK it merely encrypts the traffic ie, no certificates at all. If someone knows hoe to use certificates please feel free to let me know so I can add it to NSClient++ but what I have seen it is not possible... No, that wouldn't be possible. Encryption always requires some form of key or another. In SSL, the key is embedded in the server's certificate. The client certificate is optional; it also contains a second encryption key. If you use client certificates, in effect the traffic is doubly encrypted. You almost certainly *are* using certificates in NSClient++. But if you are using the standard Windows API functions, Windows transparently hides most of that complexity from you; the MSXML object and its ilk take care of it. You would be using the certificates from the Internet Explorer key store. Actually, when I described how the SSL connection can use single or double encryption, I lied. It is more complicated than that. The SSL keys are extremely long (1024, 2048 bits or more), and they have to be because by nature they don't change over years. SSL keys in the certificates are also the public keys of a public/private key pair. These factors make using the SSL key for encryption *extremely* slow. That is why in reality, public key encryption is only used for extremely short messages (measured in bytes, not kilobytes). To work around that, the client and the server generate yet another random key, this time a symmetric key (which has to be kept secret from anybody). This symmetric key is usually 128 bits or 256 bits. Unlike public-key encryption, symmetric encryption can be implemented very fast. This key is sent using the slow public-key encryption. The actual traffic is then encrypted using this second key, which will be thrown away after the connection ends. Incidentally, SSH works basically the same way. The only substantial difference is that the public keys comes from the authorized_keys file instead of a certificate. Both SSL and SSH actually allow you to use various different encryption algorithms and mechanisms for exchanging keys under the hood. You may, for instance, see DHE for the key exchange, RSA for the public/private encryption, and AES for the symmetric encryption and SHA for hashing (which I haven't even touched on). -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE vs. check_by_ssh
Michael Medin wrote: Kevin Keane skrev: Michael Medin wrote: Kevin Keane skrev: Wouldn't the SSL certificates provide authentication comparable to SSH keys? I'm not familiar with how NRPE uses SSL, but I would assume that you could also use client certificates? I am no expert but AFAIK it merely encrypts the traffic ie, no certificates at all. If someone knows hoe to use certificates please feel free to let me know so I can add it to NSClient++ but what I have seen it is not possible... No, that wouldn't be possible. Encryption always requires some form of key or another. In SSL, the key is embedded in the server's certificate. The client certificate is optional; it also contains a second encryption key. If you use client certificates, in effect the traffic is doubly encrypted. Humm. The cipher used is ADH which is anonymous DH cipher suites in addition to a pre shared *known* secret (read un-secret). Again I am no expert but I always interpreted the secret key (DH) thingy as a key and not a certificate but mayhap I got it all wrong? (in which case it might be possible to use proper certificates?) And I am actually using openssl but mayhap it has a built-in keystore as well? I stand corrected. Interesting... DH stands for Diffie Hellman (usually, that refers to the Diffie Hellman Key Agreement algorithm). I didn't know that openssl supported ADH (the A stands for anonymous), and I wonder how many other SSL implementations have it, since ADH really doesn't make much sense. According to the openssl documentation, ADH is actually the one cipher not included in the default list of ciphers. And with good reason, because, you are right, it does not do any kind of authentication, and therefore actually provides no security (not even from eavesdropping, because a man-in-the-middle attack is trivial). Diffie Hellman is actually used for most SSL connections, but in a different form. Basically, the idea behind DH is that both parties agree on two pre-shared large prime numbers. In the case of ADH, these same numbers are known to everybody in the world. In other forms of DH cipher, these two numbers are only known to the two parties exchanging information - that's what actually gets encrypted with the public/private encryption based on the keys from the certificates. When client and server want to communicate, both separately generate random numbers. These numbers truly are secret. The client then applies some mathematical magic between the random number and the two primes, and the server does the same on its end. Then the server sends the result of this magic to the client, and vice versa. Finally, both of them multiply the result of the other side's magic with their own random number. In the end, both sides end up with the same result, even though neither ever sent its random number. This final result is the key. I used to teach a network security class that included the math behind DH, but I still can't remember the details. Diffie and Hellman must have been brainiacs to come up with that. It basically is a very tricky way to get obscure the random numbers. Yes, it would indeed work without any certificate. You could think of it as a certificate with a zero-length public/private key (and with zero-length everything else, too). openssl does have a key store, in the form of a certificate store. Creating and installing proper certificates is not difficult. You can probably use self-signed certificates here. Since you have control over both clients and servers, trusting the certificate shouldn't be an issue. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE vs. check_by_ssh
Andreas Ericsson wrote: Kevin Keane wrote: Christopher McAtackney wrote: 2009/3/25 Kevin Keane subscript...@kkeane.com: I think you are comparing apples and oranges here, because in most situations that I can think of, the decision is dictated by the network topology. If you are exclusively on a trusted private network, check_by_ssh really doesn't offer any benefits. Conversely, if your topology involves the Internet or some other untrusted network (WiFi), then you wouldn't want NRPE in the first place. The only exception to the above that I can think of is when it comes to deciding between using check_by_ssh over an untrusted network, vs. NRPE through some other kind of tunnel or VPN. But in that case, you'd incur encryption overhead either way, and the comparison is very different from the question you asked. All that said: I don't have any first-hand experience, but I suspect that the impact of establishing 2200 ssh connections in a five-minute span (assuming that you are using a five-minute check interval) is pretty substantial. The main impact actually lies in establishing and tearing down the connections, key negotiations etc.; the encryption during the data phase probably has only limited impact because most checks only transmit a few bytes back and forth. SSH does much better with longer-duration connections when the keys are already exchanged. This is even more true if you have a router-based VPN, because in that case the overhead is offloaded to a different machine. So if you have the option of sending the checks as NRPE through one or a few long-term VPNs: you are probably going to be better off. Of course, in the big picture, your mileage may vary. Firstly, thanks for the detailed explanation of the issues involved in this choice Kevin, it's been very helpful. I'm curious though, could you elaborate on why NRPE is unsuitable if communication with my remote hosts is going to go via the Internet? Is it not sufficient that NRPE uses SSL? This may be more of a network security question than a Nagios one, but I've no real experience in either area unfortunately, so I appreciate any info you can give here. No, you are right. I wasn't aware that NRPE could use SSL. In that case, NRPE would be pretty much the same in terms of performance as SSL. That said, I am generally concerned from a security standpoint about any kind of active checks going over the Internet. This is because if you are monitoring, in your example, 200 hosts, you have to poke holes into 200 firewalls (or into one firewall, and then set up SSL or SSH keys on 200 hosts). That's 200 potential security holes all over the place with little or no control, and on machines that may not necessarily be hardened for access from the outside world. Worse - active checks, by nature, cause a program to be launched and executed on the monitored client, and usually with very high permissions. You said that you check 2000 services, so that's 2000 plugins (give or take a few). What if a hacker found a way to compromise one of your 2000 plugins? You'd have a privilege escalation issue along with remote-launch capability. On 200 clients. Very high permissions are normally not needed. Depends on the plugin, but I'm not sure that this is generally true. For instance, something as simple as log file analysis either requires root permission on Linux; log files aren't readable by anybody else, or it requires that you relax file permissions or security somewhere else. On Windows, I'm running my monitoring agent (by default) as the Local System account (most Windows services do that anyway). That has basically full access to everything, but nothing on the network. Of course check_ping, check_tcp etc. don't usually need such high permissions. I prefer using NRPE because of two reasons: 1. It provides a rather simple way of specifying exactly which commands can be run, and with which arguments (don't enable argument parsing in nrpe if the receiving end isn't duly protected by firewalls etc) 2. If someone breaks into the Nagios server, he or she does not get the public keys required for running commands on the remote servers. Can you explain that second statement? I'm not sure I follow what you are trying to say here. Why would getting public keys be a bad thing? They are, by definition, freely available anyway. Because of these concerns, I am using passive checks almost exclusively over the Internet (except for publicly available services such as HTTP or SMTP, of course); I wrote an agent that resides on the client as a wrapper around the excellent NSClient++ and performs the actual checks. It then forwards the checks to the Nagios server via NSCA over HTTPS. A second benefit is that this agent collects about 40 or so check results, and then sends all of them at once through a single SSL connection. That reduces the overhead
Re: [Nagios-users] check_ping with maximum MTU
I think you are probably not referring to the MTU here, but to the PING packet size (the -s option for ping). I'm not sure that check_ping has a way to pass that argument to ping, though. Vian Vian wrote: Hello, I wonder what is default MTU in check_ping? How can i maximize check_ping command to 1472 MTU? Regards, Vian -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Escape \ in nagios config files?
Actually, this is not just in Nagios; this is standard Unix escaping. And it's not really 3 \. Rather, what is going on is that standard Unix escaping is applied twice - first when parsing the config file, and again when passing the arguments to the plugin. In Unix, normally when you put a \ anywhere, it escapes the following character. For instance, a \ before a space means the next character isn't really a space, don't treat it as the end of the path. And a \ before a \ means the second backslash isn't really an escape character, but rather I want a literal backslash. So in order to get a single \ in the plugin, on the command line you need to escape it with another \. You found that out when you ran check_nrpe2 from the command line. Now when Nagios parses the config file, it uses the same escaping mechanism. So when you simply put \\ into the config file, Nagios interprets the first one as escape and the second one as escaped to be literal - thus, you'd end up with a single \ in the command line. But you wanted two \. So you need to tell Nagios to do the same thing twice: - \\ in the command line - \ for the plugin to see. And where you needed the plugin to actually see \\ (before the localhost), you need to do the same thing yet again, for a total of eight consecutive backslashes. Janet Sullivan wrote: Of course, right after I sent that, I found a solution. It seems I can use 3 \s to escape a \. My path in the service definition becomes: localhost_definst_mp3mn_mp3_08_07streams ...and it works. Is there a list of all the ways to escape special characters in Nagios? The only reason I came up with the three \ escape sequence was because I noticed that my localhost was being seen as \localhost in the error message. I haven't found any mention of that sequence on google. :-/ -Original Message- From: Janet Sullivan Sent: Monday, April 06, 2009 1:56 PM To: 'nagios-users@lists.sourceforge.net' Subject: Escape \ in nagios config files? I want to check the disk space of a UNC path - \\localhost\_definst_\mp3\mn_mp3_08_07\streams From the command line, I can check it fine (using check_nrpe2) if I escape each \ like this: localhost\\_definst_\\mp3\\mn_mp3_08_07\\streams But when I try to use configure Nagios to check it, it strips out all the \ characters. I've tried single quotes, double quotes, and escaping each \ - no luck. How can I tell Nagios about this path in a service definition without it stripping out the special characters? Is there an escape method I'm missing? -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Monitor netstat connection states using nagios.
asa...@gmail.com wrote: Hi All, I am using check_tcp to check status of a particular port on the server. This is working good. I would also need to monitor LISTEN status (SYN_RECV) of that port. for ex, I have a ldap service running on port 3890, so the command netstat -anp | grep 3890 tcp0 0 0.0.0.0:3890 http://0.0.0.0:3890/ 0.0.0.0:* LISTEN 16029/java tcp0 0 10.121.30.121:3890 http://10.121.30.121:3890/ 10.121.6.1:8831 http://10.121.6.1:8831/ESTABLISHED 16029/java tcp0 0 10.121.30.121:3890 http://10.121.30.121:3890/ 10.121.6.1:61052 http://10.121.6.1:61052/ ESTABLISHED 16029/java tcp 228 0 10.121.30.121:3890 http://10.121.30.121:3890/ 10.121.6.1:49440 http://10.121.6.1:49440/ ESTABLISHED 16029/java tcp0 0 10.121.30.121:3890 http://10.121.30.121:3890/ 10.121.6.1:11664 http://10.121.6.1:11664/ SYN_RECV16029/java The establish connections are ok to allow, but we need to monitor SYN_RECV status. If there is any such(SYN_RECV) connection appears, we immediately get an alert from nagios. Is there any way to monitor such states with nagios or check_tcp? I have written some shell script to monitor such events, but also I would like to integrate that scripts into nagios? Is that possible? Please help me or provide some suggestions You can integrate almost any shell script you want into Nagios. All you need to do is implement the Nagios plugin specification, which is fairly trivial to do for most scripts. Return 0, 1 or 2 (OK, warn or critical) to as exit code, and return the actual result data via stdout in a single line. The details are in the Nagios documentation. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Is Clientless monitoring possible
Depends what you want to monitor about them. If you simply want to find out if they are up and running, check_ping should work very well. You can also use SNMP, WMI and other mechanisms that allow a degree of agentless monitoring. sudhaka...@i2.com wrote: Hi, I have installed nagios on one of the system running redhat. Our network has around 25-30 server incluing windows and other network devices such as switches etc. Please let me know if we can monitor the server (Including windows) without installing any client on the remote host. Regards, Sudhakar -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] OS Change Management Auditing using Nagios?
I am not using Nagios for that purpose, but rather Open-Audit. I believe there is a way to have changes in OA propagate to Nagios. Another tool you may want to look into is tripwire; it generates exactly the logs based on changes that you were looking for. Then use the check_log plugin to monitor the tripwire log file. The biggest concern with this type of tool that I would have is that monitoring OS changes is very labor-intensive. For me, to the point of impracticality. The problem is the sheer volume of patches that come out on a regular basis makes it all but impossible to keep up with. You'd have to look at every single patch and find out which files it changes before you have a way of knowing whether a particular tripwire alert is legitimate or not. Ken Netzorg wrote: Is anyone leveraging Nagios for notification of changes done to operating systems? I am looking to deploy a solution that monitors OS changes and generates alerts when a configuration or file change is made. Is anyone doing this type of thing through a Nagios plug-in? My goal would be to know when an OS is being changed and be able to correlate that to a scheduled change or potential compromise of the OS that needs to be further investigated. (Something more holistic than basic log monitoring unless there is a service that generates logs based on changes that will then be captured by a log review.) The monitoring would be done on both Windows and Linux platforms. Thanks, Ken -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] OS Change Management Auditing using Nagios?
All that really depends on exactly how you are working. If you are manually applying the patches, and if you can take the machine offline for that period of time, your method will work. You'd simply have to tell tripwire to update its database. That's not a huge deal. I am using automatic updates wherever possible, so all the updates are expected to happen around 3AM. Since that is the default setting (at least in Windows), a hacker might well use the same window to sneak in his own changes. You are right - Tripwire is involved. When you are trying to track some tens of thousands of files (the size of most operating systems today) that is hardly surprising. Ken Netzorg wrote: Thanks, Kevin. You do raise a valid point about knowing what is changing in the general updates vs what is un-authorized and knowing the difference. My, possibly naive, thought is that I could batch updates/patches and make the assumption the changes are due to that process, but there is that chance something changes in that period as well. If nothing else, changes at 2am or off hours would hopefully raise an alarm to be investigated. I'll take a look at Tripwire in more depth (I glanced at it briefly and wasn't sure if it was too involved for what I was looking for or not) as well as open-audit. Thanks. Ken On Wed, Apr 15, 2009 at 8:45 AM, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: I am not using Nagios for that purpose, but rather Open-Audit. I believe there is a way to have changes in OA propagate to Nagios. Another tool you may want to look into is tripwire; it generates exactly the logs based on changes that you were looking for. Then use the check_log plugin to monitor the tripwire log file. The biggest concern with this type of tool that I would have is that monitoring OS changes is very labor-intensive. For me, to the point of impracticality. The problem is the sheer volume of patches that come out on a regular basis makes it all but impossible to keep up with. You'd have to look at every single patch and find out which files it changes before you have a way of knowing whether a particular tripwire alert is legitimate or not. Ken Netzorg wrote: Is anyone leveraging Nagios for notification of changes done to operating systems? I am looking to deploy a solution that monitors OS changes and generates alerts when a configuration or file change is made. Is anyone doing this type of thing through a Nagios plug-in? My goal would be to know when an OS is being changed and be able to correlate that to a scheduled change or potential compromise of the OS that needs to be further investigated. (Something more holistic than basic log monitoring unless there is a service that generates logs based on changes that will then be captured by a log review.) The monitoring would be done on both Windows and Linux platforms. Thanks, Ken -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net mailto:Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received
Re: [Nagios-users] Access as an application vendor from outside a firewall
I actually have a very similar problem, and wrote some software to solve it. I am a consultant, and want to proactively monitor my customer's systems for all kinds of performance problems. Like your situation, my monitoring requires access to private data that is not published outside the firewall. What I did was write TNTMonitoring (for Windows) and a one-off script that does basically the same thing (for Linux). Check out http://www.tntmonitoring.com for more information on the Windows version. It is an agent that installs on the server you want to monitor, runs the various checks, and then submits them via https (it also used to support SSH - if you prefer that, let me know, and I can easily put SSH support back in). These checks are always outbound, so you usually do not need to modify the firewall at all. To Nagios, these checks are passive checks. Now I have to caution you: if a client is reluctant to open their firewall, they probably would be just as reluctant to allow you to install software that sends internal data off site, no matter how secure I promise them that it would be. The other option you have is to use an SSH tunnel to send active checks from your Nagios server. This will require that your client open the firewall for SSH, and that they set up an SSH daemon somewhere. The existing VPN may also be an option if you can write a script that establishes the connection before running your checks. Michael Arney wrote: I have been tasked by my company to compare system monitoring tools. We are a small Java software development shop. Our product runs on several servers (Windows or Unix) at each of our clients, and has a web front end, file system storage, and database (PostgreSQL, Oracle, or MS SQL Server). We support our software remotely: the clients agree to provide VPN or Telnet access. The VPN access may not be permanent (ie we may have to use a Cisco or Juniper vpn client each time we remote desktop to them). At present we have fewer than 50 clients. We want to monitor basic up/down and disk free type metrics, but also to issue a variety of custom queries against our database and application to check its status. So, my question is: How much network access would Nagios require for us to use it to monitor our application? Our clients are sometimes reluctant to open their firewall to a vendor like us. I'd like to know what's the minimum we need to ask of them so we can get good proactive monitoring of our installations. Ideally we would not even need to ask for more than we have now, but that may not be realistic. We have even toyed with the idea of buying a dual-NIC machine at each client to put inside their firewall just to communicate with our central monitoring server. I don't know if that would help. We are currently evaluating Nagios. But we are also looking into other products (OpenNMS, Zenoss, Hyperic). So any comparisons with them in this regard would be helpful too. Thanks in advance, Mike -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] cfg files reference via http location?
Take a look at LUFS; it may be able to do what you need. http://sourceforge.net/projects/lufs/ or http://freshmeat.net/projects/lufs/ Brian Phipps wrote: Hi all, Is it possible in the nagios.cfg file to reference the location of hosts, command.cfg, etc via an http location instead of a location on disk on the local machine? -Brian -- Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Multiple host service detail on one page
Klaus Umbach wrote: On 23/04/09 09:50, Nick Millen wrote: Hi All, I was wondering if anybody had anything place to see multiple hosts services on one page. For example I'm monitoring 3 individual exchange servers. I can add these to a hostgroup then check each individually : http://SERVER/nagios/cgi-bin/status.cgi?host=HOSTNAMEstyle=detail http://SERVER/nagios/cgi-bin/status.cgi?host=HOSTNAME2style=detail http://SERVER/nagios/cgi-bin/status.cgi?host=HOSTNAME3style=detail Is there any way to have 3 different host details such as the above but on one page ? So I can have a quick glance of exchange 1, 2 and 3 yes, put them in a group : http://SERVER/nagios/cgi-bin/status.cgi?hostgroup=EXCHANGESERVERSstyle=detail I don't know about Nick's needs, but I would be interested in something extremely similar. However, hostgroups wouldn't do it for me because I am not really interest in the host status, but rather would like to see just one status per host. For instance, to borrow Nick's example: HOSTNAME1, HOSTNAME2 and HOSTNAME3 may each have services MEMORY, CPU, EXCHANGEQUEUELENGTH. What I would be interested in is a page that shows only EXCHANGEQUEUELENGTH for all three hosts, omitting MEMORY and CPU. Is this possible? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] only_from = 127.0.0.1
Top-posting means that you put what you have to say at the top of the reply the way I do it here. Bottom-posting means that you put your reply below the original message. Which of the two styles is preferred is largely a matter of personal taste, rather than right or wrong, actually*. Both have advantages, and some people tend to get very passionate about their particular style. I have seen moderators on both sides of the issue admonish members don't top-post or don't bottom-post. In the original Internet culture, bottom-posting was preferred, and some people still like it better. Bottom posting makes most sense when you combine multiple thoughts in a single post, and want to be able to respond to each one individually. In my mind, most of the time top posting actually is better because the reply stands out more than the original question - which usually is what you want. The majority of mailing lists that I am on seems to have switched to primarily top-posting, though, and most of the big email programs make it quite difficult to do bottom-posting. When you hit Reply, the cursor is usually positioned at the top of the page, not at the bottom. My personal rule: if there already is a longer thread, stick with whatever style it has. The one thing you don't want to happen is having to look for the next reply because somebody switched style in the middle. If there is no pattern to follow (such as in this case), and I only want to respond to a post as a whole rather than individual points, I use top posting. * technically speaking, there is a still-valid RFC that specifies bottom-posting, but in practical terms it has been obsoleted by history. Martyn wrote: PS what his top posting, once I find out I will stop it -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports #45; New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty#45;free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] only_from = 127.0.0.1
Replies embedded below... Marc Powell wrote: On Apr 23, 2009, at 12:53 PM, Kevin Keane wrote: Top-posting means that you put what you have to say at the top of the reply the way I do it here. Bottom-posting means that you put your reply below the original message. Don't forget about the best method, inline reply. Yes, I should have said inline reply instead of bottom posting everywhere (and my description also wasn't quite accurate. Should have been you put your reply below the point you are replying to). True bottom posting is possibly the worst of all options, but I did mean the style that you, correctly, call inline reply. Of course, if there is only one point you are responding to, inline replying and bottom posting are one and the same. In the original Internet culture, bottom-posting was preferred, and some Actually, no. inline replying was and still is preferred for technical mailling lists. I'd hazard to say that's true the technical users on this list as well. I've been around Usenet ever since Compuserve (remember them?) started offering newsgroups, so I do remember the inline-replying culture quite well. And you may have a point. Many of the technical users of today (especially the experienced ones who tend to be the most prolific posters) are old-timers like myself, which would explain the preference among technical users. On the other hand, many people who started using the Net in this century, including even people with IT college degrees, have never seen inline replies, and don't even think to look below. The day you subscribe to a list via digest mode, you'll fully understand why. ;) LOL, don't get me started on digest mode! If I had my way, either Digest mode would be eliminated, or it would only be offered on lists that also have a good Web interface so you can properly respond to older posts as well as current ones (that's one of the reasons I much prefer Yahoo groups to Sourceforge mailing lists). In my mind, most of the time top posting actually is better because the reply stands out more than the original question - which usually is what you want. Not if you want to make multiple points without entirely restating what you're replying to. Try to make my responses sensible in a top or bottom posting context without doing that. Agreed to some extent; in fact, I think I also listed that as an advantage of inline reply (which I erroneously called bottom posting). I'm saying to an extent because if you overdo it, you can also end up with a completely chopped up discussion. It gets particularly convoluted in political flame wars... I also usually add one other enhancement when I do use inline replying: I attach a note to the top Replies embedded below because many people I reply to, especially in private emails, aren't familiar with inline replying and otherwise wouldn't think to look below. In this case, of course, it's unnecessary; I just did it for illustration purposes. My personal rule: if there already is a longer thread, stick with whatever style it has. That's great! If it's a top or bottom post, you're increasing the redundancy of what's stored/sent in everyone's mail client, in the archives and most terribly, in the digests. by the number of replies to that thread. That's got nothing much to do with top- or bottom- or inline-replying. Cutting irrelevant old stuff out is a good thing no matter which style you are using, although some people go overboard and cut out everything at all (that's a fourth style of replying, and another universally bad one: no quoting at all), and then you don't know what they are replying to. * technically speaking, there is a still-valid RFC that specifies bottom-posting, but in practical terms it has been obsoleted by history. That's arguable, but could approach the passion level of a discussion of religion. Is it getting hot here or what? :-)) -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports #45; New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty#45;free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
Re: [Nagios-users] Protocol
TCP. UDP would be too unreliable for this type of application, and there also is too much data going over the line to make UDP a viable option. Christopher McAtackney wrote: Hi everyone, I was just wondering; what protocol (TCP, UDP?) does Nagios use to communicate with remote hosts when using the check_nrpe plugin? Or just generally? Cheers, Chris -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports #45; New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty#45;free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] What are the reasons to use NRPE?
to boot, since somebody has to type in all the passphrases. With 220 private keys, that's a lot of work (and you DON'T want to use the same passphrase for each key. That would defeat most of the benefits). Incidentally, it is also not trivial (and a very bad idea) to make an ssh-agent work with a daemon. For security reasons, the agent only allows you to store keys for the current logon session. Finally, I'm not sure how well the ssh-agent would do in terms of performance with hundreds or thousands of keys loaded. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now Save for Velocity, the Web Performance Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Checking Bacula Server
http://wiki.bacula.org/doku.php?id=howtos There are two HOWTOs there. I wrote the one for the passive checks. Somebody else wrote the one using active checks, which I believe actually queries the database. Eduardo Barreto wrote: Hi all, Does anybody know how to check a Bacula Server? I've installed check-bacula but it's not working fine. Anybody to give me a clue? Thanks in advance Eduardo -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now Save for Velocity, the Web Performance Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Host/Service Script Question
Dei Bertine wrote: Hi guys, I was wondering if there's a way to incorporate all hosts into one host name instead of creating individual defines? I'm trying to add all of our servers into Nagios but there's huge amount of them. Need faster way to add all of them into one script. Here's what I'm trying to avoid: define host{ use generic-host host_namesunbl.001.csaa.net alias UNIX-SERVER1 address 172.168.1.35 } define host{ use generic-host host_namesunbl.002.csaa.net alias UNIX-SERVER2 address 172.168.1.36 } and so on to hundreds of define host Create a host template to minimize the information you need for each host. note: generic-host actually is a template, so this is already done. If you have additional configuration settings specific to your situation but shared by all your hosts, it may make sense to derive your own template from generic-host, and then use that template in each host. Here's what I'm trying to hopefully accomplish if possible: define host{ useall-host host_name allunixhosts alias ALL-UNIX address ALLIP } You can't quite do that because there is no way to figure out which IP goes with which host name. But you could write a short bash script that automatically generates all the host definitions. echo Start of script-generated config file my.cfg. for i in 001 002 do echo define host { my.cfg echo use my-hosttemplate my.cfg echo host_name host_$i my.cfg echo alias host sunbl.$i.csaa.net my.cfg echo address sunbl.$i.csaa.net my.cfg echo } my.cfg done ..done all hosts... And also have them in one all host services.cfg script. define service{ use all-service host_name ALLHOSTSERVICE service_description SSH check_command check_ssh } You can do that using host groups. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now Save for Velocity, the Web Performance Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] [nagios] Trigger alert via email
Nagios itself doesn't receive emails, but if you have control over the mail server in some form, you can make it work. For instance, if you have sendmail (or anything that can invoke procmail), you can use that to call a script, and the script in turn can send an external command to Nagios. Ed Donahue wrote: Is it possible to trigger an alert by sending an email to nagios (passive check)? I'm guessing it isn't a straight forward as that, just wonder if it is doable, and any links to examples would be cool too. Thanks in advance Ed -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now Save for Velocity, the Web Performance Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Hosts with dynamic IP addresses
Does your network use dynamic DNS by any chance? If you do, you could use the laptop's DNS name rather than its IP address. You may also be able to use a script that enumerates all the machines in the network. On Windows, look into the commands net view /Domain: and nbtstat -c as some starting points (Samba also has similar commands) Ken Tang wrote: I'd like to monitor a few user laptops in our environment. They use wireless so they often get dynamic IP addresses. Is there a way that Nagios can accept any connections, or, a range of addresses for a host? I don't have control of the DHCP server so I cannot assign a fixed IP address. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCA - Network server bind failure
This means exactly what the error message says: that there is already another program using port 5667. Odds are that nsca is already running on your computer; maybe it got started as a daemon on system startup. Joan Tugores wrote: Hi all, When I try to put up the daemon nsca with the command /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nsca.cfg in /var/log/messages appears Network server bind failure (98: Address already in use) the port 5667 is configured and netstat -na show tcp 0 00.0.0.0:56670.0.0.0:* LISTEN. Please Help. Thanks. -- -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCA - Network server bind failure
Try netstat -ltunp | grep 5667 And respond to the group, please. Joan Tugores wrote: Nsca not running ps -ef | grep nsca not show process nsca. Kevin Keane escribió: This means exactly what the error message says: that there is already another program using port 5667. Odds are that nsca is already running on your computer; maybe it got started as a daemon on system startup. Joan Tugores wrote: Hi all, When I try to put up the daemon nsca with the command /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nsca.cfg in /var/log/messages appears Network server bind failure (98: Address already in use) the port 5667 is configured and netstat -na show tcp 0 00.0.0.0:56670.0.0.0:* LISTEN. Please Help. Thanks. -- -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Connection refused
It may well be correct, but is a completely different setup! You have an SSH tunnel; that's a rather critical piece of information. You have an SSH tunnel from the Windows machine to somewhere else, instead of having an NSClient++. Maybe you meant to do a remote port forwarding and instead set up local port forwarding. Surajit Mukherjee wrote: Hi Kevin, The output netstat -anb looks like this. TCP0.0.0.0: 0.0.0.0:** ESTABLISHED [putty.exe] Where in left 0.0.0.0: is my windows server along with port and the right is the Linux server along with port. Is it not correct? Surajit -Original Message- From: Kevin Keane [mailto:subscript...@kkeane.com] Sent: Friday, May 08, 2009 1:56 PM Cc: Nagios User list Subject: Re: [Nagios-users] Connection refused What connection, exactly, do you show as established with netstat -an? It can't really be the one you are talking about, because that never connected. In any case, you would want to look for LISTENING rather than ESTABLISHED in the output for netstat -an. The local address on the left should say something like 0.0.0.0: (where is the port number). If it says 127.0.0.1 then NSClient++ is not listening on the Ethernet port. If you don't see an entry that listens on the correct port, then double-check that NSClient++ is running. If you do see an entry to listen on the correct port, try running nestat -anb . This will tell you which program is actually doing the listening. If it isn't NSClient++, you found your culprit. That's not likely, though. If netstat -anb shows NSClient++ as listening correctly, you almost certainly have a firewall issue. Surajit Mukherjee wrote: Andy, I am unable to telnet to the port from the Nagios server. I checked netstat -an and the connection is established. I am able to telnet from windows server to the Linux server. Surajit -Original Message- From: Andy Shellam [mailto:andy-li...@networkmail.eu] Sent: Friday, May 08, 2009 12:03 PM To: Surajit Mukherjee Cc: Nagios User list Subject: Re: [Nagios-users] Connection refused Surajit, Is the service actually running on that server? Can you telnet to the NSClient++ port manually? Regards, Andy Surajit Mukherjee wrote: I am getting Connection refused status information on a Windows 2003 Server that is using NSClient++. Out of the 7 Windows server I have in Nagios 3.0.6, this is the only server giving me that error ** ** **Cheers,** **Surajit** -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCA - Command file does not exist
Does the nsca user or group have access to every single directory along the path? Easy way to try: su - nagios cd /usr/local/nagios/var/rw ls -lah * Note: the above won't work if user nagios has /bin/false as a shell. In that case, try su -s /bin/bash - nagios It should list nagios.cmd (and probably some other files) Joan Tugores wrote: I think that not using chroot jail, this is my nsca.cfg: pid_file=/var/run/nsca.pid server_port=5667 #server_address=192.168.1.1 nsca_user=nagios nsca_group=nagiosgrb #nsca_chroot=/usr/local/nagios/var/rw/ debug=1 command_file=/usr/local/nagios/var/rw/nagios.cmd alternate_dump_file=/usr/local/nagios/var/rw/nsca.dump aggregate_writes=0 append_to_file=0 max_packet_age=30 #password= decryption_method=1 Kevin Keane escribió: Does nsca run in a chroot jail? I'm not sure if it can do that. If that's the case, nsca may think that /usr/local/nagios is really the root of the file system, and anything above that directory is essentially hidden. In that case, you'd have to change the nsca.cfg configuration to use /var/rw/nagios.cmd (or strip out whatever the root of the chroot jail is). Joan Tugores wrote: Hi all, When I send a packet to ncsa server this not processed. In /var/log/messages: Command file '/usr/local/nagios/var/rw/nagios.cmd' does not exist,attempting to use alternate dump file '/usr/local/nagios/var/rw/nsca.dump' for output But nagios.cmd exists and the permissions are good. prw-rw 1 nagios nagiosgrb0 may 5 09:59 nagios.cmd Regards, Joan -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCA - Command file does not exist
How about ls -lahd /usr/local/nagios/var/rw /usr/local/nagios/var /usr/local/nagios /usr/local /usr They should all at a minimum have X permission for either the nagios user or the group or for world. ? Joan Tugores wrote: [nag...@dcserverbd2 rw]$ ls -lah * prw-rw 1 nagios nagiosgrb0 may 8 13:22 nagios.cmd -rwxrwxr-x 1 nagios nagiosgrb 4,0K may 11 09:20 nsca.dump seems to be well. Kevin Keane escribió: Does the nsca user or group have access to every single directory along the path? Easy way to try: su - nagios cd /usr/local/nagios/var/rw ls -lah * Note: the above won't work if user nagios has /bin/false as a shell. In that case, try su -s /bin/bash - nagios It should list nagios.cmd (and probably some other files) Joan Tugores wrote: I think that not using chroot jail, this is my nsca.cfg: pid_file=/var/run/nsca.pid server_port=5667 #server_address=192.168.1.1 nsca_user=nagios nsca_group=nagiosgrb #nsca_chroot=/usr/local/nagios/var/rw/ debug=1 command_file=/usr/local/nagios/var/rw/nagios.cmd alternate_dump_file=/usr/local/nagios/var/rw/nsca.dump aggregate_writes=0 append_to_file=0 max_packet_age=30 #password= decryption_method=1 Kevin Keane escribió: Does nsca run in a chroot jail? I'm not sure if it can do that. If that's the case, nsca may think that /usr/local/nagios is really the root of the file system, and anything above that directory is essentially hidden. In that case, you'd have to change the nsca.cfg configuration to use /var/rw/nagios.cmd (or strip out whatever the root of the chroot jail is). Joan Tugores wrote: Hi all, When I send a packet to ncsa server this not processed. In /var/log/messages: Command file '/usr/local/nagios/var/rw/nagios.cmd' does not exist,attempting to use alternate dump file '/usr/local/nagios/var/rw/nsca.dump' for output But nagios.cmd exists and the permissions are good. prw-rw 1 nagios nagiosgrb0 may 5 09:59 nagios.cmd Regards, Joan -- -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCA - Command file does not exist
Yes, this looks good. Besides, I only just noticed that you did the ls -lah * as user nagios, so we now have double confirmation that this works. Another question: what happens when you manually feed a command into nagios.cmd? echo xxx /usr/local/nagios/var/rw/nagios.cmd It should basically succeed without any message. If you look in your nagios log files, you'll probably see an invalid command xxx being logged. Finally, you could try stopping nagios, deleting the nagios.cmd file if it stayed around, and restarting nagios. It should get recreated. This just in case it is somehow messed up. Joan Tugores wrote: drwxr-xr-x 15 root root 4,0K abr 29 13:07 /usr drwxr-xr-x 14 root root 4,0K abr 29 13:58 /usr/local drwxrwxr-x 9 nagios nagiosgrb 4,0K abr 29 14:16 /usr/local/nagios drwxrwxr-x 5 nagios nagiosgrb 4,0K may 11 11:07 /usr/local/nagios/var drwxrwxr-x 2 nagios nagiosgrb 4,0K may 8 13:22 /usr/local/nagios/var/rw I think is all ok. Kevin Keane escribió: How about ls -lahd /usr/local/nagios/var/rw /usr/local/nagios/var /usr/local/nagios /usr/local /usr They should all at a minimum have X permission for either the nagios user or the group or for world. ? Joan Tugores wrote: [nag...@dcserverbd2 rw]$ ls -lah * prw-rw 1 nagios nagiosgrb0 may 8 13:22 nagios.cmd -rwxrwxr-x 1 nagios nagiosgrb 4,0K may 11 09:20 nsca.dump seems to be well. Kevin Keane escribió: Does the nsca user or group have access to every single directory along the path? Easy way to try: su - nagios cd /usr/local/nagios/var/rw ls -lah * Note: the above won't work if user nagios has /bin/false as a shell. In that case, try su -s /bin/bash - nagios It should list nagios.cmd (and probably some other files) Joan Tugores wrote: I think that not using chroot jail, this is my nsca.cfg: pid_file=/var/run/nsca.pid server_port=5667 #server_address=192.168.1.1 nsca_user=nagios nsca_group=nagiosgrb #nsca_chroot=/usr/local/nagios/var/rw/ debug=1 command_file=/usr/local/nagios/var/rw/nagios.cmd alternate_dump_file=/usr/local/nagios/var/rw/nsca.dump aggregate_writes=0 append_to_file=0 max_packet_age=30 #password= decryption_method=1 Kevin Keane escribió: Does nsca run in a chroot jail? I'm not sure if it can do that. If that's the case, nsca may think that /usr/local/nagios is really the root of the file system, and anything above that directory is essentially hidden. In that case, you'd have to change the nsca.cfg configuration to use /var/rw/nagios.cmd (or strip out whatever the root of the chroot jail is). Joan Tugores wrote: Hi all, When I send a packet to ncsa server this not processed. In /var/log/messages: Command file '/usr/local/nagios/var/rw/nagios.cmd' does not exist,attempting to use alternate dump file '/usr/local/nagios/var/rw/nsca.dump' for output But nagios.cmd exists and the permissions are good. prw-rw 1 nagios nagiosgrb0 may 5 09:59 nagios.cmd Regards, Joan -- -- -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NSCA - Command file does not exist
Do you have Linux SE or AppArmor that might block access for nsca? Otherwise, I'm pretty much out of ideas :-( Joan Tugores wrote: Manually feed works!! but stopstart nagios not solves the problem. Kevin Keane escribió: Yes, this looks good. Besides, I only just noticed that you did the ls -lah * as user nagios, so we now have double confirmation that this works. Another question: what happens when you manually feed a command into nagios.cmd? echo xxx /usr/local/nagios/var/rw/nagios.cmd It should basically succeed without any message. If you look in your nagios log files, you'll probably see an invalid command xxx being logged. Finally, you could try stopping nagios, deleting the nagios.cmd file if it stayed around, and restarting nagios. It should get recreated. This just in case it is somehow messed up. Joan Tugores wrote: drwxr-xr-x 15 root root 4,0K abr 29 13:07 /usr drwxr-xr-x 14 root root 4,0K abr 29 13:58 /usr/local drwxrwxr-x 9 nagios nagiosgrb 4,0K abr 29 14:16 /usr/local/nagios drwxrwxr-x 5 nagios nagiosgrb 4,0K may 11 11:07 /usr/local/nagios/var drwxrwxr-x 2 nagios nagiosgrb 4,0K may 8 13:22 /usr/local/nagios/var/rw I think is all ok. Kevin Keane escribió: How about ls -lahd /usr/local/nagios/var/rw /usr/local/nagios/var /usr/local/nagios /usr/local /usr They should all at a minimum have X permission for either the nagios user or the group or for world. ? Joan Tugores wrote: [nag...@dcserverbd2 rw]$ ls -lah * prw-rw 1 nagios nagiosgrb0 may 8 13:22 nagios.cmd -rwxrwxr-x 1 nagios nagiosgrb 4,0K may 11 09:20 nsca.dump seems to be well. Kevin Keane escribió: Does the nsca user or group have access to every single directory along the path? Easy way to try: su - nagios cd /usr/local/nagios/var/rw ls -lah * Note: the above won't work if user nagios has /bin/false as a shell. In that case, try su -s /bin/bash - nagios It should list nagios.cmd (and probably some other files) Joan Tugores wrote: I think that not using chroot jail, this is my nsca.cfg: pid_file=/var/run/nsca.pid server_port=5667 #server_address=192.168.1.1 nsca_user=nagios nsca_group=nagiosgrb #nsca_chroot=/usr/local/nagios/var/rw/ debug=1 command_file=/usr/local/nagios/var/rw/nagios.cmd alternate_dump_file=/usr/local/nagios/var/rw/nsca.dump aggregate_writes=0 append_to_file=0 max_packet_age=30 #password= decryption_method=1 Kevin Keane escribió: Does nsca run in a chroot jail? I'm not sure if it can do that. If that's the case, nsca may think that /usr/local/nagios is really the root of the file system, and anything above that directory is essentially hidden. In that case, you'd have to change the nsca.cfg configuration to use /var/rw/nagios.cmd (or strip out whatever the root of the chroot jail is). Joan Tugores wrote: Hi all, When I send a packet to ncsa server this not processed. In /var/log/messages: Command file '/usr/local/nagios/var/rw/nagios.cmd' does not exist,attempting to use alternate dump file '/usr/local/nagios/var/rw/nsca.dump' for output But nagios.cmd exists and the permissions are good. prw-rw 1 nagios nagiosgrb0 may 5 09:59 nagios.cmd Regards, Joan -- -- -- -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] cannot make comments under nagios after server crash. nagios.cmd missing
Try restarting Nagios. nagios.cmd is actually not a file, but a socket. It is very important, not just for comments, but for a lot of other things, too. It should get deleted when you stop nagios, and recreated when you start it. Apparently, when you restarted nagios manually somehow that step got bypassed. Rahul Nabar wrote: I recently had a server crash. I recovered and restarted nagios manually but now I seem to have lost the ability to make comments on hosts. If I try I get the error message: Error: Could not stat() command file '/usr/local/nagios/var/rw/nagios.cmd'! The external command file may be missing, Nagios may not be running, and/or Nagios may not be checking external commands. An error occurred while attempting to commit your command for processing. That file is indeed missing. Running a locate nagios.cmd though shows the file at that location so it must have been there before the crash. Do I need to restart something? What am I missing. The older comments are intact though. It is just that I cannot make new comments. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] nagios exchange publishing question
My understanding is that this is basically just a directory site, so you would publish it whichever way you want. If you want to be perfectly clear, you would have to ask a lawyer, of course. shadih rahman wrote: All, I have a quick question about licensing and trademarks. If I publish some scripts in nagiosexchange.org http://nagiosexchange.org what license or trademark am I publishing under? Please advise on this. -- Cordially, Shadhin Rahman -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://www.creativitycat.com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Override a threshold for one host in a template
I had a somewhat similar problem (all of my servers use the same 30 or so services, except one of them doesn't have remote access, so it only needs 29). Here is what I did. It sounds like you did about the same: - create a hostgroup - create 30 services - in each service, specify the corresponding hostgroup_name that it should go into. - make all 30 hosts part of that hostgroup Now to deal with this one server, let's call it problem.server.com for service DIFFICULTSERVICE: In the declaration for DIFFICULTSERVICE, exclude problem.server.com: hostname !problem.server.com Declare another service DIFFICULTSERVICE just for problem.server.com with the correct parameters. John Andrunas wrote: I have been using http://nagios.sourceforge.net/docs/3_0/objecttricks.html to set up templates for hosts in Nagios, the only problem I have is that one of my DB servers consistently runs high on memory utilization, so it is almost always in a warning state. I tried setting another higher threshold for that one host in but it doesn't take. Is there a way to override a threshold set in a hostgroup_name for one particular host, or am i going to have to redo my hostgroup based template? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://www.creativitycat.com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] sidebar does not display correctly
side.html It looks like it actually is displaying correctly but ignoring the styles for some reason. Haffner, David (GE, Corporate, consultant) wrote: Hi all, I've been having a horrible time getting the sidebar to display correctly. Can anyone point me to a file or directory or something that needs to be tweeked? I've got it running on RHEL4. Everything functions fine, it's just that the sidebar displays wrong. Here's a screenshot. Thanks! Dave Haffner -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://www.creativitycat.com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://www.creativitycat.com ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Agentless Vs Agent based
There is no such thing as better here - else everybody would just be using that method. The difference is simply that agent-based Nagios monitoring requires that you install software on the client, while agentless monitoring allows you to monitor the computer from afar using SNMP, WMI and the like. Because an agent runs on the computer itself, it can access quite a bit of data that may not be available remotely - but at the same time, the agent is more intrusive and requires more configuration. It is not unusual to use both methods at the same time, actually. Also, you have different security considerations for agentless vs. agent-based monitoring. Agentless monitoring requires that you enable SNMP, WMI, and/or other remote-access technologies. Agent-based monitoring requires that you put additional software (the agent) onto the monitored computer, and usually that software has to run as root or administrator or local system or a similar account with high permissions. Every time you add software to a computer, you also add potential exploits. chethan@wipro.com wrote: Dear Experts, What are the differences and advantages b/w agentless nagios setup and agent based (NRPE, NSCclient) Nagios monitoring. Please help me in understanding which is better to go with Agentless or Agent based. Please Help. *Thanks Regards,* *Chethan M N,* Sr Engineer - EMS -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] SNMP configuration for Nagios: sysUpTime.
I'm not quite sure what you mean when you are saying trying to get SNMP to work within the web interface of Nagios. These two things really have very little to do with each other. The Web interface is simply something that lets you, the user, access status information. Any checking is configured in configuration files. You simply can't add a check in the Nagios web interface (although there are some third-party Web interfaces that do allow you to maintain the configuration files with a Web interface). If you correctly configure your check in the Nagios configuration files, the result will pop up in the web interface automatically - Nagios doesn't care whether the check result comes from SNMP or some other mechanism. Jimmyboy wrote: Hi *All*, I am trying to get SNMP to work within the /web interface of NAGIOS/. I have a Windows-based machine installed with SNMP service and configured with its public community. However, Nagios' web interface is unable to pull the *sysUpTime.0* from this Windows machine though PING works. _Observation_: check_snmp works fine snmpwalk works fine I believe, it has something to do with the SNMP configuration files. Can someone give pointers to documents that suggest what changes need to be done for this? =-=-= OS: Ubuntu 8.10 Nagios version: 3.0.6 snmp version : 5.4.1 =-=-= Thanks, *Jim* -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] SNMP configuration for Nagios: sysUpTime.
Ian Masters wrote: On doing check_snmp -H 172.25.198.36 -C -o sysUpTime.0, it returns SNMP OK - TimeTicks: (17742960) 2 days, 1:17:09.60 If Nagios can succeed on the command line without changing your snmp config I would presume that means the problem is in your nagios .cfg file. Either that, or it is a permissions problem or an environment problem. Nagios executes checks as user nagios not as root. Off the top of my head, I'm not sure what, if any, environment variables are passed to the check. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] SNMP configuration for Nagios: sysUpTime.
No. These two files are related to the SNMP daemon and the SNMP trap handling, respectively. Basically, SNMP has two different ways it operates. You can query client machines using SNMP, or the client machines can actively send you information (usually only when some event occurs). Actively sending information is called a trap. While you can probably make it work with Nagios, that would be somewhat unusual, and is not what you are looking for here. The snmptrapd.conf file deals with traps. check_snmp (and snmpwalk, snmpget etc.) use a plain client/server approach. On the nagios machine, you have a client - check_snmp. On the monitored client, you have an SNMP server called snmpd (in Linux). Windows, as well as many routers, switches etc. all also have similar SNMP servers running. As the name suggests, snmpd.conf is used to configure this daemon. In other words, you would need to set that up on the monitored client if it is a Linux client. check_snmp and snmpget don't use it. Off the top of my head, I don't know how to configure snmp (probably a file called snmp.conf - without the d, along with a whole directory tree under /etc/snmp), but in most Linux distributions it should be pretty much already configured the way you need it. You may need to install a couple MIBs for devices you want to monitor. Most of what you would need to do is done on the command line to the check_snmp command. Jimmyboy wrote: I have snmpd.conf and snmptrapd.conf files within the path '/etc/snmp/'. Shouldn't one need to make changes within these configuration files in order to pass/retrieve relevant information to the web interface of Nagios? What I feel is Nagios is unable to query the network entity and so unable to get the needed information. Appreciate your help!! Thanks, Jim =-=-=-= 2009/6/4 Ian Masters i...@acces.co.jp mailto:i...@acces.co.jp This works fine for me: check_command check_snmp! -H 172.16.1.1 -C -o sysUpTime.0 -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NDO Utils is not running even after repeated attempts
I don't see where you specified the db_host in ndo2db.cfg. rajashekar.s wrote: Hi all, I have installed Nagios 3.0.6 and Nagios Plugin-1.4.13 and NDO Utils1.4b7 as given in the installtion manual. but I get message ndomod:Still unable to connect to data sink The following are the related config settings *_ndo2db.cfg_* ndo2db_user=nagios ndo2db_group=nagios socket_type=tcp tcp_port=5668 db_servertype=MySQL db_port=3306 db_name=nagios db_prefix=nagios_ db_user=nagios db_pass=nagios max_timedevents_age=1440 max_systemcommands_age=10080 max_servicechecks_age=10080 max_hostchecks_age=10080 max_eventhandlers_age=44640 debug_level=-1 debug_verbosity=1 debug_file=/usr/local/nagios/var/ndo2db.debug max_debug_file_size=100 *_ndomod_* instance_name=default output_type=tcpsocket output=127.0.0.1 tcp_port=5668 output_buffer_items=5000 buffer_file=/usr/local/nagios/var/ndomod.tmp file_rotation_interval=14400 file_rotation_timeout=60 reconnect_interval=15 reconnect_warning_interval=15 data_processing_options=-1 config_output_options=2 *_my.cnf (MySQL)_* [client] port= 3306 socket= /var/run/mysqld/mysqld.sock [mysqld_safe] socket= /var/run/mysqld/mysqld.sock nice= 0 [mysqld] user= mysql pid-file= /var/run/mysqld/mysqld.pid socket= /var/run/mysqld/mysqld.sock port= 3306 basedir= /usr datadir= /var/lib/mysql tmpdir= /tmp language= /usr/share/mysql/english skip-external-locking key_buffer= 16M max_allowed_packet= 16M thread_stack= 128K thread_cache_size= 8 max_connections= 100 table_cache= 64 thread_concurrency = 10 query_cache_limit = 1M query_cache_size= 16M expire_logs_days= 10 max_binlog_size = 100M skip-bdb [mysqldump] quick quote-names max_allowed_packet= 16M [mysql] [isamchk] key_buffer= 16M !includedir /etc/mysql/conf.d/ I request you help -- -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] nagvis requires ndoutils; how stable is ndoutils?
I just installed ndoutils with mysql. There indeed was one pitfall: the database is growing quite large very quickly. Eventually, the DB got sluggish and couldn't keep up with the data Nagios threw at it (the DB server is quite underpowered). It got so bad that after a week or so, Nagios wouldn't even start up. It turned out that it wasn't primarily the database itself, but binary logging. It is turned on by default (at least on CentOS) but you only need it for replication. If you are not using replication, simply turn off binary logging and you should be good to go. At least, I hope so; I only made that change yesterday, so I won't know for another week or so. Rahul Nabar wrote: I was tempted to install Nagvis but unfortunately it needs Ndoutils which I am not using so far. I could install ndoutils but am afraid about breaking my production Nagios environment. Especially because of the warning in the ndoutils README about the code being alpha/beta quality. Any ndoutils users? How stable is it? Any pitfalls while installation? Or should I avoid ndoutils entirely? Is there any workaround to get Nagvis working? -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NDO Utils is not running even after repeated attempts
OK, that explains it. Use 127.0.01 instead. MySQL tries to be smart and in the process confuses everybody; it interprets localhost to mean I want to use Unix sockets. But based on your configuration file, you obviously want to use TCP sockets. Using the IP address instead tells MySQL to use TCP sockets even when connecting locally. And please respond back to the group so others benefit from the answer as well. rajashekar.s wrote: Dear kevin, Sorry i have missed it while doing copy paste operation *db_host = localhost* I have defined in ndo2db.cfg file Thanks Rajshekar Kevin Keane wrote: I don't see where you specified the db_host in ndo2db.cfg. rajashekar.s wrote: Hi all, I have installed Nagios 3.0.6 and Nagios Plugin-1.4.13 and NDO Utils1.4b7 as given in the installtion manual. but I get message ndomod:Still unable to connect to data sink The following are the related config settings *_ndo2db.cfg_* ndo2db_user=nagios ndo2db_group=nagios socket_type=tcp tcp_port=5668 db_servertype=MySQL db_port=3306 db_name=nagios db_prefix=nagios_ db_user=nagios db_pass=nagios max_timedevents_age=1440 max_systemcommands_age=10080 max_servicechecks_age=10080 max_hostchecks_age=10080 max_eventhandlers_age=44640 debug_level=-1 debug_verbosity=1 debug_file=/usr/local/nagios/var/ndo2db.debug max_debug_file_size=100 *_ndomod_* instance_name=default output_type=tcpsocket output=127.0.0.1 tcp_port=5668 output_buffer_items=5000 buffer_file=/usr/local/nagios/var/ndomod.tmp file_rotation_interval=14400 file_rotation_timeout=60 reconnect_interval=15 reconnect_warning_interval=15 data_processing_options=-1 config_output_options=2 *_my.cnf (MySQL)_* [client] port= 3306 socket= /var/run/mysqld/mysqld.sock [mysqld_safe] socket= /var/run/mysqld/mysqld.sock nice= 0 [mysqld] user= mysql pid-file= /var/run/mysqld/mysqld.pid socket= /var/run/mysqld/mysqld.sock port= 3306 basedir= /usr datadir= /var/lib/mysql tmpdir= /tmp language= /usr/share/mysql/english skip-external-locking key_buffer= 16M max_allowed_packet= 16M thread_stack= 128K thread_cache_size= 8 max_connections= 100 table_cache= 64 thread_concurrency = 10 query_cache_limit = 1M query_cache_size= 16M expire_logs_days= 10 max_binlog_size = 100M skip-bdb [mysqldump] quick quote-names max_allowed_packet= 16M [mysql] [isamchk] key_buffer= 16M !includedir /etc/mysql/conf.d/ I request you help -- -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Fwd: Re: Configuration files obfuscation
Obfuscating the config files is going to be difficult, because almost everything in them is either a Nagios keyword, or something that shows up verbatim in the user interface, or an IP address. The only thing you could reasonably obfuscate is the names of the various commands. But you may be able to use either encryption or permissions to accomplish the same goal even more securely. Using permissions: If you have problems trusting administrators, you shouldn't give them root access. Instead, give each administrator a personal non-root account, and use sudo to give them only access to what you want them to manage. With that approach, you can then give only the authorized administrator sudo access to the nagios config files. It also lets you track, in the log files, who executed which command. Another option is to put the configuration files onto a different machine that the untrusted admins do not have access to. Export that directory using NFS and make it only accessible to user nagios. NFS prevents root from accessing the directory. Using Encryption: Here are a few methods I could think of. They all take advantage of the fact that Nagios doesn't read the config files once it is running (at least, I believe that's the case). - Use some form of encrypted file system that only user nagios can read. - Put the configuration files into an ISO or a cramfs file system. Encrypt the file using gpg. Decrypt and mount that file system only right before Nagios starts up, and umount it and delete the decrypted version right away (you may even be able to mount the encrypted version somehow and decrypt on the fly - I'm not an expert on that). Modify the nagios.cfg to point to the mount point, as appropriate. - Put the configuration files into an ISO, burn an actual CD, and put the CD into the machine only right before starting up Nagios. That way, the config files physically aren't there at all. Something that is not on the machine can't be stolen. - I'm not sure if Nagios is able to read config files from a script instead of a file - if it is, you could encrypt the config files using gpg, and have Nagios decrypt it on the fly. Or you could modify the Nagios startup script to decrypt the config files right before starting Nagios, and delete the decrypted config files after Nagios has started successfully. Assaf Flatto wrote: As the user sent this mail to me - i am forwarding it to the list , so all will be able to know what he needs and may be able to help more. Assaf -- Forwarded Message -- Subject: Re: [Nagios-users] Configuration files obfuscation Date: Tuesday 16 June 2009 From: edward baddouh ebadd...@gmail.com To: Assaf Flatto assaf.fla...@ssp-intl.com Yes, I want the configuration files to be worse (readable). The idea is to difficult as-much-as-possible config-files theft from ohter people who admin that server.. There have been times that configuration files were implemented on different installations (different sites) with minor changes without the admin's consent.. I don't want nobody to get credits for work I've done and receive no profit at all.. That's my need for obfuscation. My idea is to keep an original readable-configuration in a safe place and set the obfuscated config-file in production. 2009/6/16 Assaf Flatto assaf.fla...@ssp-intl.com On Tuesday 16 June 2009 15:53:11 edward baddouh wrote: Hi, is ther a way to obfuscate configuration files? edward You want the files to be more confusing then they are now ??? the easiest way is not to give self explanatory names to the files / directories . btw - i have a question about this ... Why ?? Are you trying to make the work on the configuration worse for yourself ? -- Assaf Flatto -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin
Re: [Nagios-users] trimming nagvis database via cron
I had a similar problem with my ndoutils and mysql. If you are using MySQL and aren't using replication, don't forget to first clear and then turn off binary logs - those files get huge very quickly. Michael W. Lucas wrote: Hi, After a few months of use, our NagVis database grew to 23GB and overwhelmed my (tiny) server. Shutting down the system, dropping the database, and recreating it solved my issues. Surely someone has already written a script to purge the NagVis database on a regular basis, trimming old data to keep the database at a reasonable size. If so, could you share it? I'm sure I can figure this out, but I can't believe that nobody else has had this issue. Thanks, ==ml -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] Using passive host checks and freshness
I am using Nagios 3.0.6. In my setup, most checks are passive. I also am using passive host checks. I can't get freshness checking to work right for host checks, though it works fine for services. I'd appreciate some help with that! I tried configuring the host checks the same way as service checks: active_checks_enabled 0 passive_checks_enabled 1 check_freshness 1 freshness_threshold 900 check_command check_dummy!2!Server is down! But freshness checking apparently is never taking place. When I set active_checks_enabled to 1, Nagios will change the status to UP when a check result arrives for the host, and then immediately, within ten seconds or less, change it back to DOWN. Oddly enough, it does not use the status text return from check_dummy (Server is down!) but rather (null). The relevant host and template definitions are attached below, as well as an excerpt from the nagios.log file for the same server. define host { host_name .. hostgroups servers alias X address 192.168.2.197 use windows-server contact_groups mainoffice } define host{ namewindows-server ; The name of this host template use generic-host; Inherit default values from the generic-host template check_period24x7; By default, Windows servers are monitored round the clock check_interval 5 ; Actively check the server every 5 minutes retry_interval 1 ; Schedule host check retries at 1 minute intervals max_check_attempts 10 ; Check each server 10 times (max) # check_command check-host-alive; Default command to check if servers are alive passive_checks_enabled 1 check_freshness 1 freshness_threshold 900 check_command check_dummy!2!Server is down! # normal_check_interval 5 # retry_check_interval2 notification_period 24x7; Send notification out at any time - day or night notification_interval 30 ; Resend notifications every 30 minutes notification_optionsd,r ; Only send notifications for specific host states contact_groups admins ; Notifications get sent to the admins by default hostgroups windows-servers ; Host groups that Windows servers should be a member of register0 ; DONT REGISTER THIS - ITS JUST A TEMPLATE } The Nagios.log file contains: [124922] PASSIVE HOST CHECK: ..;0;sometext [124922] HOST ALERT: ..;UP;HARD;1;sometext [124922] HOST NOTIFICATION: x...@xxx.com;..;UP;notify-host-by-email;sometext [124930] HOST NOTIFICATION: kkeane;..;UP;notify-host-by-email;sometext [124931] HOST ALERT: ..;DOWN;SOFT;1;(null) -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] Auto-adding services
I'm trying to simplify my Nagios administration. To do that, I would like to automatically add passive-check services. The mechanism is fairly straightforward: parse out the nagios.log file and look for the error message. [1245563104] Warning: Passive check result was received for service 'XXX' on host 'yyy.zzz.com', but the service could not be found! The only challenge is to make sure I only add the same service once, even if the error appears multiple times. But before I get started on this, I was wondering if this is reinventing the wheel? Does somebody else already have such a tool? Thanks! -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using passive host checks and freshness
I found the problem. Host freshness checks were turned off in nagios.cfg. Kevin Keane wrote: I am using Nagios 3.0.6. In my setup, most checks are passive. I also am using passive host checks. I can't get freshness checking to work right for host checks, though it works fine for services. I'd appreciate some help with that! I tried configuring the host checks the same way as service checks: active_checks_enabled 0 passive_checks_enabled 1 check_freshness 1 freshness_threshold 900 check_command check_dummy!2!Server is down! But freshness checking apparently is never taking place. When I set active_checks_enabled to 1, Nagios will change the status to UP when a check result arrives for the host, and then immediately, within ten seconds or less, change it back to DOWN. Oddly enough, it does not use the status text return from check_dummy (Server is down!) but rather (null). The relevant host and template definitions are attached below, as well as an excerpt from the nagios.log file for the same server. define host { host_name .. hostgroups servers alias X address 192.168.2.197 use windows-server contact_groups mainoffice } define host{ namewindows-server ; The name of this host template use generic-host; Inherit default values from the generic-host template check_period24x7; By default, Windows servers are monitored round the clock check_interval 5 ; Actively check the server every 5 minutes retry_interval 1 ; Schedule host check retries at 1 minute intervals max_check_attempts 10 ; Check each server 10 times (max) # check_command check-host-alive; Default command to check if servers are alive passive_checks_enabled 1 check_freshness 1 freshness_threshold 900 check_command check_dummy!2!Server is down! # normal_check_interval 5 # retry_check_interval2 notification_period 24x7; Send notification out at any time - day or night notification_interval 30 ; Resend notifications every 30 minutes notification_optionsd,r ; Only send notifications for specific host states contact_groups admins ; Notifications get sent to the admins by default hostgroups windows-servers ; Host groups that Windows servers should be a member of register0 ; DONT REGISTER THIS - ITS JUST A TEMPLATE } The Nagios.log file contains: [124922] PASSIVE HOST CHECK: ..;0;sometext [124922] HOST ALERT: ..;UP;HARD;1;sometext [124922] HOST NOTIFICATION: x...@xxx.com;..;UP;notify-host-by-email;sometext [124930] HOST NOTIFICATION: kkeane;..;UP;notify-host-by-email;sometext [124931] HOST ALERT: ..;DOWN;SOFT;1;(null) -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] REPOST: Problem in Preflight Check with commands.cfg
I would suggest that you use grep to be sure you really caught all configuration files (grep -ri check_dns /etc/nagios3). My guess, though - just a hunch - is that you may be accidentally including the same file twice in your nagios.cfg. For instance, you may have explicitly specified it in nagios.cfg, and it may also get automatically included because it is in the conf.d directory. Another possibility is that the directory structures of the old and new nagios servers don't match, and you somehow ended up with two separate command.cfg files. Kaplan, Andrew H. wrote: Hi there-- I am reposting this question due to a lack of response. I really am in need of help here, and any would be greatly appreciated. Thanks. I have completed the installation of Nagios 3.0.6 onto an Ubuntu 9.04 server using the apt-get utility. We currently have a Nagios 2.6 server running, and I wanted to import the configuration files into the newer server. To that end, I have placed the appropriate configuration files in the /etc/nagios3/conf.d directory, and modified the nagios.cfg file to reflect the location of the configuration files. I ran the preflight check and the following error message appeared on-screen: /usr/sbin/nagios3 -v /etc/nagios3/nagios.cfg Nagios 3.0.6 Copyright (c) 1999-2008 Ethan Galstad (http://www.nagios.org) Last Modified: 12-01-2008 License: GPL Reading configuration data... Warning: Duplicate definition found for command 'check_dns' (config file '/etc/nagios3/conf.d/commands.cfg', starting on line 90) Error: Could not add object property in file '/etc/nagios3/conf.d/commands.cfg' on line 91. *** One or more problems was encountered while processing the config files... Check your configuration file(s) to ensure that they contain valid directives and data defintions. If you are upgrading from a previous version of Nagios, you should be aware that some variables/definitions may have been removed or modified in this version. Make sure to read the HTML documentation regarding the config files, as well as the 'Whats New' section to find out what has changed. I checked the commands.cfg, and several other files, and I do not see where the duplicate definition is occurring. Can someone lend a hand on this? Thanks. -Original Message- From: Kaplan, Andrew H. Sent: Friday, June 19, 2009 4:52 PM To: nagios-users@lists.sourceforge.net Subject: [Nagios-users] Problem in Preflight Check with commands.cfg Hi there -- I have completed the installation of Nagios 3.0.6 onto an Ubuntu 9.04 server using the apt-get utility. We currently have a Nagios 2.6 server running, and I wanted to import the configuration files into the newer server. To that end, I have placed the appropriate configuration files in the /etc/nagios3/conf.d directory, and modified the nagios.cfg file to reflect the location of the configuration files. I ran the preflight check and the following error message appeared on-screen: /usr/sbin/nagios3 -v /etc/nagios3/nagios.cfg Nagios 3.0.6 Copyright (c) 1999-2008 Ethan Galstad (http://www.nagios.org) Last Modified: 12-01-2008 License: GPL Reading configuration data... Warning: Duplicate definition found for command 'check_dns' (config file '/etc/nagios3/conf.d/commands.cfg', starting on line 90) Error: Could not add object property in file '/etc/nagios3/conf.d/commands.cfg' on line 91. *** One or more problems was encountered while processing the config files... Check your configuration file(s) to ensure that they contain valid directives and data defintions. If you are upgrading from a previous version of Nagios, you should be aware that some variables/definitions may have been removed or modified in this version. Make sure to read the HTML documentation regarding the config files, as well as the 'Whats New' section to find out what has changed. I checked the commands.cfg, and several other files, and I do not see where the duplicate definition is occurring. Can someone lend a hand on this? Thanks. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one
Re: [Nagios-users] Infrastructure help!
If you don't want to receive these emails, you have to unsubscribe from the list. cms.mahape wrote: Please don’t send mail again Atish *From:* Harald Böhmecke [mailto:harald.boehme...@bertelsmann.de] *Sent:* Monday, June 22, 2009 4:38 PM *To:* nagios-users@lists.sourceforge.net *Subject:* [Nagios-users] Infrastructure help! Hi guys, We are currently about to fully engage with Nagios. Our current VM which has aprox. 1200 services and 200 hosts will be deleted and a new distributed monitoring will be setup. Thing is, we need to monitor aprox. 500 hosts with aprox. 6000 services. Almost all Servers are in a single location. So there should be no need for Nagios probes distributed on big locations... Has anyone had an experience with Nagios with this ammount of hosts/services to be monitored? I need a basic guidance regarding hardware and distribution model to be used. Thanks in advance for your suggestions. Regards, Harald -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] nagvis requires ndoutils; how stable is ndoutils?
Rahul Nabar wrote: On Tue, Jun 16, 2009 at 6:47 AM, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: I just installed ndoutils with mysql. There indeed was one pitfall: the database is growing quite large very quickly. Eventually, the DB got sluggish and couldn't keep up with the data Nagios threw at it (the DB server is quite underpowered). It got so bad that after a week or so, Nagios wouldn't even start up. It turned out that it wasn't primarily the database itself, but binary logging. It is turned on by default (at least on CentOS) but you only need it for replication. If you are not using replication, simply turn off binary logging and you should be good to go. At least, I hope so; I only made that change yesterday, so I won't know for another week or so. Thanks for all those helpful comments guys! You might have saved me from a few disasters here. I think I am staying away from Nagvis (and ndoutils ) for now. Nagviz seems to me one of those tools that simply look great but the back-end still needs quite some work before I'd be brave enough to unleash it in a production environment! I think that is a bit overreacting. ndoutils is a database client. Databases need management and tuning to get you good performance - that's just routine, regardless of the brand you are using: mysql, SQL Server, Oracle, Postgres, No amount of work or polishing will change that. There's a reason DBAs are highly valued professionals. For that matter, my database would have had this problem regardless of ndoutils. It's just that ndoutils writes a lot more to the database than my other applications (by nature, not ndoutils' fault). By the way, the tuning I suggested seems to have done the trick. It's been running for more than a week without a hitch, and without the increase in disk space I had observed before. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] nagvis requires ndoutils; how stable is ndoutils?
Rahul Nabar wrote: On Thu, Jun 25, 2009 at 12:20 AM, Kevin Keane subscript...@kkeane.com mailto:subscript...@kkeane.com wrote: I think that is a bit overreacting. ndoutils is a database client. Thanks Kevin. Point taken. Databases need management and tuning to get you good performance - that's just routine, regardless of the brand you are using: mysql, SQL Server, Oracle, Postgres, But the way nagios natively stores data seems to be pretty robust though. Nagios has scaled excellently right out of the box. From all these discussions it seems that the problems arise when I try to hook up ndoutils etc. in there. Maybe I am wrong! No, you are entirely right. For that matter, ndoutils does absolutely NOTHING for Nagios itself. Nagios continues to store the data in its native format. Nagios itself doesn't need a database, doesn't benefit from it, and probably actually will take a (slight) performance hit from calling ndoutils and writing to the DB. All it does is replicate the data into a database - you can think of it as an export utility to MySQL. What it comes down to: if you need the data available in a database for some tool like nagviz, you use ndoutils. If you don't - then don't use ndoutils. Simple as that. Also, keep in mind that Nagios' native data storage is designed for just Nagios own internal use. If other tools started accessing it directly, it would very quickly stop being robust. No amount of work or polishing will change that. There's a reason DBAs are highly valued professionals. I feel that's the crux though. If each native nagios install neeed a skilled DBA to tune it till it worked I doubt it'd have been so successful. Fortunately, it's not quite that bad. For smaller installations - the vast majority - the necessary tuning is something you can do yourself with a little bit of research. I'm not a DBA, just a universalist who dabbles in everything from C++ to SQL to Active Directory to Linux administration. Only if your installation is truly humongous would you need a DBA to really wring out the last little ounce of performance. That said, there are also good reasons why everybody is using databases for all kinds of things today. Heck, my Web site stores the content in a database! Databases do add a lot of power and flexibility, provide access for multiple clients, a very simple interface, they can easily be made available across a network are easy to back up and very robust. These things are the reasons very few tools access the proprietary Nagios data directly but most require ndoutils. And if somebody was to rewrite Nagios from scratch today, they would probably store the data in a database to begin with. I'd also like to point out that Nagios itself needs just as much tuning as a database does. As does the Linux server you are running it on. -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NDO Utils is not running even after repeated attempts
The error message says that ndoutils is running, but can't connect to the database. Can you try and see if port 3306 is open? That is the one MySQL should be listening on. The command to do that is: netstat -ltunp Next, check if there might be a firewall blocking access. For instance, to see the rules for iptables: iptables -vnL I hope this helps! rajashekar.s wrote: Hello all, I request your help for this problem of mine. Please refer this mail down for all the configuration settings. I am still getting the same message Jun 25 18:23:12 excel-desktop nagios: Nagios 3.0.6 starting... (PID=464) Jun 25 18:23:12 excel-desktop nagios: Local time is Thu Jun 25 18:23:12 IST 2009 Jun 25 18:23:12 excel-desktop nagios: LOG VERSION: 2.0 Jun 25 18:23:12 excel-desktop nagios: ndomod: NDOMOD 1.4b7 (10-31-2007) Copyright (c) 2005-2007 Ethan Galstad (nag...@nagios.org) Jun 25 18:23:12 excel-desktop nagios: ndomod: Could not open data sink! I'll keep trying, but some output may get lost... Jun 25 18:23:12 excel-desktop nagios: Event broker module '/usr/local/nagios/bin/ndomod-3x.o' initialized successfully. Jun 25 18:23:12 excel-desktop nagios: Finished daemonizing... (New PID=465) Jun 25 18:23:28 excel-desktop nagios: ndomod: Still unable to connect to data sink. 394 items lost, 5000 queued items to flush. Jun 25 18:23:44 excel-desktop nagios: ndomod: Still unable to connect to data sink. 482 items lost, 5000 queued items to flush. Jun 25 18:24:00 excel-desktop nagios: ndomod: Still unable to connect to data sink. 579 items lost, 5000 queued items to flush. Thanks Rajshekar rajashekar.s wrote: Dear Kevin, I did as you said, but still it is not connected (same message is coming) when I run the command # /usr/local/nagios/bin/ndo2db-3x -c /usr/local/nagios/etc/ndo2db.cfg Error processing config file '/usr/local/nagios/etc/ndo2db.cfg'. I do not know the what is the error? I restarted both Nagios and MySQL Thanks Rajshekar Kevin Keane wrote: OK, that explains it. Use 127.0.01 instead. MySQL tries to be smart and in the process confuses everybody; it interprets localhost to mean I want to use Unix sockets. But based on your configuration file, you obviously want to use TCP sockets. Using the IP address instead tells MySQL to use TCP sockets even when connecting locally. And please respond back to the group so others benefit from the answer as well. rajashekar.s wrote: Dear kevin, Sorry i have missed it while doing copy paste operation *db_host = localhost* I have defined in ndo2db.cfg file Thanks Rajshekar Kevin Keane wrote: I don't see where you specified the db_host in ndo2db.cfg. rajashekar.s wrote: Hi all, I have installed Nagios 3.0.6 and Nagios Plugin-1.4.13 and NDO Utils1.4b7 as given in the installtion manual. but I get message ndomod:Still unable to connect to data sink The following are the related config settings *_ndo2db.cfg_* ndo2db_user=nagios ndo2db_group=nagios socket_type=tcp tcp_port=5668 db_servertype=MySQL db_port=3306 db_name=nagios db_prefix=nagios_ db_user=nagios db_pass=nagios max_timedevents_age=1440 max_systemcommands_age=10080 max_servicechecks_age=10080 max_hostchecks_age=10080 max_eventhandlers_age=44640 debug_level=-1 debug_verbosity=1 debug_file=/usr/local/nagios/var/ndo2db.debug max_debug_file_size=100 *_ndomod_* instance_name=default output_type=tcpsocket output=127.0.0.1 tcp_port=5668 output_buffer_items=5000 buffer_file=/usr/local/nagios/var/ndomod.tmp file_rotation_interval=14400 file_rotation_timeout=60 reconnect_interval=15 reconnect_warning_interval=15 data_processing_options=-1 config_output_options=2 *_my.cnf (MySQL)_* [client] port= 3306 socket= /var/run/mysqld/mysqld.sock [mysqld_safe] socket= /var/run/mysqld/mysqld.sock nice= 0 [mysqld] user= mysql pid-file= /var/run/mysqld/mysqld.pid socket= /var/run/mysqld/mysqld.sock port= 3306 basedir= /usr datadir= /var/lib/mysql tmpdir= /tmp language= /usr/share/mysql/english skip-external-locking key_buffer= 16M max_allowed_packet= 16M thread_stack= 128K thread_cache_size= 8 max_connections= 100 table_cache= 64 thread_concurrency = 10 query_cache_limit = 1M query_cache_size= 16M expire_logs_days= 10 max_binlog_size = 100M skip-bdb [mysqldump] quick quote-names max_allowed_packet= 16M [mysql] [isamchk] key_buffer= 16M !includedir /etc/mysql/conf.d/ I request you help -- -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised
Re: [Nagios-users] Creating custom service checks
What do you want to monitor about these services? I am monitoring Exchange in two separate ways. First, I am using the check_services_stopped plugin from the NagiosPluginsNT collection. It monitors whatever services are configured with Automatic startup, so it normally would include the Exchange services. The second thing I am doing is use the check_nt_win.exe plugin to get the values of Exchange-related performance counters (this requires NSClient++ to be installed and running). check_nt_win.exe is my own plugin, but it really is simply a Windows port of the check_nt plugin that comes with NSClient++. Kevin Mitnikc wrote: I am looking to monitor the Microsoft Exchange Server services such as: Microsoft Exchange Management C:\Program Files\Exchsrvr\bin\exmgmt.exe These services will be monitored on the exchsrv01 server. How do I go about creating this service to be monitored? All the services I'm currently monitoring have already been predefined for me. Thanks, Kevin M. 2009/6/29 Allan Clark all...@chickenandporn.com mailto:all...@chickenandporn.com Hi Kevin; On Mon, Jun 29, 2009 at 23:14, Kevin Mitnikc teckad...@gmail.com mailto:teckad...@gmail.com wrote: I am looking for some assistance in setting up custom service monitors. I am looking to monitor the Microsoft Exchange services, along with a couple other services. How do I go about setting this up in Nagios. I have browsed over some direction, but I seem to only be finding sections of setting this up. Can somebody please give me some direction and instruction on creating these custom service monitors. Can you go into more detail? Nagios is configured by editing the config files, and running a nagios -v to check them; if you have examples of what you're trying, including the couple other services, we might be able to offer concrete suggestions. ...even if it means you give us a rundown of a part of your network, with IP address replaced to 192.168.x.y IPs and host FQDNs replaced to names such as exch01.example.com http://exch01.example.com/. It might help to get such an initial example setup to get you going. Allan -- all...@chickenandporn.com mailto:all...@chickenandporn.com 金 鱼 http://linkedin.com/in/goldfish please, no proprietary attachments (http://tinyurl.com/cbgq) -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. -- ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null