[Nagios-users-br] Delay em notificação e check

2009-03-25 Thread Alexander Queiroz
Boa noite,
Pessoal gostaria de receber alguma dica para deixar o nagios checando 
instântaneo pois quando um host
cai, demora cerca de 10minutos para atualizar que o host está down e isso vem 
me causando problemas
pois tenho que praticamente monitorar a ferramenta de monitoramento.
Segue abaixo meu arquivo de configuração
nagios.cfg
=
cfg_file=/etc/nagios/hosts.cfg
cfg_file=/etc/nagios/services.cfg
cfg_file=/etc/nagios/misccommands.cfg
cfg_file=/etc/nagios/checkcommands.cfg
cfg_file=/etc/nagios/contactgroups.cfg
cfg_file=/etc/nagios/contacts.cfg
cfg_file=/etc/nagios/hostgroups.cfg
cfg_file=/etc/nagios/servicegroups.cfg
cfg_file=/etc/nagios/timeperiods.cfg
cfg_file=/etc/nagios/escalations.cfg
cfg_file=/etc/nagios/dependencies.cfg
cfg_file=/etc/nagios/hostextinfo.cfg
cfg_file=/etc/nagios/serviceextinfo.cfg
cfg_file=/etc/nagios/meta_commands.cfg
cfg_file=/etc/nagios/meta_contact.cfg
cfg_file=/etc/nagios/meta_contactgroup.cfg
cfg_file=/etc/nagios/meta_dependencies.cfg
cfg_file=/etc/nagios/meta_escalations.cfg
cfg_file=/etc/nagios/meta_host.cfg
cfg_file=/etc/nagios/meta_hostgroup.cfg
cfg_file=/etc/nagios/meta_services.cfg
cfg_file=/etc/nagios/meta_timeperiod.cfg
resource_file=/etc/nagios/resource.cfg
log_file=/var/log/nagios/nagios.log
temp_file=/var/log/nagios/nagios.tmp
status_file=/var/log/nagios/status.dat
aggregate_status_updates=1
status_update_interval=15
nagios_user=nagios
nagios_group=nagios
enable_notifications=1
execute_service_checks=1
accept_passive_service_checks=1
enable_event_handlers=1
log_rotation_method=d
log_archive_path=/var/log/nagios/archives/
check_external_commands=1
command_check_interval=1s
command_file=/var/log/nagios/rw/nagios.cmd
downtime_file=/var/log/nagios/downtime.log
comment_file=/var/log/nagios/comment.log
lock_file=/var/log/nagios/nagios.pid
retain_state_information=1
state_retention_file=/var/log/nagios/status.sav
retention_update_interval=180
use_retained_program_state=1
use_syslog=0
log_notifications=1
log_service_retries=1
log_host_retries=1
log_event_handlers=1
log_initial_states=1
log_external_commands=1
sleep_time=0.1
service_inter_check_delay_method=n
host_inter_check_delay_method=1
service_interleave_factor=s
max_concurrent_checks=0
max_service_check_spread=1
max_host_check_spread=2
service_reaper_frequency=2
interval_length=60
auto_reschedule_checks=1
auto_rescheduling_interval=10
auto_rescheduling_window=15
use_agressive_host_checking=1
enable_flap_detection=0
low_service_flap_threshold=25.0
high_service_flap_threshold=50.0
low_host_flap_threshold=25.0
high_host_flap_threshold=50.0
soft_state_dependencies=0
service_check_timeout=20
host_check_timeout=15
event_handler_timeout=30
notification_timeout=60
ocsp_timeout=1
perfdata_timeout=5
obsess_over_services=1
obsess_over_hosts=1
process_performance_data=1
service_perfdata_command=process-service-perfdata
service_perfdata_file=/var/log/nagios/service-perfdata
check_for_orphaned_services=1
check_service_freshness=1
service_freshness_check_interval=60
check_host_freshness=0
host_freshness_check_interval=60
date_format=us
illegal_object_name_chars=~!$%^*|'?,()=
illegal_macro_output_chars=`~$^|'
admin_email=admin
admin_pager=ad...@localhost
broker_module=/usr/lib/nagios/ndomod.o config_file=/etc/nagios/ndomod.cfg
event_broker_options=-1
=

Um host para monitoramento;
define host{
 host_name   Firewall_01
 aliasFirewall 
 address192.168.70.1
 hostgroups   DATACENTER, Firewalls
 check_command   check_host_alive
 max_check_attempts   1
 check_interval   3
 active_checks_enabled  1
 passive_checks_enabled  0
 check_period   24x7
 contact_groups   Server_Alertas_N1
 notification_interval  0
 notification_period  24x7
 notification_options  d,u,r
 notifications_enabled  1
 stalking_options   o,d,u
}


Grato por qualquer colaboração.
--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
-- 
Nagios-users-br@lists.sourceforge.net mailing list
https://lists.sourceforge.net/lists/listinfo/nagios-users-br
Wiki: http://nagios-br.sf.net/wiki


Re: [Nagios-users-br] Delay em notificação e check

2009-03-25 Thread Jose Oliveira
Olá

Como o seu chack_interval está 3 e o interval_length está 60, o nagios tenta
executar cada verificação de tres em tres minutos...

Veja e nos informe como está a latencia do seu nagios, e o consumo de CPU e
i/o do servidor. Se a latencia estiver alta, é por causa de um destes
dois...

No proprio detalhe do serviço voce pode ver isto, se clicar no serviço e
verificar o campo latency. O ideal é  que 1 segundo...

[]s
Jotagera



2009/3/24 Alexander Queiroz alexander...@terra.com.br

 Boa noite,
 Pessoal gostaria de receber alguma dica para deixar o nagios checando
 instântaneo pois quando um host
 cai, demora cerca de 10minutos para atualizar que o host está down e isso
 vem me causando problemas
 pois tenho que praticamente monitorar a ferramenta de monitoramento.
 Segue abaixo meu arquivo de configuração
 nagios.cfg
 =
 cfg_file=/etc/nagios/hosts.cfg
 cfg_file=/etc/nagios/services.cfg
 cfg_file=/etc/nagios/misccommands.cfg
 cfg_file=/etc/nagios/checkcommands.cfg
 cfg_file=/etc/nagios/contactgroups.cfg
 cfg_file=/etc/nagios/contacts.cfg
 cfg_file=/etc/nagios/hostgroups.cfg
 cfg_file=/etc/nagios/servicegroups.cfg
 cfg_file=/etc/nagios/timeperiods.cfg
 cfg_file=/etc/nagios/escalations.cfg
 cfg_file=/etc/nagios/dependencies.cfg
 cfg_file=/etc/nagios/hostextinfo.cfg
 cfg_file=/etc/nagios/serviceextinfo.cfg
 cfg_file=/etc/nagios/meta_commands.cfg
 cfg_file=/etc/nagios/meta_contact.cfg
 cfg_file=/etc/nagios/meta_contactgroup.cfg
 cfg_file=/etc/nagios/meta_dependencies.cfg
 cfg_file=/etc/nagios/meta_escalations.cfg
 cfg_file=/etc/nagios/meta_host.cfg
 cfg_file=/etc/nagios/meta_hostgroup.cfg
 cfg_file=/etc/nagios/meta_services.cfg
 cfg_file=/etc/nagios/meta_timeperiod.cfg
 resource_file=/etc/nagios/resource.cfg
 log_file=/var/log/nagios/nagios.log
 temp_file=/var/log/nagios/nagios.tmp
 status_file=/var/log/nagios/status.dat
 aggregate_status_updates=1
 status_update_interval=15
 nagios_user=nagios
 nagios_group=nagios
 enable_notifications=1
 execute_service_checks=1
 accept_passive_service_checks=1
 enable_event_handlers=1
 log_rotation_method=d
 log_archive_path=/var/log/nagios/archives/
 check_external_commands=1
 command_check_interval=1s
 command_file=/var/log/nagios/rw/nagios.cmd
 downtime_file=/var/log/nagios/downtime.log
 comment_file=/var/log/nagios/comment.log
 lock_file=/var/log/nagios/nagios.pid
 retain_state_information=1
 state_retention_file=/var/log/nagios/status.sav
 retention_update_interval=180
 use_retained_program_state=1
 use_syslog=0
 log_notifications=1
 log_service_retries=1
 log_host_retries=1
 log_event_handlers=1
 log_initial_states=1
 log_external_commands=1
 sleep_time=0.1
 service_inter_check_delay_method=n
 host_inter_check_delay_method=1
 service_interleave_factor=s
 max_concurrent_checks=0
 max_service_check_spread=1
 max_host_check_spread=2
 service_reaper_frequency=2
 interval_length=60
 auto_reschedule_checks=1
 auto_rescheduling_interval=10
 auto_rescheduling_window=15
 use_agressive_host_checking=1
 enable_flap_detection=0
 low_service_flap_threshold=25.0
 high_service_flap_threshold=50.0
 low_host_flap_threshold=25.0
 high_host_flap_threshold=50.0
 soft_state_dependencies=0
 service_check_timeout=20
 host_check_timeout=15
 event_handler_timeout=30
 notification_timeout=60
 ocsp_timeout=1
 perfdata_timeout=5
 obsess_over_services=1
 obsess_over_hosts=1
 process_performance_data=1
 service_perfdata_command=process-service-perfdata
 service_perfdata_file=/var/log/nagios/service-perfdata
 check_for_orphaned_services=1
 check_service_freshness=1
 service_freshness_check_interval=60
 check_host_freshness=0
 host_freshness_check_interval=60
 date_format=us
 illegal_object_name_chars=~!$%^*|'?,()=
 illegal_macro_output_chars=`~$^|'
 admin_email=admin
 admin_pager=ad...@localhost
 broker_module=/usr/lib/nagios/ndomod.o config_file=/etc/nagios/ndomod.cfg
 event_broker_options=-1
 =

 Um host para monitoramento;
 define host{
  host_name   Firewall_01
  aliasFirewall
  address192.168.70.1
  hostgroups   DATACENTER, Firewalls
  check_command   check_host_alive
  max_check_attempts   1
  check_interval   3
  active_checks_enabled  1
  passive_checks_enabled  0
  check_period   24x7
  contact_groups   Server_Alertas_N1
  notification_interval  0
  notification_period  24x7
  notification_options  d,u,r
  notifications_enabled  1
  stalking_options   o,d,u
 }


 Grato por qualquer colaboração.

 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 --
 Nagios-users-br@lists.sourceforge.net 

[Nagios-users-br] Permissoes de visualizacoes de hosts/services

2009-03-25 Thread Enio Herenio de Alcântara
Pessoal,
 Sou novo por aqui, minha duvida he o seguinte:

  Quero que o usuario x tenha permissoes de visualizar somente o host: y 
e z, no nagios tem alguma maneira de restringir por controle de usuario 
mais explicito, pois
pelo que entendi quando libero no cgi , ou usuario vê todos os host ou 
não ve nenhum??


Obrigado pela colaboração.


Enio

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
-- 
Nagios-users-br@lists.sourceforge.net mailing list
https://lists.sourceforge.net/lists/listinfo/nagios-users-br
Wiki: http://nagios-br.sf.net/wiki


Re: [Nagios-users-br] Permissoes de visualizacoes de hosts/services

2009-03-25 Thread Sergio Gomes Lima
Caro Enio,

Você pode trabalhar com grupos de contados para liberar os hosts!!!

2009/3/25 Enio Herenio de Alcântara enio.alcant...@rezendesistemas.com.br

 Pessoal,
 Sou novo por aqui, minha duvida he o seguinte:

  Quero que o usuario x tenha permissoes de visualizar somente o host: y
 e z, no nagios tem alguma maneira de restringir por controle de usuario
 mais explicito, pois
 pelo que entendi quando libero no cgi , ou usuario vê todos os host ou
 não ve nenhum??


 Obrigado pela colaboração.


 Enio


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 --
 Nagios-users-br@lists.sourceforge.net mailing list
 https://lists.sourceforge.net/lists/listinfo/nagios-users-br
 Wiki: http://nagios-br.sf.net/wiki

--
-- 
Nagios-users-br@lists.sourceforge.net mailing list
https://lists.sourceforge.net/lists/listinfo/nagios-users-br
Wiki: http://nagios-br.sf.net/wiki


Re: [Nagios-users] unable to open nagios web interface

2009-03-25 Thread asam30
may be you missed this,

ScriptAlias /cgi-bin/ /home/nagios/apache2/cgi-bin/

ScriptAlias /nagios/cgi-bin /home/nagios/nagios/sbin
Directory /home/nagios/nagios/sbin
AllowOverride AuthConfig
Options ExecCGI
Order allow,deny
Allow from all
/Directory

Alias /nagios /home/nagios/nagios/share
Directory /home/nagios/nagios/share
AllowOverride AuthConfig
Options None
Order allow,deny
Allow from all
/Directory


please follow all the steps in the installation giude, that will help you.



On Wed, Mar 25, 2009 at 6:06 AM, Patrick Morris patrick.mor...@hp.comwrote:


 On Tue, 24 Mar 2009, Pietto Vasco wrote:

  I have just finished the ubuntu quickstart guide. after starting apache
 and nagios when I go to locahost/nagios-- 404 not found The requested URL
 /nagios was not found on this server
 
  I verified apache and nagios are running but no dice, Verified apache is
 listening
  r...@nagios-vm01:/etc/apache2# sudo netstat -anp |grep '^tcp.*LISTEN'
  tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5063/apache2
  tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 4655/cupsd
  If I type in http:\\localhost is get it works!

 If http://localhost works, why are you trying to go to
 http://localhost/nagios?

 Assuming that second URL should work, it would be helpful to know what
 your Apache configuration looks like, and how Nagios is installed.  It's
 obvious Apache is running, or you wouldn't get a 404 error. What isn't
 so obvious is where you've told it to look for Nagios, and whether
 Nagios is actually installed there.


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when
 reporting any issue.
 ::: Messages without supporting info will risk being sent to /dev/null




-- 
Shankar Asam
--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] check_ping to monitor all IP's of a firewall

2009-03-25 Thread asam30
that worked like a charm!!!

you are correct, I was using -H hostname as a argument..

Thanks!



On Thu, Mar 5, 2009 at 6:44 PM, Kevin Keane subscript...@kkeane.com wrote:

 I can only guess, but it sounds as if all the service checks are still
 using check_ping instead of your new command check_ping_ip. Either that,
 or check_ping_ip is misdefined; make sure that the argument to -H in
 your command is $ARG1$, not the host IP address.

 You may want to turn on logging and check the Nagios log files to see
 what commands are actually being issued.

 asa...@gmail.com wrote:
  Kevin,
 
  I did what you suggested, now I can one hostname and underneath I can
  see services as ping_1, ping_2,. to monitor other ips in the same
  host/device. this looks kool. But I tried to shut down one server that
  relates to the IP ( i added my test server IP here to check), I can
  still see that the host's IP is up and running in Nagios. And when I
  down the actual hostname ie Prod-firewall all the services related to
  that host were down.
 
  It looks the solution you gave me is not working. Any idea?
 
  Thanks
 
 
  On Thu, Mar 5, 2009 at 2:26 PM, Kevin Keane subscript...@kkeane.com
  mailto:subscript...@kkeane.com wrote:
 
  You can do the same thing in services as you did in hosts. First,
  define
  a new check command in commands.cfg:
 
  # 'check_ping_ip' command definition
  define command{
 command_namecheck_ping_ip
 command_line$USER1$/check_ping -H $ARG1$ -w $ARG2$ -c
  $ARG3$
  -p 5
 }
 
  And then add the services you need:
 
  define host {
  host_name Prod-firewall
  use generic-switch
  address xx.xx.xx.40
  hostgroups firewall
  }
 
  define service {
 host_name Prod-firewall
 service_Description Ping_1
 use generic-service
 check_period   24x7
 notification-interval 240
 notification_period 24x7
 check_command check_ping_ip!xx.xx.xx.40!3000.0,80%!5000.0,100%
  }
 
 
  define service {
 host_name Prod-firewall
 service_Description Ping_1
 use generic-service
 check_period   24x7
 notification-interval 240
 notification_period 24x7
 check_command check_ping_ip!xx.xx.xx.41!3000.0,80%!5000.0,100%
  }
 
  and so on
 
  asa...@gmail.com mailto:asa...@gmail.com wrote:
   Hi,
  
   I've a question on how to monitor multiple IP's of a firewall
 device
   using check_ping in Nagios. Example, I have a firewall
  (prod-fireall)
   has 6 ip's associated with it so in host.cfg i should do like this
  
   define host{
 host_name   Prod-firewall-0
 use generic-switch
 address xx.xx.xx.40
 hostgroups  firewall
 }
  
   define host{
 host_name   Prod-firewall-1
 use generic-switch
 address xx.xx.xx.41
 hostgroups  firewall
 }
   define host{
 host_name   Prod-firewall-2
 use generic-switch
 address xx.xx.xx.42
 hostgroups  firewall
 }
   like I need to assign different hostname per each ip address but in
   the nagios interface, this looks a long list of host name that
  we dont
   want to have. Is there any way that I can have a single hostname
   showing in nagios interface and that should monitor all IPs
  associated
   with it?
  
 


 --
 Kevin Keane
 Owner
 The NetTech
 Find the Uncommon: Expert Solutions for a Network You Never Have to Think
 About

 Office: 866-642-7116
 http://www.4nettech.com

 This e-mail and attachments, if any, may contain confidential and/or
 proprietary information. Please be advised that the unauthorized use or
 disclosure of the information is strictly prohibited. The information herein
 is intended only for use by the intended recipient(s) named above. If you
 have received this transmission in error, please notify the sender
 immediately and permanently delete the e-mail and any copies, printouts or
 attachments thereof.



 --
 Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco,
 CA
 -OSBC tackles the biggest issue in open source: Open Sourcing the
 Enterprise
 -Strategies to boost innovation and cut costs with open source
 participation
 -Receive a $600 discount off the registration fee with the source code:
 SFAD
 http://p.sf.net/sfu/XcvMzF8H
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include 

[Nagios-users] Max concurrent service checks

2009-03-25 Thread Gian Paolo Buono
Hi,

from nagios.log I receive this message ?

[1237973726] Max concurrent service checks (400) has been reached.  Delaying
further checks until previous checks are complete...
[1237973726] Max concurrent service checks (400) has been reached.  Delaying
further checks until previous checks are complete...
[1237973726] Max concurrent service checks (400) has been reached.  Delaying
further checks until previous checks are complete...

any idea ? I is this a problem?

By thanks...
--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] Opsview

2009-03-25 Thread Duncan Ferguson
On 23 Mar 2009, at 11:51, Layne Meier wrote:I've never installed Nagios before. I was asked to take over an existing installation. I'm going to install the latest version of Nagios on a clean CentOS build. We've never used Opsview before, but I looked into it and like the idea of using Opsview to configure all of the hosts, hostgroups, contacts, contactgroups, etc via a web browser.There isn't very detailed installation instructions on the Opsview website. Is it very difficult to install Opsview and integrate it into Nagios? You would probably be best asking for users opinions on the opsview-users mailing list; please seehttp://www.opsview.org/mailinglists for more details.The installation documentation is onhttp://docs.opsview.org/ and we are actively updating and improving it - we welcome comments on how to improve it and we have granted some community users access to make changes too. We are striving to make it as easy as possible to install and use Opsview on those platforms we support, but again we welcome comments on how to make improvements.I would be happy to answer any more questions about Opsview on the mailing lists there.ThanksDuncs--Duncan FergusonSenior DeveloperOpsera Limited | Unit 69 Suttons Business ParkReading | Berkshire | RG6 1AZ | UKPhone:+44 (0) 845 057 7887Mobile:+44 (0) 7968 148 748Skype: duncan_j_fergusonEmail:duncan.fergu...@opsera.comwww.opsera.comOpsera Limited is registered in theUKunder Company Number 5396532. Our registered office is Gorse View, Horsell Rise, Woking,Surrey,GU21 4RB. --
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] unable to open nagios web interface

2009-03-25 Thread Ken Netzorg
You can also try going to http://localhost/nagios/index.html to verify your
directory index directive is being carried through properly within the
Apachy configuration. I ran into an issue recently when switching to SSL, I
could no longer browse directly to Nagios and had to add the DirectoryIndex
directive to the default configuration. I am running Apache 2.0.
If you can get there using the full URL, add the line: DirectoryIndex
index.html to your /usr/local/nagios/share directory and that should clear
that issue up.
Ken

On Wed, Mar 25, 2009 at 4:03 AM, asa...@gmail.com wrote:

 may be you missed this,

 ScriptAlias /cgi-bin/ /home/nagios/apache2/cgi-bin/

 ScriptAlias /nagios/cgi-bin /home/nagios/nagios/sbin
 Directory /home/nagios/nagios/sbin
 AllowOverride AuthConfig
 Options ExecCGI
 Order allow,deny
 Allow from all
 /Directory

 Alias /nagios /home/nagios/nagios/share
 Directory /home/nagios/nagios/share
 AllowOverride AuthConfig
 Options None
 Order allow,deny
 Allow from all
 /Directory


 please follow all the steps in the installation giude, that will help you.




 On Wed, Mar 25, 2009 at 6:06 AM, Patrick Morris patrick.mor...@hp.comwrote:


 On Tue, 24 Mar 2009, Pietto Vasco wrote:

  I have just finished the ubuntu quickstart guide. after starting apache
 and nagios when I go to locahost/nagios-- 404 not found The requested URL
 /nagios was not found on this server
 
  I verified apache and nagios are running but no dice, Verified apache is
 listening
  r...@nagios-vm01:/etc/apache2# sudo netstat -anp |grep '^tcp.*LISTEN'
  tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5063/apache2
  tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 4655/cupsd
  If I type in http:\\localhost is get it works!

 If http://localhost works, why are you trying to go to
 http://localhost/nagios?

 Assuming that second URL should work, it would be helpful to know what
 your Apache configuration looks like, and how Nagios is installed.  It's
 obvious Apache is running, or you wouldn't get a 404 error. What isn't
 so obvious is where you've told it to look for Nagios, and whether
 Nagios is actually installed there.


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when
 reporting any issue.
 ::: Messages without supporting info will risk being sent to /dev/null




 --
 Shankar Asam


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when
 reporting any issue.
 ::: Messages without supporting info will risk being sent to /dev/null

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

[Nagios-users] Antwort: Max concurrent service checks

2009-03-25 Thread Sascha . Runschke
Gian Paolo Buono gpbu...@gmail.com schrieb am 25.03.2009 10:39:20:

 from nagios.log I receive this message ? 
 
 [1237973726] Max concurrent service checks (400) has been reached.  
 Delaying further checks until previous checks are complete...
 [1237973726] Max concurrent service checks (400) has been reached.  
 Delaying further checks until previous checks are complete...
 [1237973726] Max concurrent service checks (400) has been reached.  
 Delaying further checks until previous checks are complete...
 
 any idea ? I is this a problem? 

Well, that's up to you to decide.
You obviously told nagios to run no more then 400 checks at a time.
Nagios now reached that limit and delays further checks, so no more
then 400 processes are forked.

I don't know why you set that limit, do you? ;)

Take a look at the nagios.cfg and the max_concurrent_checks setting.

Regards
Sascha

-- 
Sascha Runschke
IT-Infrastruktur

fon  : +49 (201) / 102-1879
fax  : +49 (201) / 102-1102105
mobil : +49 (173) / 5419665



GFKL Financial Services AG
Vorstand: Dr. Peter Jänsch (Vors.), Jürgen Baltes, Dr. Tom Haverkamp
Vorsitzender des Aufsichtsrats: Dr. Georg F. Thoma
Sitz: Limbecker Platz 1, 45127 Essen, Amtsgericht Essen, HRB 13522

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Idriss ARABBAJ
Hi Kevin,

I carefully read your speech about this subject and I found you a lot
of insist on security  offering by  ssh, but  you can also configure
nrpe to work with ssl so I think we will have no difference at this
level, then what do you think?
best regards

2009/3/25 Kevin Keane subscript...@kkeane.com:
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.

 Christopher McAtackney wrote:
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris



 --
 Kevin Keane
 Owner
 The NetTech
 Find the Uncommon: Expert Solutions for a Network You Never Have to Think 
 About

 Office: 866-642-7116
 http://www.4nettech.com

 This e-mail and attachments, if any, may contain confidential and/or 
 proprietary information. Please be advised that the unauthorized use or 
 disclosure of the information is strictly prohibited. The information herein 
 is intended only for use by the intended recipient(s) named above. If you 
 have received this transmission in error, please notify the sender 
 immediately and permanently delete the e-mail and any copies, printouts or 
 attachments thereof.


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue.
 ::: Messages without supporting info will risk being sent to /dev/null




-- 
Cordialement,
Idriss ARABBAJ

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] Max concurrent service checks

2009-03-25 Thread Ricardo Maraschini



- Gian Paolo Buono gpbu...@gmail.com escreveu:
 from nagios.log I receive this message ?
 
 [1237973726] Max concurrent service checks (400) has been reached.
 Delaying further checks until previous checks are complete...
[...]
 any idea ? I is this a problem?

Search by max_concurrent_checks on
http://nagios.sourceforge.net/docs/3_0/configmain.html

-rm

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Ciro Iriarte
2009/3/25 Idriss ARABBAJ arab...@gmail.com:
 Hi Kevin,

 I carefully read your speech about this subject and I found you a lot
 of insist on security  offering by  ssh, but  you can also configure
 nrpe to work with ssl so I think we will have no difference at this
 level, then what do you think?
 best regards



 --
 Cordialement,
 Idriss ARABBAJ


Don't top-post We have seen performance issues (in the key
exchange phase mostly) using check_by_ssh with about 300 checks on a
single host. NRPE using SSL has less overhead.

Running a plugin using SSH took 7.5 to 10 seconds (various tests) and
running the same with NRPE took 0.148 seconds at most. The target
server is a big SPARC with 3 CPUs dual-core, dual-strand and 24GB, so
is not a hardware issue

Regards,

-- 
Ciro Iriarte
http://cyruspy.wordpress.com
--

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] pnp4nagios or nagiosgraph?

2009-03-25 Thread Sergio Ariel
Answering to myself:

pnp4nagios is better than nagiosgraph (sorry me nagiosgraph's 
developers). I recommend anyone to use pnp4nagios.

--
Sergio Ariel de la Campa Saiz
Administrador Red UH


Sergio Ariel wrote:
 I wanna to graph plugin output. What do I should install?

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


[Nagios-users] nagios manual actions

2009-03-25 Thread gianfranco . cianchetti
Hello,

I know that Nagios is able to issue actions through the use of Event Handlers.

Is it possible to also manually issue an action (ex. launching a script)?

I mean, can an operator decide to launch a script via the nagios interface?

Many thanks

Gianfranco Cianchetti
mailto:gianfranco.cianche...@softsolutions.it

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] nagios manual actions

2009-03-25 Thread Assaf Flatto
Hello 

going over the external command list i didn't see any command that prefromes in 
the way you want.

http://www.nagios.org/developerinfo/externalcommands/commandlist.php

you can manually activate a service check - that my trigger an event handler or 
check on the target 
machine .


Assaf




On Wednesday 25 March 2009 14:51:10 gianfranco.cianche...@softsolutions.it 
wrote:
 Hello,

 I know that Nagios is able to issue actions through the use of Event
 Handlers.

 Is it possible to also manually issue an action (ex. launching a script)?

 I mean, can an operator decide to launch a script via the nagios interface?

 Many thanks

 Gianfranco Cianchetti
 mailto:gianfranco.cianche...@softsolutions.it

 ---
--- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users

 ::: Please include Nagios version, plugin version (-v) and OS when
 ::: reporting any issue. Messages without supporting info will risk being
 ::: sent to /dev/null



-- 
Assaf Flatto
SSP Ops Team
Linux System Administrator
169 Euston Road, London, NW1 2AE





IMPORTANT . this email and the information in it may be confidential, legally
privileged and/or protected by law. It is intended solely for the use of the
person to whom it is addressed. If you are not the intended recipient, please
notify the sender immediately and do not disclose the contents to any other
person, use it for any purpose, or store or copy the information in any medium.
Please also delete all copies of this email and any attachments from your
system.

We cannot guarantee the security or confidentiality of email communications. We
do not accept any liability for losses or damages that you may suffer as a
result of your receipt of this email including but not limited to computer
service or system failure, access delays or interruption, data non-delivery or
mis-delivery, computer viruses or other harmful components.

Copyright in this email and any attachments belong to Select Service Partner UK
Limited. Should you communicate with anyone at Select Service Partner UK 
Limited by
email, you consent to us monitoring and reading any such correspondence.

Nothing in this email shall be taken or read as suggesting, proposing or
relating to any agreement concerted practice or other practice that could
infringe UK or EC competition legislation.

Select Service Partner UK Limited is a company registered in England and Wales
(company number 05687183) whose registered office is at 1 The Heights, 
Brooklands, Weybridge. Surrey. KT13 0NY
 
 

--
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] nagios manual actions

2009-03-25 Thread gianfranco . cianchetti
Is there any plugin that allows such a functionality?

Is it possible to use NRPE?

Thanks

From: Assaf Flatto assaf.fla...@ss... - 2009-03-25 15:30
Hello

going over the external command list i didn't see any command that prefromes in 
the way you want.

http://www.nagios.org/developerinfo/externalcommands/commandlist.php

you can manually activate a service check - that my trigger an event handler or 
check on the target
machine .


Assaf




On Wednesday 25 March 2009 14:51:10 gianfranco.cianche...@so... wrote:
 Hello,

 I know that Nagios is able to issue actions through the use of Event
 Handlers.

 Is it possible to also manually issue an action (ex. launching a script)?

 I mean, can an operator decide to launch a script via the nagios interface?

 Many thanks

 Gianfranco Cianchetti
 mailto:gianfranco.cianche...@so...

 ---
--- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 nagios-us...@li...
 https://lists.sourceforge.net/lists/listinfo/nagios-users

 ::: Please include Nagios version, plugin version (-v) and OS when
 ::: reporting any issue. Messages without supporting info will risk being
 ::: sent to /dev/null



-- 
Assaf Flatto
SSP Ops Team
Linux System Administrator
169 Euston Road, London, NW1 2AE





IMPORTANT . this email and the information in it may be confidential, legally
privileged and/or protected by law. It is intended solely for the use of the
person to whom it is addressed. If you are not the intended recipient, please
notify the sender immediately and do not disclose the contents to any other
person, use it for any purpose, or store or copy the information in any medium.
Please also delete all copies of this email and any attachments from your
system.

We cannot guarantee the security or confidentiality of email communications. We
do not accept any liability for losses or damages that you may suffer as a
result of your receipt of this email including but not limited to computer
service or system failure, access delays or interruption, data non-delivery or
mis-delivery, computer viruses or other harmful components.

Copyright in this email and any attachments belong to Select Service Partner UK
Limited. Should you communicate with anyone at Select Service Partner UK 
Limited by
email, you consent to us monitoring and reading any such correspondence.

Nothing in this email shall be taken or read as suggesting, proposing or
relating to any agreement concerted practice or other practice that could
infringe UK or EC competition legislation.

Select Service Partner UK Limited is a company registered in England and Wales
(company number 05687183) whose registered office is at 1 The Heights, 
Brooklands, Weybridge. Surrey. KT13 0NY 

**
Gianfranco Cianchetti
Technical support
mailto:gianfranco.cianche...@softsolutions.it

SoftSolutions!
Via San Francesco d'Assisi, 3b 24121 Bergamo (BG) Italia
Tel: +39 035 22714 44
Mobile: +39 348 522 3702
Fax: +39 035 22714 99
http://www.softsolutions.it
**
This document is strictly confidential and is intended for use by the
addressee unless otherwise indicated. If you have received this e-mail in
error we would be very grateful if you could please notify us immediately
at mailto:i...@softsolutions.it and delete this e-mail from your system.

SoftSolutions! reserves the right to monitor all e-mail communications
through its internal and external networks.

SoftSolutions! s.r.l.
**

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] Monitoring using MIBs

2009-03-25 Thread The Noob
Hello Marc,
Thanks for your answer. In fact I find a solution.
My Syslog-NG server which receives all Bluecoat messages send a SNMP TRAP
when it detects a status changes in the failover with Regex.
FInally, Nagios create an alarm in my TRAP service for my bluecoat.
Best regards
TheNoob

2009/3/20 Marc Powell m...@ena.com


 On Mar 19, 2009, at 5:33 PM, The Noob wrote:

  Hello,
 
  Someone knows how to check Failover Status On bluecoat ?
  In fact Bluecoat send a syslog when it changes states Master to
  backup but it does not send any snmp trap.
  SO I search an OID to pool the failover status .
  Can you help me ?

 I've done a quick search through the SGOS4 mibs and I can't find that
 they expose that status through SNMP. I've found it to be pretty
 normal that they don't expose many BlueCoat specific things...

 If you're sysloging to a remote host, you could use one of the
 check_log* plugins to monitor that log file for the alert...

 --
 Marc



 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when
 reporting any issue.
 ::: Messages without supporting info will risk being sent to /dev/null

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] nagios manual actions

2009-03-25 Thread Assaf Flatto
Yes 

nrpe will alow you to execute remote commands.

if the service execution you define is refering a command executed via nrpe on 
a remote server , you 
should get the same response as if nagios exeuted the service normaly.

Assaf

On Wednesday 25 March 2009 16:07:31 gianfranco.cianche...@softsolutions.it 
wrote:
 Is there any plugin that allows such a functionality?

 Is it possible to use NRPE?

 Thanks

 From: Assaf Flatto assaf.fla...@ss... - 2009-03-25 15:30
 Hello

 going over the external command list i didn't see any command that
 prefromes in the way you want.

 http://www.nagios.org/developerinfo/externalcommands/commandlist.php

 you can manually activate a service check - that my trigger an event
 handler or check on the target machine .


 Assaf

 On Wednesday 25 March 2009 14:51:10 gianfranco.cianche...@so... wrote:
  Hello,
 
  I know that Nagios is able to issue actions through the use of Event
  Handlers.
 
  Is it possible to also manually issue an action (ex. launching a script)?
 
  I mean, can an operator decide to launch a script via the nagios
  interface?
 
  Many thanks
 
  Gianfranco Cianchetti
  mailto:gianfranco.cianche...@so...
 
  -
 -- --- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM)
  are powering Web 2.0 with engaging, cross-platform capabilities. Quickly
  and easily build your RIAs with Flex Builder, the Eclipse(TM)based
  development software that enables intelligent coding and step-through
  debugging. Download the free 60 day trial.
  http://p.sf.net/sfu/www-adobe-com
  ___
  Nagios-users mailing list
  nagios-us...@li...
  https://lists.sourceforge.net/lists/listinfo/nagios-users
 
  ::: Please include Nagios version, plugin version (-v) and OS when
  ::: reporting any issue. Messages without supporting info will risk being
  ::: sent to /dev/null



-- 
Assaf Flatto
SSP Ops Team
Linux System Administrator
169 Euston Road, London, NW1 2AE





IMPORTANT . this email and the information in it may be confidential, legally
privileged and/or protected by law. It is intended solely for the use of the
person to whom it is addressed. If you are not the intended recipient, please
notify the sender immediately and do not disclose the contents to any other
person, use it for any purpose, or store or copy the information in any medium.
Please also delete all copies of this email and any attachments from your
system.

We cannot guarantee the security or confidentiality of email communications. We
do not accept any liability for losses or damages that you may suffer as a
result of your receipt of this email including but not limited to computer
service or system failure, access delays or interruption, data non-delivery or
mis-delivery, computer viruses or other harmful components.

Copyright in this email and any attachments belong to Select Service Partner UK
Limited. Should you communicate with anyone at Select Service Partner UK 
Limited by
email, you consent to us monitoring and reading any such correspondence.

Nothing in this email shall be taken or read as suggesting, proposing or
relating to any agreement concerted practice or other practice that could
infringe UK or EC competition legislation.

Select Service Partner UK Limited is a company registered in England and Wales
(company number 05687183) whose registered office is at 1 The Heights, 
Brooklands, Weybridge. Surrey. KT13 0NY
 
 

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] Auto-Discovery

2009-03-25 Thread Christopher McAtackney
2009/3/24 Russell Adams rlad...@adamsinfoserv.com:
 NACE is a toolkit that you can use to build your own configuration. It
 was creating during the Nagios 2.x days, if you have any problems let
 me know.

 Once queries were created, it was incredibly low maintenance.

 Thanks.

Hi Russell,

I haven't attempted to use NACE yet, but can you think of any
potential problems that I might run into using it with Nagios 3.x ?
This is the version that I have to work with, so it'd be quite handy
if NACE was compatible with it.

Cheers,
Chris

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] nagios manual actions

2009-03-25 Thread Giorgio Zarrelli
Hi,

create a check which will fail for sure and comment it in nagios.cfg.

Create an event handler, then when you need just enable the check in the cfg
and restart nagios.

That's all.

Giorgio

gianfranco.cianche...@softsolutions.it scritto:

 Is there any plugin that allows such a functionality?

 Is it possible to use NRPE?

 Thanks

 From: Assaf Flatto assaf.fla...@ss... - 2009-03-25 15:30
 Hello

 going over the external command list i didn't see any command that prefromes 
 in the way
 you want.

 http://www.nagios.org/developerinfo/externalcommands/commandlist.php

 you can manually activate a service check - that my trigger an event handler 
 or check on
 the target
 machine .


 Assaf




 On Wednesday 25 March 2009 14:51:10 gianfranco.cianche...@so... wrote:
  Hello,
 
  I know that Nagios is able to issue actions through the use of Event
  Handlers.
 
  Is it possible to also manually issue an action (ex. launching a script)?
 
  I mean, can an operator decide to launch a script via the nagios interface?
 
  Many thanks
 
  Gianfranco Cianchetti
  mailto:gianfranco.cianche...@so...
 
  ---
 --- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
  powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
  easily build your RIAs with Flex Builder, the Eclipse(TM)based development
  software that enables intelligent coding and step-through debugging.
  Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
  ___
  Nagios-users mailing list
  nagios-us...@li...
  https://lists.sourceforge.net/lists/listinfo/nagios-users
 
  ::: Please include Nagios version, plugin version (-v) and OS when
  ::: reporting any issue. Messages without supporting info will risk being
  ::: sent to /dev/null



 --
 Assaf Flatto
 SSP Ops Team
 Linux System Administrator
 169 Euston Road, London, NW1 2AE





 IMPORTANT . this email and the information in it may be confidential, legally
 privileged and/or protected by law. It is intended solely for the use of the
 person to whom it is addressed. If you are not the intended recipient, please
 notify the sender immediately and do not disclose the contents to any other
 person, use it for any purpose, or store or copy the information in any 
 medium.
 Please also delete all copies of this email and any attachments from your
 system.

 We cannot guarantee the security or confidentiality of email communications. 
 We
 do not accept any liability for losses or damages that you may suffer as a
 result of your receipt of this email including but not limited to computer
 service or system failure, access delays or interruption, data non-delivery or
 mis-delivery, computer viruses or other harmful components.

 Copyright in this email and any attachments belong to Select Service Partner 
 UK
 Limited. Should you communicate with anyone at Select Service Partner UK 
 Limited by
 email, you consent to us monitoring and reading any such correspondence.

 Nothing in this email shall be taken or read as suggesting, proposing or
 relating to any agreement concerted practice or other practice that could
 infringe UK or EC competition legislation.

 Select Service Partner UK Limited is a company registered in England and Wales
 (company number 05687183) whose registered office is at 1 The Heights, 
 Brooklands,
 Weybridge. Surrey. KT13 0NY

 **
 Gianfranco Cianchetti
 Technical support
 mailto:gianfranco.cianche...@softsolutions.it

 SoftSolutions!
 Via San Francesco d'Assisi, 3b 24121 Bergamo (BG) Italia
 Tel: +39 035 22714 44
 Mobile: +39 348 522 3702
 Fax: +39 035 22714 99
 http://www.softsolutions.it
 **
 This document is strictly confidential and is intended for use by the
 addressee unless otherwise indicated. If you have received this e-mail in
 error we would be very grateful if you could please notify us immediately
 at mailto:i...@softsolutions.it and delete this e-mail from your system.

 SoftSolutions! reserves the right to monitor all e-mail communications
 through its internal and external networks.

 SoftSolutions! s.r.l.
 **

 --
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue.
 ::: Messages without supporting info will risk being sent to /dev/null



--
___
Nagios-users mailing list

Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Kevin Keane
Hi Idriss,

What I think? I think I learned something new! Thanks for telling me 
about the NRPE-with-SSL option; I was not aware of that.

That said, I suspect that the overhead for SSL and SSH will be very 
similar, because under the hood they use quite similar algorithms. I 
want to say, they actually use the same, but I'm not sure if that is 
true. At least the way the connections are established are the same.

Regards,

Kevin

Idriss ARABBAJ wrote:
 Hi Kevin,

 I carefully read your speech about this subject and I found you a lot
 of insist on security  offering by  ssh, but  you can also configure
 nrpe to work with ssl so I think we will have no difference at this
 level, then what do you think?
 best regards

 2009/3/25 Kevin Keane subscript...@kkeane.com:
   
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.

 Christopher McAtackney wrote:
 
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris

   
 --
 Kevin Keane
 Owner
 The NetTech
 Find the Uncommon: Expert Solutions for a Network You Never Have to Think 
 About

 Office: 866-642-7116
 http://www.4nettech.com

 This e-mail and attachments, if any, may contain confidential and/or 
 proprietary information. Please be advised that the unauthorized use or 
 disclosure of the information is strictly prohibited. The information herein 
 is intended only for use by the intended recipient(s) named above. If you 
 have received this transmission in error, please notify the sender 
 immediately and permanently delete the e-mail and any copies, printouts or 
 attachments thereof.


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue.
 ::: Messages without supporting info will risk being sent to /dev/null

 



   


-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently 

Re: [Nagios-users] check_ntp_peer unreliable on macs

2009-03-25 Thread Peter Doherty
On Mar 13, 2009, at 5:25 PM, Keith Erekson wrote:

 I found this in my mailing list archives, while looking for  
 information about check_ntp_peer. As far as I can tell, nobody ever  
 answered you...

 I was just looking into this exact problem. If you check the verbose  
 output, you will probably see something like this:

 0 candiate peers available
 warning: no synchronization source found
 warning: LI_ALARM bit is set

 I do get valid output from ntpq -p hostname, however.

 Apparently, the problems with OS X's NTP are well-known and  
 documented. For example,

 http://knol.google.com/k/dirk-h-schulz/time-synchronization-ntp-on-mac-os-x/2bcee0ik2900p/18#
 http://support.ntp.org/bin/view/Support/KnownOsIssues#Section_9.2.5

 As a way around this, I thought I would just use check_ntp_time, to  
 compare the xserve's clock against that of the nagios box. However,  
 no luck there either:

 sending request to peer 0
 response from peer 0: offset -0.9300264975
 sending request to peer 0
 response from peer 0: offset -0.9299369976
 sending request to peer 0
 response from peer 0: offset -0.9299154976
 sending request to peer 0
 response from peer 0: offset -0.9298709977
 discarding peer 0: stratum=0
 overall average offset: 0
 NTP CRITICAL: Offset unknown|


 It seems that OS X is responding as a stratum 0 server, which is a  
 no-no.

 Also, while fiddling with check_ntp_peer, I noticed that it doesn't  
 seem to accept a port (-p or --port), as the help output suggests it  
 should be able to. Am I crazy?

 -Keith


Yeah, after a little more diagnostic work I eventually concluded that  
it was just OS X's implementation of NTP that is just broke.  It seems  
to be in sync for a while, then it just forgets it for a while, and  
eventually, maybe it'll sync up again.

Maybe they'll fix that for 10.6 this year.

--Peter


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Michael Medin
Sorry to barge in (without reading the thread but...)

Security wise NRPE lacks any form of authentication which is something 
SSH has so in this regard SSH is the more secure one...


// Michael Medin

Idriss ARABBAJ skrev:
 Hi Kevin,

 I carefully read your speech about this subject and I found you a lot
 of insist on security  offering by  ssh, but  you can also configure
 nrpe to work with ssl so I think we will have no difference at this
 level, then what do you think?
 best regards

 2009/3/25 Kevin Keane subscript...@kkeane.com:
   
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.

 Christopher McAtackney wrote:
 
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris

   
 --
 Kevin Keane
 Owner
 The NetTech
 Find the Uncommon: Expert Solutions for a Network You Never Have to Think 
 About

 Office: 866-642-7116
 http://www.4nettech.com

 This e-mail and attachments, if any, may contain confidential and/or 
 proprietary information. Please be advised that the unauthorized use or 
 disclosure of the information is strictly prohibited. The information herein 
 is intended only for use by the intended recipient(s) named above. If you 
 have received this transmission in error, please notify the sender 
 immediately and permanently delete the e-mail and any copies, printouts or 
 attachments thereof.


 --
 Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
 powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
 easily build your RIAs with Flex Builder, the Eclipse(TM)based development
 software that enables intelligent coding and step-through debugging.
 Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue.
 ::: Messages without supporting info will risk being sent to /dev/null

 



   

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


[Nagios-users] check_icmp/ping works but native ping fails

2009-03-25 Thread Richard Aseltine

Looks like I need an education here.

check_icmp and check_ping can check a particular device but native ping fails. 
Any help with understanding this would be great..

Thanks

Dick

_
Internet Explorer 8 – Now Available. Faster, safer, easier.
http://clk.atdmt.com/MRT/go/141323790/direct/01/--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] check_ntp_peer unreliable on macs

2009-03-25 Thread Andrew Davis
I encountered this too. My solution was a script in /usr/local/scripts 
called by cron that stops the NTP daemon, runs ntpdate local_server 
twice, then restarts the NTP daemon. This runs in cron every 2 hours and 
seems to keep things in sync...


 A. Davis
 Email: ncc...@gmail.com

 There is no limit to what a man can accomplish
  if he doesn't care who gets the credit. - Ronald Reagan



Peter Doherty wrote:

On Mar 13, 2009, at 5:25 PM, Keith Erekson wrote:

  
I found this in my mailing list archives, while looking for  
information about check_ntp_peer. As far as I can tell, nobody ever  
answered you...


I was just looking into this exact problem. If you check the verbose  
output, you will probably see something like this:


0 candiate peers available
warning: no synchronization source found
warning: LI_ALARM bit is set

I do get valid output from ntpq -p hostname, however.

Apparently, the problems with OS X's NTP are well-known and  
documented. For example,


http://knol.google.com/k/dirk-h-schulz/time-synchronization-ntp-on-mac-os-x/2bcee0ik2900p/18#
http://support.ntp.org/bin/view/Support/KnownOsIssues#Section_9.2.5

As a way around this, I thought I would just use check_ntp_time, to  
compare the xserve's clock against that of the nagios box. However,  
no luck there either:


sending request to peer 0
response from peer 0: offset -0.9300264975
sending request to peer 0
response from peer 0: offset -0.9299369976
sending request to peer 0
response from peer 0: offset -0.9299154976
sending request to peer 0
response from peer 0: offset -0.9298709977
discarding peer 0: stratum=0
overall average offset: 0
NTP CRITICAL: Offset unknown|


It seems that OS X is responding as a stratum 0 server, which is a  
no-no.


Also, while fiddling with check_ntp_peer, I noticed that it doesn't  
seem to accept a port (-p or --port), as the help output suggests it  
should be able to. Am I crazy?


-Keith




Yeah, after a little more diagnostic work I eventually concluded that  
it was just OS X's implementation of NTP that is just broke.  It seems  
to be in sync for a while, then it just forgets it for a while, and  
eventually, maybe it'll sync up again.


Maybe they'll fix that for 10.6 this year.

--Peter


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
  
--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Kevin Keane
Wouldn't the SSL certificates provide authentication comparable to SSH 
keys? I'm not familiar with how NRPE uses SSL, but I would assume that 
you could also use client certificates?

Michael Medin wrote:
 Sorry to barge in (without reading the thread but...)

 Security wise NRPE lacks any form of authentication which is something 
 SSH has so in this regard SSH is the more secure one...


 // Michael Medin

 Idriss ARABBAJ skrev:
   
 Hi Kevin,

 I carefully read your speech about this subject and I found you a lot
 of insist on security  offering by  ssh, but  you can also configure
 nrpe to work with ssl so I think we will have no difference at this
 level, then what do you think?
 best regards

 2009/3/25 Kevin Keane subscript...@kkeane.com:
   
 
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.

 Christopher McAtackney wrote:
 
   
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris
 

-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently delete the e-mail and any copies, printouts or attachments thereof.


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] check_icmp/ping works but native ping fails

2009-03-25 Thread Kevin Keane
What does fails mean in this context? Timeout? No route to host? Does 
this happen for all hosts, or just for one host? Does it happen for 
local hosts on your own subnet as well as for remote hosts behind a router?

Richard Aseltine wrote:
 Looks like I need an education here.

 check_icmp and check_ping can check a particular device but native 
 ping fails. Any help with understanding this would be great..

 Thanks

 Dick

 
 Internet Explorer 8 – Now Available. Faster, safer, easier. Download 
 FREE now! http://clk.atdmt.com/MRT/go/141323790/direct/01/
 

 --
   
 

 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue. 
 ::: Messages without supporting info will risk being sent to /dev/null


-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently delete the e-mail and any copies, printouts or attachments thereof.


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Christopher McAtackney
2009/3/25 Kevin Keane subscript...@kkeane.com:
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.

Firstly, thanks for the detailed explanation of the issues involved in
this choice Kevin, it's been very helpful.

I'm curious though, could you elaborate on why NRPE is unsuitable if
communication with my remote hosts is going to go via the Internet? Is
it not sufficient that NRPE uses SSL? This may be more of a network
security question than a Nagios one, but I've no real experience in
either area unfortunately, so I appreciate any info you can give here.

Cheers,
Chris

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Michael Medin
Kevin Keane skrev:
 Wouldn't the SSL certificates provide authentication comparable to SSH 
 keys? I'm not familiar with how NRPE uses SSL, but I would assume that 
 you could also use client certificates?
   
I am no expert but AFAIK it merely encrypts the traffic ie, no 
certificates at all. If someone knows hoe to use certificates please 
feel free to let me know so I can add it to NSClient++ but what I have 
seen it is not possible...

// Michael Medin
 Michael Medin wrote:
   
 Sorry to barge in (without reading the thread but...)

 Security wise NRPE lacks any form of authentication which is something 
 SSH has so in this regard SSH is the more secure one...


 // Michael Medin

 Idriss ARABBAJ skrev:
   
 
 Hi Kevin,

 I carefully read your speech about this subject and I found you a lot
 of insist on security  offering by  ssh, but  you can also configure
 nrpe to work with ssl so I think we will have no difference at this
 level, then what do you think?
 best regards

 2009/3/25 Kevin Keane subscript...@kkeane.com:
   
 
   
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.

 Christopher McAtackney wrote:
 
   
 
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris
 
   

   

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] Auto-Discovery

2009-03-25 Thread Russell Adams
It doesn't appear to me that the configuration syntax has changed
significantly, but I haven't used 3.x yet.

NACE updates your templates, so the syntax shouldn't matter much. If
you write Nagios 3.x configs, and let NACE reuse them with variable
replacement, there shouldn't be a problem.

Thanks.



On Wed, Mar 25, 2009 at 04:52:31PM +, Christopher McAtackney wrote:
 2009/3/24 Russell Adams rlad...@adamsinfoserv.com:
  NACE is a toolkit that you can use to build your own configuration. It
  was creating during the Nagios 2.x days, if you have any problems let
  me know.
 
  Once queries were created, it was incredibly low maintenance.
 
  Thanks.
 
 Hi Russell,
 
 I haven't attempted to use NACE yet, but can you think of any
 potential problems that I might run into using it with Nagios 3.x ?
 This is the version that I have to work with, so it'd be quite handy
 if NACE was compatible with it.
 
 Cheers,
 Chris
 
 --
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue. 
 ::: Messages without supporting info will risk being sent to /dev/null
 


--
Russell Adamsrlad...@adamsinfoserv.com

PGP Key ID: 0x1160DCB3   http://www.adamsinfoserv.com/

Fingerprint:1723 D8CA 4280 1EC9 557F  66E8 1154 E018 1160 DCB3

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Kevin Keane
Christopher McAtackney wrote:
 2009/3/25 Kevin Keane subscript...@kkeane.com:
   
 I think you are comparing apples and oranges here, because in most
 situations that I can think of, the decision is dictated by the network
 topology. If you are exclusively on a trusted private network,
 check_by_ssh really doesn't offer any benefits. Conversely, if your
 topology involves the Internet or some other untrusted network (WiFi),
 then you wouldn't want NRPE in the first place.

 The only exception to the above that I can think of is when it comes to
 deciding between using check_by_ssh over an untrusted network, vs. NRPE
 through some other kind of tunnel or VPN. But in that case, you'd incur
 encryption overhead either way, and the comparison is very different
 from the question you asked.

 All that said: I don't have any first-hand experience, but I suspect
 that the impact of establishing 2200 ssh connections in a five-minute
 span (assuming that you are using a five-minute check interval) is
 pretty substantial. The main impact actually lies in establishing and
 tearing down the connections, key negotiations etc.; the encryption
 during the data phase probably has only limited impact because most
 checks only transmit a few bytes back and forth.

 SSH does much better with longer-duration connections when the keys are
 already exchanged. This is even more true if you have a router-based
 VPN, because in that case the overhead is offloaded to a different machine.

 So if you have the option of sending the checks as NRPE through one or a
 few long-term VPNs: you are probably going to be better off. Of course,
 in the big picture, your mileage may vary.
 

 Firstly, thanks for the detailed explanation of the issues involved in
 this choice Kevin, it's been very helpful.

 I'm curious though, could you elaborate on why NRPE is unsuitable if
 communication with my remote hosts is going to go via the Internet? Is
 it not sufficient that NRPE uses SSL? This may be more of a network
 security question than a Nagios one, but I've no real experience in
 either area unfortunately, so I appreciate any info you can give here.
   
No, you are right. I wasn't aware that NRPE could use SSL. In that case, 
NRPE would be pretty much the same in terms of performance as SSL.

That said, I am generally concerned from a security standpoint about any 
kind of active checks going over the Internet. This is because if you 
are monitoring, in your example, 200 hosts, you have to poke holes into 
200 firewalls (or into one firewall, and then set up SSL or SSH keys on 
200 hosts). That's 200 potential security holes all over the place with 
little or no control, and on machines that may not necessarily be 
hardened for access from the outside world. Worse - active checks, by 
nature, cause a program to be launched and executed on the monitored 
client, and usually with very high permissions. You said that you check 
2000 services, so that's 2000 plugins (give or take a few). What if a 
hacker found a way to compromise one of your 2000 plugins? You'd have a 
privilege escalation issue along with remote-launch capability. On 200 
clients.

Because of these concerns, I am using passive checks almost exclusively 
over the Internet (except for publicly available services such as HTTP 
or SMTP, of course); I wrote an agent that resides on the client as a 
wrapper around the excellent NSClient++ and performs the actual checks. 
It then forwards the checks to the Nagios server via NSCA over HTTPS. A 
second benefit is that this agent collects about 40 or so check results, 
and then sends all of them at once through a single SSL connection. That 
reduces the overhead of establishing a secure connection by a factor of 
40. BTW, the agent is available as Open Source. Go to 
http://www.tntmonitoring.com .

-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently delete the e-mail and any copies, printouts or attachments thereof.


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Cian Brennan
On Wed, Mar 25, 2009 at 06:44:00PM +, Christopher McAtackney wrote:
 2009/3/25 Kevin Keane subscript...@kkeane.com:
  I think you are comparing apples and oranges here, because in most
  situations that I can think of, the decision is dictated by the network
  topology. If you are exclusively on a trusted private network,
  check_by_ssh really doesn't offer any benefits. Conversely, if your
  topology involves the Internet or some other untrusted network (WiFi),
  then you wouldn't want NRPE in the first place.
 
  The only exception to the above that I can think of is when it comes to
  deciding between using check_by_ssh over an untrusted network, vs. NRPE
  through some other kind of tunnel or VPN. But in that case, you'd incur
  encryption overhead either way, and the comparison is very different
  from the question you asked.
 
  All that said: I don't have any first-hand experience, but I suspect
  that the impact of establishing 2200 ssh connections in a five-minute
  span (assuming that you are using a five-minute check interval) is
  pretty substantial. The main impact actually lies in establishing and
  tearing down the connections, key negotiations etc.; the encryption
  during the data phase probably has only limited impact because most
  checks only transmit a few bytes back and forth.
 
  SSH does much better with longer-duration connections when the keys are
  already exchanged. This is even more true if you have a router-based
  VPN, because in that case the overhead is offloaded to a different machine.
 
  So if you have the option of sending the checks as NRPE through one or a
  few long-term VPNs: you are probably going to be better off. Of course,
  in the big picture, your mileage may vary.
 
 Firstly, thanks for the detailed explanation of the issues involved in
 this choice Kevin, it's been very helpful.
 
 I'm curious though, could you elaborate on why NRPE is unsuitable if
 communication with my remote hosts is going to go via the Internet? Is
 it not sufficient that NRPE uses SSL? This may be more of a network
 security question than a Nagios one, but I've no real experience in
 either area unfortunately, so I appreciate any info you can give here.
 
 Cheers,
 Chris
 
NRPE uses SSL, but it doesn't check certificates. As such, someone could spoof
your IP, and run code, and get the results through NRPE. SSH does check
certificates, and relies on a shared secret, making this impossible.

 --
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue. 
 ::: Messages without supporting info will risk being sent to /dev/null
 

-- 

-- 

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread RijilV
2009/3/24 Christopher McAtackney crist...@gmail.com:
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris



SSH is going to slow it down on both sides of the communication.  SSH
does quite a bit more in terms of setting up the connection which
involves using asymmetric encryption to setup a shared secret for
symmetric encryption and verifying keys for the asymmetric part,
verifying access, allocating a session.  Whereas NRPE even with
encryption just does a simple pre-shared secret for the symmetric
encryption, much faster even if using the same encryption algorithm


One thing you could do with SSH to speed it up (and I would argue make
it faster than NRPE depending on the stability of your network)) would
be to use ControlMaster.  ControlMaster is a SSH v2 feature, where you
create a connection and can open up multiple sessions with that
ControlMaster for other SSH processes.  This saves you not only the
key-exchange heavy lifting but also you're not opening up a new socket
on the remote host.  In order to really make it worth it you'd have to
spawn a process that was continuously connected.  I wrote an ugly
check_by_ssh that would spawn a ControlMaster if one didn't exist and
use it if it did.  Reduced the load/latency quite a bit for SSH
checks.  Though if I had to do it again I'd used 'ControlMaster auto'
(man 5 ssh_config) and create a separate check that was responsible
for maintaining the ControlMaster, then you could use the stock
check_by_ssh without any modifications.


That all being said, you might want to think about a distributed setup
anyhow, if nothing more for redundancy.  200 servers and 2,000 checks
is alot of responsibility for a singleton, you could break it 50/50
between two servers that could take over for the other one if it
fails.


.r'

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Kevin Keane
Michael Medin wrote:
 Kevin Keane skrev:
 Wouldn't the SSL certificates provide authentication comparable to 
 SSH keys? I'm not familiar with how NRPE uses SSL, but I would assume 
 that you could also use client certificates?
   
 I am no expert but AFAIK it merely encrypts the traffic ie, no 
 certificates at all. If someone knows hoe to use certificates please 
 feel free to let me know so I can add it to NSClient++ but what I have 
 seen it is not possible...
No, that wouldn't be possible. Encryption always requires some form of 
key or another. In SSL, the key is embedded in the server's certificate. 
The client certificate is optional; it also contains a second encryption 
key. If you use client certificates, in effect the traffic is doubly 
encrypted.

You almost certainly *are* using certificates in NSClient++. But if you 
are using the standard Windows API functions, Windows transparently 
hides most of that complexity from you; the MSXML object and its ilk 
take care of it. You would be using the certificates from the Internet 
Explorer key store.


Actually, when I described how the SSL connection can use single or 
double encryption, I lied. It is more complicated than that. The SSL 
keys are extremely long (1024, 2048 bits or more), and they have to be 
because by nature they don't change over years. SSL keys in the 
certificates are also the public keys of a public/private key pair. 
These factors make using the SSL key for encryption *extremely* slow. 
That is why in reality, public key encryption is only used for extremely 
short messages (measured in bytes, not kilobytes).

To work around that, the client and the server generate yet another 
random key, this time a symmetric key (which has to be kept secret from 
anybody). This symmetric key is usually 128 bits or 256 bits. Unlike 
public-key encryption, symmetric encryption can be implemented very 
fast. This key is sent using the slow public-key encryption. The actual 
traffic is then encrypted using this second key, which will be thrown 
away after the connection ends.

Incidentally, SSH works basically the same way. The only substantial 
difference is that the public keys comes from the authorized_keys file 
instead of a certificate.

Both SSL and SSH actually allow you to use various different encryption 
algorithms and mechanisms for exchanging keys under the hood. You may, 
for instance, see DHE for the key exchange, RSA for the public/private 
encryption, and AES for the symmetric encryption and SHA for hashing 
(which I haven't even touched on).

-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently delete the e-mail and any copies, printouts or attachments thereof.


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] check_icmp/ping works but native ping fails

2009-03-25 Thread Marc Powell

On Mar 25, 2009, at 12:54 PM, Richard Aseltine wrote:

 Looks like I need an education here.

 check_icmp and check_ping can check a particular device but native  
 ping fails. Any help with understanding this would be great..

check_icmp uses it's own sockets code. check_ping is just a wrapper  
for 'native ping' (i.e. /bin/ping). if check_ping works, regular old  
ping must as well.

You can see the flags the check_ping is passing to /bin/ping by  
passing verbose flags --

$ ./plugins/check_ping -H localhost -w 10,10% -c 50,50% -vv
CMD: /bin/ping -n -U -w 10 -c 5 localhost
PING OK - Packet loss = 0%, RTA = 0.04 ms
10.00:10% 50.00:50%


--
Marc


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Charlie Reddington

On Mar 25, 2009, at 2:30 PM, RijilV wrote:

 2009/3/24 Christopher McAtackney crist...@gmail.com:
 Hi all,

 I was wondering if someone could give a brief overview of the pros /
 cons of using NRPE to monitor my remote hosts versus using the
 check_by_ssh command?

 I'm aware that check_by_ssh increases the CPU overhead, but I'm not
 clear on the level of impact here - does this increase the load on  
 the
 monitoring machine in direction relation to the number of hosts being
 monitored? For example, if I was using check_by_ssh to monitor, say,
 2000 services spread across 200 hosts, would I experience significant
 slowdown on my monitoring machine?

 Cheers for any info,

 Chris



 SSH is going to slow it down on both sides of the communication.  SSH
 does quite a bit more in terms of setting up the connection which
 involves using asymmetric encryption to setup a shared secret for
 symmetric encryption and verifying keys for the asymmetric part,
 verifying access, allocating a session.  Whereas NRPE even with
 encryption just does a simple pre-shared secret for the symmetric
 encryption, much faster even if using the same encryption algorithm


 One thing you could do with SSH to speed it up (and I would argue make
 it faster than NRPE depending on the stability of your network)) would
 be to use ControlMaster.  ControlMaster is a SSH v2 feature, where you
 create a connection and can open up multiple sessions with that
 ControlMaster for other SSH processes.  This saves you not only the
 key-exchange heavy lifting but also you're not opening up a new socket
 on the remote host.  In order to really make it worth it you'd have to
 spawn a process that was continuously connected.  I wrote an ugly
 check_by_ssh that would spawn a ControlMaster if one didn't exist and
 use it if it did.  Reduced the load/latency quite a bit for SSH
 checks.  Though if I had to do it again I'd used 'ControlMaster auto'
 (man 5 ssh_config) and create a separate check that was responsible
 for maintaining the ControlMaster, then you could use the stock
 check_by_ssh without any modifications.


 That all being said, you might want to think about a distributed setup
 anyhow, if nothing more for redundancy.  200 servers and 2,000 checks
 is alot of responsibility for a singleton, you could break it 50/50
 between two servers that could take over for the other one if it
 fails.


 .r'

 --
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when  
 reporting any issue.
 ::: Messages without supporting info will risk being sent to /dev/null

+1 on the control master. We have about 1000 checks over 300 hosts and  
using control master made the box much more stable and quite frankly  
usable. Saved a lot of plug in time outs as well.

Think about 1000 checks every 5 or 10 minutes. That's 1000 encrypted  
tunnels that are going up and down. That's a lot of overhead for a  
quick check, let along if your server is checking say 5 or 10 things  
back to back.

http://www.torchbox.com/blog/ssh_tips_2.html

Charlie

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] check_icmp/ping works but native ping fails

2009-03-25 Thread Richard Aseltine


  ping PHIPACHP02OPE19 1   
no answer from PHIPACHP02OPE19

***

./check_ping -H PHIPACHP02OPE19 -w 1000.0,20% -c 2000.0,60%
OK - PHIPACHP02OPE19: rta 0.681ms, lost 0%|rta=0.681ms;1000.000;2000.000;0; 
pl=0%;20;60;; 

Still puzzled

Thanks




 From: m...@ena.com
 To: nagios-users@lists.sourceforge.net
 Date: Wed, 25 Mar 2009 14:58:29 -0500
 Subject: Re: [Nagios-users] check_icmp/ping works but native ping fails
 
 
 On Mar 25, 2009, at 12:54 PM, Richard Aseltine wrote:
 
  Looks like I need an education here.
 
  check_icmp and check_ping can check a particular device but native  
  ping fails. Any help with understanding this would be great..
 
 check_icmp uses it's own sockets code. check_ping is just a wrapper  
 for 'native ping' (i.e. /bin/ping). if check_ping works, regular old  
 ping must as well.
 
 You can see the flags the check_ping is passing to /bin/ping by  
 passing verbose flags --
 
 $ ./plugins/check_ping -H localhost -w 10,10% -c 50,50% -vv
 CMD: /bin/ping -n -U -w 10 -c 5 localhost
 PING OK - Packet loss = 0%, RTA = 0.04 ms
 10.00:10% 50.00:50%
 
 
 --
 Marc
 
 
 --
 ___
 Nagios-users mailing list
 Nagios-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/nagios-users
 ::: Please include Nagios version, plugin version (-v) and OS when reporting 
 any issue. 
 ::: Messages without supporting info will risk being sent to /dev/null

_
Hotmail® is up to 70% faster. Now good news travels really fast.
http://windowslive.com/online/hotmail?ocid=TXT_TAGLM_WL_HM_70faster_032009--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Andrew Davis

Charlie Reddington wrote:

On Mar 25, 2009, at 2:30 PM, RijilV wrote:

  

2009/3/24 Christopher McAtackney crist...@gmail.com:


Hi all,

I was wondering if someone could give a brief overview of the pros /
cons of using NRPE to monitor my remote hosts versus using the
check_by_ssh command?

I'm aware that check_by_ssh increases the CPU overhead, but I'm not
clear on the level of impact here - does this increase the load on  
the

monitoring machine in direction relation to the number of hosts being
monitored? For example, if I was using check_by_ssh to monitor, say,
2000 services spread across 200 hosts, would I experience significant
slowdown on my monitoring machine?

Cheers for any info,

Chris

  

SSH is going to slow it down on both sides of the communication.  SSH
does quite a bit more in terms of setting up the connection which
involves using asymmetric encryption to setup a shared secret for
symmetric encryption and verifying keys for the asymmetric part,
verifying access, allocating a session.  Whereas NRPE even with
encryption just does a simple pre-shared secret for the symmetric
encryption, much faster even if using the same encryption algorithm


One thing you could do with SSH to speed it up (and I would argue make
it faster than NRPE depending on the stability of your network)) would
be to use ControlMaster.  ControlMaster is a SSH v2 feature, where you
create a connection and can open up multiple sessions with that
ControlMaster for other SSH processes.  This saves you not only the
key-exchange heavy lifting but also you're not opening up a new socket
on the remote host.  In order to really make it worth it you'd have to
spawn a process that was continuously connected.  I wrote an ugly
check_by_ssh that would spawn a ControlMaster if one didn't exist and
use it if it did.  Reduced the load/latency quite a bit for SSH
checks.  Though if I had to do it again I'd used 'ControlMaster auto'
(man 5 ssh_config) and create a separate check that was responsible
for maintaining the ControlMaster, then you could use the stock
check_by_ssh without any modifications.


That all being said, you might want to think about a distributed setup
anyhow, if nothing more for redundancy.  200 servers and 2,000 checks
is alot of responsibility for a singleton, you could break it 50/50
between two servers that could take over for the other one if it
fails.


.r'

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when  
reporting any issue.

::: Messages without supporting info will risk being sent to /dev/null



+1 on the control master. We have about 1000 checks over 300 hosts and  
using control master made the box much more stable and quite frankly  
usable. Saved a lot of plug in time outs as well.


Think about 1000 checks every 5 or 10 minutes. That's 1000 encrypted  
tunnels that are going up and down. That's a lot of overhead for a  
quick check, let along if your server is checking say 5 or 10 things  
back to back.


http://www.torchbox.com/blog/ssh_tips_2.html

Charlie

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
  
FWIW: I use both. I have about 400 internal servers that are considered 
to be trusted. I have another 50 or so that are outside our network 
(DMZ'd) and untrusted. To keep overhead low, I use NRPE on the internal 
hosts and check_by_ssh for the externals. Internally, using NRPE gives 
me greater flexibility in adjusting client thresholds (mounts to watch, 
varying memory ranges depending on how much is installed, etc). 
check_by_ssh gives me a secured, authenticated way of checking system 
externally (basic sshd_config setup to restrict ssh from nagios user and 
specific IP's only). I'm unwilling to use NRPE on an external, untrusted 
server, but don't want the overhead of encryption for internal, trusted 
systems...


 A. Davis
 Email: ncc...@gmail.com

 There is no limit to what a man can accomplish
  if he doesn't care who gets the credit. - Ronald Reagan

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

[Nagios-users] use of check_udp

2009-03-25 Thread Philip Brown
Hmm..

another snag I hit upgrading from plugins version 1.3.1, to 1.4.13.

previously, it was perfectly valid to use

check_udp -H hostname -p 

and it worked.

but now, you have to specify BOTH a 'send' string, and an 'expect' string.

The help/error message is not entirely clear:

With UDP checks, a send/expect string must be specified.

It would be nicer if it more accurately said,

With UDP checks, both a send AND an expect string must be specified.


I was wondering why it was not sufficient to call it with -s. I did not 
realize it required -e as well.
Also: i didnt really know what to 'expect... but it turns out that

check_udp -H host -p 2342 -s 'xyz' -e ''

works ok.

Too bad that trick does not seem to work for checking if a kerb5 kdc port is 
up and valid.

I know there is a check_kdc perl script, but it requires a couple of 
external modules. I prefer things that are self-contained, or compiled.


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


[Nagios-users] Nagios and MySQL

2009-03-25 Thread Mark Weaver




Hi List,
I was wondering if anyone has connected their standard Nagios installation up to a MySQL backend?

I'm looking at this from a purely disaster recovery aspect. It's easy enough to backup the configuration, but the data is another matter.

My current Nagios installation is version 3 installed on a CentOS 4.7server. The installation was done via Yum from the rpmforge repo. Much cleaner install than compiling the tarballs and much easier to manage. 

Yes, I could archive all the installation paths, but because they were installed via the RPM method things are spread out all over the file system. It would be real nice if I had all the data contained within a MySQL backend. That way if I had to restore should my Nag server die or suffer some horrible fate it could be a matter of reinstalling the packages, restoring the /etc/nagios directory where all the configs live, restore the database and I'm of again.

I've looked at a few suggested Nagios front ends including Centreon and they turned out to be bad experiences. Mostly due to the fact that being a Nagios noobie I didn't know what the hell the front was doing. The worst of it though was the way those front ends kept over-writing my configuration files in favor of it's own. Made a real mess of things and after the third reinstallation of Nagios on my sandbox I decided they weren't worth the effort or the misery. (Centreon and NagiosQL)

Groundworks is out of the question because as soon as it was installed and running it disabled my current instance of MySQL in favor of it's own. Not such a big deal as at the time it was on my sandbox machine, but had that been a production machine where I've got web applications running I'd have been seriously pissed! Funny that... Groundworks didn't mention anything about that rather rude behavior.

No, I'd much rather be able to connect a standard Nagios install to a MySQL backend and use everything else as is.

thanks,
--
Mark Weaver
Computer Information Systems  Services, Inc.
400 Bridge St., STE 4
New Cumberland, Pa. 17070
mwea...@compinfosystems.com
(717) 512-9718 

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Michael Medin

Kevin Keane skrev:

Michael Medin wrote:
  

Kevin Keane skrev:

Wouldn't the SSL certificates provide authentication comparable to 
SSH keys? I'm not familiar with how NRPE uses SSL, but I would assume 
that you could also use client certificates?
  
  
I am no expert but AFAIK it merely encrypts the traffic ie, no 
certificates at all. If someone knows hoe to use certificates please 
feel free to let me know so I can add it to NSClient++ but what I have 
seen it is not possible...

No, that wouldn't be possible. Encryption always requires some form of 
key or another. In SSL, the key is embedded in the server's certificate. 
The client certificate is optional; it also contains a second encryption 
key. If you use client certificates, in effect the traffic is doubly 
encrypted.
  

Humm.
The cipher used is ADH which is anonymous DH cipher suites in addition 
to a pre shared *known* secret (read un-secret). Again I am no expert 
but I always interpreted the secret key (DH) thingy as a key and not a 
certificate but mayhap I got it all wrong? (in which case it might be 
possible to use proper certificates?)


And I am actually using openssl but mayhap it has a built-in keystore as 
well?


// Michael Medin
You almost certainly *are* using certificates in NSClient++. But if you 
are using the standard Windows API functions, Windows transparently 
hides most of that complexity from you; the MSXML object and its ilk 
take care of it. You would be using the certificates from the Internet 
Explorer key store.



Actually, when I described how the SSL connection can use single or 
double encryption, I lied. It is more complicated than that. The SSL 
keys are extremely long (1024, 2048 bits or more), and they have to be 
because by nature they don't change over years. SSL keys in the 
certificates are also the public keys of a public/private key pair. 
These factors make using the SSL key for encryption *extremely* slow. 
That is why in reality, public key encryption is only used for extremely 
short messages (measured in bytes, not kilobytes).


To work around that, the client and the server generate yet another 
random key, this time a symmetric key (which has to be kept secret from 
anybody). This symmetric key is usually 128 bits or 256 bits. Unlike 
public-key encryption, symmetric encryption can be implemented very 
fast. This key is sent using the slow public-key encryption. The actual 
traffic is then encrypted using this second key, which will be thrown 
away after the connection ends.


Incidentally, SSH works basically the same way. The only substantial 
difference is that the public keys comes from the authorized_keys file 
instead of a certificate.


Both SSL and SSH actually allow you to use various different encryption 
algorithms and mechanisms for exchanging keys under the hood. You may, 
for instance, see DHE for the key exchange, RSA for the public/private 
encryption, and AES for the symmetric encryption and SHA for hashing 
(which I haven't even touched on).


  


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] check_icmp/ping works but native ping fails

2009-03-25 Thread Marc Powell

On Mar 25, 2009, at 3:22 PM, Richard Aseltine wrote:


   ping PHIPACHP02OPE19 1
 no answer from PHIPACHP02OPE19

 ***

 ./check_ping -H PHIPACHP02OPE19 -w 1000.0,20% -c 2000.0,60%
 OK - PHIPACHP02OPE19: rta 0.681ms, lost 0%|rta=0.681ms; 
 1000.000;2000.000;0; pl=0%;20;60;;

 Still puzzled

 Thanks

Again, use the verbose flags for check_ping, then try the same ping  
command it uses (it varies by system). The only explanation I can give  
at this point is that the ping binary you used above isn't the one  
that check_ping is using or that some specific flag is needed on your  
network. You should be able to discover that, and what that flag does,  
through the process of elimination. It could also be some strange DNS  
resolver issue with the ping binary. Running truss or strace on ping  
may provide interesting information if those tools are familiar to you.

This *really* isn't a nagios issue since the plugin is doing the right  
thing. If the above suggestions don't help you, you'll have better  
luck through the support forums for your OS.

--
Marc


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] Nagios and MySQL

2009-03-25 Thread Jim Avery
2009/3/25 Mark Weaver mwea...@compinfosystems.com:
 Hi List,
 I was wondering if anyone has connected their standard Nagios installation
 up to a MySQL backend?

Yes, NDOUtils.

 I'm looking at this from a purely disaster recovery aspect. It's easy enough
 to backup the configuration, but the data is another matter.

Why?  In a standard configuration, the data is a bunch of files which
can be backed-up using tar or whatever your favourite backup utility
is.

 My current Nagios installation is version 3 installed on a CentOS
 4.7 server. The installation was done via Yum from the rpmforge repo.
 Much
 cleaner install than compiling the tarballs and much easier to manage.
 Yes, I could archive all the installation paths, but because they were
 installed via the RPM method things are spread out all over the file system.

If you had installed from source tarball, then most of your Nagios
install would be under /usr/local/nagios/ .

 It would be real nice if I had all the data contained within a MySQL
 backend. That way if I had to restore should my Nag server die or suffer
 some horrible fate it could be a matter of reinstalling the packages,
 restoring the /etc/nagios directory where all the configs live, restore the
 database and I'm off again.

The install from tarball isn't so onerous, and you'll find that Nagios
then isn't spread all over the place but is mostly found under
/usr/loca/nagios/ .

 I've looked at a few suggested Nagios front ends including Centreon and they
 turned out to be bad experiences. Mostly due to the fact that being
 a Nagios noobie I didn't know what the hell the front was doing.

I'm sorry Mark, but installing from repositories using yum is pretty
much the same.  If you want to see how things work and have a truly
standard install, you need to install Nagios from the source tarballs.
 Believe me, I started off installing Nagios using yum on Fedora a
while back and soon got bitten on the bum when I found the repository
had Nagios compiled with embedded perl enabled but the plugins I was
using wouldn't work with that.

In a truly standard Nagios install (if there is such a thing), the
configs are under /usr/local/nagios/etc not /etc/nagios .  These
things become important when you start looking at installing some of
the really neat addons for Nagios like pnp4nagios graphing, NExSM
status map, NagVis dashboards and so on.

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


[Nagios-users] detecting rogue dhcp server

2009-03-25 Thread Chris
Is there any plugin exist to detect rogue dhcp servers across all vlans/ subnet?

I have had a look at two programs (not Nagios plugins): dhcp_probe and
roguedetect - none suitable for human consumption yet. There is an
excellent program on Windows call dhcploc.exe but I'm on Linux.

Thanks.

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


[Nagios-users] Dependent service checks don't fail when depended-on service check fails

2009-03-25 Thread Jarrod Moore
Hello everyone,

I have a couple of related questions regarding service dependencies in
Nagios and their limitations. I have two service checks (let's call
them A and B) and service A depends on service B to function
correctly. I want to set Nagios up so that if service B crashes then
both services A and B are put into the critical state in Nagios. I've
tried using service dependencies in Nagios to represent this behaviour
but have yet to be successful. I can only get it to suppress
notifications of service A if both services go down.

Is there a way to do what I'm trying to do here? I'd have thought it
would be logical that if a service depends on another service and the
service depended on dies then all services depending on it would fail
their checks as well, but there;s probably some scenario where it
doesn't work so well. I've had a look through the mailing list
archives and found someone had asked a similar question to the
nagios-devel list about 2.5 years ago and didn't end up getting an
answer, so I thought I might ask whether solutions to this type of
problem had been developed since then.

Cheers,

Jarrod

--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null


Re: [Nagios-users] NRPE vs. check_by_ssh

2009-03-25 Thread Kevin Keane
Michael Medin wrote:
 Kevin Keane skrev:
 Michael Medin wrote:
   
 Kevin Keane skrev:
 
 Wouldn't the SSL certificates provide authentication comparable to 
 SSH keys? I'm not familiar with how NRPE uses SSL, but I would assume 
 that you could also use client certificates?
   
   
 I am no expert but AFAIK it merely encrypts the traffic ie, no 
 certificates at all. If someone knows hoe to use certificates please 
 feel free to let me know so I can add it to NSClient++ but what I have 
 seen it is not possible...
 
 No, that wouldn't be possible. Encryption always requires some form of 
 key or another. In SSL, the key is embedded in the server's certificate. 
 The client certificate is optional; it also contains a second encryption 
 key. If you use client certificates, in effect the traffic is doubly 
 encrypted.
   
 Humm.
 The cipher used is ADH which is anonymous DH cipher suites in 
 addition to a pre shared *known* secret (read un-secret). Again I am 
 no expert but I always interpreted the secret key (DH) thingy as a 
 key and not a certificate but mayhap I got it all wrong? (in which 
 case it might be possible to use proper certificates?)

 And I am actually using openssl but mayhap it has a built-in keystore 
 as well?
I stand corrected.

Interesting... DH stands for Diffie Hellman (usually, that refers to the 
Diffie Hellman Key Agreement algorithm). I didn't know that openssl 
supported ADH (the A stands for anonymous), and I wonder how many other 
SSL implementations have it, since ADH really doesn't make much sense. 
According to the openssl documentation, ADH is actually the one cipher 
not included in the default list of ciphers. And with good reason, 
because, you are right, it does not do any kind of authentication, and 
therefore actually provides no security (not even from eavesdropping, 
because a man-in-the-middle attack is trivial).

Diffie Hellman is actually used for most SSL connections, but in a 
different form.

Basically, the idea behind DH is that both parties agree on two 
pre-shared large prime numbers. In the case of ADH, these same numbers 
are known to everybody in the world. In other forms of DH cipher, these 
two numbers are only known to the two parties exchanging information - 
that's what actually gets encrypted with the public/private encryption 
based on the keys from the certificates.

When client and server want to communicate, both separately generate 
random numbers. These numbers truly are secret. The client then applies 
some mathematical magic between the random number and the two primes, 
and the server does the same on its end. Then the server sends the 
result of this magic to the client, and vice versa. Finally, both of 
them multiply the result of the other side's magic with their own random 
number. In the end, both sides end up with the same result, even though 
neither ever sent its random number. This final result is the key. I 
used to teach a network security class that included the math behind DH, 
but I still can't remember the details. Diffie and Hellman must have 
been brainiacs to come up with that. It basically is a very tricky way 
to get obscure the random numbers.

Yes, it would indeed work without any certificate. You could think of it 
as a certificate with a zero-length public/private key (and with 
zero-length everything else, too).

openssl does have a key store, in the form of a certificate store. 
Creating and installing proper certificates is not difficult. You can 
probably use self-signed certificates here. Since you have control over 
both clients and servers, trusting the certificate shouldn't be an issue.

-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently delete the e-mail and any copies, printouts or attachments thereof.


--
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null