NRPE Nagios Remote Plugin Executor Mike Weber

Slides:

Advertisements

Similar presentations

How to Monitor Ingres with Open Source Tools

Advertisements

Nagios – Cool Tips and Tricks

Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

Installing Linux softwares Sirak Kaewjamnong. 2 Software packets  When Linux developers create their software they typically bundle all the executable.

Linux System Administration LINUX SYSTEM ADMINISTRATION.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

Downloading & Installing Software Chapter 13. Maintaining the System Yum Pirut BitTiorrent Rpm Keeping Software Up To Date Up2date Red Hat Network Wget.

Module 10 – Linux Installations. Wikipedia: Red Hat Package Manager or RPM Package Manager (RPM) is a package management system. The name RPM variously.

Hands-on session 2 Monitoring Jose Gonzalez Universidad Politecnica Madrid Attilio Broglio Create-Net

UNIX ™ /Linux Overview Unix/IP Preparation Course June 9, 2013 Lusaka, Zambia.

1 Web Server Administration Chapter 9 Extending the Web Environment.

Passive Monitoring with Nagios Jim Prins

Neng XU University of Wisconsin-Madison X D.  This instruction is for beginners to setup and test an Xrootd/PROOF pool quickly.  Following up each step.

Your university or experiment logo here Nagios: An introduction and Brief Tutorial Chris Brew SciTech/PPD.

Josh Riggs Utilizing Open Source Network Monitoring.

Network Services CSCI N321 – System and Network Administration Copyright © 2000, 2007 by Scott Orr and the Trustees of Indiana University.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Pakiti.

Introduction to Linux ( I ) Sidney Fong 4 th Feb 2006.

MAE Continuous Integration Administration guide July 8th, 2013.

GNU Compiler Collection (GCC) and GNU C compiler (gcc) tools used to compile programs in Linux.

A Practical Guide to Fedora and Red Hat Enterprise Linux Unit 8: Installing Software in Linux Chapter 13: Downloading and Installing Software By Fred R.

UNIX ™ /Linux Overview Unix/IP Preparation Course May 25, 2014 Djibouti.

Linux Services Muhammad Amer. 2 xinetd Programs  In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon.

Alerting With MySQL and Nagios Sheeri Cabral Senior DB Admin/Architect

Introduction To Nagios A Linux-based Monitoring System.

New SA Training Topic 6: Service Management Our organization takes advantage of many service type to provide functionality to users and ease management.

11 Distributed Monitoring for Web Apps Fernando Hönig

Linux security Taeho Oh

Asterisk’s Installation Requirements Kernel source bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++

Berkeley R Utilities & the new S Utilities The Unix (or Berkeley) r utilities provide an alternative to IP facilities telnet and ftp. Three programs: rlogin.

Centreon Deployment Chris Scicluna

Linux Exercise. Download and Install the latest CentOS version and latest Ubuntu/Fedora OS. Configure a unique Host Name and a permanent IP Address for.

Windows-Linux Interconnection Campus-Booster ID : **XXXXX Copyright © SUPINFO. All rights reserved Samba.

1 AHM -2-4 Sept 2003 e-Science Centre Running SRB Ananta Manandhar.

Apache, MySQL and PHP Installation and Configuration Chapter 2 MySQL Installation and Configuration.

中華技術學院 Linux 課程中華技術學院 Linux 課程 Chap one : Service Control 王俊城RHCE/RHCX.

Lab 8 Overview Apache Web Server. SCRIPTS Linux Tricks.

1 Grid Monitoring with Nagios Aries Hung, Joanna Huang, Felix Lee, Min Tsai ASGC WLCG T2 Asia Workshop TIFR, Dec 2, 2006.

ADMINISTRACIÓN DE SERVICIOS PARA LA WEB BRENDA GONZÁLEZ GÓMEZ

Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc.

Nagios FTW TriLUG 8/10/06 Presented by: Jason Faulkner Ian Kilgore.

High Availability For Nagios Mike Weber

10 Quick Steps To Disaster Mike Weber

Monitoring Asterisk with Icinga2

Monitoring IBMi by Nagios Core & Nagiosgraph

Advisor : Quincy Wu Speaker : Xang-Ting Date : 2010/06/08

LINUX SYSTEM ADMINISTRATION

Installation of MySQL Objectives Contents Practical Summary

NTP, Syslog & Secure Shell

What is nagios? Version 2 8/ M.A.Newhall.

CONTENT MANAGEMENT SYSTEM CSIR-NISCAIR, New Delhi

Chapter 9 Router Configuration (Ospf, Rip) Webmin, usermin Team viewer

CompTIA Server+ Certification (Exam SK0-004)

System Programming and administration CS 308

Ftp File and Print Server

Basic Commands ls cp ls –l (in detail format) echo ls –a

Unix Linux Administration I

Monitoring with Nagios

More Scripting & Chapter 11

IS3440 Linux Security Unit 6 Using Layered Security for Access Control

Network Services CSCI N321 – System and Network Administration

IS3440 Linux Security Unit 9 Linux System Logging and Monitoring

University of Texas Rio Grande Valley Systems Administration CSCI 6175

Network Services.

OPS235: Lab 2 Virtual Machines – Part I

COP 4343 Unix System Administration

LINUX SYSTEM ADMINISTRATION

Creating ODP regional node from scratch

Linux and TCP/IP Networking

Presentation transcript:

NRPE Nagios Remote Plugin Executor Mike Weber

20122 NRPE Concepts Agent Required on Client * plugin or script executes locally * daemon runs on client (port 5666) Nagios * check_nrpe connects to client Direct Checks * connect and collect data from client Indirect Checks * connect to client, execute plugin to connect to second client

20123 Basic Concepts

20124 NRPE: Active and Indirect Checks

20125 NRPE Components: Client NRPE Daemon * daemon managed by xinetd * security based on allowed_hosts * runs on port 5666 * open firewall NRPE Commands File (nrpe.cfg) * check_nrpe connects to client * command definitions Plugins * connect and collect data from client

20126 NRPE Components: Server One Plugin * check_nrpe (installed by default in XI) Host and Service Definitions * define the host * define each service

2011 Nagios World Conference 7 NRPE Variables

20128 NRPE Variables: Client Agent Install * repository (CentOS, SUSE,Ubuntu, Debian, etc.) * XI agent from wizard * compile Daemon Install * repository (CentOS, SUSE,Ubuntu, Debian, etc.) * compile nrpe.cfg * repository (CentOS, SUSE,Ubuntu, Debian, etc.) * compile Command Definitions

20129 Client Variables: Daemon and Config Program /usr/local/nagios/bin/nrpe /usr/sbin/nrpe Daemon Config /etc/xinet.d/nrpe /etc/nagios/nrpe /etc/nagios3/nrpe (Ubuntu)

NRPE: Daemon Config - nrpe # default: on # description: NRPE (Nagios Remote Plugin Executor) service nrpe { flags = REUSE socket_type = stream port = 5666 wait = no user = nagios group = nagios server = /usr/local/nagios/bin/nrpe server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd log_on_failure += USERID disable = no only_from = }

Client Variables: Commands File Location /usr/local/nagios/etc/nrpe.cfg (compile) /usr/local/nagios/etc/nrpe/common.cfg (XI Agent) /etc/nagios/nrpe.cfg (SUSE) /etc/nagios3/nrpe.cfg (Ubuntu) Definitions * able to use arguments * dont_blame_nrpe=1 command[check_users]=/usr/local/nagios/libexec/check_users -w $ARG1$ -c $ARG2$ * unable to use arguments * dont_blame_nrpe=0 command[check_users]=/usr/local/nagios/libexec/check_users -w 2 -c 4

Client Variables: Plugins Location /usr/local/nagios/libexec /usr/lib/nagios/plugins /usr/lib64/nagios/plugins

2011 Nagios World Conference 13 NRPE Compile

Why Compile NRPE and Plugins? Eliminate Variables Across Distribution * same daemon settings and location * same nrpe definitions * same commands locations and configuration (nrpe.cfg) * same location for plugins * same versions Uniform Troubleshooting * standards across distributions * easier for multiple administrators Uniform Upgrades * method of upgrade the same * upgrades will be the latest

NRPE: Install Script #!/bin/bash if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" 1>&2 exit 1 fi cd /tmp wget tar zxvf nrpe-2.13.tar.gz cd nrpe-2.13 yum install -y mod_ssl openssl-devel xinetd gcc make./configure --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib make make install make install-daemon make install-daemon-config make install-xinetd cp sample-config/nrpe.cfg /usr/local/nagios/etc/

Plugins: Install Script #!/bin/bash if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" 1>&2 exit 1 fi cd /tmp wget tar.gz/download yum install -y gcc make mysql-devel mysql net-snmp useradd nagios groupadd nagcmd usermod -a -G nagcmd nagios tar zxvf nagios-plugins tar.gz cd nagios-plugins /configure --with-nagios-user=nagios --with-nagios-group=nagios make make install exit 0

NRPE: Locations When Compiled Daemon Configuration /etc/xinetd.d/nrpe Daemon Binary /usr/local/nagios/bin/nrpe Configuration File /usr/local/nagios/etc/nrpe.cfg Plugins /usr/local/nagios/libexec

2011 Nagios World Conference 18 NRPE: XI Agent

CentOS Agent: XI cd /tmp wget tar zxvf linux-nrpe-agent.tar.gz cd linux-nrpe-agent./fullinstallhttp://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz Allow from: Stopping xinetd: [ OK ] Starting xinetd: [ OK ] Subcomponents installed OK RESULT=0 ########################################################## ### ### Nagios XI Linux Agent Installation Complete! ### ### ##########################################################

NRPE: Locations XI Agent Daemon Configuration /etc/xinetd.d/nrpe Daemon Binary /usr/local/nagios/bin/nrpe Configuration File /usr/local/nagios/etc/nrpe.cfg include_dir=/usr/local/nagios/etc/nrpe dont_blame_nrpe=1 /usr/local/nagios/etc/nrpe/common.cfg Plugins /usr/local/nagios/libexec

common.cfg ### GENERIC SERVICES ### command[check_init_service]=sudo /usr/local/nagios/libexec/check_init_service $ARG1$ command[check_services]=/usr/local/nagios/libexec/check_services -p $ARG1$ ### MISC SYSTEM METRICS ### #command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10 command[check_users]=/usr/local/nagios/libexec/check_users $ARG1$ command[check_load]=/usr/local/nagios/libexec/check_load $ARG1$ command[check_swap]=/usr/local/nagios/libexec/check_swap $ARG1$ command[check_cpu_stats]=/usr/local/nagios/libexec/check_cpu_stats.sh $ARG1$ command[check_mem]=/usr/local/nagios/libexec/custom_check_mem $ARG1$ ### YUM UPDATES ### command[check_yum]=/usr/local/nagios/libexec/check_yum ### DISK ### command[check_disk]=/usr/local/nagios/libexec/check_disk $ARG1$ command[check_ide_smart]=/usr/local/nagios/libexec/check_ide_smart $ARG1$ ### PROCESSES ### command[check_all_procs]=/usr/local/nagios/libexec/custom_check_procs command[check_procs]=/usr/local/nagios/libexec/check_procs $ARG1$ ### OPEN FILES ### command[check_open_files]=/usr/local/nagios/libexec/check_open_files.pl $ARG1$ ### NETWORK CONNECTIONS ### command[check_netstat]=/usr/local/nagios/libexec/check_netstat.pl -p $ARG1$ $ARG2$

Commands: nrpe.cfg No Variables Allowed dont_blame_nrpe=0 command command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1 Using Variables dont_blame_nrpe=1 command command[check_hda1]=/usr/local/nagios/libexec/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$

Downside of Arguments CentOS check_cpu_stats!-a '-w 85 -c 95' SUSE Enterprise check_cpu_stats!-a -w 80 -a -c 90

2011 Nagios World Conference 24 NRPE: Nagios Core

NRPE: Active Check

Nagios Core: Service Checks No Arguments define service{ use generic-service host_name centos service_description Users check_command check_nrpe!check_users } define service{ use generic-service,srv-pnp host_name centos service_description Mailq check_command check_nrpe!check_mailq } Arguments define service{ use generic-service host_name centos service_description Disk check_command check_nrpe_arg!check_disk!80!90!/ }

Nagios Core: Command Definition No Arguments define command{ command_name check_nrpe command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ } define command{ command_name check_nrpe_60 command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -t 60 -c $ARG1$ } Arguments define command{ command_name check_nrpe_arg command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -a $ARG2$ $ARG3$ $ARG4$ }

Summary No Arguments define command{ command_name check_nrpe command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ } define service{ use generic-service host_name centos service_description Users check_command check_nrpe!check_users } command[check_users]=/usr/local/nagios/libexec/check_users -w 2 -c 4 Arguments define command{ command_name check_nrpe_arg command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -a $ARG2$ $ARG3$ $ARG4$ } define service{ use generic-service host_name centos service_description Disk check_command check_nrpe_arg!check_disk!80!90!/ } command[check_disk]=/usr/local/nagios/libexec/check_disk $ARG1$

AIDE: Advanced Intrusion Detection Environment Script !/bin/bash # Create 4 Hour Cron Job With AIDE logfile=/tmp/aide x=$(grep "Looks okay" $logfile | wc -l) if [ $x -eq 1 ] then echo "All Systems Look OK" stateid=0 else echo "$(egrep "added|changed" /tmp/aide)" stateid=2 fi exit $stateid Command in nrpe.cfg command[check_aide]=/usr/local/nagios/libexec/check_aide Service Definition define service{ use generic-service host_name bash service_description AIDE check_command check_nrpe!check_aide }

2011 Nagios World Conference 30 NRPE: Nagios XI

NRPE: Linux Server

NRPE: Linux Server

NRPE: Linux Server

NRPE: Linux Server

NRPE: Linux Server

/etc/init.d ls /etc/init.d crond gpm iscsi lvm2-monitor named nscd rawdevices snmpd sysstatdc_client haldaemon iscsid mcstrans netconsole ntpd rdisc snmptrapd vsftpddc_server halt killall messagebus netfs portmap restorecond snmptt winbind dovecot httpd kudzu multipathd netplugd postfix saslauthd sshd xinetdfunctions iptables lm_sensors mysqld network postgresql-9.0 single syslog

NRPE: Linux Server

NRPE: Linux Server

NRPE: Linux Server

NRPE: Linux Server

NRPE: Additional Checks

NRPE: Additional Checks

NRPE: Additional Checks

2011 Nagios World Conference 44 NRPE: Questions?