Skip to main content

Nagios NRPE

 

Downloading Nagios Core:

https://www.nagios.org/downloads/nagios-core/thanks/?t=1500128149

Installing Nagios Core:

Installation is really easy just follow the guide:

https://assets.nagios.com/downloads/nagioscore/docs/Installing_Nagios_Core_From_Source.pdf#_ga=2.210947287.396962911.1500126138-104828703.1500126138

Once it's installed, create a host and a service and the commands.

Lets start by making sure nagios sees the files we are going to create for our hosts and services.

vi /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/hosts.cfg
cfg_file=/usr/local/nagios/etc/services.cfg

We will start by creating a template we can use for our hosts, then below we will create the host and then create the services for that host.

vim /usr/local/nagios/etc/servers/hosts.cfg
define host{
name                            linux-box               ; Name of this template
use                             generic-host            ; Inherit default values
check_period                    24x7        
check_interval                  5       
retry_interval                  1       
max_check_attempts              10      
check_command                   check-host-alive
notification_period             24x7    
notification_interval           30      
notification_options            d,r     
contact_groups                  admins  
register                        0                       ; DONT REGISTER THIS - ITS A TEMPLATE
}

define host{ use linux-box ; Inherit default values from a template host_name linux-server-01 ; The name we're giving to this server alias Linux Server 01 ; A longer name for the server address 192.168.1.100 ; IP address of Remote Linux host }
vim /usr/local/nagios/etc/servers/services.cfg
define service{
use                     generic-service
host_name               linux-server-01
service_description     CPU Load
check_command           check_nrpe!check_load
}
vi /usr/local/nagios/etc/objects/commands.cfg

The -H will be for the host it will connect to (192.168.1.100) defined in the host.cfg, the -c will be the name specified on the remote host inside the /etc/nrpe.cfg

define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

Verify nagios config for errors before restarting.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Restart the service

service nagios restart
Remote host:

now lets install the NRPE plugins and add a few plugins to the config file.

To view the list of plugins you can install:

yum --enablerepo=epel -y list nagios-plugins*
yum install nrpe nagios-plugins-dns nagios-plugins-load nagios-plugins-swap nagios-plugins-disk nagios-plugins-procs

Now we need to add the nagios server (192.168.1.101) and the commands it can execute

vim /etc/nagios/nrpe.cfg
command[check_dns]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

allowed_hosts=127.0.0.1,192.168.1.101

systemctl enable nrpe
systemctl restart nrpe

Now go back to the nagios server and check if it connects.

check_nrpe -H 192.168.1.100

Other NRPE commands:

command[check_ping]=/usr/local/nagios/libexec/check_ping 8.8.8.8 -w 50,50% -c 100,90%
command[check_diskusage]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/disk/by-uuid/[DISK UUID]
command[check_cpuload]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 10% -c 5%
command[check_raid]=/usr/local/nagios/libexec/check_raid 

Monitor MySQL Service

MySQL Monitoring Requirements

  1. Monitor whether MySQL is running by checking port 3306.
  2. Monitor the availability of certain database 'testDB'.

MySQL Server Setting

When it comes to checking MySQL, it should be kept in mind that MySQL, by default, listens on only the loopback interface 127.0.0.1. This increases the security of the database. Manual tuning is needed to tell MySQL to listen on other interfaces as well. Here is how it can be done.

This setting is done on all MySQL servers.

root@nagios:~# vim /etc/mysql/my.cnf

The following line is commented out to make MySQL listens on all interfaces.

#bind-address           = 127.0.0.1

Also, MySQL would not let just any host to connect to it. A user 'nagios' is created for both localhost and for 'any' host. This user is then granted all permission to all databases and will be used for monitoring.

The following settings are done for all MySQL servers.

root@nagios:~# mysql -u root –p
## MySQL root password here ##

A user 'nagios@localhost' is created in MySQL server.

mysql> CREATE USER 'nagios'@'localhost' IDENTIFIED BY 'nagios-pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'nagios'@'localhost';

A user 'nagios@any-host' is created.

mysql> CREATE USER 'nagios'@'%' IDENTIFIED BY 'nagios-pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'nagios'@'%';
 
mysql> FLUSH PRIVILEGES;

 This should enable MySQL to listen on all interfaces, as well as accept incoming connections from user 'nagios' at any host.

Note that there are possible security implications of this change, so it's worth mentioning a few words:

  • This setting will expose MySQL to all available interfaces, including WAN. It is vital to make sure only legitimate networks have access to the database. Filters such as firewall and TCP wrappers should be used.
  • The MySQL 'nagios' user password should be very strong. If there are few Nagios servers, then MySQL user 'nagios@servername' should be created instead of 'nagios@%' i.e., any host.

Nagios Configuration for MySQL

The following tuning should do the trick.

root@nagios:~# vim /etc/nagios3/conf.d/services_nagios2.cfg
define service{
use			generic-service
host_name		test-server-1
;hostgroup can be used instead as well

service_description		Check MYSQL via TCP port
check_command			check_tcp!3306
        }

define service{
use				generic-service
host_name			test-server-1
;hostgroup can be used instead as well

service_description	Check availability of database 'testDB'
check_command	check_mysql_database!nagios!nagios-pass!testDB
;check_mysql!userName!userPassword!databaseName
        }

This way, Nagios can help monitor the accessibility of both MySQL servers and the database stored within the servers.

Monitor Apache Web Server

Nagios can be used to monitor Apache web server as well.

Apache Monitoring Requirements

  • Monitor whether the apache server is available.

This task is really easy as Nagios has a built-in command for this.

root@nagios:~# vim /etc/nagios3/conf.d/services_nagios2.cfg
define service{
use			generic-service
host_name		test-server-1, test-server-2
service_description	Check Apache Web Server
check_command		check_http
        }

Now that was really simple.

Monitor DNS Service

Nagios can monitor DNS service by asking the DNS server to either resolve a specific fully qualified domain name (FQDN), or by asking the server to use the dig tool. The default FQDN used for testing is www.google.com, but it can be changed as needed. The following file can be modified to do the job.

root@nagios:~# vim /etc/nagios-plugins/config/dns.cfg
## The -H portion can be modified to replace Google ##
define command{
command_name    check_dns
command_line    /usr/lib/nagios/plugins/check_dns -H www.google.com -s '$HOSTADDRESS$'
}

Then edit the following file.

root@nagios:~# vim /etc/nagios3/conf.d/services_nagios2.cfg
## Nagios asks server-3 to resolve the IP for google.com ##
define service{
use                             generic-service
host_name                       test-server-3
service_description     Check DNS
check_command           check_dns
        }

## Nagios asks server-3 to dig google.com ##
define service{
use                             generic-service
host_name                       test-server-3
service_description     Check DNS via dig
check_command           check_dig!www.google.com
        }

Monitor Mail Server

Nagios can monitor different mail server components like SMTP, POP, IMAP and mailq. As mentioned earlier, server-2 has postfix mail server set up on it. Nagios will be configured to monitor SMTP and mail queue of the server.

root@nagios:~# vim /etc/nagios3/conf.d/services_nagios2.cfg
define service{
use                     generic-service
host_name               test-server-2
service_description     Check SMTP
check_command           check_smtp
        }

define service{
use                     generic-service
host_name               test-server-2
service_description     Check Mail Queue
check_command           check_mailq_postfix!50!100
					;warning at 50, critical at 100
        }

The following screenshot shows a complete overview of all the service checks that have been configured so far.

Port Based Monitoring for Custom Applications

Let us assume that the following custom application is also running in the network, listening on a particular port.

  • Test Server 1: custom application (TCP Port 12345)

With a little tweaking, Nagios can help monitor this application port as well.

root@nagios:~# vim /etc/nagios3/conf.d/services_nagios2.cfg
define service{
use                     generic-service
host_name               test-server-1
service_description     Check server 1 custom application
check_command           check_tcp!12345
        }

On a finishing note, Nagios can monitor many other sectors of a network. The scripts stored in /etc/nagios-plugins/config/ can shed some light on the awesome capabilities of Nagios.