Tag Archives: nagios

Exclude fstab entries that use BIND from nagios nrpe check_disk / check_all_disks

Say you have an /etc/fstab file with an entry for bind: tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 ** /root/special/folder /home/user1/folder none bind 0 0 If you run the nagios nrpe command (below) as root everything works fine: /usr/lib64/nagios/plugins/check_disk -w 8% -c 5% -A -x /dev/shm -X nfs -X bind -i /boot However, when you run this as the nagios user it fails (as is expected since the nagios does not have access to this folder): sudo -u nagios /usr/lib64/nagios/plugins/check_disk -w 8% -c 5% -A -x /dev/shm -X nfs -X bind -i /boot DISK CRITICAL – /home/user1/folder is not accessible: Permission denied Since the nrpe checks are done with nagios a solution is needed. You could exclude the path specifically, using the -x flag: `-x /home/user1/folder` But you’d have to do that each time you make any changes to the /etc/fstab file. In the commands above I left in the -X bind flag, which I attempted, although it does not work. I also tried -X bindfs with no luck. There are some other flags for different types of file systems. -X tmpfs -X devpts -X sysfs -X proc -X binfmt_misc -X rpc_pipefs -X nfs These can also be written as: –exclude-type=tmpfs –exclude-type=devpts –exclude-type=sysfs –exclude-type=proc –exclude-type=binfmt_misc –exclude-type=rpc_pipefs –exclude-type=nfs However, the one that is needed to exclude the bind is actually the none file system, or -X none or –exclude-type=none

Posted in Server Administration | Tagged , , | Leave a comment

Nagios Passive Check Example

The data below that makes up a service definition and commands definition below should serve as an example of what a passive check definition may look like: define service{ host_name yourhost.com service_description PassiveCheck check_freshness 1 ; active checks are NOT enabled active_checks_enabled 0 ; passive checks are enabled (this is how results are reported) passive_checks_enabled 1 ; 26 hour threshold, since backups may not always finish at the same time freshness_threshold 93600 ; this command is run only if the service results are “stale” check_command no-backup-report notification_interval 0 check_interval 60 retry_interval 1 max_check_attempts 1 # parallelize_check 1 # is_volatile 1 # obsess_over_service 0 } define command{ command_name no-backup-report command_line /usr/local/nagios/libexec/check_dummy 2 “CRITICAL: Results of backup job were not reported!” }

Posted in Linux | Tagged | Leave a comment

Nagios: Monitor SSL Certs

Nagios has the ability to monitor SSL certificates for expiration. Here’s how to do it: Steps for Nagios to Monitor SSL Certs Download the check_ssl_certificate plugin from the nagios exchange site Update:A better / updated version of the plugin is available for download here ( it is mentioned on previously mentioned nagios plugins page ) Installation: Edit the script, replacing the line: use lib “/usr/lib64/nagios/plugins”; with the path to your nagios plugins directory (where utils.pm is located). For me on Ubuntu 10.04 this was use lib “/usr/lib/nagios/plugins”; Also edit the line: my $openssl = “/usr/bin/openssl”; with the path to your openssl binary. Then copy the script into your nagios plugins directory, for Ubuntu 10.04 it was /usr/lib/nagios/plugins I also updated line 155 – 158 of the script, because it has a bug that allows expired certificates to show up as passing: if ($daysLeft < 0) { print “$PROGNAME: CRITICAL – $cn expired ” . abs($daysLeft) . ” day(s) ago.\n”; exit $ERRORS{‘CRITICAL’}; } elsif ($daysLeft <= $critical) { The key part is adding in this line: exit $ERRORS{‘CRITICAL’}; To monitor a site, you will need to set up a configuration, using something like this (edit to suit your needs): define command { command_name check_ssl_certificate command_line /usr/lib/nagios/plugins/check_ssl_certificate -H $HOSTNAME$ } define service{ use generic-service host_name www.yoursite.com service_description check ssl check_command check_ssl_certificate contact_groups admins }

Posted in Server Admin, Server Administration | Tagged , , , | Leave a comment

nagios check_dns / check_ip example

Need to monitor an IP address / DNS entry with Nagios? Nagios has a plugin called check_dns just for that. The check commands are defined in this file: /etc/nagios-plugins/config/dns.cfg # ‘check_dns’ command definition define command{ command_name check_dns command_line /usr/lib/nagios/plugins/check_dns -H www.google.com -s ‘$HOSTADDRESS$’ } # ‘check_dig’ command definition define command{ command_name check_dig command_line /usr/lib/nagios/plugins/check_dig -H ‘$HOSTADDRESS$’ -l ‘$ARG1$’ } here is an alternate version I wrote to check the IP of a host, I could have used check_ip because I don’t think that command is taken, but instead I used my_check_dns: #my_check_dns command, checks to make sure a hostname resolved to a specified IP address: define command { command_name my_check_dns command_line /usr/lib/nagios/plugins/check_dns -H $ARG1$ -a $ARG2$ } this is how it would be implemented in a service: define service{ use generic-service ; Name of service template to use host_name mysite.com service_description check dns check_command my_check_dns!www.mysite.com!123.456.78.90 } Man Page: check_dns v1.4.14 (nagios-plugins 1.4.14) Copyright (c) 1999 Ethan Galstad <nagios @nagios.org> Copyright (c) 2000-2008 Nagios Plugin Development Team <nagiosplug [email protected]> This plugin uses the nslookup program to obtain the IP address for the given host/domain query. An optional DNS server to use may be specified. If no DNS server is specified, the default server(s) specified in /etc/resolv.conf will be used. Usage:check_dns -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit] Options: -h, –help Print detailed help screen -V, –version Print version information -H, –hostname=HOST The name or address you want to query -s, –server=HOST Optional DNS server you … Continue reading

Posted in Security, Server Admin | Tagged , , , , | Leave a comment

How to Monitor Canon Printers with SNMP

I’m working to set up monitoring of Canon printers with SNMP, and I’m having a hard time finding resources around the internet on how to go about doing this, so this article will be collecting the resources I’ve found and putting them in once place. Commands for Monitoring Canon Printers with SNMP One of the problems that I had to look into was monitoring of CANON printers, and properly modifying Nagios config files for that: Once you understand a little how NAGIOS works you will understand what I am trying to show you here in example: in /usr/local/nagios/etc/objects/commands.cfg I added a command: define command{ command_name check_snmp_canon command_line $USER1$/check_snmp -H $HOSTADDRESS$ -l STATUS -C public $ARG1$ $ARG2$ } then in: /usr/local/nagios/etc/objects/printer.cfg you define host and service like this: define host{ use generic-printer host_name SOMECANONPRINTER alias SOMECANONPRINTER Alias address “IP of the printer goes here” hostgroups network-printers } define service{ use generic-service host_name SOMECANONPRINTER service_description Printer Status check_command check_snmp_canon!-o hrDeviceStatus.1 -r “2|3” normal_check_interval 10 retry_check_interval 1 } via http://mariuszgal.com/blog/?p=93 Some of the commands I’ve tried to execute directly from the command line use something like this: /usr/lib/nagios/plugins/check_snmp -H 192.168.0.105 -C public -o hrDeviceStatus.1 snmpwalk -v <snmp version, typically ‘2c’> -c <community string> <agent address, e.g. ‘192.168.3.141’> 1.3.6.1 snmpwalk -v 2c -c public 192.168.0.104 What is SNMP Simple Network Management Protocol (SNMP) is a set of standards for managing network devices, network devices are monitored by a SNMP manager which connects to an SNMP agent on network devices. Data which the SNMP agent … Continue reading

Posted in Linux, Server Administration, Tech Tips | Tagged , , , , , , , , , | 8 Comments

Setting Nagios host check frequency and Nagios default check interval

With nagios (nagios3), the normal check interval is set to 5 minutes, and the retry is set to 1 minute. If your services are not that critical, you can increase the default check interval, perhaps from five minutes (or 600 seconds) to something like 10 minutes or 15 minutes. Look for a file like generic-service_nagios.cfg in your configuration directory, possibly: /etc/nagios3/conf.d/generic-service_nagios2.cfg Then you can find the corresponding lines to make the edits you need: define service{ name generic-service active_checks_enabled 1 passive_checks_enabled 1 parallelize_check 1 obsess_over_service 1 check_freshness 0 notifications_enabled 1 event_handler_enabled 1 flap_detection_enabled 1 failure_prediction_enabled 1 process_perf_data 1 retain_status_information 1 retain_nonstatus_information 1 notification_interval 0 is_volatile 0 check_period 24×7 normal_check_interval 5 retry_check_interval 1 max_check_attempts 4 notification_period 24×7 notification_options w,u,c,r contact_groups admins register 0 }

Posted in Software, Web Development | Tagged , , , , , | Leave a comment