Nagios Monitoring

SMN · 29 Jun 2009 at 12:14

Hi Guys,
Nagios monitoring question. I have 2 servers i wish to monitor on a LAN based in Hulme, with the External ip X.X.X.X.
I have configured the nagios server at my site here (Y.Y.Y.Y) to forward ports coming in (nagios ports) to the Nagios server (10.10.1.27), so nagios packets can get through here (tested and working).

I have added a nagios host at X.X.X.X on my Nagios server, but here is my problem: i can only forward the nagios ports through once - so i can only monitor one server.

If i forward them to "LAN Server: 192.168.0.1" then the server "X" will be monitored, if to "LAN Server: 192.168.0.2" then server "Y" Will be monitored.

Does anyone have any idea how to set it up to monitor 2 servers behind one static ip without port forwarding (or a Linux box on site for that matter

).

Cheers,
Sam

LizardKing · 29 Jun 2009 at 13:01

Pretty sure you can change the monitoring port for this very reason

bods · 29 Jun 2009 at 13:27

So have you installed a client on the remote servers that you want to monitor? e.g. nsclient++ for Windows? Or is it something else?

SMN · 29 Jun 2009 at 15:26

Yeah NSClient++ is installed and configured on both the servers i wish to monitor.

If i change the monitoring port, how do i tell the Nagios server here to sent on that port for that client?

bods · 30 Jun 2009 at 07:45

So, the command used to initiate the check from the Nagios server is check_nrpe. You can pass the -p xxxx to specify a different port number.

So let's suggest you keep one of the servers on the default port of 5666 and the other server modify the nsc.ini file to modify the port number to 5667.

That should do it.

SMN · 30 Jun 2009 at 12:17

Nice - thanks! Do you use the check_nrpe command inside the ../objects/windows.cfg file under the server object itself, i.e.

define host{
use windows-server
host_name Server1
alias Server Number 1
address Ext.Er.Nal.Ip
}

define host{
use windows-server
host_name Server2
alias Server Number 2
address ext.er.nal.ip
check_nrpe -p 5667
}

And then change the nsc.ini file on the Server2 to send on 5667?

bods · 30 Jun 2009 at 14:20

Not quite the same on my server.

I have a host definition like this:

Code:

# Host Definition for UKLDN303
define host{
        use                     generic-host            ; Name of host template to use
        host_name               UKLDN303
        alias                   Citrix
        parents                 CITRIX-SERVERS
        address                 x.x.x.x
        }

Then I'll have a service definition like this:

Code:

define service{
        use                             5min-services         ; Name of service template to use
        host_name                  UKLDN303
        service_description             Disk Space
        check_command                   check_disks!6%!4%
        servicegroups                   winservices
        }

Then if you look at check_disks, it is defined in check_commands.cfg as:

Code:

define command{
    command_name check_disks
    command_line /usr/local/nagios/libexec//check_nrpe -H $HOSTADDRESS$ -p5666 -c CheckDriveSize -a ShowAll=long CheckAll FilterType=FIXED MinW
arnFree=$ARG1$ MinCritFree=$ARG2$
}

Notice that magical -p5666 in there. I only use port 5666 so i have it embedded in the command definition but you could either set up two commands - one for port 5666 and on for port 5667. Or you could pass the argument - something like this:

Code:

define service{
        use                             5min-services         ; Name of service template to use
        host_name                  UKLDN303
        service_description             Disk Space
        check_command                   check_disks!5667!6%!4%
        servicegroups                   winservices
        }


define command{
    command_name check_disks
    command_line /usr/local/nagios/libexec//check_nrpe -H $HOSTADDRESS$ -p$ARG1$ -c CheckDriveSize -a ShowAll=long CheckAll FilterType=FIXED MinW
arnFree=$ARG2$ MinCritFree=$ARG3$
}

LizardKing · 30 Jun 2009 at 20:31

You could use port forwarding on your firewall to forward 5667 to 5666 on client2, it would negate the need to mess around with the nagios client settings.

SMN · 30 Jun 2009 at 21:29

Routers arent good enough i'm afraid.

The rules i have are:

External IP: 5666 --> 192.168.1.1: 5666, for example.

I'm going to give the "-p 5666" a go tomorrow - if it works i'm going to knock together a quick guide on setting it all up etc for anyone else who wants to read it.

Cheers for all the help guys.

SMN · 2 Jul 2009 at 13:42

In the NSC.ini file on the remote host, i've just noticed the following:

;# REMOTE NRPE PROXY COMMANDS
; A list of commands that check other hosts.
; Used by the NRPECLient module
[NRPE Client Handlers]
check_other=-H 192.168.0.1 -p 5666 -c remote_command -a arguments

The check_other is interesting; could i install the NSCLIENT++ on 192.168.0.1 (providing ports are forwarded to 192.168.0.2 - the server i'm on now) and the server would send both sets of details back to the Nagios server?

bods · 3 Jul 2009 at 10:56

I've never used that feature -it's new to me. Give it a go and let me know how you get on.....

Thanks.

SMN · 6 Jul 2009 at 10:50

Still having issues with nagios

If i forward Externalip:5667 to internalip:12489, it will get through to the server, but when it sends back it is sending back to the default port and as such both servers are showing the same information. Is there a way i can set which port for the Nagios server to listen to per the host?

SMN · 6 Jul 2009 at 13:49

Update: Hi Gents, i have got it working

Basically, on the Nagios server, you need to edit /usr/local/nagios/etc/objects/commands.cfg and create a secondary check_nt! process per extra server you want to monitor, i.e. the default check_nt! runs on 12489 (TCP Port).

So create check_nt2! etc similar to below:

# 'check_nt' command definition
define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -s securepassword -v $ARG1$ $ARG2$
}

#check_nt! for Server2
define command{
command_name check_nt2
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 5667 -s securepassword -v $ARG1$ $ARG2$
}

Then forward port 5667 through to the Server2 ip address, and specify Server2 to use port 5667 instead of 12489 and bobs your uncle, it works.

Thanks guys and hope this helps someone

SMN · 8 Jul 2009 at 16:39

Hi Lads,
Anyone got NRPE set up in their organisation? I'm having a really annoying issue with it. I have installed it on the nagios server etc and its all running fine.
On a remote server running NSClient++, i have checked the ports etc and uncommented all the default NRPE options, and If i run the command:

root@efusentop:/usr/local/nagios/libexec# ./check_nrpe -H hostip -p 5666 -c nrpe_cpu

I do actually get an output of:

OK CPU Load ok.|'5'=0%;80;90; '10'=0%;80;90; '15'=0%;80;90;

However, when i add the entry into my server in, for example, windows.cfg, like so:

define service{
use generic-service
host_name Host Server
service_description NRPE CPU
check_command check_nrpe!-c nrpe_cpu
}

I get the output in my Nagios server at http://NagiosIP:

NRPE CPU UNKNOWN 07-08-2009 16:35:40 0d 0h 6m 50s 3/3 UNKNOWN: No handler for that command

Does anyone know what i need to do? It's driving me insane. :mad:

Stolly · 9 Jul 2009 at 18:00

Funnily enough i've just got nrpe working against a Solaris box for a POC i'm doing for a customer of mine.....

I'm confused though, is the host you are trying to monitor a Windows box, since you say its got Nsclient on it ? Or is it a *nix box ?

SMN · 9 Jul 2009 at 18:58

Its OK, turns out the guide i was using was misleading. You dont need the -c command, only the check_nrpe!check_cpu

I have started a guide at my blog www.vkernel.co.uk if anyone needs any help setting it up etc.

Stolly · 9 Jul 2009 at 19:33

SMN said:
Its OK, turns out the guide i was using was misleading. You dont need the -c command, only the check_nrpe!check_cpu

I have started a guide at my blog www.vkernel.co.uk if anyone needs any help setting it up etc.

Cool

So you are using check_nrpe to check a Windows box ? What is the advantage of that over using check_nt ?

Get the check_exchange plugin to monitor your Exchange queue depths etc seems pretty good.

SMN · 10 Jul 2009 at 12:19

Check_nrpe allows me to use a plugin called check_be which ties into BackupExec, checking the job status etc.

NRPE is quite powerful, i'm only just scratching the surface of its potential. I'm in the process of doing a write up on how to install it and how to tie it into plugins etc, but the basics of backupexec plugin was to install the check_be.exe program (download it more like) to C:/, then specify the command "check_be="C:/Check_be.exe" "C:/Program Files/Symantec/BackupExec/Data" -w1 -c3" in NSC.ini under NRPE.
Then in the object, you just run the command "check_nrpe!check_be". Its pretty cool stuff. How does the check_exchange work?

SMN · 14 Jul 2009 at 11:23

Anyone (bods in particular) got any experience of monitoring remote switches over the WAN?
I've got a switch at 192.168.1.2 with SNMP1/2/3 enabled, etc. I have forwarded UDP161 and 162 through the firewall to port forwarding externalip:161/162 to 192.168.1.2. I have configured the host file to look at:

define host{
use generic-switch ; Inherit default values from a template
host_name Switch ; The name we're giving to this switch
alias Switch ; A longer name associated with the switch
address ExternalIP ; IP address of the switch
}

define service{
use generic-service
host_name Switch
service_description Ports 1 Link Status
check_command check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB
}

But it is saying that no data is coming back from the host. Is there a way i can get this working, or to get a local Windows box using NRPE to poll data back to my setup, as my next step is to try and setup MRTG.

Sam