Pages

Showing posts with label Protected. Show all posts
Showing posts with label Protected. Show all posts

Tuesday, December 10, 2013

Nagios- Setting up

This guide explains how to set up a client server to be monitored by Nagios. We'll cover installing the necessary Nagios plugins and the NRPE (Nagios Remote Plugin Executor) agent, which allows the Nagios server to run checks on the client.


PREREQUISITES

Before you start, make sure you have:

  • A Linux-based client server.

  • Root access or sudo privileges.

  • Basic understanding of the Linux command line.


INSTALLING NAGIOS PLUGINS

Nagios plugins are scripts that perform checks on various aspects of your server, like disk space, CPU usage, or running services.

  1. Prepare the Environment:

    • Navigate to a temporary directory: cd /usr/local/src/

    • Create a directory for Nagios files: mkdir nagios

    • Move into the new directory: cd nagios

    • Create a nagios user: useradd nagios

  2. Download and Extract Plugins:

    • Download the plugins: wget http://pkgs.fedoraproject.org/repo/pkgs/nagios-plugins/nagios-plugins-1.4.16.tar.gz/862f5e44fb5bc65ce7e5d86d654d4da0/nagios-plugins-1.4.16.tar.gz

    • Extract the downloaded file: tar -xzf nagios-plugins-1.4.16.tar.gz

    • Change into the extracted directory: cd nagios-plugins-1.4.16

  3. Compile and Install Plugins:

    • Set a required environment variable: export LDFLAGS=-ldl

    • Configure the installation: ./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-redhat-pthread-workaround --enable-ssl

    • Compile the plugins: make

    • Install them: make install

    • Go back to the parent directory: cd ..


INSTALLING NRPE (NAGIOS REMOTE PLUGIN EXECUTOR)

NRPE allows your Nagios server to execute the plugins you just installed on this client.

  1. Download and Extract NRPE:

    • Download NRPE: wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.13/nrpe-2.13.tar.gz/download

    • Extract the file: tar -xzf nrpe-2.13.tar.gz

    • Change into the extracted directory: cd nrpe-2.13

  2. Compile and Install NRPE:

    • Configure NRPE: ./configure

    • Compile all components: make all

    • Install the NRPE plugin for the Nagios server (even though this is a client, it's good practice): make install-plugin

    • Install the NRPE daemon (the service that runs on the client): make install-daemon

    • Install the default NRPE configuration file: make install-daemon-config

    • Install NRPE to run under xinetd (a service that manages other services): make install-xinetd


CONFIGURE XINETD AND NRPE

NRPE often runs through xinetd, which listens for incoming connections and starts the NRPE daemon when needed.

  1. Install and Restart Xinetd:

    • Install xinetd if it's not already present: yum install xinetd (or apt-get install xinetd for Debian/Ubuntu)

    • Restart xinetd to apply changes: service xinetd restart

  2. Add NRPE Service to System Services:

    • Add the NRPE service and its default port (5666) to the /etc/services file: echo "nrpe 5666/tcp # NRPE" >> /etc/services


FIREWALL CONFIGURATION

You need to open port 5666 on the client's firewall so the Nagios server can communicate with NRPE.

  • For CSF (Config Server Firewall) Users:

    • Edit the CSF configuration file: /etc/csf/csf.conf

    • Find the TCP_IN section and add 5666 to the list of allowed incoming TCP ports.

    • Restart CSF: This usually involves csf -r or service csf restart.


NRPE CONFIGURATION AND SECURITY

You must specify which Nagios servers are allowed to connect to this NRPE agent.

  • Allow Nagios Server IP:

    • Edit the xinetd configuration for NRPE: /etc/xinetd.d/nrpe

    • Edit the main NRPE configuration file: /usr/local/nagios/etc/nrpe.cfg

    • In both files, locate the allowed_hosts directive and add the IP address of your Nagios monitoring server. For example: allowed_hosts = 127.0.0.1, <YOUR_NAGIOS_SERVER_IP>


SETTING A PASSWORD FOR THE NAGIOS USER (Optional but Recommended)

It's good practice to set a password for the nagios user created earlier.

  • Set password: passwd nagios


NAGIOS SERVER CONFIGURATION EXAMPLE (for MySQL Monitoring)

This section shows an example of how you would configure a service check on your Nagios server to monitor a MySQL database on this client. This is done on the Nagios server, not the client.

define service{
    use                     local-service       ; Name of service template to use
    host_name               sample.example.com  ; The hostname of your client server
    service_description     mySQL               ; A description of the service being monitored
    is_volatile             0
    check_period            24x7
    max_check_attempts      20
    normal_check_interval   5                   ; Check every 5 minutes
    retry_check_interval    1                   ; Retry every 1 minute on failure
    notification_options    w,u,c,r             ; Notify on warning, unknown, critical, recovery
    notification_interval   960                 ; Notify every 960 minutes (16 hours)
    notification_period     24x7
    check_command           check_mysql!nagios!password@666# ; The command to run, 
                    ;including username and password
}

Note: Replace sample.example.com with your client's hostname and adjust nagios and password@666# if your MySQL user or password differs.