"Agentless" monitoring with Nagios?

John P. Rouillard rouilj at cs.umb.edu
Tue May 16 22:13:36 CEST 2006

Previous message: "Agentless" monitoring with Nagios?
Next message: "Agentless" monitoring with Nagios?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <C08F7254.27ECE%estair at ilm.com>,
Eli Stair writes:
>Even executing a remote command over SSH with the crypto overhead is faster
>in most situations (for me), and actually consumes less cycles on BOTH
>ends... This FSH project looks promising, though hasn't been updated since
>2001... A scary prospect for anything that is crypto/authentication based :)

Actually fsh is just a wrapper over ssh/rsh so it doesn't have any
security implications on it's own. It shares the security of the
underlying transport.

>I don't see any reason we couldn't whip up an active check script that runs
>a number of commands sequentially over the SSH session that's set up at the
>beginning, applies the results as separate passive service checks.  That's
>the only way I can think of to handle it, since each service check will
>otherwise be initiating a separate connection, at whatever rate is
>determined by its schedule in the queue.

check_by_ssh can run multiple commands in one shot and report each
output line to the proper service. See the -s flag and it's use with
multiple -C commands.

>Then again, check_by_fsh sounds nice too!  Have to look at SSH4
>features now that you mentioned it Steve.

One problem is that you have to keep a master ssh connection
permanently open and mangage the connection if you aren't using
fsh. For a lot of hosts (1000+), this could put a resource strain on
the server as ports are taken up and 1000 ssh permanent ssh process
are created.

One thing that would also be nice for check_by_ssh would be the
ability to use an ssh_agent for the keys. Sadly the current
check_by_ssh sanitizes the environment a bit too well and removed the
environment variables used to allow ssh to communicate with it's
agent.

				-- rouilj
John Rouillard
===========================================================================
My employers don't acknowledge my existence much less my opinions.

-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: "Agentless" monitoring with Nagios?
Next message: "Agentless" monitoring with Nagios?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list