Monitor netstat connection states using nagios.
asam30 at gmail.com
asam30 at gmail.com
Thu Apr 9 13:06:30 CEST 2009
These are the steps I did,
on nagios server under libexec, created check_netstat file and that contains
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3
netstat -anp | grep 80 > synport
err=`cat synport | grep TIME | wc -l |awk '{print $1}'`
if [ $err -gt 0 ]
then
echo "WARNING - STATUS= TIME_WAIT port status on $HOSTNAME | "WARNING -
STATUS=TIME_WAIT port status on $HOSTNAME
exit $STATE_CRITICAL
else
echo "OK - The port is up and running no TIME_WAIT established"
exit $STATE_OK
fi
The same file copied to the nagios client where I am trying to monitor this.
And on the nagios server i went to commands.cfg and added one commadn,
define command{
command_name check_netstat
command_line $USER1$/check_netstat -H $HOSTADDRESS$
}
then on the nagios server, i am executeing
/usr/local/nagios/libexec/check_netstat -H 172.16.17.18
this scripts runs locally and find the nagios servers apache port status not
the monitored servers apache port. how would configure so that it should go
to nagios client and get those port TIME_WAIT status.
thanks
On Thu, Apr 9, 2009 at 3:04 PM, <asam30 at gmail.com> wrote:
> Hi All,
>
> thank you for prompt response.
>
> I am trying this on one of the linux test server and I am monitoring port
> 80 (web server) to monitor port status TIME_WAIT. which means if netstat
> -anp | grep 80 returns any state as TIME, then get an alert on nagios.
>
>
> STATE_OK=0
> STATE_WARNING=1
> STATE_CRITICAL=2
> STATE_UNKNOWN=3
>
> netstat -anp | grep 80 > synport
> err=`cat synport | grep TIME | wc -l |awk '{print $1}'`
> if [ $err -gt 0 ]
> then
> echo "WARNING - STATUS= TIME_WAIT port status on $HOSTNAME | "WARNING -
> STATUS=TIME_WAIT port status on $HOSTNAME
> #exit ${STATE_WARNING}
> fi
>
>
> Can you tell me if this ok? Guide me where I am missing? This is my first
> script to integrate to nagios.
>
> Thanks
>
>
> On Thu, Apr 9, 2009 at 2:32 PM, Kevin Keane <subscription at kkeane.com>wrote:
>
>> asam30 at gmail.com wrote:
>> >
>> > Hi All,
>> >
>> > I am using check_tcp to check status of a particular port on the
>> > server. This is working good. I would also need to monitor LISTEN
>> > status (SYN_RECV) of that port. for ex,
>> >
>> > I have a ldap service running on port 3890, so the command
>> >
>> > netstat -anp | grep 3890
>> >
>> > tcp 0 0 0.0.0.0:3890 <http://0.0.0.0:3890/>
>> > 0.0.0.0:* LISTEN
>> > 16029/java
>> > tcp 0 0 10.121.30.121:3890
>> > <http://10.121.30.121:3890/> 10.121.6.1:8831
>> > <http://10.121.6.1:8831/> ESTABLISHED 16029/java
>> > tcp 0 0 10.121.30.121:3890
>> > <http://10.121.30.121:3890/> 10.121.6.1:61052
>> > <http://10.121.6.1:61052/> ESTABLISHED 16029/java
>> > tcp 228 0 10.121.30.121:3890
>> > <http://10.121.30.121:3890/> 10.121.6.1:49440
>> > <http://10.121.6.1:49440/> ESTABLISHED 16029/java
>> > tcp 0 0 10.121.30.121:3890
>> > <http://10.121.30.121:3890/> 10.121.6.1:11664
>> > <http://10.121.6.1:11664/> SYN_RECV 16029/java
>> >
>> > The establish connections are ok to allow, but we need to monitor
>> > SYN_RECV status. If there is any such(SYN_RECV) connection appears, we
>> > immediately get an alert from nagios. Is there any way to monitor such
>> > states with nagios or check_tcp?
>> >
>> > I have written some shell script to monitor such events, but also I
>> > would like to integrate that scripts into nagios? Is that possible?
>> >
>> > Please help me or provide some suggestions
>> You can integrate almost any shell script you want into Nagios. All you
>> need to do is implement the Nagios plugin specification, which is fairly
>> trivial to do for most scripts. Return 0, 1 or 2 (OK, warn or critical)
>> to as exit code, and return the actual result data via stdout in a
>> single line. The details are in the Nagios documentation.
>>
>> --
>> Kevin Keane
>> Owner
>> The NetTech
>> Find the Uncommon: Expert Solutions for a Network You Never Have to Think
>> About
>>
>> Office: 866-642-7116
>> http://www.4nettech.com
>>
>> This e-mail and attachments, if any, may contain confidential and/or
>> proprietary information. Please be advised that the unauthorized use or
>> disclosure of the information is strictly prohibited. The information herein
>> is intended only for use by the intended recipient(s) named above. If you
>> have received this transmission in error, please notify the sender
>> immediately and permanently delete the e-mail and any copies, printouts or
>> attachments thereof.
>>
>>
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by:
>> High Quality Requirements in a Collaborative Environment.
>> Download a free trial of Rational Requirements Composer Now!
>> http://p.sf.net/sfu/www-ibm-com
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and OS when
>> reporting any issue.
>> ::: Messages without supporting info will risk being sent to /dev/null
>>
>
>
>
> --
> Shankar Asam
>
--
Shankar Asam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20090409/69a28bd1/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list