Fwd: Monitor netstat connection states using nagios.
asam30 at gmail.com
asam30 at gmail.com
Mon Apr 13 07:01:02 CEST 2009
Hi All,
I've tried all suggestions and there are not worked. Please find the
files/permissions, provide any help would be appreciated
SCRIPT
*************************************************************************
#!/bin/sh
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3
netstat -an | grep 80 > synport12
err=`cat synport12 | grep -i TIME_WAIT | wc -l |awk '{print $1}'`
if [ $err -gt 0 ]
then
echo "WARNING - STATUS= TIME_WAIT port status on $HOSTNAME | "WARNING -
STATUS=TIME_WAIT port status on $HOSTNAME
exit $STATE_CRITICAL
else
echo "OK - The port is up and running NO established connections on
$HOSTNAME"
exit $STATE_OK
fi
*******************************************************************************
ON nagios server
*******************
[nagios at lnx-nagios libexec]$ pwd
/usr/local/nagios/libexec
drwxrwxr-x 2 nagios nagios 4.0K Apr 9 18:37 .
drwxrwxr-x 8 nagios nagios 4.0K Dec 26 12:43 ..
-rwxr-xr-x 1 nagios nagios 53K Aug 7 2008 check_apt
-rwxr-xr-x 1 nagios nagios 2.3K Aug 7 2008 check_breeze
-rwxr-xr-x 1 nagios nagios 63K Aug 7 2008 check_by_ssh
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_clamd -> check_tcp
-rwxr-xr-x 1 nagios nagios 38K Aug 7 2008 check_cluster
-r-sr-xr-x 1 root nagios 65K Aug 7 2008 check_dhcp
-rwxr-xr-x 1 nagios nagios 59K Aug 7 2008 check_dig
-rwxr-xr-x 1 nagios nagios 89K Aug 7 2008 check_disk
-rwxr-xr-x 1 nagios nagios 8.0K Aug 7 2008 check_disk_smb
-rwxr-xr-x 1 nagios nagios 64K Aug 7 2008 check_dns
-rwxr-xr-x 1 nagios nagios 34K Aug 7 2008 check_dummy
-rwxr-xr-x 1 nagios nagios 3.1K Aug 7 2008 check_file_age
-rwxr-xr-x 1 nagios nagios 6.3K Aug 7 2008 check_flexlm
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_ftp -> check_tcp
-rwxr-xr-x 1 nagios nagios 141K Aug 7 2008 check_http
-r-sr-xr-x 1 root nagios 71K Aug 7 2008 check_icmp
-rwxr-xr-x 1 nagios nagios 43K Aug 7 2008 check_ide_smart
-rwxr-xr-x 1 nagios nagios 15K Aug 7 2008 check_ifoperstatus
-rwxr-xr-x 1 nagios nagios 13K Aug 7 2008 check_ifstatus
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_imap -> check_tcp
-rwxr-xr-x 1 nagios nagios 7.3K Aug 7 2008 check_ircd
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_jabber -> check_tcp
-rwxr-xr-x 1 nagios nagios 53K Aug 7 2008 check_ldap
lrwxrwxrwx 1 root root 10 Aug 7 2008 check_ldaps -> check_ldap
-rwxr-xr-x 1 nagios nagios 49K Aug 7 2008 check_load
-rwxr-xr-x 1 nagios nagios 6.0K Aug 7 2008 check_log
-rwxr-xr-x 1 nagios nagios 20K Aug 7 2008 check_mailq
-rwxr-xr-x 1 nagios nagios 44K Aug 7 2008 check_mrtg
-rwxr-xr-x 1 nagios nagios 43K Aug 7 2008 check_mrtgtraf
-rwxr-xr-x 1 nagios nagios 63K Aug 7 2008 check_mysql
-rwxr-xr-x 1 nagios nagios 59K Aug 7 2008 check_mysql_query
-rwxr-xr-x 1 nagios nagios 50K Aug 7 2008 check_nagios
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_nntp -> check_tcp
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_nntps -> check_tcp
-rwxr-xr-x 1 nagios nagios 53K Aug 8 2008 check_nrpe
-rwxr-xr-x 1 nagios nagios 64K Aug 7 2008 check_nt
-rwxr-xr-x 1 nagios nagios 67K Aug 7 2008 check_ntp
-rwxr-xr-x 1 nagios nagios 61K Aug 7 2008 check_ntp_peer
-rwxr-xr-x 1 nagios nagios 60K Aug 7 2008 check_ntp_time
-rwxr-xr-x 1 nagios nagios 84K Aug 7 2008 check_nwstat
-rwxr-xr-x 1 nagios nagios 8.3K Dec 17 14:22 check_oracle
-rwxr-xr-x 1 nagios nagios 54K Aug 7 2008 check_overcr
-rwxr-xr-x 1 nagios nagios 68K Aug 7 2008 check_ping
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_pop -> check_tcp
-rwxr-xr-x 1 nagios nagios 67K Aug 7 2008 check_procs
-rwxr-xr-x 1 nagios nagios 52K Aug 7 2008 check_real
-rwxr-xr-x 1 nagios nagios 9.5K Aug 7 2008 check_rpc
-rwxr-xr-x 1 nagios nagios 1.2K Aug 7 2008 check_sensors
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_simap -> check_tcp
-rwxr-xr-x 1 nagios nagios 99K Aug 7 2008 check_smtp
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_spop -> check_tcp
-rwxr-xr-x 1 nagios nagios 49K Aug 7 2008 check_ssh
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_ssmtp -> check_tcp
-rwxr-xr-x 1 nagios nagios 52K Aug 7 2008 check_swap
-rwxr-xr-x 1 nagios nagios 88K Aug 7 2008 check_tcp
-rwxr-xr-x 1 nagios nagios 52K Aug 7 2008 check_time
lrwxrwxrwx 1 root root 9 Aug 7 2008 check_udp -> check_tcp
-rwxr-xr-x 1 nagios nagios 59K Aug 7 2008 check_ups
-rwxr-xr-x 1 nagios nagios 48K Aug 7 2008 check_users
-rwxr-xr-x 1 nagios nagios 3.0K Aug 7 2008 check_wave
-rwxr-xr-x 1 nagios nagios 49K Aug 7 2008 negate
-rwxr-xr-x 1 nagios nagios 86K Aug 8 2008 nrpe
-rwxr-xr-x 1 nagios nagios 7.1K Aug 8 2008 nrpe.cfg
-rwxr-xr-x 1 nagios nagios 47K Aug 7 2008 urlize
-rwxr-xr-x 1 nagios nagios 2.1K Aug 7 2008 utils.pm
-rwxr-xr-x 1 nagios nagios 862 Aug 7 2008 utils.sh
On Nagios client
********************
[nagios at airlin libexec]$ pwd
/usr/local/nagios/libexec
total 2828
-rwxr-xr-x 1 root root 169277 Jul 28 2008 check_apt
-rwxr-xr-x 1 root root 2265 Jul 28 2008 check_breeze
-rwxr-xr-x 1 root root 57891 Jul 28 2008 check_by_ssh
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_clamd ->
check_tcp
-rwxr-xr-x 1 root root 34870 Jul 28 2008 check_cluster
-r-sr-xr-x 1 root root 59896 Jul 28 2008 check_dhcp
-rwxr-xr-x 1 root root 53316 Jul 28 2008 check_dig
-rwxr-xr-x 1 root root 202136 Jul 28 2008 check_disk
-rwxr-xr-x 1 root root 8163 Jul 28 2008 check_disk_smb
-rwxr-xr-x 1 root root 58043 Jul 28 2008 check_dns
-rwxr-xr-x 1 root root 30895 Jul 28 2008 check_dummy
-rwxr-xr-x 1 root root 3143 Jul 28 2008 check_file_age
-rwxr-xr-x 1 root root 6395 Jul 28 2008 check_flexlm
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_ftp ->
check_tcp
-rwxr-xr-x 1 root root 257943 Jul 28 2008 check_http
-r-sr-xr-x 1 root root 64965 Jul 28 2008 check_icmp
-rwxr-xr-x 1 root root 39055 Jul 28 2008 check_ide_smart
-rwxr-xr-x 1 root root 15310 Jul 28 2008 check_ifoperstatus
-rwxr-xr-x 1 root root 12853 Jul 28 2008 check_ifstatus
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_imap ->
check_tcp
-rwxr-xr-x 1 root root 7429 Jul 28 2008 check_ircd
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_jabber ->
check_tcp
-rwxr-xr-x 1 root root 48777 Jul 28 2008 check_ldap
lrwxrwxrwx 1 root root 10 Jul 28 2008 check_ldaps ->
check_ldap
-rwxr-xr-x 1 root root 43795 Jul 28 2008 check_load
-rwxr-xr-x 1 root root 6062 Jul 28 2008 check_log
-rwxr-xr-x 1 root root 20367 Jul 28 2008 check_mailq
-rwxr-xr-x 1 root root 40486 Jul 28 2008 check_mrtg
-rwxr-xr-x 1 root root 39055 Jul 28 2008 check_mrtgtraf
-rwxr-xr-x 1 root root 45592 Jul 28 2008 check_nagios
-rwxr-xr-x 1 nagios nagios 444 Apr 10 12:37 check_netstat
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_nntp ->
check_tcp
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_nntps ->
check_tcp
-rwxr-xr-x 1 nagios nagios 55872 Jul 28 2008 check_nrpe
-rwxr-xr-x 1 root root 57239 Jul 28 2008 check_nt
-rwxr-xr-x 1 root root 60513 Jul 28 2008 check_ntp
-rwxr-xr-x 1 root root 55544 Jul 28 2008 check_ntp_peer
-rwxr-xr-x 1 root root 53548 Jul 28 2008 check_ntp_time
-rwxr-xr-x 1 root root 75669 Jul 28 2008 check_nwstat
-rwxr-xr-x 1 root root 8366 Jul 28 2008 check_oracle
-rwxr-xr-x 1 root root 49971 Jul 28 2008 check_overcr
-rwxr-xr-x 1 root root 47093 Jul 28 2008 check_pgsql
-rwxr-xr-x 1 root root 62651 Jul 28 2008 check_ping
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_pop ->
check_tcp
-rwxr-xr-x 1 root root 61001 Jul 28 2008 check_procs
-rwxr-xr-x 1 root root 47725 Jul 28 2008 check_real
-rwxr-xr-x 1 root root 9707 Jul 28 2008 check_rpc
-rwxr-xr-x 1 root root 1176 Jul 28 2008 check_sensors
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_simap ->
check_tcp
-rwxr-xr-x 1 root root 215773 Jul 28 2008 check_smtp
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_spop ->
check_tcp
-rwxr-xr-x 1 root root 44229 Jul 28 2008 check_ssh
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_ssmtp ->
check_tcp
-rwxr-xr-x 1 root root 47371 Jul 28 2008 check_swap
-rwxr-xr-x 1 root root 82929 Jul 28 2008 check_tcp
-rwxr-xr-x 1 root root 47012 Jul 28 2008 check_time
lrwxrwxrwx 1 root root 9 Jul 28 2008 check_udp ->
check_tcp
-rwxr-xr-x 1 root root 54897 Jul 28 2008 check_ups
-rwxr-xr-x 1 root root 42488 Jul 28 2008 check_users
-rwxr-xr-x 1 root root 3019 Jul 28 2008 check_wave
-rwxr-xr-x 1 root root 44410 Jul 28 2008 negate
-rwxr-xr-x 1 nagios nagios 83120 Jul 28 2008 nrpe
-rwxrwxrwx 1 nagios nagios 8336 Apr 9 14:34 nrpe.cfg
-rw-r--r-- 1 root root 484 Apr 9 17:50 synport
-rw-r--r-- 1 nagios nagios 162 Apr 10 13:59 synport12
-rwxr-xr-x 1 root root 41991 Jul 28 2008 urlize
-rwxr-xr-x 1 root root 2070 Jul 28 2008 utils.pm
-rwxr-xr-x 1 root root 862 Jul 28 2008 utils.sh
On nagios server
*******************
[nagios at lnx-nagios xinetd.d]$ pwd
/etc/xinetd.d
[nagios at lnx-nagios xinetd.d]$ cat nrpe
# default: on
# description: NRPE
service nrpe
{
flags = REUSE
socket_type = stream
wait = no
user = nagios
groups = yes
server = /usr/local/nagios/libexec/nrpe
server_args = -c /usr/local/nagios/libexec/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
# Change this to your primary Nagios server
only_from = 10.10.13.34
}
Thanks for your patience
-Shankar
On Fri, Apr 10, 2009 at 1:28 PM, Giorgio Zarrelli <giorgio at zarrelli.org>wrote:
> Hi,
>
> It won't work this way. If you define
>
> nagios ALL=/bin/netstat
>
> The script will hang, waiting for you to input a password for the user.
> Modify
> it to this string:
>
> nagios ALL=NOPASSWD:/bin/netstat
>
> Please, send me a copy of your script an ls -lah of your plugin libexec
> directory content and a
>
> cat /etc/xinetd.d/nrpe
>
> Giorgio
>
>
> asam30 at gmail.com scritto:
> >
> > Hi Giorgio,
> >
> > I tried all the ways to fix the problem but still no luck. Do not know
> how
> > to run the custom scripts, i will explain in detail here, please someone
> > guide me here,
> >
> > Nagios server:
> >
> > Running the below command, this command will go to nagios client
> > (172.16.17.18) and execute check_netstat script. The netstat script will
> > check for port 80 listen status also if there are any TIME_WAIT
> connections
> > happens, then it should alert us (WARNING - STATUS= TIME_WAIT port status
> on
> > airlin | WARNING - STATUS=TIME_WAIT port status on airlin). For testing
> I
> > made some connections happend to be listen on port 80 and as TIME_WAIT
> > status. But it still reports as (OK, which means this is reporting
> > incorrectly)
> >
> > [nagios at lnx-nagios ~]$ /usr/local/nagios/libexec/check_nrpe -H
> 172.16.17.18
> > -c check_netstat
> > OK - The port is up and running NO established connections on airlin
> >
> >
> > on Nagios client:,
> >
> > I executed below command here, and this reports exactly correct as there
> are
> > some TIME_WAIT listening on port 80
> >
> > [nagios at airlin nagios]$ netstat -an | grep 80
> > tcp 0 0 0.0.0.0:80 0.0.0.0:*
> LISTEN
> > tcp 0 0 172.16.17.18:80 10.10.19.85:2293
> > TIME_WAIT
> >
> > [nagios at airlin nagios]$ /usr/local/nagios/libexec/check_netstat
> > WARNING - STATUS= TIME_WAIT port status on airlin | WARNING -
> > STATUS=TIME_WAIT port status on airlin.
> >
> > The same warning message should appear when I execute first command on
> > nagios server but it reports incorrectly as (OK, no port status)....
> >
> > I am running above commands as nagios user because this as preivileges to
> > run nrpe.
> >
> > the check_nrpe , nrpe , check_netstat owned by nagios:nagios on both the
> > servers.
> >
> > in /etc/sudoers file I wrote below line on both the servers
> >
> > nagios ALL=/bin/netstat
> >
> > and
> >
> > [root at airlin libexec]# sudo -u nagios sudo -l
> > Password:
> > User nagios may run the following commands on this host:
> > (root) /bin/netstat
> >
> > in the check_netstat script I wrote the netstat command as,
> >
> > netstat -an | grep 80 > synport12
> >
> > should I add sudo here???
> >
> > Please help your valuable suggestions......
> > thanks
> >
> >
> >
> >
> >
> >
> >
> >
> > On Thu, Apr 9, 2009 at 8:52 PM, Giorgio Zarrelli <giorgio at zarrelli.org
> >wrote:
> >
> > > Hi
> > >
> > > As I told before, that netstat command won't work "out of the box",
> with an
> > > unprivileged user.
> > >
> > > Giorgio
> > >
> > > Marc Powell (marc at ena.com) scritto:
> > > >
> > > >
> > > > On Apr 9, 2009, at 8:26 AM, asam30 at gmail.com wrote:
> > > >
> > > > > Hi,
> > > > >
> > > > > I did copy the scipt to the remote host as check_netstat and used
> > > > > check_nrpe method to excute from nagios server. It looks when
> > > > > executing the command on remote server works well,
> > > > >
> > > > > [root at airlin libexec]# /usr/local/nagios/libexec/check_netstat
> > > > > WARNING - STATUS= TIME_WAIT port status on airlin | WARNING -
> > > > > STATUS=TIME_WAIT port status on airlin
> > > >
> > > > You're testing as root here. Test as the user nrpe runs as. It could
> > > > very well be a difference in privileges...
> > > >
> > > > --
> > > > Marc
> > > >
> > > >
> > > >
> > >
> ------------------------------------------------------------------------------
> > > > This SF.net email is sponsored by:
> > > > High Quality Requirements in a Collaborative Environment.
> > > > Download a free trial of Rational Requirements Composer Now!
> > > > http://p.sf.net/sfu/www-ibm-com
> > > > _______________________________________________
> > > > Nagios-users mailing list
> > > > Nagios-users at lists.sourceforge.net
> > > > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > > > ::: Please include Nagios version, plugin version (-v) and OS when
> > > reporting any issue.
> > > > ::: Messages without supporting info will risk being sent to
> /dev/null
> > > >
> > >
> > >
> > >
> > >
> ------------------------------------------------------------------------------
> > > This SF.net email is sponsored by:
> > > High Quality Requirements in a Collaborative Environment.
> > > Download a free trial of Rational Requirements Composer Now!
> > > http://p.sf.net/sfu/www-ibm-com
> > > _______________________________________________
> > > Nagios-users mailing list
> > > Nagios-users at lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > > ::: Please include Nagios version, plugin version (-v) and OS when
> > > reporting any issue.
> > > ::: Messages without supporting info will risk being sent to /dev/null
> > >
> >
> >
> >
> > --
> > Shankar Asam
> >
>
>
--
Shankar Asam
--
Shankar Asam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20090413/2bc44a41/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list