From sirtcp at gmail.com Wed May 1 15:58:14 2013 From: sirtcp at gmail.com (Muhammad Yousuf Khan) Date: Wed, 1 May 2013 18:58:14 +0500 Subject: newbie to nagios Message-ID: I am a newbie however after some successful R&D i manage to add few hosts in nagios. now i want Graph view of my Disk I/O and Network throughput. please anyone guide me a how to for my request on Debian squeeze. Thank you. Yousuf -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From joe.price at vaisala.com Thu May 2 13:15:54 2013 From: joe.price at vaisala.com (joe.price at vaisala.com) Date: Thu, 2 May 2013 11:15:54 +0000 Subject: "Nagios Not Running" 0 in availability report? Message-ID: <045EAF0C81049149B8F20386DB595AEB03DE24B7@HELX3.corp.vaisala.com> Back in February our nagios host was shut down for almost 40 minutes. >From my alert log: [02-06-2013 13:39:54] Nagios 3.4.4 starting... (PID=3687) [02-06-2013 13:01:17] Caught SIGTERM, shutting down... However looking at availability reports for this time period (e.g. 1st Feb -> 28th Feb) the row "Nagios Not Running" is set to "0d 0h 0m 0s 0.000%". In fact the entire "Undetermined" block is set to 0%. Is this a bug? Am I doing something wrong? P.s. Although it was 3.4.4 back in Feb, we are now running 3.5.0 ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From dey.ranjib at gmail.com Thu May 2 19:43:28 2013 From: dey.ranjib at gmail.com (Ranjib Dey) Date: Thu, 2 May 2013 10:43:28 -0700 Subject: newbie to nagios In-Reply-To: References: Message-ID: try pnp4 nagios. it will graph any nagios plugin that spits out perf data. Choose the plug On Wed, May 1, 2013 at 6:58 AM, Muhammad Yousuf Khan wrote: > I am a newbie however after some successful R&D i manage to add few hosts > in nagios. now i want Graph view of my Disk I/O and Network throughput. > > please anyone guide me a how to for my request on Debian squeeze. > > Thank you. > Yousuf > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Fri May 3 00:08:18 2013 From: ae at op5.se (Andreas Ericsson) Date: Fri, 03 May 2013 00:08:18 +0200 Subject: "Nagios Not Running" 0 in availability report? In-Reply-To: <045EAF0C81049149B8F20386DB595AEB03DE24B7@HELX3.corp.vaisala.com> References: <045EAF0C81049149B8F20386DB595AEB03DE24B7@HELX3.corp.vaisala.com> Message-ID: <5182E3D2.80408@op5.se> On 2013-05-02 13:15, joe.price at vaisala.com wrote: > Back in February our nagios host was shut down for almost 40 minutes. > >>From my alert log: > > [02-06-2013 13:39:54] Nagios 3.4.4 starting... (PID=3687) > [02-06-2013 13:01:17] Caught SIGTERM, shutting down... > > However looking at availability reports for this time period (e.g. 1st > Feb -> 28th Feb) the row "Nagios Not Running" is set to "0d 0h 0m 0s > 0.000%". > > In fact the entire "Undetermined" block is set to 0%. > > Is this a bug? Am I doing something wrong? > Are you using the "guess states during program downtime" thingie? If so, 0% undetermined makes perfect sense. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From james.osbourn at citrix.com Fri May 3 11:38:21 2013 From: james.osbourn at citrix.com (James Osbourn) Date: Fri, 3 May 2013 09:38:21 +0000 Subject: newbie to nagios In-Reply-To: References: Message-ID: <6F79E23ED1278E41A41A952F9A63394F09BDF3@LONPEX01CL02.citrite.net> Nagios Graph is also quite good and easy to setup and will graph any perf data from plugins. James From: Ranjib Dey [mailto:dey.ranjib at gmail.com] Sent: 02 May 2013 18:43 To: Nagios Users List Subject: Re: [Nagios-users] newbie to nagios try pnp4 nagios. it will graph any nagios plugin that spits out perf data. Choose the plug On Wed, May 1, 2013 at 6:58 AM, Muhammad Yousuf Khan > wrote: I am a newbie however after some successful R&D i manage to add few hosts in nagios. now i want Graph view of my Disk I/O and Network throughput. please anyone guide me a how to for my request on Debian squeeze. Thank you. Yousuf ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From bruno.martins at gruporumos.com Fri May 3 22:52:04 2013 From: bruno.martins at gruporumos.com (Bruno Martins | Grupo Rumos) Date: Fri, 3 May 2013 20:52:04 +0000 Subject: newbie to nagios In-Reply-To: <6F79E23ED1278E41A41A952F9A63394F09BDF3@LONPEX01CL02.citrite.net> References: , <6F79E23ED1278E41A41A952F9A63394F09BDF3@LONPEX01CL02.citrite.net> Message-ID: <044E5B27D6C7E844B90EC93525278C3471BB71CF@grexc01.rumos.com.pt> I would recommend using Cacti. ________________________________ From: James Osbourn [james.osbourn at citrix.com] Sent: Friday, May 03, 2013 10:38 AM To: Nagios Users List Subject: Re: [Nagios-users] newbie to nagios Nagios Graph is also quite good and easy to setup and will graph any perf data from plugins. James From: Ranjib Dey [mailto:dey.ranjib at gmail.com] Sent: 02 May 2013 18:43 To: Nagios Users List Subject: Re: [Nagios-users] newbie to nagios try pnp4 nagios. it will graph any nagios plugin that spits out perf data. Choose the plug On Wed, May 1, 2013 at 6:58 AM, Muhammad Yousuf Khan > wrote: I am a newbie however after some successful R&D i manage to add few hosts in nagios. now i want Graph view of my Disk I/O and Network throughput. please anyone guide me a how to for my request on Debian squeeze. Thank you. Yousuf ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ysuol1 at gmail.com Sun May 5 12:33:36 2013 From: ysuol1 at gmail.com (Anti-spam) Date: Sun, 5 May 2013 12:33:36 +0200 Subject: check_ide_smart Message-ID: Hi List! I am using check_ide_smart plugin and it returns (null) in Nagios as 'Status Information', it shows as yellow (warning). The command is defined as: define command{ command_name check_ide_smart command_line sudo $USER1$/check_ide_smart -n $ARG1$ } and called in localhost as check_command check_ide_smart!/dev/sda Nagios has sudoers permission. Selinux is set to permissive. When I do a forced check the syslog or nagios log only contains the fact I initiated the check with the given name. Centos 6.x with Nagios 3.2.3 from Epel, I updated Nagios to 3.4.4 with no change. The rest of my plugins work. What am I missing? -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From dkokmadis at gmail.com Sun May 5 17:23:02 2013 From: dkokmadis at gmail.com (=?ISO-8859-7?B?yu/q7Nzk5/IgxOfs3vTx6e/y?=) Date: Sun, 5 May 2013 18:23:02 +0300 Subject: check_http with spaces problem Message-ID: Hi, I am trying to check multiple http sites, so i configure a bash script which create the service definition but i faced a problem when the expected string has spaces. So the command definition is like: $USER1$/check_http -H $ARG1$ -s $ARG2$ -w 10 -c 20 if i pass an $ARG2$ without spaces it's work fine, but if it has spaces nagios can't make check. Could you give me a help? Thanks, Jim -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From sunil at sunil.cc Sun May 5 18:36:39 2013 From: sunil at sunil.cc (Sunil Sankar) Date: Sun, 5 May 2013 22:06:39 +0530 Subject: check_http with spaces problem In-Reply-To: References: Message-ID: Please put it within quotes , that should help On Sun, May 5, 2013 at 8:53 PM, ???????? ????????? wrote: > Hi, > > I am trying to check multiple http sites, so i configure a bash script > which create the service definition but i faced a problem when the expected > string has spaces. > > So the command definition is like: > > $USER1$/check_http -H $ARG1$ -s $ARG2$ -w 10 -c 20 > > if i pass an $ARG2$ without spaces it's work fine, but if it has spaces > nagios can't make check. Could you give me a help? > > Thanks, > > Jim > > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -- Regards Sunil Sankar -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From palli at ok.is Sun May 5 18:28:40 2013 From: palli at ok.is (=?utf-8?Q?P=C3=A1ll_Gu=C3=B0j=C3=B3n_Sigur=C3=B0sson?=) Date: Sun, 05 May 2013 16:28:40 -0000 (GMT) Subject: check_http with spaces problem In-Reply-To: References: Message-ID: Put your ARG in quotes. So it looks like this: $USER1$/check_http -H '$ARG1$' -s '$ARG2$' -w 10 -c 20 Then it will handle spaces. Alternatively, you can use custom variables to a check command that is more complex, but in return your service definitions will become much more readable. Example: define service { host_name HOSTNAME service_description http://... check_command okc-check_http use generic-service __RESPONSE_WARNING 2 __RESPONSE_CRITICAL 10 __SEARCH_STRING __VIRTUAL_HOST HOSTNAME __PORT 80 __URI / } define command { command_line $USER1$/check_http -I $HOSTADDRESS$ -H "$_SERVICE_VIRTUAL_HOST$" -p "$_SERVICE_PORT$" -u "$_SERVICE_URI$" -s "$_SERVICE_SEARCH_STRING$" -w "$_SERVICE_RESPONSE_WARNING$" -c "$_SERVICE_RESPONSE_CRITICAL$" command_name okc-check_http } ----- Original Message ----- From: "???????? ?????????" To: nagios-users at lists.sourceforge.net Sent: Sunday, May 5, 2013 3:23:02 PM Subject: [Nagios-users] check_http with spaces problem Hi, I am trying to check multiple http sites, so i configure a bash script which create the service definition but i faced a problem when the expected string has spaces. So the command definition is like: $USER1$/check_http -H $ARG1$ -s $ARG2$ -w 10 -c 20 if i pass an $ARG2$ without spaces it's work fine, but if it has spaces nagios can't make check. Could you give me a help? Thanks, Jim ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From dkokmadis at gmail.com Sun May 5 21:47:52 2013 From: dkokmadis at gmail.com (=?ISO-8859-7?B?yu/q7Nzk5/IgxOfs3vTx6e/y?=) Date: Sun, 5 May 2013 22:47:52 +0300 Subject: check_http with spaces problem In-Reply-To: References: Message-ID: Thank you for the replies. I tried to use all these before asking! By the check_debug.sh Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 Name or service not known HTTP CRITICAL - Unable to open TCP socket If i check the same without space it works! Do you have any ideas? 2013/5/5 P?ll Gu?j?n Sigur?sson > Put your ARG in quotes. So it looks like this: > > $USER1$/check_http -H '$ARG1$' -s '$ARG2$' -w 10 -c 20 > > Then it will handle spaces. > > Alternatively, you can use custom variables to a check command that is > more complex, but in return your service definitions will become much more > readable. Example: > > > define service { > host_name HOSTNAME > service_description http://... > check_command okc-check_http > use generic-service > > __RESPONSE_WARNING 2 > __RESPONSE_CRITICAL 10 > __SEARCH_STRING > __VIRTUAL_HOST HOSTNAME > __PORT 80 > __URI / > > } > > > > define command { > command_line $USER1$/check_http -I $HOSTADDRESS$ -H > "$_SERVICE_VIRTUAL_HOST$" -p "$_SERVICE_PORT$" -u "$_SERVICE_URI$" -s > "$_SERVICE_SEARCH_STRING$" -w "$_SERVICE_RESPONSE_WARNING$" -c > "$_SERVICE_RESPONSE_CRITICAL$" > command_name okc-check_http > } > > > > > ----- Original Message ----- > From: "???????? ?????????" > To: nagios-users at lists.sourceforge.net > Sent: Sunday, May 5, 2013 3:23:02 PM > Subject: [Nagios-users] check_http with spaces problem > > > > > > > > > Hi, > > I am trying to check multiple http sites, so i configure a bash script > which create the service definition but i faced a problem when the expected > string has spaces. > > So the command definition is like: > > $USER1$/check_http -H $ARG1$ -s $ARG2$ -w 10 -c 20 > > if i pass an $ARG2$ without spaces it's work fine, but if it has spaces > nagios can't make check. Could you give me a help? > > Thanks, > > Jim > > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From daniel-listas at gmx.net Mon May 6 02:58:29 2013 From: daniel-listas at gmx.net (Daniel Bareiro) Date: Sun, 5 May 2013 21:58:29 -0300 Subject: Plugin check_md_raid Message-ID: <20130506005829.GA20044@defiant.freesoftware> Hi all! I'm trying the script check_md_raid [1] of Hari Sekhon (version 0.7.2). It works correctly with Debian GNU/Linux Squeeze, but seems to have a problem with the parsing in Debian GNU/Linux Wheezy (since yesterday is stable). I copy high verbose output: ----------------------------------------------------------------------- sirius:~# /usr/local/nagios/libexec/non-std/check_md_raid.pl -vvv finding all MD arrays via: /sbin/mdadm --detail --scan found array /dev/md0 found array /dev/md1 found array /dev/md2 found array /dev/md3 Now testing raid device "/dev/md0" /dev/md0: Version : 0.90 Creation Time : Sat May 24 16:54:22 2008 Raid Level : raid1 Array Size : 979840 (957.04 MiB 1003.36 MB) Used Dev Size : 979840 (957.04 MiB 1003.36 MB) Raid Devices : 2 Total Devices : 2 Preferred Minor : 0 Persistence : Superblock is persistent Update Time : Sat Feb 16 22:55:30 2013 State : clean Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 UUID : 7ca3a761:0b7f8242:966549c2:cf5e5f4f Events : 0.28032 Number Major Minor RaidDevice State 0 8 17 0 active sync /dev/sdb1 1 8 1 1 active sync /dev/sda1 Now testing raid device "/dev/md1" /dev/md1: Version : 0.90 Creation Time : Sat May 24 16:54:41 2008 Raid Level : raid1 Array Size : 96320 (94.08 MiB 98.63 MB) Used Dev Size : 96320 (94.08 MiB 98.63 MB) Raid Devices : 2 Total Devices : 2 Preferred Minor : 1 Persistence : Superblock is persistent Update Time : Sun May 5 21:46:33 2013 State : clean Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 UUID : e6b6e28f:f1d35cb5:9000b848:259f4f40 Events : 0.306356 Number Major Minor RaidDevice State 0 8 18 0 active sync /dev/sdb2 1 8 2 1 active sync /dev/sda2 Now testing raid device "/dev/md2" /dev/md2: Version : 0.90 Creation Time : Sat May 24 16:54:52 2008 Raid Level : raid1 Array Size : 1951808 (1906.38 MiB 1998.65 MB) Used Dev Size : 1951808 (1906.38 MiB 1998.65 MB) Raid Devices : 2 Total Devices : 2 Preferred Minor : 2 Persistence : Superblock is persistent Update Time : Sun May 5 21:46:33 2013 State : clean Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 UUID : f1545e54:3ecbd06e:8a13b91c:feb5b20b Events : 0.2484914 Number Major Minor RaidDevice State 0 8 19 0 active sync /dev/sdb3 1 8 3 1 active sync /dev/sda3 Now testing raid device "/dev/md3" /dev/md3: Version : 0.90 Creation Time : Sat May 24 16:55:14 2008 Raid Level : raid1 Array Size : 484355780 (461.92 GiB 495.98 GB) Used Dev Size : 484355780 (461.92 GiB 495.98 GB) Raid Devices : 2 Total Devices : 2 Preferred Minor : 3 Persistence : Superblock is persistent Update Time : Sun May 5 21:46:33 2013 State : clean Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 UUID : a18a76b5:cfe1950e:3e109807:c4b19353 Events : 0.3107222 Number Major Minor RaidDevice State 0 8 20 0 active sync /dev/sdb4 1 8 4 1 active sync /dev/sda4 RAID CRITICAL: 4 arrays not ok - Array MD0 is in state "clean " (raid1), Array MD1 is in state "clean " (raid1), Array MD2 is in state "clean " (raid1), Array MD3 is in state "clean " (raid1) [4 arrays checked] ----------------------------------------------------------------------- As you can see from the output, the four arrays are clean, but the script displays a "CRITICAL" state. Hari, if you're out there, do you know what could be the problem? Thanks in advance for your reply. Regards, Daniel [1] http://exchange.nagios.org/directory/Plugins/Operating-Systems/Linux/Linux-Software-Raid-Plugin-for-32-2Dbit-and-64-2Dbit-systems/details -- Daniel Bareiro Fingerprint: BFB3 08D6 B4D1 31B2 72B9 29CE 6696 BF1B 14E6 1D37 Powered by Debian GNU/Linux Squeeze - Linux user #188.598 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mysqlstudent at gmail.com Mon May 6 05:29:16 2013 From: mysqlstudent at gmail.com (Alex) Date: Sun, 5 May 2013 23:29:16 -0400 Subject: Escalation issues Message-ID: Hi all, I have a working nagios system on fc17, but I don't think I have the escalations configured properly. I have the following service templates defined: At what point are the services converted to being escalated services in my sample below? define service { name standard-service-24x7 active_checks_enabled 1 passive_checks_enabled 1 parallelize_check 1 obsess_over_service 1 check_freshness 0 notifications_enabled 1 event_handler_enabled 1 flap_detection_enabled 1 process_perf_data 1 retain_status_information 1 retain_nonstatus_information 1 max_check_attempts 5 # number of min between checks normal_check_interval 4 retry_check_interval 1 is_volatile 0 check_period 24x7 contact_groups admins # re-notify every ten minutes notification_interval 10 notification_period 24x7 notification_options w,u,c,r register 0 } define serviceescalation { name critical-services first_notification 3 last_notification 10 #contact_groups linux-admins,noc-admins,techs-phones contact_groups admins-escal notification_interval 10 register 0 } I also have a number of services configured such as this: define service { use standard-service-24x7 host_name mailhost service_description MAILQ-pre check_command check-host-alive } define serviceescalation { use critical-services host_name mailhost service_description MAILQ-pre } I have also interval_length=60 in nagios.cfg. I don't understand why admins-escal isn't consulted after three consecutive attempts at communicating with the service. What am I doing wrong? Thanks, Alex ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jonas at freesources.org Mon May 6 10:42:14 2013 From: jonas at freesources.org (Jonas Meurer) Date: Mon, 06 May 2013 10:42:14 +0200 Subject: servicegroup overview not restricted for htaccess users Message-ID: <9bc101fecc5e9d35ebb09ecbbd7b676d@imap.freesources.org> Hello, I fear that I discovered a security issue in Nagios 3.4.4 status.cgi: All htaccess users, even if not listed in any authorized_for_* config option, have full access to service group overview, summary and grid: /nagios/cgi-bin/status.cgi?servicegroup=all&style=overview /nagios/cgi-bin/status.cgi?servicegroup=all&style=summary /nagios/cgi-bin/status.cgi?servicegroup=all&style=grid I hope that this is not intended. Is this issue known? Kind regards, jonas ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From roger at firedrake.org Mon May 6 12:55:34 2013 From: roger at firedrake.org (Roger Bell_West) Date: Mon, 6 May 2013 11:55:34 +0100 Subject: Plugin check_md_raid In-Reply-To: <20130506005829.GA20044@defiant.freesoftware> References: <20130506005829.GA20044@defiant.freesoftware> Message-ID: <20130506105534.GA18636@firedrake.org> On Sun, May 05, 2013 at 09:58:29PM -0300, Daniel Bareiro wrote: >Hari, if you're out there, do you know what could be the problem? Looks to me as though "clean " is not the same as "clean". These days I use check_linux_raid out of the standard plugins package. (Haven't upgraded to wheezy yet.) ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Edwin.Zoeller at ama-assn.org Mon May 6 16:34:34 2013 From: Edwin.Zoeller at ama-assn.org (Edwin Zoeller) Date: Mon, 6 May 2013 14:34:34 +0000 Subject: check_log Message-ID: I am using the check_log plugin and I am having a strange issue. When the monitor scan my log and encounters an issue, it reports it, when it scans it again and does not find the issue it still reports as an error. The only way I can clear this is by running the check command manually on the host so it displays "OK" then click on issue and immediate check. Then it returns the "OK". Any insight? Ed -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jeremy.page at gilbarco.com Mon May 6 18:30:44 2013 From: jeremy.page at gilbarco.com (Jeremy Page) Date: Mon, 6 May 2013 12:30:44 -0400 Subject: Adding $SERVICENOTESURL$ to notification emails Message-ID: <5187DAB4.4020906@gilbarco.com> I am trying to send email with the notes URL in them but it's not working. Should NAGIOS_SERVICENOTES exist as a environment variable I can call with my notifications? Other macros work as expected - SERVICESTATE, SERVICEDESC etc. Please be advised that this email may contain confidential information. If you are not the intended recipient, please notify us by email by replying to the sender and delete this message. The sender disclaims that the content of this email constitutes an offer to enter into, or the acceptance of, any agreement; provided that the foregoing does not invalidate the binding effect of any digital or other electronic reproduction of a manual signature that is included in any attachment. ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From justinp at norchemlab.com Mon May 6 19:11:43 2013 From: justinp at norchemlab.com (Justin T Pryzby) Date: Mon, 6 May 2013 10:11:43 -0700 Subject: Adding $SERVICENOTESURL$ to notification emails In-Reply-To: <5187DAB4.4020906@gilbarco.com> References: <5187DAB4.4020906@gilbarco.com> Message-ID: <20130506171143.GA24674@norchemlab.com> On Mon, May 06, 2013 at 12:30:44PM -0400, Jeremy Page wrote: > I am trying to send email with the notes URL in them but it's not > working. Should NAGIOS_SERVICENOTES exist as a environment variable I > can call with my notifications? Other macros work as expected - > SERVICESTATE, SERVICEDESC etc. Do you have enable_environment_macros=1 ? (Note that will have some performance impact). Justin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From daniel-listas at gmx.net Mon May 6 19:38:43 2013 From: daniel-listas at gmx.net (Daniel Bareiro) Date: Mon, 6 May 2013 14:38:43 -0300 Subject: Plugin check_md_raid In-Reply-To: <20130506105534.GA18636@firedrake.org> References: <20130506005829.GA20044@defiant.freesoftware> <20130506105534.GA18636@firedrake.org> Message-ID: <20130506173843.GA25070@defiant.freesoftware> Hi, Roger. On Monday, 06 May 2013 11:55:34 +0100, Roger Bell_West wrote: > On Sun, May 05, 2013 at 09:58:29PM -0300, Daniel Bareiro wrote: > >Hari, if you're out there, do you know what could be the problem? > Looks to me as though "clean " is not the same as "clean". What a subtle difference :-) > These days I use check_linux_raid out of the standard plugins > package. (Haven't upgraded to wheezy yet.) As I see, this plugin is in the contrib directory of the tarball. I tested it after giving execute permission and seems to work without problem: sirius:~/Nagios/nagios-plugins-1.4.13/contrib# ./check_linux_raid.pl OK md0 status=[UU]. md1 status=[UU]. md2 status=[UU]. md3 status=[UU]. Is there any parameter to install de contrib plugins when compiling the standards plugins? Thanks for your reply. Regards, Daniel -- Daniel Bareiro Fingerprint: BFB3 08D6 B4D1 31B2 72B9 29CE 6696 BF1B 14E6 1D37 Powered by Debian GNU/Linux Squeeze - Linux user #188.598 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From cbeattie at geninfo.com Mon May 6 20:26:38 2013 From: cbeattie at geninfo.com (Chris Beattie) Date: Mon, 6 May 2013 18:26:38 +0000 Subject: Escalation issues In-Reply-To: References: Message-ID: On 5/5/2013 11:29 PM, Alex wrote: > I have also interval_length=60 in nagios.cfg. I don't understand why > admins-escal isn't consulted after three consecutive attempts at > communicating with the service. What am I doing wrong? This is a silly question, but are there contacts who are members of the admins-escal group? And do they have service_notification_options that overlap the ones defined in your escalation? I haven't tried using templates for escalations yet. Have you tried defining an escalation without using a template? Does the config page for service escalations show anything? The URL would end up being something like: http://your_nagios_host/nagios/cgi-bin/config.cgi?type=serviceescalations&expand=mailhost -- -Chris ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From scarley at gmi-mr.com Tue May 7 05:14:32 2013 From: scarley at gmi-mr.com (Sean Carley) Date: Tue, 7 May 2013 03:14:32 +0000 Subject: Adding $SERVICENOTESURL$ to notification emails In-Reply-To: <20130506171143.GA24674@norchemlab.com> References: <5187DAB4.4020906@gilbarco.com> <20130506171143.GA24674@norchemlab.com> Message-ID: <37CF2B4F60CE2749B2193858715620513FED5339@se2exmb01.CORP.GMI.LCL> It's $SERVICENOTESURL$. You don't need enable_environment_macros. $NOTIFICATIONRECIPIENTS$ comes in handy too. -Sean -----Original Message----- From: Justin T Pryzby [mailto:justinp at norchemlab.com] Sent: Monday, May 06, 2013 10:12 AM To: nagios-users at lists.sourceforge.net Subject: Re: [Nagios-users] Adding $SERVICENOTESURL$ to notification emails On Mon, May 06, 2013 at 12:30:44PM -0400, Jeremy Page wrote: > I am trying to send email with the notes URL in them but it's not > working. Should NAGIOS_SERVICENOTES exist as a environment variable I > can call with my notifications? Other macros work as expected - > SERVICESTATE, SERVICEDESC etc. Do you have enable_environment_macros=1 ? (Note that will have some performance impact). Justin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From pankaj.sain at netprophetsglobal.com Tue May 7 08:36:47 2013 From: pankaj.sain at netprophetsglobal.com (Pankaj Sain) Date: Tue, 7 May 2013 12:06:47 +0530 Subject: No "performance data" when increasing "normal_check_interval" time Message-ID: Hi!, When i increase "normal_check_interval" value from default(10min.) to 15min. or greater for any service, nagios stops receiving performance data in .rrd files. I also checked it with increasing "perfdata_timeout" value but it didn't work. Nagios version: Nagios Core 3.5.0 or 3.2.3 plugin version: nagios-plugins-1.4.16 Nagiosgraph version: nagiosgraph-1.4.4 OS: Redhat 5.8 64bit Service configuration: define service{ use generic-service host_name Server-10 service_description Disk-Boot Partition Free Space check_command check_nrpe!check_disk_boot_partition *normal_check_interval 30* } *PS*: Services with default "normal_check_interval" value, giving perfdata continually. Any help would be appreciated. Thanks, Pankaj Sain *Please do not print this mail unless it is necessary...* This e-mail, together with any attachments, is confidential, and may be privileged. It may be read, copied and used only by the intended recipient. Access to this e-mail or any of its attachments by anyone else and disclosure or copying of its contents or any action taken (or not taken) in reliance on it, is unauthorized and may be unlawful. If you have received it in error, please notify the sender immediately by e-mail or telephone and destroy all copies of this message and any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mysqlstudent at gmail.com Tue May 7 21:25:08 2013 From: mysqlstudent at gmail.com (Alex) Date: Tue, 7 May 2013 15:25:08 -0400 Subject: Escalation issues In-Reply-To: References: Message-ID: Hi, >> I have also interval_length=60 in nagios.cfg. I don't understand why >> admins-escal isn't consulted after three consecutive attempts at >> communicating with the service. What am I doing wrong? > > This is a silly question, but are there contacts who are members of the admins-escal group? And do they have service_notification_options that overlap the ones defined in your escalation? > > I haven't tried using templates for escalations yet. Have you tried defining an escalation without using a template? > > Does the config page for service escalations show anything? The URL would end up being something like: > http://your_nagios_host/nagios/cgi-bin/config.cgi?type=serviceescalations&expand=mailhost Thanks for the info. I've ended up almost completely rebuilding the configuration, trying to understand how it all works and get notifications working, and stop alerting either too late or too many times. I have something that at least works now, but I'm continuing to make changes to improve it. Thanks again, Alex ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mysqlstudent at gmail.com Tue May 7 22:06:38 2013 From: mysqlstudent at gmail.com (Alex) Date: Tue, 7 May 2013 16:06:38 -0400 Subject: clamav socket check times out Message-ID: Hi, I have an fc17 box with nagios-3.4.4 and using the clamd plugin, among others, to check on my systems. For some reason the clamd plugin very frequently times out when run through nrpe: command[check_procs_clamd]=/usr/lib64/nagios/plugins/check_clamd -H /var/spool/amavisd/clamd.sock -t 15 Even with a timeout period of 15s, it still very frequently reports the following: [1367955948] SERVICE ALERT: mail01;PROCS-clamd;CRITICAL;SOFT;1;CRITICAL - Socket timeout after 15 seconds [1367955958] SERVICE ALERT: mail01;PROCS-clamd;OK;SOFT;2;CLAMD OK - 3.568 second response time on socket /var/spool/amavisd/clamd.sock [PONG] This occurs on multiple servers, not just this mail01 system, and even when the system is idle. The plugin comes from the package nagios-plugins-tcp-1.4.16-5.fc17.x86_64 and I'm using clamav-0.97.7. What is the procedure the check_clamd process uses to query the socket? What could be the reason for this timeout occurring so frequently? Could it be an issue with the maximum number of connections for clamd? Any time I run the command manually, it succeeds, and comes back instantly. Thanks for any ideas, Alex ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mysqlstudent at gmail.com Wed May 8 02:57:06 2013 From: mysqlstudent at gmail.com (Alex) Date: Tue, 7 May 2013 20:57:06 -0400 Subject: Variables for determining time before first alert Message-ID: Hi all, I'm trying to configure a nagios server that was set up a long time ago, but has never worked correctly. I'm trying to understand all the variables that are involved in controlling the time before the first notify-by-email alert is sent for a regular service and one that I've configured as critical. Is max_check_attempts the number of iterations it will perform the host/service check for each iteration of the check_interval period? In other words, if I set max_check_attempts to 5, and my interval_length is 60, does that mean it's 5 minutes before the first soft failure is generated? How does the notification_interval in the regular service definition compare with the notification_interval specified in one of the serviceescalation sections? In other words, if I set notification_interval to 10 minutes for regular services, and notification_interval to 5 minutes for escalated services, will I receive two notifications? I realize I could try this, but there seems to be so many other variables involved that I'd like to be sure my understanding is correct. Thanks, Alex ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jpratt at norwich.edu Wed May 8 05:18:37 2013 From: jpratt at norwich.edu (James Pratt) Date: Wed, 8 May 2013 03:18:37 +0000 Subject: Variables for determining time before first alert In-Reply-To: References: Message-ID: <591A34BAEC8DBF44AFAB2E127B4D8A8E130EBF33@NUEXCH2.norwich.edu> Hi, I apologize for the terse reply, but I think you will find all the answers to your questions here - http://nagios.sourceforge.net/docs/3_0/objectdefinitions.html Cheers, James ________________________________________ From: Alex [mysqlstudent at gmail.com] Sent: Tuesday, May 07, 2013 8:57 PM To: Nagios Users List Subject: [Nagios-users] Variables for determining time before first alert Hi all, I'm trying to configure a nagios server that was set up a long time ago, but has never worked correctly. I'm trying to understand all the variables that are involved in controlling the time before the first notify-by-email alert is sent for a regular service and one that I've configured as critical. Is max_check_attempts the number of iterations it will perform the host/service check for each iteration of the check_interval period? In other words, if I set max_check_attempts to 5, and my interval_length is 60, does that mean it's 5 minutes before the first soft failure is generated? How does the notification_interval in the regular service definition compare with the notification_interval specified in one of the serviceescalation sections? In other words, if I set notification_interval to 10 minutes for regular services, and notification_interval to 5 minutes for escalated services, will I receive two notifications? I realize I could try this, but there seems to be so many other variables involved that I'd like to be sure my understanding is correct. Thanks, Alex ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mysqlstudent at gmail.com Wed May 8 06:16:36 2013 From: mysqlstudent at gmail.com (Alex) Date: Wed, 8 May 2013 00:16:36 -0400 Subject: Help reviewing current configuration Message-ID: Hi all, I've worked hours and hours on trying to get these notifications working properly and I'm still confused. I really hoped someone could review my configuration to determine where I might be doing something wrong, and provide any suggestions for improvement. I have a handful of critical servers that I'd like to be notified by within two or three minutes of there being a problem, such as the web server having been stopped. It's my understand that I first define this as a service, while in parallel define varying types of escalations - a regular escalation and a critical escalation. Both of these rely on checking the host for service issues max_check_attempts times, and when that number is reached, an event trigger occurs and the service is escalated. Perhaps I don't understand the link between how a service is in a failed state and a serviceescalation directive is initiated. How are they connected or linked? If I have the first notification for an escalated service set to 1, and the last set to 10, with a notification_interval set to 2, there would effectively be two minutes between each notification, correct? I've included a few macros that I've built below, along with the services to which they belong, and hoped someone could review them to see where I might be going wrong. With the configuration below, it seems I'm only notified at the 10m mark, which I guess is the notification_interval set in the standard-service-24x7 macro. The service never seems to escalate to critical-services, where I should receive an alert after every second check of the host. define service { name standard-service-24x7 active_checks_enabled 1 passive_checks_enabled 1 parallelize_check 1 obsess_over_service 1 check_freshness 0 notifications_enabled 1 event_handler_enabled 1 flap_detection_enabled 1 process_perf_data 1 retain_status_information 1 retain_nonstatus_information 1 max_check_attempts 4 check_interval 1 retry_interval 1 is_volatile 0 check_period 24x7 contact_groups admins notification_interval 10 notification_period 24x7 notification_options w,u,c,r register 0 } # service for standard-service-24x7 macro above define service { use standard-service-24x7 host_name dedicatedtech service_description SMTP check_command check_smtp } # escalation definition for a critical service # admins-escal has several email addresses defined in it define serviceescalation { name critical-services first_notification 1 last_notification 10 contact_groups admins-escal notification_interval 2 register 0 } # test critical services define serviceescalation { use critical-services host_name beast service_description PROCS-qemu } Is there other information I should provide to better troubleshoot this? Any help greatly appreciated. Thanks, Alex ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mysqlstudent at gmail.com Wed May 8 06:33:19 2013 From: mysqlstudent at gmail.com (Alex) Date: Wed, 8 May 2013 00:33:19 -0400 Subject: Variables for determining time before first alert In-Reply-To: <591A34BAEC8DBF44AFAB2E127B4D8A8E130EBF33@NUEXCH2.norwich.edu> References: <591A34BAEC8DBF44AFAB2E127B4D8A8E130EBF33@NUEXCH2.norwich.edu> Message-ID: Hi, > Hi, I apologize for the terse reply, but I think you will find all the answers to your questions here - > > http://nagios.sourceforge.net/docs/3_0/objectdefinitions.html Thanks for your help. I've actually read quite a bit of that, and I'm still confused. It wasn't clear that max_check_attempts is the number of attempts that are made for each iteration, before another alert is triggered. The check_interval is the number of minutes between each check. The notification_interval is how often to send an alert to an admin about a change in status of a service. Does that sound correct? I still don't understand this part: > How does the notification_interval in the regular service definition > compare with the notification_interval specified in one of the > serviceescalation sections? In other words, if I set > notification_interval to 10 minutes for regular services, and > notification_interval to 5 minutes for escalated services, will I > receive two notifications? I realize I could try this, but there seems > to be so many other variables involved that I'd like to be sure my > understanding is correct. What is the point of the notification_interval in a standard service definition? How is it triggered to use one of the escalation macros? If I have notification_interval specified in the escalation sections, I would think it would override the higher setting? Thanks, Alex ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From justinp at norchemlab.com Wed May 8 07:14:17 2013 From: justinp at norchemlab.com (Justin T Pryzby) Date: Tue, 7 May 2013 22:14:17 -0700 Subject: Variables for determining time before first alert In-Reply-To: References: <591A34BAEC8DBF44AFAB2E127B4D8A8E130EBF33@NUEXCH2.norwich.edu> Message-ID: <20130508051417.GA28622@norchemlab.com> On Wed, May 08, 2013 at 12:33:19AM -0400, Alex wrote: > > http://nagios.sourceforge.net/docs/3_0/objectdefinitions.html > > Thanks for your help. I've actually read quite a bit of that, and I'm > still confused. It wasn't clear that max_check_attempts is the number > of attempts that are made for each iteration, before another alert is http://nagios.sourceforge.net/docs/3_0/notifications.html max_check_attempts is the number of FAILED attempts (each made "retry_interval" after the previous failing attempt) before a service moves from a "soft" failure state to a "hard" failure state. Notifies are sent when max_check_attempts have been made, and the service is then in a "hard" state. Notifies are also sent when a hard-failing services is rechecked (at "check_interval"), and at least notification_interval has passed since the last notify. Justin ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From s.shipway at auckland.ac.nz Thu May 9 11:19:17 2013 From: s.shipway at auckland.ac.nz (Steve Shipway) Date: Thu, 9 May 2013 09:19:17 +0000 Subject: High Availabilty with Nagios Message-ID: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> Does anyone have an HA setup for Nagios that works? I'm thinking of creating a NEB module that will link two Nagios setups, and replicate over all status changes, config changes, downtime, comments, etc etc and then set the 'standby' Nagios to be checks/notifications disabled when in standby mode, and enabled when in active mode. Then put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). However this would be too much work if someone else has already found an equivalent solution. I've looked at Merlin but it doesn't seem to do what I'm after (and the documentation is practically nonexistant - much the same as the NEB API documentation, in fact). Mod_gearman lets me have redundant checks and replicate *active* checks, but not commands, downtime or passive checks. Does anyone out there have a workable way to get an active/standby or active/active Nagios setup? Would be interested in hearing all ideas... Steve Steve Shipway University of Auckland ITS UNIX Systems Design Lead s.shipway at auckland.ac.nz Ph: +64 9 373 7599 ext 86487 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From support at crazynetwork.it Thu May 9 11:50:02 2013 From: support at crazynetwork.it (Supporto Tecnico - Crazy Network) Date: Thu, 09 May 2013 11:50:02 +0200 Subject: High Availabilty with Nagios In-Reply-To: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> Message-ID: <518B714A.1040800@crazynetwork.it> I would be interested too, i'm actually using merlind for this right now, but i would like to dont have for example double notifications if a server goes down.. and i do want both nagios set for notify, since if one is down (for any reason) the other one should be able to check and notify and vice-versa.... Regards Il 09/05/2013 11:19, Steve Shipway ha scritto: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios > setups, and replicate over all status changes, config changes, > downtime, comments, etc etc and then set the 'standby' Nagios to be > checks/notifications disabled when in standby mode, and enabled when > in active mode. Then put the two behind a failover load balancer (F5, > Foundry or apache reverse proxy). > > However this would be too much work if someone else has already found > an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and > the documentation is practically nonexistant - much the same as the > NEB API documentation, in fact). Mod_gearman lets me have redundant > checks and replicate *active* checks, but not commands, downtime or > passive checks. > > Does anyone out there have a workable way to get an active/standby or > active/active Nagios setup? Would be interested in hearing all ideas... > > Steve > > > *Steve Shipway* > University of Auckland ITS > /UNIX Systems Design Lead/ > s.shipway at auckland.ac.nz > Ph: +64 9 373 7599 ext 86487 > // > > > ------------------------------------------------------------------------------ > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and > their applications. This 200-page book is written by three acclaimed > leaders in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > > > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- Andrea Iannucci ---------------------------- ---------------------------- Crazy Network di Iannucci Andrea Viale G.B. Lulli, 24 00050 Cerveteri - RM (w) www.crazynetwork.it (e) andrea.iannucci at crazynetwork.it (t) +39 06 62279876 (f) +39 06 62298767 (m) +39 338 8552885 ------------------------------------------------------------------------------- Please consider our enviromental responsabilit? before printing this E-Mail. Thank you. ------------------------------------------------------------------------------- Questo messaggio di posta elettronica contiene informazioni di carattere confidenziale rivolte esclusivamente al destinatario sopra indicato. E' vietato l'uso, la diffusione, distribuzione o riproduzione da parte di ogni altra persona. Nel caso aveste ricevuto questo messaggio di posta elettronica per errore, siete pregati di segnalarlo immediatamente al mittente e distruggere quanto ricevuto (compresi i file allegati) senza farne copia. Qualsivoglia utilizzo non autorizzato del contenuto di questo messaggio costituisce violazione dell'obbligo di non prendere cognizione della corrispondenza tra altri soggetti, salvo pi? grave illecito, ed espone il responsabile alle relative conseguenze. -------------------------------------------------------------------------------- This e-mail is confidential and may also contain privileged information. If you are not the intended recipient you are not authorised to read, print, save, process or disclose this message. If you have received this message by mistake, please inform the sender immediately and delete this e-mail, its attachments and any copies. Any use, distribution, reproduction or disclosure by any person other than the intended recipient is strictly prohibited and the person responsible may incur penalties. -------------------------------------------------------------------------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From william at leibzon.org Thu May 9 11:51:57 2013 From: william at leibzon.org (William Leibzon) Date: Thu, 9 May 2013 02:51:57 -0700 Subject: High Availabilty with Nagios In-Reply-To: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> Message-ID: On Thu, May 9, 2013 at 2:19 AM, Steve Shipway wrote: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios setups, and > replicate over all status changes, config changes, downtime, comments, etc > etc and then set the 'standby' Nagios to be checks/notifications disabled > when in standby mode, and enabled when in active mode. Then put the two > behind a failover load balancer (F5, Foundry or apache reverse proxy). I've thought several times of doing it but never actually get started although I have it all planned out kinda like you. In the mean time my HA setup which I've done for several customers involves config synced using git or svn (script run by cron that checks if its something new and then restart nagios if config passes tests). Both servers doing checks but config is such that for one server all notifications are disabled except for cross-checking of the other nagios This is achieved by having common template from which all services are derived and this template is in a file specific to each server and so one has notifications disabled and the other enabled. This is not a full HA in a way that if one server dies you have to execute a script that would enable the other servers for notifications (this can be done automatically too but I prefer people to do it). > However this would be too much work if someone else has already found an > equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and the > documentation is practically nonexistant - much the same as the NEB API > documentation, in fact). Mod_gearman lets me have redundant checks and > replicate *active* checks, but not commands, downtime or passive checks. > > Does anyone out there have a workable way to get an active/standby or > active/active Nagios setup? Would be interested in hearing all ideas... > > Steve > > > Steve Shipway > University of Auckland ITS > UNIX Systems Design Lead > s.shipway at auckland.ac.nz > Ph: +64 9 373 7599 ext 86487 > > > ------------------------------------------------------------------------------ > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and > their applications. This 200-page book is written by three acclaimed > leaders in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From edward.stpierre at gmail.com Thu May 9 11:59:30 2013 From: edward.stpierre at gmail.com (Edward St Pierre) Date: Thu, 9 May 2013 10:59:30 +0100 Subject: High Availabilty with Nagios In-Reply-To: References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> Message-ID: Hi, I have done this before using drbd for block based replication and clustering on Redhat, this also could be done with pacemaker/corrosync clusters also. Ed On 9 May 2013 10:51, William Leibzon wrote: > On Thu, May 9, 2013 at 2:19 AM, Steve Shipway > wrote: > > Does anyone have an HA setup for Nagios that works? > > > > I'm thinking of creating a NEB module that will link two Nagios setups, > and > > replicate over all status changes, config changes, downtime, comments, > etc > > etc and then set the 'standby' Nagios to be checks/notifications disabled > > when in standby mode, and enabled when in active mode. Then put the two > > behind a failover load balancer (F5, Foundry or apache reverse proxy). > > I've thought several times of doing it but never actually get started > although I have it all planned out kinda like you. > > In the mean time my HA setup which I've done for several customers > involves config synced using git or svn (script run by cron that > checks if its something new and then restart nagios if config passes > tests). Both servers doing checks but config is such that for one > server all notifications are disabled except for cross-checking of the > other nagios This is achieved by having common template from which all > services are derived and this template is in a file specific to each > server and so one has notifications disabled and the other enabled. > This is not a full HA in a way that if one server dies you have to > execute a script that would enable the other servers for notifications > (this can be done automatically too but I prefer people to do it). > > > However this would be too much work if someone else has already found an > > equivalent solution. > > > > I've looked at Merlin but it doesn't seem to do what I'm after (and the > > documentation is practically nonexistant - much the same as the NEB API > > documentation, in fact). Mod_gearman lets me have redundant checks and > > replicate *active* checks, but not commands, downtime or passive checks. > > > > Does anyone out there have a workable way to get an active/standby or > > active/active Nagios setup? Would be interested in hearing all ideas... > > > > Steve > > > > > > Steve Shipway > > University of Auckland ITS > > UNIX Systems Design Lead > > s.shipway at auckland.ac.nz > > Ph: +64 9 373 7599 ext 86487 > > > > > > > ------------------------------------------------------------------------------ > > Learn Graph Databases - Download FREE O'Reilly Book > > "Graph Databases" is the definitive new guide to graph databases and > > their applications. This 200-page book is written by three acclaimed > > leaders in the field. The early access version is available now. > > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > > _______________________________________________ > > Nagios-users mailing list > > Nagios-users at lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/nagios-users > > ::: Please include Nagios version, plugin version (-v) and OS when > reporting > > any issue. > > ::: Messages without supporting info will risk being sent to /dev/null > > > ------------------------------------------------------------------------------ > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and > their applications. This 200-page book is written by three acclaimed > leaders in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ck at claudiokuenzler.com Thu May 9 13:23:24 2013 From: ck at claudiokuenzler.com (Claudio Kuenzler) Date: Thu, 9 May 2013 13:23:24 +0200 Subject: check_http with spaces problem In-Reply-To: References: Message-ID: > Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H > granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 > Name or service not known HTTP CRITICAL - Unable to open TCP socket > You have to break up the -u argument. -u expects the path, not the complete URI. So in this case: /usr/lib64/nagios/plugins/check_http -H granma.gr -u /index.html -R "Web" -w 10 -c 20 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From dkokmadis at gmail.com Thu May 9 13:29:54 2013 From: dkokmadis at gmail.com (=?ISO-8859-7?B?yu/q7Nzk5/IgxOfs3vTx6e/y?=) Date: Thu, 9 May 2013 14:29:54 +0300 Subject: check_http with spaces problem In-Reply-To: References: Message-ID: Thank you for the answer, The problem doesn't seem to be at the url but at the -R option If I use -R "Web" the response is ok but if i use -R "Web somethin" it returns error! 2013/5/9 Claudio Kuenzler > > Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H >> granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 >> Name or service not known HTTP CRITICAL - Unable to open TCP socket >> > > You have to break up the -u argument. -u expects the path, not the > complete URI. So in this case: > > /usr/lib64/nagios/plugins/check_http -H granma.gr -u /index.html -R "Web" > -w 10 -c 20 > > > > ------------------------------------------------------------------------------ > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and > their applications. This 200-page book is written by three acclaimed > leaders in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ck at claudiokuenzler.com Thu May 9 13:45:09 2013 From: ck at claudiokuenzler.com (Claudio Kuenzler) Date: Thu, 9 May 2013 13:45:09 +0200 Subject: check_http with spaces problem In-Reply-To: References: Message-ID: > > If I use -R "Web" the response is ok but if i use -R "Web somethin" it > returns error! > Because the pattern needs to exist in the source code. ./check_http -H granma.gr -u /index.html -R "Web somethin" HTTP CRITICAL: HTTP/1.1 200 OK - pattern not found - 4342 bytes in 0.126 second response time |time=0.125853s;;;0.000000 size=4342B;;;0 ./check_http -H granma.gr -u /index.html -R "Web Design" HTTP OK: HTTP/1.1 200 OK - 4342 bytes in 0.125 second response time |time=0.124846s;;;0.000000 size=4342B;;;0 > > > 2013/5/9 Claudio Kuenzler > >> >> Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H >>> granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 >>> Name or service not known HTTP CRITICAL - Unable to open TCP socket >>> >> >> You have to break up the -u argument. -u expects the path, not the >> complete URI. So in this case: >> >> /usr/lib64/nagios/plugins/check_http -H granma.gr -u /index.html -R >> "Web" -w 10 -c 20 >> >> >> >> ------------------------------------------------------------------------------ >> Learn Graph Databases - Download FREE O'Reilly Book >> "Graph Databases" is the definitive new guide to graph databases and >> their applications. This 200-page book is written by three acclaimed >> leaders in the field. The early access version is available now. >> Download your free book today! http://p.sf.net/sfu/neotech_d2d_may >> >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null >> > > > > ------------------------------------------------------------------------------ > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and > their applications. This 200-page book is written by three acclaimed > leaders in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From awiddersheim at hotmail.com Thu May 9 16:48:54 2013 From: awiddersheim at hotmail.com (Andrew Widdersheim) Date: Thu, 9 May 2013 10:48:54 -0400 Subject: High Availabilty with Nagios In-Reply-To: References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz>, , Message-ID: I did a talk at last years conference that touches on HA Nagios setup which uses DRBD and pacemaker. There were also talks about mod_gearman and Merlin that might also be helpful. The slides (and maybe video?) are available on nagios.org. Here is a link to my slides: http://www.slideshare.net/nagiosinc/andrew-widdersheim-nagiosisdownbosswantstosee-you ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ratty at they.org Thu May 9 18:33:53 2013 From: ratty at they.org (frank) Date: Thu, 9 May 2013 11:33:53 -0500 (CDT) Subject: High Availabilty with Nagios In-Reply-To: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> Message-ID: While HA can be a great thing I've always been of the opinion that a monitoring setup needs to have as few moving parts as possible. The more complexity to the monitor, the more chance you'll be chasing monitoring issues rather than site issues. And everthing you add on top of the monitor also needs to be monitored. So somehow that F5 is going to need an out-of-band monitor because if it dies then your Nagios host may well not have a way to contact you about it unless you've dual homed it which brings up a whole other set of issues. The closest I got to HA at my last gig was creating a CNAME for the active Nagios host so in a failover you point the CNAME to the new box and at least passive checks can still roll in (after DNS timeout of course, which I say is better than reconfiging every NSCA clent). -f On Thu, 9 May 2013, Steve Shipway wrote: > Date: Thu, 9 May 2013 09:19:17 +0000 > From: Steve Shipway > Reply-To: Nagios Users List > To: "nagios-users at lists.sourceforge.net" > Subject: [Nagios-users] High Availabilty with Nagios > > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios setups, and replicate over all > status changes, config changes, downtime, comments, etc etc and then set the 'standby' Nagios to > be checks/notifications disabled when in standby mode, and enabled when in active mode.? Then > put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). > > However this would be too much work if someone else has already found an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and the documentation is > practically nonexistant - much the same as the NEB API documentation, in fact).? Mod_gearman > lets me have redundant checks and replicate *active* checks, but not commands, downtime or > passive checks. > > Does anyone out there have a workable way to get an active/standby or active/active Nagios > setup?? Would be interested in hearing all ideas... > > Steve > > > Steve Shipway > University of Auckland ITS > UNIX Systems Design Lead > s.shipway at auckland.ac.nz > Ph: +64 9 373 7599 ext 86487 > ? > > -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jrwinkle at wisc.edu Thu May 9 20:33:50 2013 From: jrwinkle at wisc.edu (Jim Winkle) Date: Thu, 09 May 2013 13:33:50 -0500 Subject: High Availabilty with Nagios In-Reply-To: <7710bfec2522e.518beb96@wiscmail.wisc.edu> References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> <76f0a50f20874.518be9b2@wiscmail.wisc.edu> <7750efb926eae.518be9ef@wiscmail.wisc.edu> <75e09c2d27c5f.518bea2b@wiscmail.wisc.edu> <7580d4bc2613a.518bea67@wiscmail.wisc.edu> <765085c82788b.518beaa4@wiscmail.wisc.edu> <76a0bad227c63.518beb1d@wiscmail.wisc.edu> <7620ae8a20ff3.518beb59@wiscmail.wisc.edu> <7710bfec2522e.518beb96@wiscmail.wisc.edu> Message-ID: <7750eefa25b76.518ba5be@wiscmail.wisc.edu> On 05/09/13, Steve Shipway wrote: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios setups, and replicate over all status changes, config changes, downtime, comments, etc etc and then set the 'standby' Nagios to be checks/notifications disabled when in standby mode, and enabled when in active mode. Then put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). We use rsync (run out of cron every minute) and a floating VIP between two hosts. Nagios is running on only one host at a time. It's a trivial (manual) process to switch between hosts. Files which are synced: all Nagios files except logs and transient results. Files synced include Nagios configs, binaries and CGIs, helper apps, plugins, local plugins and NRPE configs, docs, HTML files, status files, all files in ~nagios, and the crontab for user nagios. -- Jim ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Fri May 10 10:57:28 2013 From: ae at op5.se (Andreas Ericsson) Date: Fri, 10 May 2013 10:57:28 +0200 Subject: High Availabilty with Nagios In-Reply-To: <518B714A.1040800@crazynetwork.it> References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> <518B714A.1040800@crazynetwork.it> Message-ID: <518CB678.1080909@op5.se> On 2013-05-09 11:50, Supporto Tecnico - Crazy Network wrote: > I would be interested too, i'm actually using merlind for this right > now, but i would like to dont have for example double notifications if a > server goes down.. and i do want both nagios set for notify, since if > one is down (for any reason) the other one should be able to check and > notify and vice-versa.... > Double notifications is a bug, unless you send passive checkresults to both masters, in which case it's by design. Usually people want to solve passive checks by arranging a single target ip or hostname to send to and then add peered nodes at that tier as necessary, so as to not have to send checkresults to multiple nodes from all the monitored machines. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Fri May 10 10:58:12 2013 From: ae at op5.se (Andreas Ericsson) Date: Fri, 10 May 2013 10:58:12 +0200 Subject: High Availabilty with Nagios In-Reply-To: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> References: <7294716191A1E142B80615ED2C633BCA6830F61E@uxcn10-tdc02.UoA.auckland.ac.nz> Message-ID: <518CB6A4.4040701@op5.se> On 2013-05-09 11:19, Steve Shipway wrote: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios > setups, and replicate over all status changes, config changes, > downtime, comments, etc etc and then set the 'standby' Nagios to be > checks/notifications disabled when in standby mode, and enabled when > in active mode. Then put the two behind a failover load balancer > (F5, Foundry or apache reverse proxy). > > However this would be too much work if someone else has already found > an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and > the documentation is practically nonexistant - much the same as the > NEB API documentation, in fact). Mod_gearman lets me have redundant > checks and replicate *active* checks, but not commands, downtime or >passive checks. Merlin would do exactly that if you set one of the nodes as a poller but having all hosts assigned to it. When the poller goes down, the master will by default take over checks for it. Merlin is actually pretty well documented, but as textfiles that you have to read the oldschool way. If there's anything you find lacking from the HOWTO document or the README, please let me know and I'll amend it. > > Does anyone out there have a workable way to get an active/standby or > active/active Nagios setup? Would be interested in hearing all > ideas... > Well, we have about 800 of them. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From psk at psk.net Fri May 10 21:46:38 2013 From: psk at psk.net (Percy Kwong) Date: Fri, 10 May 2013 15:46:38 -0400 Subject: Trying to figure out the PCRE expression for Nagiosgraph Map Message-ID: <518D4E9E.1030409@psk.net> I'm writing a pcre rule for a nagios map file. The output for one query would be: PROCS OK: 11 processes with args 'apache' What would the map rule look like that would do the following? 1. Begin with "PROCS OK:" 2. End with "args 'apache'" 3. Extract only the numeric value before the word processes? Assuming it would be a nested regex within the regex. So basically, the map regex would only return 11, but enforce the rules above? Just trying to understand the logic behind this. Thanks. ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ck at claudiokuenzler.com Fri May 10 23:11:42 2013 From: ck at claudiokuenzler.com (Claudio Kuenzler) Date: Fri, 10 May 2013 23:11:42 +0200 Subject: Trying to figure out the PCRE expression for Nagiosgraph Map In-Reply-To: <518D4E9E.1030409@psk.net> References: <518D4E9E.1030409@psk.net> Message-ID: > The output for one query would be: > > PROCS OK: 11 processes with args 'apache' > Well first of all you'd have to make sure that nagiosgraph also takes the output in account. It's always better to do that with perfdata... You have the choice to also take the output as source to parse, although I strongly recommend to use perfdata. That's what it is for. > > What would the map rule look like that would do the following? > > 1. Begin with "PROCS OK:" > 2. End with "args 'apache'" > 3. Extract only the numeric value before the word processes? The regex would look something like this: /output:PROCS.*:(\d+) processes.*/ assuming that you don't care about the args and the status (OK, WARNING, CRITICAL) part. Only the digit (11) would be taken out of the output in this case. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jonas at freesources.org Sat May 11 13:24:27 2013 From: jonas at freesources.org (Jonas Meurer) Date: Sat, 11 May 2013 13:24:27 +0200 Subject: servicegroup overview not restricted for htaccess users In-Reply-To: <9bc101fecc5e9d35ebb09ecbbd7b676d@imap.freesources.org> References: <9bc101fecc5e9d35ebb09ecbbd7b676d@imap.freesources.org> Message-ID: <518E2A6B.3090209@freesources.org> Hello, Am 06.05.2013 10:42, schrieb Jonas Meurer: > I fear that I discovered a security issue in Nagios 3.4.4 status.cgi: no comments on that? > All htaccess users, even if not listed in any authorized_for_* config > option, have full access to service group overview, summary and grid: > /nagios/cgi-bin/status.cgi?servicegroup=all&style=overview > /nagios/cgi-bin/status.cgi?servicegroup=all&style=summary > /nagios/cgi-bin/status.cgi?servicegroup=all&style=grid > > I hope that this is not intended. Is this issue known? > > Kind regards, > jonas > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From psk at psk.net Sat May 11 13:30:36 2013 From: psk at psk.net (Percy Kwong) Date: Sat, 11 May 2013 07:30:36 -0400 Subject: Trying to figure out the PCRE expression for Nagiosgraph Map In-Reply-To: References: <518D4E9E.1030409@psk.net> Message-ID: <518E2BDC.2070200@psk.net> OK. So to make more sense of the whole thing, the only thing that is taken into account is the actual numerical value? In other words, it's automatically parsed? This is what I wasn't sure of. Here is the entry in the mapfile I was using: I guess the reason I'm having issues with this is the following snippet from the nagiosgraph.log: Fri May 10 12:57:51 2013 insert.pl warn output/perfdata not recognized: hostname:mymachine servicedesc:Apache Processes output:PROCS OK: 11 processes with args apache perfdata: the problem is there is no perfdata and the rrd file isn't being populated, (and obviously, no graph). I'm attributing this to the fact that the map file entry is wrong. This is really where my problem lies. Am I looking in the wrong place? Thanks. On 5/10/2013 5:11 PM, Claudio Kuenzler wrote: > > The output for one query would be: > > PROCS OK: 11 processes with args 'apache' > > > Well first of all you'd have to make sure that nagiosgraph also takes > the output in account. > It's always better to do that with perfdata... > > You have the choice to also take the output as source to parse, > although I strongly recommend to use perfdata. That's what it is for. > > > What would the map rule look like that would do the following? > > 1. Begin with "PROCS OK:" > 2. End with "args 'apache'" > 3. Extract only the numeric value before the word processes? > > > The regex would look something like this: > > /output:PROCS.*:(\d+) processes.*/ > > assuming that you don't care about the args and the status (OK, > WARNING, CRITICAL) part. > Only the digit (11) would be taken out of the output in this case. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From psk at psk.net Sat May 11 13:39:35 2013 From: psk at psk.net (Percy Kwong) Date: Sat, 11 May 2013 07:39:35 -0400 Subject: Trying to figure out the PCRE expression for Nagiosgraph Map In-Reply-To: References: <518D4E9E.1030409@psk.net> Message-ID: <518E2DF7.7050803@psk.net> OK. So to make more sense of the whole thing, the only thing that is taken into account is the actual numerical value? In other words, it's automatically parsed? This is what I wasn't sure of. Here is the entry in the mapfile I was using: /output:PROCS.*:(\d+) processes with args 'apache'/ and push @s, ['apache', ['connections', GAUGE, $1] ]; I guess the reason I'm having issues with this is the following snippet from the nagiosgraph.log: Fri May 10 12:57:51 2013 insert.pl warn output/perfdata not recognized: hostname:mymachine servicedesc:Apache Processes output:PROCS OK: 11 processes with args apache perfdata: the problem is there is no perfdata and the rrd file isn't being populated, (and obviously, no graph). I'm attributing this to the fact that the map file entry is wrong. This is really where my problem lies. Am I looking in the wrong place? Thanks. On 5/10/2013 5:11 PM, Claudio Kuenzler wrote: > > The output for one query would be: > > PROCS OK: 11 processes with args 'apache' > > > Well first of all you'd have to make sure that nagiosgraph also takes > the output in account. > It's always better to do that with perfdata... > > You have the choice to also take the output as source to parse, > although I strongly recommend to use perfdata. That's what it is for. > > > What would the map rule look like that would do the following? > > 1. Begin with "PROCS OK:" > 2. End with "args 'apache'" > 3. Extract only the numeric value before the word processes? > > > The regex would look something like this: > > /output:PROCS.*:(\d+) processes.*/ > > assuming that you don't care about the args and the status (OK, > WARNING, CRITICAL) part. > Only the digit (11) would be taken out of the output in this case. On 5/10/2013 5:11 PM, Claudio Kuenzler wrote: > > The output for one query would be: > > PROCS OK: 11 processes with args 'apache' > > > Well first of all you'd have to make sure that nagiosgraph also takes > the output in account. > It's always better to do that with perfdata... > > You have the choice to also take the output as source to parse, > although I strongly recommend to use perfdata. That's what it is for. > > > What would the map rule look like that would do the following? > > 1. Begin with "PROCS OK:" > 2. End with "args 'apache'" > 3. Extract only the numeric value before the word processes? > > > The regex would look something like this: > > /output:PROCS.*:(\d+) processes.*/ > > assuming that you don't care about the args and the status (OK, > WARNING, CRITICAL) part. > Only the digit (11) would be taken out of the output in this case. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ck at claudiokuenzler.com Sat May 11 17:23:06 2013 From: ck at claudiokuenzler.com (Claudio Kuenzler) Date: Sat, 11 May 2013 17:23:06 +0200 Subject: Trying to figure out the PCRE expression for Nagiosgraph Map In-Reply-To: <518E2BDC.2070200@psk.net> References: <518D4E9E.1030409@psk.net> <518E2BDC.2070200@psk.net> Message-ID: On Sat, May 11, 2013 at 1:30 PM, Percy Kwong wrote: > OK. So to make more sense of the whole thing, the only thing that is > taken into account is the actual numerical value? In other words, it's > automatically parsed? This is what I wasn't sure of. > > Here is the entry in the mapfile I was using: > > /output:PROCS.*:(\d+) processes with args 'apache'/ > and push @s, ['apache', > ['connections', GAUGE, $1] ]; > This works, too, when you only want to parse the process checks for apache. You give the RRD description the name "connections". I don't think that the number of Apache processes really represent the number of connections. In this case, I suggest you use check_netstat.pl. > the problem is there is no perfdata and the rrd file isn't being > populated, (and obviously, no graph). I'm attributing this to the fact > that the map file entry is wrong. This is really where my problem lies. > Am I looking in the wrong place? > It's check_procs which doesn't create perfdata. You might need to manually patch it. See: http://www.claudiokuenzler.com/blog/224/nagios-plugin-check_procs-add-performance-data-perfdata-output-nagiosgraph -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Sun May 12 11:25:35 2013 From: ae at op5.se (Andreas Ericsson) Date: Sun, 12 May 2013 11:25:35 +0200 Subject: servicegroup overview not restricted for htaccess users In-Reply-To: <9bc101fecc5e9d35ebb09ecbbd7b676d@imap.freesources.org> References: <9bc101fecc5e9d35ebb09ecbbd7b676d@imap.freesources.org> Message-ID: <518F600F.702@op5.se> On 2013-05-06 10:42, Jonas Meurer wrote: > Hello, > > I fear that I discovered a security issue in Nagios 3.4.4 status.cgi: > > All htaccess users, even if not listed in any authorized_for_* config > option, have full access to service group overview, summary and grid: > /nagios/cgi-bin/status.cgi?servicegroup=all&style=overview > /nagios/cgi-bin/status.cgi?servicegroup=all&style=summary > /nagios/cgi-bin/status.cgi?servicegroup=all&style=grid > > I hope that this is not intended. Is this issue known? > It's a bit short on info. Servicegroups should be visible if the user is a contact for any service in the group. If a user who has no auth options and is not a contact for any service can see all servicegroups, then yes, that's potentially a security issue. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jonas at freesources.org Mon May 13 18:02:43 2013 From: jonas at freesources.org (Jonas Meurer) Date: Mon, 13 May 2013 18:02:43 +0200 Subject: servicegroup overview not restricted for htaccess users In-Reply-To: <518F600F.702@op5.se> References: <9bc101fecc5e9d35ebb09ecbbd7b676d@imap.freesources.org> <518F600F.702@op5.se> Message-ID: <38e15b002c3bcf6e111cbe1409a711f1@imap.freesources.org> Hello Andreas, Am 12.05.2013 11:25, schrieb Andreas Ericsson: > On 2013-05-06 10:42, Jonas Meurer wrote: >> Hello, >> >> I fear that I discovered a security issue in Nagios 3.4.4 >> status.cgi: >> >> All htaccess users, even if not listed in any authorized_for_* >> config >> option, have full access to service group overview, summary and >> grid: >> /nagios/cgi-bin/status.cgi?servicegroup=all&style=overview >> /nagios/cgi-bin/status.cgi?servicegroup=all&style=summary >> /nagios/cgi-bin/status.cgi?servicegroup=all&style=grid >> >> I hope that this is not intended. Is this issue known? >> > > It's a bit short on info. Servicegroups should be visible if the user > is a contact for any service in the group. If a user who has no auth > options and is not a contact for any service can see all > servicegroups, > then yes, that's potentially a security issue. You're nearly correct with the second assumption. Users which are contact for _some_ services are able to see all services in service group overview, summary and grid. This problem affects everyone who restricts nagios access by using contacts. Unprivleged users are able to fetch the whole list of hosts and services on the Nagios setup in question. Kind regards, jonas ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Robert.Holman at jeppesen.com Mon May 13 19:20:51 2013 From: Robert.Holman at jeppesen.com (Robert Holman) Date: Mon, 13 May 2013 11:20:51 -0600 Subject: High Availability Message-ID: I would look into MK_Livestatus as a backend. This would allow you to "cluster" web frontends, and by simply replicating config files across nodes, you could have "cold" standby servers in case the backend(s) actually fail. Regards, Rob -----Original Message----- From: nagios-users-request at lists.sourceforge.net [mailto:nagios-users-request at lists.sourceforge.net] Sent: Saturday, May 11, 2013 5:31 AM To: nagios-users at lists.sourceforge.net Subject: Nagios-users Digest, Vol 84, Issue 3 Send Nagios-users mailing list submissions to nagios-users at lists.sourceforge.net To subscribe or unsubscribe via the World Wide Web, visit https://lists.sourceforge.net/lists/listinfo/nagios-users or, via email, send a message with subject or body 'help' to nagios-users-request at lists.sourceforge.net You can reach the person managing the list at nagios-users-owner at lists.sourceforge.net When replying, please edit your Subject line so it is more specific than "Re: Contents of Nagios-users digest..." Today's Topics: 1. Re: Variables for determining time before first alert (Justin T Pryzby) 2. High Availabilty with Nagios (Steve Shipway) 3. Re: High Availabilty with Nagios (Supporto Tecnico - Crazy Network) 4. Re: High Availabilty with Nagios (William Leibzon) 5. Re: High Availabilty with Nagios (Edward St Pierre) 6. Re: check_http with spaces problem (Claudio Kuenzler) 7. Re: check_http with spaces problem (???????? ?????????) 8. Re: check_http with spaces problem (Claudio Kuenzler) 9. Re: High Availabilty with Nagios (Andrew Widdersheim) 10. Re: High Availabilty with Nagios (frank) 11. Re: High Availabilty with Nagios (Jim Winkle) 12. Re: High Availabilty with Nagios (Andreas Ericsson) 13. Re: High Availabilty with Nagios (Andreas Ericsson) 14. Trying to figure out the PCRE expression for Nagiosgraph Map (Percy Kwong) 15. Re: Trying to figure out the PCRE expression for Nagiosgraph Map (Claudio Kuenzler) 16. Re: servicegroup overview not restricted for htaccess users (Jonas Meurer) 17. Re: Trying to figure out the PCRE expression for Nagiosgraph Map (Percy Kwong) ---------------------------------------------------------------------- Message: 1 Date: Tue, 7 May 2013 22:14:17 -0700 From: Justin T Pryzby Subject: Re: [Nagios-users] Variables for determining time before first alert To: nagios-users at lists.sourceforge.net Message-ID: <20130508051417.GA28622 at norchemlab.com> Content-Type: text/plain; charset=us-ascii On Wed, May 08, 2013 at 12:33:19AM -0400, Alex wrote: > > http://nagios.sourceforge.net/docs/3_0/objectdefinitions.html > > Thanks for your help. I've actually read quite a bit of that, and I'm > still confused. It wasn't clear that max_check_attempts is the number > of attempts that are made for each iteration, before another alert is http://nagios.sourceforge.net/docs/3_0/notifications.html max_check_attempts is the number of FAILED attempts (each made "retry_interval" after the previous failing attempt) before a service moves from a "soft" failure state to a "hard" failure state. Notifies are sent when max_check_attempts have been made, and the service is then in a "hard" state. Notifies are also sent when a hard-failing services is rechecked (at "check_interval"), and at least notification_interval has passed since the last notify. Justin ------------------------------ Message: 2 Date: Thu, 9 May 2013 09:19:17 +0000 From: Steve Shipway Subject: [Nagios-users] High Availabilty with Nagios To: "nagios-users at lists.sourceforge.net" Message-ID: <7294716191A1E142B80615ED2C633BCA6830F61E at uxcn10-tdc02.UoA.auckland.ac.nz> Content-Type: text/plain; charset="iso-8859-1" Does anyone have an HA setup for Nagios that works? I'm thinking of creating a NEB module that will link two Nagios setups, and replicate over all status changes, config changes, downtime, comments, etc etc and then set the 'standby' Nagios to be checks/notifications disabled when in standby mode, and enabled when in active mode. Then put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). However this would be too much work if someone else has already found an equivalent solution. I've looked at Merlin but it doesn't seem to do what I'm after (and the documentation is practically nonexistant - much the same as the NEB API documentation, in fact). Mod_gearman lets me have redundant checks and replicate *active* checks, but not commands, downtime or passive checks. Does anyone out there have a workable way to get an active/standby or active/active Nagios setup? Would be interested in hearing all ideas... Steve Steve Shipway University of Auckland ITS UNIX Systems Design Lead s.shipway at auckland.ac.nz Ph: +64 9 373 7599 ext 86487 -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 3 Date: Thu, 09 May 2013 11:50:02 +0200 From: Supporto Tecnico - Crazy Network Subject: Re: [Nagios-users] High Availabilty with Nagios To: nagios-users at lists.sourceforge.net Message-ID: <518B714A.1040800 at crazynetwork.it> Content-Type: text/plain; charset=ISO-8859-1; format=flowed I would be interested too, i'm actually using merlind for this right now, but i would like to dont have for example double notifications if a server goes down.. and i do want both nagios set for notify, since if one is down (for any reason) the other one should be able to check and notify and vice-versa.... Regards Il 09/05/2013 11:19, Steve Shipway ha scritto: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios > setups, and replicate over all status changes, config changes, > downtime, comments, etc etc and then set the 'standby' Nagios to be > checks/notifications disabled when in standby mode, and enabled when > in active mode. Then put the two behind a failover load balancer (F5, > Foundry or apache reverse proxy). > > However this would be too much work if someone else has already found > an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and > the documentation is practically nonexistant - much the same as the > NEB API documentation, in fact). Mod_gearman lets me have redundant > checks and replicate *active* checks, but not commands, downtime or > passive checks. > > Does anyone out there have a workable way to get an active/standby or > active/active Nagios setup? Would be interested in hearing all ideas... > > Steve > > > *Steve Shipway* > University of Auckland ITS > /UNIX Systems Design Lead/ > s.shipway at auckland.ac.nz > Ph: +64 9 373 7599 ext 86487 > // > > > ---------------------------------------------------------------------- > -------- Learn Graph Databases - Download FREE O'Reilly Book "Graph > Databases" is the definitive new guide to graph databases and their > applications. This 200-page book is written by three acclaimed leaders > in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > > > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- Andrea Iannucci ---------------------------- ---------------------------- Crazy Network di Iannucci Andrea Viale G.B. Lulli, 24 00050 Cerveteri - RM (w) www.crazynetwork.it (e) andrea.iannucci at crazynetwork.it (t) +39 06 62279876 (f) +39 06 62298767 (m) +39 338 8552885 ------------------------------------------------------------------------------- Please consider our enviromental responsabilit? before printing this E-Mail. Thank you. ------------------------------------------------------------------------------- Questo messaggio di posta elettronica contiene informazioni di carattere confidenziale rivolte esclusivamente al destinatario sopra indicato. E' vietato l'uso, la diffusione, distribuzione o riproduzione da parte di ogni altra persona. Nel caso aveste ricevuto questo messaggio di posta elettronica per errore, siete pregati di segnalarlo immediatamente al mittente e distruggere quanto ricevuto (compresi i file allegati) senza farne copia. Qualsivoglia utilizzo non autorizzato del contenuto di questo messaggio costituisce violazione dell'obbligo di non prendere cognizione della corrispondenza tra altri soggetti, salvo pi? grave illecito, ed espone il responsabile alle relative conseguenze. -------------------------------------------------------------------------------- This e-mail is confidential and may also contain privileged information. If you are not the intended recipient you are not authorised to read, print, save, process or disclose this message. If you have received this message by mistake, please inform the sender immediately and delete this e-mail, its attachments and any copies. Any use, distribution, reproduction or disclosure by any person other than the intended recipient is strictly prohibited and the person responsible may incur penalties. -------------------------------------------------------------------------------- ------------------------------ Message: 4 Date: Thu, 9 May 2013 02:51:57 -0700 From: William Leibzon Subject: Re: [Nagios-users] High Availabilty with Nagios To: Nagios Users List Message-ID: Content-Type: text/plain; charset=ISO-8859-1 On Thu, May 9, 2013 at 2:19 AM, Steve Shipway wrote: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios > setups, and replicate over all status changes, config changes, > downtime, comments, etc etc and then set the 'standby' Nagios to be > checks/notifications disabled when in standby mode, and enabled when > in active mode. Then put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). I've thought several times of doing it but never actually get started although I have it all planned out kinda like you. In the mean time my HA setup which I've done for several customers involves config synced using git or svn (script run by cron that checks if its something new and then restart nagios if config passes tests). Both servers doing checks but config is such that for one server all notifications are disabled except for cross-checking of the other nagios This is achieved by having common template from which all services are derived and this template is in a file specific to each server and so one has notifications disabled and the other enabled. This is not a full HA in a way that if one server dies you have to execute a script that would enable the other servers for notifications (this can be done automatically too but I prefer people to do it). > However this would be too much work if someone else has already found > an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and > the documentation is practically nonexistant - much the same as the > NEB API documentation, in fact). Mod_gearman lets me have redundant > checks and replicate *active* checks, but not commands, downtime or passive checks. > > Does anyone out there have a workable way to get an active/standby or > active/active Nagios setup? Would be interested in hearing all ideas... > > Steve > > > Steve Shipway > University of Auckland ITS > UNIX Systems Design Lead > s.shipway at auckland.ac.nz > Ph: +64 9 373 7599 ext 86487 > > > ---------------------------------------------------------------------- > -------- Learn Graph Databases - Download FREE O'Reilly Book "Graph > Databases" is the definitive new guide to graph databases and their > applications. This 200-page book is written by three acclaimed leaders > in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------ Message: 5 Date: Thu, 9 May 2013 10:59:30 +0100 From: Edward St Pierre Subject: Re: [Nagios-users] High Availabilty with Nagios To: Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" Hi, I have done this before using drbd for block based replication and clustering on Redhat, this also could be done with pacemaker/corrosync clusters also. Ed On 9 May 2013 10:51, William Leibzon wrote: > On Thu, May 9, 2013 at 2:19 AM, Steve Shipway > > wrote: > > Does anyone have an HA setup for Nagios that works? > > > > I'm thinking of creating a NEB module that will link two Nagios > > setups, > and > > replicate over all status changes, config changes, downtime, > > comments, > etc > > etc and then set the 'standby' Nagios to be checks/notifications > > disabled when in standby mode, and enabled when in active mode. > > Then put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). > > I've thought several times of doing it but never actually get started > although I have it all planned out kinda like you. > > In the mean time my HA setup which I've done for several customers > involves config synced using git or svn (script run by cron that > checks if its something new and then restart nagios if config passes > tests). Both servers doing checks but config is such that for one > server all notifications are disabled except for cross-checking of the > other nagios This is achieved by having common template from which all > services are derived and this template is in a file specific to each > server and so one has notifications disabled and the other enabled. > This is not a full HA in a way that if one server dies you have to > execute a script that would enable the other servers for notifications > (this can be done automatically too but I prefer people to do it). > > > However this would be too much work if someone else has already > > found an equivalent solution. > > > > I've looked at Merlin but it doesn't seem to do what I'm after (and > > the documentation is practically nonexistant - much the same as the > > NEB API documentation, in fact). Mod_gearman lets me have redundant > > checks and replicate *active* checks, but not commands, downtime or passive checks. > > > > Does anyone out there have a workable way to get an active/standby > > or active/active Nagios setup? Would be interested in hearing all ideas... > > > > Steve > > > > > > Steve Shipway > > University of Auckland ITS > > UNIX Systems Design Lead > > s.shipway at auckland.ac.nz > > Ph: +64 9 373 7599 ext 86487 > > > > > > > ---------------------------------------------------------------------- > -------- > > Learn Graph Databases - Download FREE O'Reilly Book "Graph > > Databases" is the definitive new guide to graph databases and their > > applications. This 200-page book is written by three acclaimed > > leaders in the field. The early access version is available now. > > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > > _______________________________________________ > > Nagios-users mailing list > > Nagios-users at lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/nagios-users > > ::: Please include Nagios version, plugin version (-v) and OS when > reporting > > any issue. > > ::: Messages without supporting info will risk being sent to > > /dev/null > > > ---------------------------------------------------------------------- > -------- Learn Graph Databases - Download FREE O'Reilly Book "Graph > Databases" is the definitive new guide to graph databases and their > applications. This 200-page book is written by three acclaimed leaders > in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 6 Date: Thu, 9 May 2013 13:23:24 +0200 From: Claudio Kuenzler Subject: Re: [Nagios-users] check_http with spaces problem To: Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" > Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H > granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 Name or > service not known HTTP CRITICAL - Unable to open TCP socket > You have to break up the -u argument. -u expects the path, not the complete URI. So in this case: /usr/lib64/nagios/plugins/check_http -H granma.gr -u /index.html -R "Web" -w 10 -c 20 -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 7 Date: Thu, 9 May 2013 14:29:54 +0300 From: ???????? ????????? Subject: Re: [Nagios-users] check_http with spaces problem To: Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" Thank you for the answer, The problem doesn't seem to be at the url but at the -R option If I use -R "Web" the response is ok but if i use -R "Web somethin" it returns error! 2013/5/9 Claudio Kuenzler > > Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H >> granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 Name >> or service not known HTTP CRITICAL - Unable to open TCP socket >> > > You have to break up the -u argument. -u expects the path, not the > complete URI. So in this case: > > /usr/lib64/nagios/plugins/check_http -H granma.gr -u /index.html -R "Web" > -w 10 -c 20 > > > > ---------------------------------------------------------------------- > -------- Learn Graph Databases - Download FREE O'Reilly Book "Graph > Databases" is the definitive new guide to graph databases and their > applications. This 200-page book is written by three acclaimed leaders > in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 8 Date: Thu, 9 May 2013 13:45:09 +0200 From: Claudio Kuenzler Subject: Re: [Nagios-users] check_http with spaces problem To: Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" > > If I use -R "Web" the response is ok but if i use -R "Web somethin" it > returns error! > Because the pattern needs to exist in the source code. ./check_http -H granma.gr -u /index.html -R "Web somethin" HTTP CRITICAL: HTTP/1.1 200 OK - pattern not found - 4342 bytes in 0.126 second response time |time=0.125853s;;;0.000000 size=4342B;;;0 ./check_http -H granma.gr -u /index.html -R "Web Design" HTTP OK: HTTP/1.1 200 OK - 4342 bytes in 0.125 second response time |time=0.124846s;;;0.000000 size=4342B;;;0 > > > 2013/5/9 Claudio Kuenzler > >> >> Sun May 5 22:29:03 EEST 2013 /usr/lib64/nagios/plugins/check_http -H >>> granma.gr -u http://granma.gr/index.html -R "Web " -w 10 -c 20 Name >>> or service not known HTTP CRITICAL - Unable to open TCP socket >>> >> >> You have to break up the -u argument. -u expects the path, not the >> complete URI. So in this case: >> >> /usr/lib64/nagios/plugins/check_http -H granma.gr -u /index.html -R >> "Web" -w 10 -c 20 >> >> >> >> --------------------------------------------------------------------- >> --------- Learn Graph Databases - Download FREE O'Reilly Book "Graph >> Databases" is the definitive new guide to graph databases and their >> applications. This 200-page book is written by three acclaimed >> leaders in the field. The early access version is available now. >> Download your free book today! http://p.sf.net/sfu/neotech_d2d_may >> >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to >> /dev/null >> > > > > ---------------------------------------------------------------------- > -------- Learn Graph Databases - Download FREE O'Reilly Book "Graph > Databases" is the definitive new guide to graph databases and their > applications. This 200-page book is written by three acclaimed leaders > in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 9 Date: Thu, 9 May 2013 10:48:54 -0400 From: Andrew Widdersheim Subject: Re: [Nagios-users] High Availabilty with Nagios To: Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" I did a talk at last years conference that touches on HA Nagios setup which uses DRBD and pacemaker. There were also talks about mod_gearman and Merlin that might also be helpful. The slides (and maybe video?) are available on nagios.org. Here is a link to my slides: http://www.slideshare.net/nagiosinc/andrew-widdersheim-nagiosisdownbosswantstosee-you ------------------------------ Message: 10 Date: Thu, 9 May 2013 11:33:53 -0500 (CDT) From: frank Subject: Re: [Nagios-users] High Availabilty with Nagios To: Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" While HA can be a great thing I've always been of the opinion that a monitoring setup needs to have as few moving parts as possible. The more complexity to the monitor, the more chance you'll be chasing monitoring issues rather than site issues. And everthing you add on top of the monitor also needs to be monitored. So somehow that F5 is going to need an out-of-band monitor because if it dies then your Nagios host may well not have a way to contact you about it unless you've dual homed it which brings up a whole other set of issues. The closest I got to HA at my last gig was creating a CNAME for the active Nagios host so in a failover you point the CNAME to the new box and at least passive checks can still roll in (after DNS timeout of course, which I say is better than reconfiging every NSCA clent). -f On Thu, 9 May 2013, Steve Shipway wrote: > Date: Thu, 9 May 2013 09:19:17 +0000 > From: Steve Shipway > Reply-To: Nagios Users List > To: "nagios-users at lists.sourceforge.net" > Subject: [Nagios-users] High Availabilty with Nagios > > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios setups, and replicate over all > status changes, config changes, downtime, comments, etc etc and then set the 'standby' Nagios to > be checks/notifications disabled when in standby mode, and enabled when in active mode.? Then > put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). > > However this would be too much work if someone else has already found an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and the documentation is > practically nonexistant - much the same as the NEB API documentation, in fact).? Mod_gearman > lets me have redundant checks and replicate *active* checks, but not commands, downtime or > passive checks. > > Does anyone out there have a workable way to get an active/standby or active/active Nagios > setup?? Would be interested in hearing all ideas... > > Steve > > > Steve Shipway > University of Auckland ITS > UNIX Systems Design Lead > s.shipway at auckland.ac.nz > Ph: +64 9 373 7599 ext 86487 > ? > > ------------------------------ Message: 11 Date: Thu, 09 May 2013 13:33:50 -0500 From: Jim Winkle Subject: Re: [Nagios-users] High Availabilty with Nagios To: Nagios Users List Message-ID: <7750eefa25b76.518ba5be at wiscmail.wisc.edu> Content-Type: text/plain; CHARSET=US-ASCII On 05/09/13, Steve Shipway wrote: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios setups, and replicate over all status changes, config changes, downtime, comments, etc etc and then set the 'standby' Nagios to be checks/notifications disabled when in standby mode, and enabled when in active mode. Then put the two behind a failover load balancer (F5, Foundry or apache reverse proxy). We use rsync (run out of cron every minute) and a floating VIP between two hosts. Nagios is running on only one host at a time. It's a trivial (manual) process to switch between hosts. Files which are synced: all Nagios files except logs and transient results. Files synced include Nagios configs, binaries and CGIs, helper apps, plugins, local plugins and NRPE configs, docs, HTML files, status files, all files in ~nagios, and the crontab for user nagios. -- Jim ------------------------------ Message: 12 Date: Fri, 10 May 2013 10:57:28 +0200 From: Andreas Ericsson Subject: Re: [Nagios-users] High Availabilty with Nagios To: support at crazynetwork.it, Nagios Users List Message-ID: <518CB678.1080909 at op5.se> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 2013-05-09 11:50, Supporto Tecnico - Crazy Network wrote: > I would be interested too, i'm actually using merlind for this right > now, but i would like to dont have for example double notifications if a > server goes down.. and i do want both nagios set for notify, since if > one is down (for any reason) the other one should be able to check and > notify and vice-versa.... > Double notifications is a bug, unless you send passive checkresults to both masters, in which case it's by design. Usually people want to solve passive checks by arranging a single target ip or hostname to send to and then add peered nodes at that tier as necessary, so as to not have to send checkresults to multiple nodes from all the monitored machines. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------ Message: 13 Date: Fri, 10 May 2013 10:58:12 +0200 From: Andreas Ericsson Subject: Re: [Nagios-users] High Availabilty with Nagios To: Nagios Users List Message-ID: <518CB6A4.4040701 at op5.se> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 2013-05-09 11:19, Steve Shipway wrote: > Does anyone have an HA setup for Nagios that works? > > I'm thinking of creating a NEB module that will link two Nagios > setups, and replicate over all status changes, config changes, > downtime, comments, etc etc and then set the 'standby' Nagios to be > checks/notifications disabled when in standby mode, and enabled when > in active mode. Then put the two behind a failover load balancer > (F5, Foundry or apache reverse proxy). > > However this would be too much work if someone else has already found > an equivalent solution. > > I've looked at Merlin but it doesn't seem to do what I'm after (and > the documentation is practically nonexistant - much the same as the > NEB API documentation, in fact). Mod_gearman lets me have redundant > checks and replicate *active* checks, but not commands, downtime or >passive checks. Merlin would do exactly that if you set one of the nodes as a poller but having all hosts assigned to it. When the poller goes down, the master will by default take over checks for it. Merlin is actually pretty well documented, but as textfiles that you have to read the oldschool way. If there's anything you find lacking from the HOWTO document or the README, please let me know and I'll amend it. > > Does anyone out there have a workable way to get an active/standby or > active/active Nagios setup? Would be interested in hearing all > ideas... > Well, we have about 800 of them. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------ Message: 14 Date: Fri, 10 May 2013 15:46:38 -0400 From: Percy Kwong Subject: [Nagios-users] Trying to figure out the PCRE expression for Nagiosgraph Map To: nagios-users at lists.sourceforge.net Message-ID: <518D4E9E.1030409 at psk.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed I'm writing a pcre rule for a nagios map file. The output for one query would be: PROCS OK: 11 processes with args 'apache' What would the map rule look like that would do the following? 1. Begin with "PROCS OK:" 2. End with "args 'apache'" 3. Extract only the numeric value before the word processes? Assuming it would be a nested regex within the regex. So basically, the map regex would only return 11, but enforce the rules above? Just trying to understand the logic behind this. Thanks. ------------------------------ Message: 15 Date: Fri, 10 May 2013 23:11:42 +0200 From: Claudio Kuenzler Subject: Re: [Nagios-users] Trying to figure out the PCRE expression for Nagiosgraph Map To: psk at psk.net, Nagios Users List Message-ID: Content-Type: text/plain; charset="iso-8859-1" > The output for one query would be: > > PROCS OK: 11 processes with args 'apache' > Well first of all you'd have to make sure that nagiosgraph also takes the output in account. It's always better to do that with perfdata... You have the choice to also take the output as source to parse, although I strongly recommend to use perfdata. That's what it is for. > > What would the map rule look like that would do the following? > > 1. Begin with "PROCS OK:" > 2. End with "args 'apache'" > 3. Extract only the numeric value before the word processes? The regex would look something like this: /output:PROCS.*:(\d+) processes.*/ assuming that you don't care about the args and the status (OK, WARNING, CRITICAL) part. Only the digit (11) would be taken out of the output in this case. -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 16 Date: Sat, 11 May 2013 13:24:27 +0200 From: Jonas Meurer Subject: Re: [Nagios-users] servicegroup overview not restricted for htaccess users To: nagios-users at lists.sourceforge.net Message-ID: <518E2A6B.3090209 at freesources.org> Content-Type: text/plain; charset=ISO-8859-1 Hello, Am 06.05.2013 10:42, schrieb Jonas Meurer: > I fear that I discovered a security issue in Nagios 3.4.4 status.cgi: no comments on that? > All htaccess users, even if not listed in any authorized_for_* config > option, have full access to service group overview, summary and grid: > /nagios/cgi-bin/status.cgi?servicegroup=all&style=overview > /nagios/cgi-bin/status.cgi?servicegroup=all&style=summary > /nagios/cgi-bin/status.cgi?servicegroup=all&style=grid > > I hope that this is not intended. Is this issue known? > > Kind regards, > jonas > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > ------------------------------ Message: 17 Date: Sat, 11 May 2013 07:30:36 -0400 From: Percy Kwong Subject: Re: [Nagios-users] Trying to figure out the PCRE expression for Nagiosgraph Map To: Claudio Kuenzler Cc: Nagios Users List Message-ID: <518E2BDC.2070200 at psk.net> Content-Type: text/plain; charset="iso-8859-1" OK. So to make more sense of the whole thing, the only thing that is taken into account is the actual numerical value? In other words, it's automatically parsed? This is what I wasn't sure of. Here is the entry in the mapfile I was using: I guess the reason I'm having issues with this is the following snippet from the nagiosgraph.log: Fri May 10 12:57:51 2013 insert.pl warn output/perfdata not recognized: hostname:mymachine servicedesc:Apache Processes output:PROCS OK: 11 processes with args apache perfdata: the problem is there is no perfdata and the rrd file isn't being populated, (and obviously, no graph). I'm attributing this to the fact that the map file entry is wrong. This is really where my problem lies. Am I looking in the wrong place? Thanks. On 5/10/2013 5:11 PM, Claudio Kuenzler wrote: > > The output for one query would be: > > PROCS OK: 11 processes with args 'apache' > > > Well first of all you'd have to make sure that nagiosgraph also takes > the output in account. > It's always better to do that with perfdata... > > You have the choice to also take the output as source to parse, > although I strongly recommend to use perfdata. That's what it is for. > > > What would the map rule look like that would do the following? > > 1. Begin with "PROCS OK:" > 2. End with "args 'apache'" > 3. Extract only the numeric value before the word processes? > > > The regex would look something like this: > > /output:PROCS.*:(\d+) processes.*/ > > assuming that you don't care about the args and the status (OK, > WARNING, CRITICAL) part. > Only the digit (11) would be taken out of the output in this case. -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may ------------------------------ _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users End of Nagios-users Digest, Vol 84, Issue 3 ******************************************* ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From mwiese at beit.de Mon May 13 22:02:57 2013 From: mwiese at beit.de (mwiese at beit.de) Date: Mon, 13 May 2013 22:02:57 +0200 Subject: =?iso-8859-1?q?AUTO=3A_Marco_Wiese/BEIT_GmbH_ist_a?= =?iso-8859-1?q?u=DFer_Haus=2E_=28R=FCckkehr_am_21=2E05=2E2013=29?= Message-ID: Ich kehre zur?ck am 21.05.2013. Ich werde Ihre Nachricht nach meiner R?ckkehr schnellstm?glich beantworten. Hinweis: Dies ist eine automatische Antwort auf Ihre Nachricht "Re: [Nagios-users] servicegroup overview not restricted for htaccess users" gesendet am 13.05.2013 18:02:43. Diese ist die einzige Benachrichtigung, die Sie empfangen werden, w?hrend diese Person abwesend ist. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Thilakraj.Shanmugam at canberra.edu.au Tue May 14 09:42:35 2013 From: Thilakraj.Shanmugam at canberra.edu.au (Thilakraj.Shanmugam) Date: Tue, 14 May 2013 07:42:35 +0000 Subject: Nagios Plugin for IPTABLES Monitoring Message-ID: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> Greetings! Could someone send me nagios plugin which is tested and works well for monitoring IPTABLES in Linux. I have tested below script but it is not returning correct output to nagios server. If I execute script manually, it shows correct output... But if I execute via ./check_nrpe - H localhost -c check_iptables, it shows wrong output. Below is my plugin ------------------------------ #!/bin/bash set -x IPT='/sbin/iptables' GREP='/bin/grep' AWK='/bin/awk' EXPR='/usr/bin/expr' WC='/usr/bin/wc' A='/usr/bin/sudo' E_SUCCESS="0" E_CRITICAL="2" E_UNKNOWN="3" CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | $WC -l` if [ $CHAINS -ne 0 ] ; then echo "Firewall is running!" exit ${E_SUCCESS} elif [ $CHAINS -eq 0 ] ; then echo "Firewall is not running" exit ${E_CRITICAL} fi -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Deborah.Martin at kognitio.com Tue May 14 10:43:52 2013 From: Deborah.Martin at kognitio.com (Deborah Martin) Date: Tue, 14 May 2013 08:43:52 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> Message-ID: <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> Hi, What is the wrong output being returned ? This might give us all a clue as to the cause of the problem. When you run the check manually, are you doing this as the same user that check_nrpe will use ? Regards, Deborah From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] Sent: 14 May 2013 08:43 To: nagios-users at lists.sourceforge.net Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Greetings! Could someone send me nagios plugin which is tested and works well for monitoring IPTABLES in Linux. I have tested below script but it is not returning correct output to nagios server. If I execute script manually, it shows correct output... But if I execute via ./check_nrpe - H localhost -c check_iptables, it shows wrong output. Below is my plugin ------------------------------ #!/bin/bash set -x IPT='/sbin/iptables' GREP='/bin/grep' AWK='/bin/awk' EXPR='/usr/bin/expr' WC='/usr/bin/wc' A='/usr/bin/sudo' E_SUCCESS="0" E_CRITICAL="2" E_UNKNOWN="3" CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | $WC -l` if [ $CHAINS -ne 0 ] ; then echo "Firewall is running!" exit ${E_SUCCESS} elif [ $CHAINS -eq 0 ] ; then echo "Firewall is not running" exit ${E_CRITICAL} fi This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Thilakraj.Shanmugam at canberra.edu.au Tue May 14 10:58:13 2013 From: Thilakraj.Shanmugam at canberra.edu.au (Thilakraj.Shanmugam) Date: Tue, 14 May 2013 08:58:13 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> Message-ID: <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> Hi Deborah, Thanks for the response.. please find the details below. [root at abc libexec]# pwd /usr/local/nagios/libexec [root at abc libexec]# ./check_iptables.sh <----- Executing manually script + IPT=/sbin/iptables + GREP=/bin/grep + AWK=/bin/awk + EXPR=/usr/bin/expr + WC=/usr/bin/wc + A=/usr/bin/sudo + E_SUCCESS=0 + E_CRITICAL=2 + E_UNKNOWN=3 ++ /usr/bin/sudo /sbin/iptables -nvL ++ /bin/grep Chain ++ /bin/awk '{ print $2 }' ++ /bin/grep Cid ++ /usr/bin/wc -l + CHAINS=5 + '[' 5 -ne 0 ']' + echo 'Firewall is running!' Firewall is running! + exit 0 <------ it shows firewall running ( correct output ) [root at abc libexec]# Client - NRPE config file [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh [root at abc libexec]# [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables Firewall is not running <----- executing via check_nrpe ( wrong output ) [root at abc libexec]# NRPE Logs ------------- May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network traffic will be encrypted. May 14 18:52:28 abc nrpe[31158]: Handling the connection... May 14 18:52:28 abc nrpe[31158]: Host is asking for command 'check_iptables' to be run... May 14 18:52:28 abc nrpe[31158]: Running command: /usr/local/nagios/libexec/check_iptables.sh May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and output: Firewall is not running May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not running Kind Regards, Thilak From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] Sent: Tuesday, 14 May 2013 6:44 PM To: Nagios Users List Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Hi, What is the wrong output being returned ? This might give us all a clue as to the cause of the problem. When you run the check manually, are you doing this as the same user that check_nrpe will use ? Regards, Deborah From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] Sent: 14 May 2013 08:43 To: nagios-users at lists.sourceforge.net Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Greetings! Could someone send me nagios plugin which is tested and works well for monitoring IPTABLES in Linux. I have tested below script but it is not returning correct output to nagios server. If I execute script manually, it shows correct output... But if I execute via ./check_nrpe - H localhost -c check_iptables, it shows wrong output. Below is my plugin ------------------------------ #!/bin/bash set -x IPT='/sbin/iptables' GREP='/bin/grep' AWK='/bin/awk' EXPR='/usr/bin/expr' WC='/usr/bin/wc' A='/usr/bin/sudo' E_SUCCESS="0" E_CRITICAL="2" E_UNKNOWN="3" CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | $WC -l` if [ $CHAINS -ne 0 ] ; then echo "Firewall is running!" exit ${E_SUCCESS} elif [ $CHAINS -eq 0 ] ; then echo "Firewall is not running" exit ${E_CRITICAL} fi This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From pitchfork at ederdrom.de Tue May 14 11:23:50 2013 From: pitchfork at ederdrom.de (Joerg Linge) Date: Tue, 14 May 2013 11:23:50 +0200 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> Message-ID: Never test as root! Joerg Am 14.05.2013 um 10:58 schrieb Thilakraj.Shanmugam : > Hi Deborah, Thanks for the response.. please find the details below. > > > [root at abc libexec]# pwd > /usr/local/nagios/libexec > [root at abc libexec]# ./check_iptables.sh <----- Executing manually script > + IPT=/sbin/iptables > + GREP=/bin/grep > + AWK=/bin/awk > + EXPR=/usr/bin/expr > + WC=/usr/bin/wc > + A=/usr/bin/sudo > + E_SUCCESS=0 > + E_CRITICAL=2 > + E_UNKNOWN=3 > ++ /usr/bin/sudo /sbin/iptables -nvL > ++ /bin/grep Chain > ++ /bin/awk '{ print $2 }' > ++ /bin/grep Cid > ++ /usr/bin/wc -l > + CHAINS=5 > + '[' 5 -ne 0 ']' > + echo 'Firewall is running!' > Firewall is running! > + exit 0 <------ it shows firewall running ( correct output ) > [root at abc libexec]# > > > Client - NRPE config file > > [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh > [root at abc libexec]# > > > [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables > Firewall is not running <----- executing via check_nrpe ( wrong output ) > [root at abc libexec]# > > > NRPE Logs > ------------- > > May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /db > May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /app > May 14 18:52:28 abc nrpe[31158]: Added command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh > May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network traffic will be encrypted. > May 14 18:52:28 abc nrpe[31158]: Handling the connection... > May 14 18:52:28 abc nrpe[31158]: Host is asking for command 'check_iptables' to be run... > May 14 18:52:28 abc nrpe[31158]: Running command: /usr/local/nagios/libexec/check_iptables.sh > May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and output: Firewall is not running > May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not running > > > Kind Regards, > Thilak > > > From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] > Sent: Tuesday, 14 May 2013 6:44 PM > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Hi, > What is the wrong output being returned ? This might give us all a clue as to the cause of the problem. > When you run the check manually, are you doing this as the same user that check_nrpe will use ? > > Regards, > Deborah > > > > From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > Sent: 14 May 2013 08:43 > To: nagios-users at lists.sourceforge.net > Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Greetings! > > Could someone send me nagios plugin which is tested and works well for monitoring IPTABLES in Linux. > > I have tested below script but it is not returning correct output to nagios server. > > If I execute script manually, it shows correct output? > > But if I execute via ./check_nrpe ? H localhost ?c check_iptables, it shows wrong output. > > > > Below is my plugin > ------------------------------ > > #!/bin/bash > set -x > > IPT='/sbin/iptables' > GREP='/bin/grep' > AWK='/bin/awk' > EXPR='/usr/bin/expr' > WC='/usr/bin/wc' > A='/usr/bin/sudo' > > E_SUCCESS="0" > E_CRITICAL="2" > E_UNKNOWN="3" > > CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | $WC -l` > > if [ $CHAINS -ne 0 ] ; then > echo "Firewall is running!" > exit ${E_SUCCESS} > > elif [ $CHAINS -eq 0 ] ; then > echo "Firewall is not running" > exit ${E_CRITICAL} > fi > > > This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. > > ------------------------------------------------------------------------------ > AlienVault Unified Security Management (USM) platform delivers complete > security visibility with the essential security capabilities. Easily and > efficiently configure, manage, and operate all of your security controls > from a single console and one unified framework. Download a free trial. > http://p.sf.net/sfu/alienvault_d2d_______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Deborah.Martin at kognitio.com Tue May 14 11:29:39 2013 From: Deborah.Martin at kognitio.com (Deborah Martin) Date: Tue, 14 May 2013 09:29:39 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> Message-ID: Ok - if I look at your output, manually, when the plugin is run as the "root" user it produces the correct result. But, you haven't said what the nrpe user is that is running on the remote node and whether the same manual run of the check produces the same output. For example, I run remote plugins through nrpe as the "nagios" user so if I want to manually test a plugin on the remote node, I would first login as the nagios user to ensure I've got the same environment that would be used when running via nrpe. It might be that the variables you have set in the script only work as the root user. It's never a good idea to test as the root user but only as the same user as that used by nagios or nrpe. Regards, Deborah From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] Sent: 14 May 2013 09:58 To: Nagios Users List Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Hi Deborah, Thanks for the response.. please find the details below. [root at abc libexec]# pwd /usr/local/nagios/libexec [root at abc libexec]# ./check_iptables.sh <----- Executing manually script + IPT=/sbin/iptables + GREP=/bin/grep + AWK=/bin/awk + EXPR=/usr/bin/expr + WC=/usr/bin/wc + A=/usr/bin/sudo + E_SUCCESS=0 + E_CRITICAL=2 + E_UNKNOWN=3 ++ /usr/bin/sudo /sbin/iptables -nvL ++ /bin/grep Chain ++ /bin/awk '{ print $2 }' ++ /bin/grep Cid ++ /usr/bin/wc -l + CHAINS=5 + '[' 5 -ne 0 ']' + echo 'Firewall is running!' Firewall is running! + exit 0 <------ it shows firewall running ( correct output ) [root at abc libexec]# Client - NRPE config file [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh [root at abc libexec]# [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables Firewall is not running <----- executing via check_nrpe ( wrong output ) [root at abc libexec]# NRPE Logs ------------- May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network traffic will be encrypted. May 14 18:52:28 abc nrpe[31158]: Handling the connection... May 14 18:52:28 abc nrpe[31158]: Host is asking for command 'check_iptables' to be run... May 14 18:52:28 abc nrpe[31158]: Running command: /usr/local/nagios/libexec/check_iptables.sh May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and output: Firewall is not running May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not running Kind Regards, Thilak From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] Sent: Tuesday, 14 May 2013 6:44 PM To: Nagios Users List Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Hi, What is the wrong output being returned ? This might give us all a clue as to the cause of the problem. When you run the check manually, are you doing this as the same user that check_nrpe will use ? Regards, Deborah From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] Sent: 14 May 2013 08:43 To: nagios-users at lists.sourceforge.net Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Greetings! Could someone send me nagios plugin which is tested and works well for monitoring IPTABLES in Linux. I have tested below script but it is not returning correct output to nagios server. If I execute script manually, it shows correct output... But if I execute via ./check_nrpe - H localhost -c check_iptables, it shows wrong output. Below is my plugin ------------------------------ #!/bin/bash set -x IPT='/sbin/iptables' GREP='/bin/grep' AWK='/bin/awk' EXPR='/usr/bin/expr' WC='/usr/bin/wc' A='/usr/bin/sudo' E_SUCCESS="0" E_CRITICAL="2" E_UNKNOWN="3" CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | $WC -l` if [ $CHAINS -ne 0 ] ; then echo "Firewall is running!" exit ${E_SUCCESS} elif [ $CHAINS -eq 0 ] ; then echo "Firewall is not running" exit ${E_CRITICAL} fi This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From sunil at sunil.cc Tue May 14 12:41:52 2013 From: sunil at sunil.cc (Sunil Sankar) Date: Tue, 14 May 2013 16:11:52 +0530 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> Message-ID: try setting the suid for this script On Tue, May 14, 2013 at 2:59 PM, Deborah Martin wrote: > Ok ? if I look at your output, manually, when the plugin is run as the > ?root? user it produces the correct result. **** > > ** ** > > But, you haven?t said what the nrpe user is that is running on the remote > node and whether the same manual run of the check produces the same > output. **** > > For example, I run remote plugins through nrpe as the ?nagios? user so if > I want to manually test a plugin on the remote node, I would first login as > the nagios user to ensure I?ve got the same environment that would be used > when running via nrpe. It might be that the variables you have set in the > script only work as the root user. It?s never a good idea to test as the > root user but only as the same user as that used by nagios or nrpe. **** > > ** ** > > Regards,**** > > Deborah **** > > ** ** > > *From:* Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > *Sent:* 14 May 2013 09:58 > > *To:* Nagios Users List > *Subject:* Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** > > ** ** > > Hi Deborah, Thanks for the response.. please find the details below.**** > > ** ** > > ** ** > > [root at abc libexec]# pwd**** > > /usr/local/nagios/libexec**** > > [root at abc libexec]# ./check_iptables.sh > > <----- Executing manually script**** > > + IPT=/sbin/iptables**** > > + GREP=/bin/grep**** > > + AWK=/bin/awk**** > > + EXPR=/usr/bin/expr**** > > + WC=/usr/bin/wc**** > > + A=/usr/bin/sudo**** > > + E_SUCCESS=0**** > > + E_CRITICAL=2**** > > + E_UNKNOWN=3**** > > ++ /usr/bin/sudo /sbin/iptables -nvL**** > > ++ /bin/grep Chain**** > > ++ /bin/awk '{ print $2 }'**** > > ++ /bin/grep Cid**** > > ++ /usr/bin/wc -l**** > > + CHAINS=5**** > > + '[' 5 -ne 0 ']'**** > > + echo 'Firewall is running!'**** > > Firewall is running!**** > > + exit 0 > <------ it shows firewall running ( correct output )**** > > [root at abc libexec]#**** > > ** ** > > ** ** > > *Client - NRPE config file* > > ** ** > > [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable*** > * > > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh**** > > [root at abc libexec]#**** > > ** ** > > ** ** > > [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables**** > > Firewall is not running > <----- executing via check_nrpe ( wrong output )**** > > [root at abc libexec]#**** > > ** ** > > ** ** > > NRPE Logs**** > > -------------**** > > ** ** > > May 14 18:52:28 abc nrpe[31158]: Added > command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% > -p /db**** > > May 14 18:52:28 abc nrpe[31158]: Added > command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c > 5% -p /app**** > > May 14 18:52:28 abc nrpe[31158]: Added > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh**** > > May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network > traffic will be encrypted.**** > > May 14 18:52:28 abc nrpe[31158]: Handling the connection...**** > > May 14 18:52:28 abc nrpe[31158]: Host is asking for command > 'check_iptables' to be run...**** > > May 14 18:52:28 abc nrpe[31158]: Running command: > /usr/local/nagios/libexec/check_iptables.sh**** > > May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and > output: Firewall is not running**** > > May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not > running**** > > ** ** > > ** ** > > Kind Regards,**** > > Thilak**** > > ** ** > > ** ** > > *From:* Deborah Martin [mailto:Deborah.Martin at kognitio.com] > > *Sent:* Tuesday, 14 May 2013 6:44 PM > *To:* Nagios Users List > *Subject:* Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** > > ** ** > > Hi, **** > > What is the wrong output being returned ? This might give us all a clue as > to the cause of the problem. **** > > When you run the check manually, are you doing this as the same user that > check_nrpe will use ? **** > > ** ** > > Regards,**** > > Deborah **** > > ** ** > > ** ** > > ** ** > > *From:* Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > > *Sent:* 14 May 2013 08:43 > *To:* nagios-users at lists.sourceforge.net > *Subject:* [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** > > ** ** > > Greetings!**** > > ** ** > > Could someone send me nagios plugin which is tested and works well for > monitoring IPTABLES in Linux.**** > > ** ** > > I have tested below script but it is not returning correct output to > nagios server.**** > > ** ** > > If I execute script manually, it shows correct output?**** > > ** ** > > But if I execute via ./check_nrpe ? H localhost ?c check_iptables, it > shows wrong output.**** > > ** ** > > ** ** > > ** ** > > Below is my plugin**** > > ------------------------------**** > > ** ** > > #!/bin/bash**** > > set -x**** > > ** ** > > IPT='/sbin/iptables'**** > > GREP='/bin/grep'**** > > AWK='/bin/awk'**** > > EXPR='/usr/bin/expr'**** > > WC='/usr/bin/wc'**** > > A='/usr/bin/sudo'**** > > ** ** > > E_SUCCESS="0"**** > > E_CRITICAL="2"**** > > E_UNKNOWN="3"**** > > ** ** > > CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | > $WC -l`**** > > ** ** > > if [ $CHAINS -ne 0 ] ; then**** > > echo "Firewall is running!"**** > > exit ${E_SUCCESS}**** > > ** ** > > elif [ $CHAINS -eq 0 ] ; then**** > > echo "Firewall is not running"**** > > exit ${E_CRITICAL}**** > > fi**** > > ** ** > > > **** > > This e-mail and any files transmitted with it are strictly confidential > and intended solely for the use of the individual or entity to whom they > are addressed. If you are not the intended recipient, please delete this > e-mail immediately. Any unauthorised distribution or copying is strictly > prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via > e-mail, we cannot guarantee that any e-mail or attachment is free from > computer viruses and you are strongly advised to undertake your own > anti-virus precautions. Kognitio grants no warranties regarding > performance, use or quality of any e-mail or attachment and undertakes no > liability for loss or damage, howsoever caused.**** > > ** > > This e-mail and any files transmitted with it are strictly confidential > and intended solely for the use of the individual or entity to whom they > are addressed. If you are not the intended recipient, please delete this > e-mail immediately. Any unauthorised distribution or copying is strictly > prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via > e-mail, we cannot guarantee that any e-mail or attachment is free from > computer viruses and you are strongly advised to undertake your own > anti-virus precautions. Kognitio grants no warranties regarding > performance, use or quality of any e-mail or attachment and undertakes no > liability for loss or damage, howsoever caused. > > > ------------------------------------------------------------------------------ > AlienVault Unified Security Management (USM) platform delivers complete > security visibility with the essential security capabilities. Easily and > efficiently configure, manage, and operate all of your security controls > from a single console and one unified framework. Download a free trial. > http://p.sf.net/sfu/alienvault_d2d > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -- Regards Sunil Sankar -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From werner.flamme at ufz.de Tue May 14 13:12:23 2013 From: werner.flamme at ufz.de (Werner Flamme) Date: Tue, 14 May 2013 13:12:23 +0200 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> Message-ID: <51921C17.3090905@ufz.de> Sunil Sankar [14.05.2013 12:41]: > try setting the suid for this script Set a script suid? Which operating system supports that? > > > On Tue, May 14, 2013 at 2:59 PM, Deborah Martin > wrote: > >> Ok ? if I look at your output, manually, when the plugin is run as the >> ?root? user it produces the correct result. **** >> >> ** ** >> >> But, you haven?t said what the nrpe user is that is running on the remote >> node and whether the same manual run of the check produces the same >> output. **** >> >> For example, I run remote plugins through nrpe as the ?nagios? user so if >> I want to manually test a plugin on the remote node, I would first login as >> the nagios user to ensure I?ve got the same environment that would be used >> when running via nrpe. It might be that the variables you have set in the >> script only work as the root user. It?s never a good idea to test as the >> root user but only as the same user as that used by nagios or nrpe. **** >> >> ** ** >> >> Regards,**** >> >> Deborah **** >> >> ** ** >> >> *From:* Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] >> *Sent:* 14 May 2013 09:58 >> >> *To:* Nagios Users List >> *Subject:* Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** >> >> ** ** >> >> Hi Deborah, Thanks for the response.. please find the details below.**** >> >> ** ** >> >> ** ** >> >> [root at abc libexec]# pwd**** >> >> /usr/local/nagios/libexec**** >> >> [root at abc libexec]# ./check_iptables.sh >> >> <----- Executing manually script**** >> >> + IPT=/sbin/iptables**** >> >> + GREP=/bin/grep**** >> >> + AWK=/bin/awk**** >> >> + EXPR=/usr/bin/expr**** >> >> + WC=/usr/bin/wc**** >> >> + A=/usr/bin/sudo**** >> >> + E_SUCCESS=0**** >> >> + E_CRITICAL=2**** >> >> + E_UNKNOWN=3**** >> >> ++ /usr/bin/sudo /sbin/iptables -nvL**** >> >> ++ /bin/grep Chain**** >> >> ++ /bin/awk '{ print $2 }'**** >> >> ++ /bin/grep Cid**** >> >> ++ /usr/bin/wc -l**** >> >> + CHAINS=5**** >> >> + '[' 5 -ne 0 ']'**** >> >> + echo 'Firewall is running!'**** >> >> Firewall is running!**** >> >> + exit 0 >> <------ it shows firewall running ( correct output )**** >> >> [root at abc libexec]#**** >> >> ** ** >> >> ** ** >> >> *Client - NRPE config file* >> >> ** ** >> >> [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable*** >> * >> >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh**** >> >> [root at abc libexec]#**** >> >> ** ** >> >> ** ** >> >> [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables**** >> >> Firewall is not running >> <----- executing via check_nrpe ( wrong output )**** >> >> [root at abc libexec]#**** >> >> ** ** >> >> ** ** >> >> NRPE Logs**** >> >> -------------**** >> >> ** ** >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% >> -p /db**** >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c >> 5% -p /app**** >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh**** >> >> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network >> traffic will be encrypted.**** >> >> May 14 18:52:28 abc nrpe[31158]: Handling the connection...**** >> >> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >> 'check_iptables' to be run...**** >> >> May 14 18:52:28 abc nrpe[31158]: Running command: >> /usr/local/nagios/libexec/check_iptables.sh**** >> >> May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and >> output: Firewall is not running**** >> >> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not >> running**** >> >> ** ** >> >> ** ** >> >> Kind Regards,**** >> >> Thilak**** >> >> ** ** >> >> ** ** >> >> *From:* Deborah Martin [mailto:Deborah.Martin at kognitio.com] >> >> *Sent:* Tuesday, 14 May 2013 6:44 PM >> *To:* Nagios Users List >> *Subject:* Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** >> >> ** ** >> >> Hi, **** >> >> What is the wrong output being returned ? This might give us all a clue as >> to the cause of the problem. **** >> >> When you run the check manually, are you doing this as the same user that >> check_nrpe will use ? **** >> >> ** ** >> >> Regards,**** >> >> Deborah **** >> >> ** ** >> >> ** ** >> >> ** ** >> >> *From:* Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] >> >> *Sent:* 14 May 2013 08:43 >> *To:* nagios-users at lists.sourceforge.net >> *Subject:* [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** >> >> ** ** >> >> Greetings!**** >> >> ** ** >> >> Could someone send me nagios plugin which is tested and works well for >> monitoring IPTABLES in Linux.**** >> >> ** ** >> >> I have tested below script but it is not returning correct output to >> nagios server.**** >> >> ** ** >> >> If I execute script manually, it shows correct output?**** >> >> ** ** >> >> But if I execute via ./check_nrpe ? H localhost ?c check_iptables, it >> shows wrong output.**** >> >> ** ** >> >> ** ** >> >> ** ** >> >> Below is my plugin**** >> >> ------------------------------**** >> >> ** ** >> >> #!/bin/bash**** >> >> set -x**** >> >> ** ** >> >> IPT='/sbin/iptables'**** >> >> GREP='/bin/grep'**** >> >> AWK='/bin/awk'**** >> >> EXPR='/usr/bin/expr'**** >> >> WC='/usr/bin/wc'**** >> >> A='/usr/bin/sudo'**** >> >> ** ** >> >> E_SUCCESS="0"**** >> >> E_CRITICAL="2"**** >> >> E_UNKNOWN="3"**** >> >> ** ** >> >> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | >> $WC -l`**** >> >> ** ** >> >> if [ $CHAINS -ne 0 ] ; then**** >> >> echo "Firewall is running!"**** >> >> exit ${E_SUCCESS}**** >> >> ** ** >> >> elif [ $CHAINS -eq 0 ] ; then**** >> >> echo "Firewall is not running"**** >> >> exit ${E_CRITICAL}**** >> >> fi**** >> >> ** ** >> >> -- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From roger at firedrake.org Tue May 14 13:20:41 2013 From: roger at firedrake.org (Roger Bell_West) Date: Tue, 14 May 2013 12:20:41 +0100 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <51921C17.3090905@ufz.de> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <51921C17.3090905@ufz.de> Message-ID: <20130514112041.GA23513@firedrake.org> On Tue, May 14, 2013 at 01:12:23PM +0200, Werner Flamme wrote: >Sunil Sankar [14.05.2013 12:41]: >> try setting the suid for this script >Set a script suid? Which operating system supports that? Better would be to enable the NRPE user to run a specific iptables invocation via sudoers. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From marcelofenner at gmail.com Tue May 14 14:54:09 2013 From: marcelofenner at gmail.com (Marcelo Fenner Bitencourt) Date: Tue, 14 May 2013 09:54:09 -0300 Subject: check RSTP Message-ID: Good morning , i have one doubt about rstp bridges ... i did two different paths to my RouterOS bridges, both with rstp enable, now i need monitoring this values. I someone know any plugin for nagios who work well, please send me some idea... I cnt locate this on nagios plugins, thanks in advanced. Best regards; Marcelo -- ______________________________ Marcelo Fenner Bitencourt -- -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From marcelofenner at gmail.com Tue May 14 15:32:11 2013 From: marcelofenner at gmail.com (Marcelo Fenner Bitencourt) Date: Tue, 14 May 2013 10:32:11 -0300 Subject: Check-RSTP Message-ID: Good morning , i have one doubt about rstp bridges ... i did two different paths to my RouterOS bridges, both with rstp enable, now i need monitoring this values. I someone know any plugin for nagios who work well, please send me some idea... I cnt locate this on nagios plugins, thanks in advanced. Best regards; -- ______________________________ Marcelo Fenner Bitencourt -- -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Tue May 14 15:48:15 2013 From: ae at op5.se (Andreas Ericsson) Date: Tue, 14 May 2013 15:48:15 +0200 Subject: svn -> git conversion Message-ID: <5192409F.4020006@op5.se> As of today, the migration from subversion to git has been completed. The new git repository is still hosted at sourceforge. You can clone the repository using the following command: git clone git://git.code.sf.net/p/nagios/nagioscore and then browse the code locally in your own nagioscore folder. The svn repository will be decommisioned without further warning, so anyone who likes to stick to the bleeding edge of Nagios core should migrate to git ASAP. Cheers -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d From Maria.Mercedes.Pozzo at everis.com Tue May 14 16:48:10 2013 From: Maria.Mercedes.Pozzo at everis.com (=?iso-8859-1?Q?Mar=EDa_Mercedes_Pozzo?=) Date: Tue, 14 May 2013 14:48:10 +0000 Subject: check_upd Message-ID: <90C623B743F3F74D88ED4B278092254CA48057@INFPROMBX11.usersad.everis.int> Hi! I'm using de check_udp plugin and couldn't make it work. Don't know how to get the values for the -s and -e option: [-s ] & [-e ] Checked a lot of possibilities and any of them were the correct one. Can you tell me how to get them? sh-4.1# /usr/lib64/nagios/plugins/check_udp -v -H 172.22.1.151 -p 5405 -s "0x2" -e "0x6" Using service UDP Port: 5405 flags: 0x2 Send string: 0x2 server_expect_count: 1 0: 0x6 CRITICAL - Socket timeout after 10 seconds sh-4.1# netstat -pan |grep 5405 udp 0 0 172.22.1.151:5405 0.0.0.0:* 1590/corosync Regards and thanks a lot Saludos y Gracias [Descripci?n: Sin t?tulo] ________________________________ AVISO DE CONFIDENCIALIDAD. Este correo y la informaci?n contenida o adjunta al mismo es privada y confidencial y va dirigida exclusivamente a su destinatario. everis informa a quien pueda haber recibido este correo por error que contiene informaci?n confidencial cuyo uso, copia, reproducci?n o distribuci?n est? expresamente prohibida. Si no es Vd. el destinatario del mismo y recibe este correo por error, le rogamos lo ponga en conocimiento del emisor y proceda a su eliminaci?n sin copiarlo, imprimirlo o utilizarlo de ning?n modo. CONFIDENTIALITY WARNING. This message and the information contained in or attached to it are private and confidential and intended exclusively for the addressee. everis informs to whom it may receive it in error that it contains privileged information and its use, copy, reproduction or distribution is prohibited. If you are not an intended recipient of this E-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute any portion of this E-mail. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 19913 bytes Desc: image002.jpg URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From justinp at norchemlab.com Wed May 15 18:45:40 2013 From: justinp at norchemlab.com (Justin T Pryzby) Date: Wed, 15 May 2013 09:45:40 -0700 Subject: check_upd In-Reply-To: <90C623B743F3F74D88ED4B278092254CA48057@INFPROMBX11.usersad.everis.int> References: <90C623B743F3F74D88ED4B278092254CA48057@INFPROMBX11.usersad.everis.int> Message-ID: <20130515164540.GA8184@norchemlab.com> On Tue, May 14, 2013 at 02:48:10PM +0000, Mar?a Mercedes Pozzo wrote: > I'm using de check_udp plugin and couldn't make it work. Don't know how to get the values for the -s and -e option: [-s ] & [-e ] > > Checked a lot of possibilities and any of them were the correct one. Can you tell me how to get them? > > sh-4.1# /usr/lib64/nagios/plugins/check_udp -v -H 172.22.1.151 -p 5405 -s "0x2" -e "0x6" It says "service timed out" which seems to mean it's either firewalled, or otherwise didn't respond (bad input, etc). Are you able to interact with that service from the nagios machine in some other way? I believe the -s and -e strings are normal "strings", not hex-encoded. You might use -s "`printf "\x02"`" -e "`printf "\x06"`" (that may need to be double escaped depending on context). Justin ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Joel.Roberts at pinkardcc.com Wed May 15 22:24:29 2013 From: Joel.Roberts at pinkardcc.com (Joel Roberts) Date: Wed, 15 May 2013 20:24:29 +0000 Subject: Nagios3 switch.cfg Message-ID: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> I'm deploying a new Nagios server on Debian Linux 6. Have installed the Nagios3 packages, am able to log into the web interface. I'm trying to monitor our network switches and routers, the nagios3.cfg file points to /etc/nagios3/objects/switch.cfg. That folder doesn't exist, the .cfg files are all under /etc/nagios3/conf.d/, but there is no switch.cfg file. So I've created one from scratch, just trying to get the first switch in, but when I try to verify the config files I get the following error: Error: Could not add property in file '/etc/nagios3/conf.d/switch_nagios2.cfg on line 3. Error processing object config files. I've created the file from scratch, but pretty basic stuff, line 3 is just the host_name entry: Define host{ use generic-host host-name cisco2811 alias Cisco 2811 Router address xxx.xxx.xxx.xxx hostgroups allhosts,network-switches } The documentation I've found still lists host-name as a valid entry, not sure what's going on, any help would be appreciated. Thanks in advance, Joel -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Wed May 15 23:20:45 2013 From: ae at op5.se (Andreas Ericsson) Date: Wed, 15 May 2013 23:20:45 +0200 Subject: Nagios3 switch.cfg In-Reply-To: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> Message-ID: <5193FC2D.3010205@op5.se> On 05/15/2013 10:24 PM, Joel Roberts wrote: > I'm deploying a new Nagios server on Debian Linux 6. Have installed the Nagios3 packages, am able to log into the web interface. I'm trying to monitor our network switches and routers, the nagios3.cfg file points to /etc/nagios3/objects/switch.cfg. That folder doesn't exist, the .cfg files are all under /etc/nagios3/conf.d/, but there is no switch.cfg file. So I've created one from scratch, just trying to get the first switch in, but when I try to verify the config files I get the following error: > > Error: Could not add property in file '/etc/nagios3/conf.d/switch_nagios2.cfg on line 3. Error processing object config files. > > I've created the file from scratch, but pretty basic stuff, line 3 is just the host_name entry: > > Define host{ > use generic-host > host-name cisco2811 > alias Cisco 2811 Router > address xxx.xxx.xxx.xxx > hostgroups allhosts,network-switches > } > > The documentation I've found still lists host-name as a valid entry, not sure what's going on, any help would be appreciated. > host_name, not host-name. Programs tend to be picky about that sort of thing... -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Joel.Roberts at pinkardcc.com Wed May 15 23:25:36 2013 From: Joel.Roberts at pinkardcc.com (Joel Roberts) Date: Wed, 15 May 2013 21:25:36 +0000 Subject: FW: Nagios3 switch.cfg In-Reply-To: <5193FC2D.3010205@op5.se> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> <5193FC2D.3010205@op5.se> Message-ID: <2F01CFA24B5CA043A825D93CC015A7881F62D1DF@LWMAILSERVER1.pinkard.com> Typo in the email post, I do have host_name in the .cfg file, not host-name. Still returning error. Thank you, Joel -----Original Message----- From: Andreas Ericsson [mailto:ae at op5.se] Sent: Wednesday, May 15, 2013 3:21 PM To: Nagios Users List Cc: Joel Roberts Subject: Re: [Nagios-users] Nagios3 switch.cfg On 05/15/2013 10:24 PM, Joel Roberts wrote: > I'm deploying a new Nagios server on Debian Linux 6. Have installed the Nagios3 packages, am able to log into the web interface. I'm trying to monitor our network switches and routers, the nagios3.cfg file points to /etc/nagios3/objects/switch.cfg. That folder doesn't exist, the .cfg files are all under /etc/nagios3/conf.d/, but there is no switch.cfg file. So I've created one from scratch, just trying to get the first switch in, but when I try to verify the config files I get the following error: > > Error: Could not add property in file '/etc/nagios3/conf.d/switch_nagios2.cfg on line 3. Error processing object config files. > > I've created the file from scratch, but pretty basic stuff, line 3 is just the host_name entry: > > Define host{ > use generic-host > host-name cisco2811 > alias Cisco 2811 Router > address xxx.xxx.xxx.xxx > hostgroups allhosts,network-switches > } > > The documentation I've found still lists host-name as a valid entry, not sure what's going on, any help would be appreciated. > host_name, not host-name. Programs tend to be picky about that sort of thing... -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From palli at ok.is Thu May 16 00:39:29 2013 From: palli at ok.is (=?utf-8?Q?P=C3=A1ll_Gu=C3=B0j=C3=B3n_Sigur=C3=B0sson?=) Date: Wed, 15 May 2013 22:39:29 -0000 (GMT) Subject: svn -> git conversion In-Reply-To: <5192409F.4020006@op5.se> References: <5192409F.4020006@op5.se> Message-ID: <027c3ce2-611e-4303-99de-6117cb2f1a3b@zimbra.okhysing.is> +like on moving to git. To celebrate i sent you a micro pull request on github. - Palli ----- Original Message ----- From: "Andreas Ericsson" To: "nagios-devel" , Nagios-users at lists.sourceforge.net Sent: Tuesday, May 14, 2013 1:48:15 PM Subject: [Nagios-users] svn -> git conversion As of today, the migration from subversion to git has been completed. The new git repository is still hosted at sourceforge. You can clone the repository using the following command: git clone git://git.code.sf.net/p/nagios/nagioscore and then browse the code locally in your own nagioscore folder. The svn repository will be decommisioned without further warning, so anyone who likes to stick to the bleeding edge of Nagios core should migrate to git ASAP. Cheers -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From tnelsonp at comcast.net Thu May 16 02:20:14 2013 From: tnelsonp at comcast.net (tnelsonp at comcast.net) Date: Thu, 16 May 2013 00:20:14 +0000 (UTC) Subject: Nagios3 switch.cfg In-Reply-To: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> Message-ID: <736706784.91253.1368663614471.JavaMail.root@sz0027a.westchester.pa.mail.comcast.net> Is it possible that the name 'cisco2811' has already defined as a host_name? Below is a copy of a vanilla switch.cfg file I pulled from one on my machines. It may help as you build out the configuration. nelson ----- Original Message ----- From: "Joel Roberts" To: nagios-users at lists.sourceforge.net Sent: Wednesday, May 15, 2013 4:24:29 PM Subject: [Nagios-users] Nagios3 switch.cfg I?m deploying a new Nagios server on Debian Linux 6. Have installed the Nagios3 packages, am able to log into the web interface. I?m trying to monitor our network switches and routers, the nagios3.cfg file points to /etc/nagios3/objects/switch.cfg. That folder doesn?t exist, the .cfg files are all under /etc/nagios3/conf.d/, but there is no switch.cfg file. So I?ve created one from scratch, just trying to get the first switch in, but when I try to verify the config files I get the following error: Error: Could not add property in file ?/etc/nagios3/conf.d/switch_nagios2.cfg on line 3. Error processing object config files. I?ve created the file from scratch, but pretty basic stuff, line 3 is just the host_name entry: Define host{ use generic-host host-name cisco2811 alias Cisco 2811 Router address xxx.xxx.xxx.xxx hostgroups allhosts,network-switches } The documentation I?ve found still lists host-name as a valid entry, not sure what?s going on, any help would be appreciated. Thanks in advance, Joel ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null --------------------------------------------------------------------------------------------------------------------------------- Sample switch.cfg: ############################################################################### # SWITCH.CFG - SAMPLE CONFIG FILE FOR MONITORING A SWITCH # # Last Modified: 10-03-2007 # # NOTES: This config file assumes that you are using the sample configuration # files that get installed with the Nagios quickstart guide. # ############################################################################### ############################################################################### ############################################################################### # # HOST DEFINITIONS # ############################################################################### ############################################################################### # Define the switch that we'll be monitoring define host{ use generic-switch ; Inherit default values from a template host_name linksys-srw224p ; The name we're giving to this switch alias Linksys SRW224P Switch ; A longer name associated with the switch address 192.168.1.253 ; IP address of the switch hostgroups switches ; Host groups this switch is associated with } ############################################################################### ############################################################################### # # HOST GROUP DEFINITIONS # ############################################################################### ############################################################################### # Create a new hostgroup for switches define hostgroup{ hostgroup_name switches ; The name of the hostgroup alias Network Switches ; Long name of the group } ############################################################################### ############################################################################### # # SERVICE DEFINITIONS # ############################################################################### ############################################################################### # Create a service to PING to switch define service{ use generic-service ; Inherit values from a template host_name linksys-srw224p ; The name of the host the service is associated with service_description PING ; The service description check_command check_ping!200.0,20%!600.0,60% ; The command used to monitor the service normal_check_interval 5 ; Check the service every 5 minutes under normal conditions retry_check_interval 1 ; Re-check the service every minute until its final/hard state is determined } # Monitor uptime via SNMP define service{ use generic-service ; Inherit values from a template host_name linksys-srw224p service_description Uptime check_command check_snmp!-C public -o sysUpTime.0 } # Monitor Port 1 status via SNMP define service{ use generic-service ; Inherit values from a template host_name linksys-srw224p service_description Port 1 Link Status check_command check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB } # Monitor bandwidth via MRTG logs define service{ use generic-service ; Inherit values from a template host_name linksys-srw224p service_description Port 1 Bandwidth Usage check_command check_local_mrtgtraf!/var/lib/mrtg/192.168.1.253_1.log!AVG!1000000,1000000!5000000,5000000!10 } ############################################################################### -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Thu May 16 09:53:24 2013 From: ae at op5.se (Andreas Ericsson) Date: Thu, 16 May 2013 09:53:24 +0200 Subject: FW: Nagios3 switch.cfg In-Reply-To: <2F01CFA24B5CA043A825D93CC015A7881F62D1DF@LWMAILSERVER1.pinkard.com> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> <5193FC2D.3010205@op5.se> <2F01CFA24B5CA043A825D93CC015A7881F62D1DF@LWMAILSERVER1.pinkard.com> Message-ID: <51949074.90101@op5.se> On 2013-05-15 23:25, Joel Roberts wrote: > Typo in the email post, I do have host_name in the .cfg file, not host-name. Still returning error. > You also have "Define" instead of "define". Copy-typing is pretty much frowned upon for reasons like that. While at it, you may want to make sure you're not using windowsy line-endings. I know some versions of Nagios complains about that, but since you haven't specified the exact version of Nagios you're using it's impossible to say if that affects you. One thing strikes me as odd though; Nagios has never had an error message that goes "Could not add property". Are you sure you're using Nagios and not some bastard version of it? Or perhaps you just manually copied it by re-typing the error message from memory. Please don't do that. It takes longer for you and makes those who can answer your questions doubt your competence. Now; If you attach your switch_nagios2.cfg file, I'm sure we can solve the issue quite quickly. If you insist on copy-typing and keep getting things wrong, you'll be on your own. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Joel.Roberts at pinkardcc.com Thu May 16 16:30:25 2013 From: Joel.Roberts at pinkardcc.com (Joel Roberts) Date: Thu, 16 May 2013 14:30:25 +0000 Subject: FW: Nagios3 switch.cfg In-Reply-To: <51949074.90101@op5.se> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> <5193FC2D.3010205@op5.se> <2F01CFA24B5CA043A825D93CC015A7881F62D1DF@LWMAILSERVER1.pinkard.com> <51949074.90101@op5.se> Message-ID: <2F01CFA24B5CA043A825D93CC015A7881F62D394@LWMAILSERVER1.pinkard.com> Attached is the .cfg file. The "Define" was done by the email client, as you can see in the .cfg file, define host is entered correctly, as is host-name. The Nagios installation is on Debian Linux 6.0.7 "Squeeze." It was installed from the packages included with the distro. The version of Nagios is 3.2.1 All editing of the .cfg files was done via vi in Linux console, no Windows involved. Thank you, Joel -----Original Message----- From: Andreas Ericsson [mailto:ae at op5.se] Sent: Thursday, May 16, 2013 1:53 AM To: Nagios Users List Cc: Joel Roberts Subject: Re: [Nagios-users] FW: Nagios3 switch.cfg On 2013-05-15 23:25, Joel Roberts wrote: > Typo in the email post, I do have host_name in the .cfg file, not host-name. Still returning error. > You also have "Define" instead of "define". Copy-typing is pretty much frowned upon for reasons like that. While at it, you may want to make sure you're not using windowsy line-endings. I know some versions of Nagios complains about that, but since you haven't specified the exact version of Nagios you're using it's impossible to say if that affects you. One thing strikes me as odd though; Nagios has never had an error message that goes "Could not add property". Are you sure you're using Nagios and not some bastard version of it? Or perhaps you just manually copied it by re-typing the error message from memory. Please don't do that. It takes longer for you and makes those who can answer your questions doubt your competence. Now; If you attach your switch_nagios2.cfg file, I'm sure we can solve the issue quite quickly. If you insist on copy-typing and keep getting things wrong, you'll be on your own. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. -------------- next part -------------- A non-text attachment was scrubbed... Name: switch_nagios2.cfg Type: application/octet-stream Size: 152 bytes Desc: switch_nagios2.cfg URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From kfelipe at gmail.com Thu May 16 17:03:41 2013 From: kfelipe at gmail.com (Felipe) Date: Thu, 16 May 2013 17:03:41 +0200 Subject: Pasiuve service check undependent of Host check Message-ID: Hello experts, Although we have been running Nagios for a while, I couldn't manage to solve this issue: We would liek to have a Service Check (passive) independent from the host check in order to send notifications We get something liket his: 12:03:05 HOST down 1/2 12:03:50 PASIVE ALARM - it does not trigger notification because dependency on HOST 12:04:05 HOST up And we've lost an important alarm, basically a host reboot. This has happened several times in our VMware environemtn (they reboot specially fast). I know that the answer can be simple, but I got blind looking at the problem. Probably wrong question, so sorry if this was so trivial. thanks in advance and regards, kfelipe -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From CSantana at noz.fr Thu May 16 15:59:46 2013 From: CSantana at noz.fr (CSantana at noz.fr) Date: Thu, 16 May 2013 15:59:46 +0200 Subject: check_openmanage on ESXi 5.0 Message-ID: Hello, I'm using nagios with the check_openmanage plugins to checks my ESX servers running on Dell PowerEdge R710. The plugin working fine whith my ESX on version 4.1 but my problem is that I recently upgrade it on VMware ESXi 5.0.0 Update 2 and then check_openmanage plugin return this error: ERROR: (SNMP) OpenManage is not installed or is not working correctly I install OpenManage 7.0.0 on my ESX 5.0 (I follow this steps): Steps to install OpenManage. 1. Downloaded OpenManage VIB from Dell http://www.dell.com/support/drivers/us/en/g_5/DriverDetails/DriverFileFormats?DriverId=N3R0H&FileId=2773322235 2. Uploaded VIB to ESX host and placed in /var/log/vmware/ 3. SSH to host as root 4. ran command esxcli software vib install -d /var/log/vmware/OM-SrvAdmin-Dell-Web-6.5.0-542907.VIB-ESX50i_A02.zip 5. After software install, I rebooted the host. And nothing better... SNMP works and respond to standards OIDs, my check is set with the correct SNMP community name. I have no idea of where can be the problem... Thanks if you have a solution for my problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Thu May 16 21:10:41 2013 From: ae at op5.se (Andreas Ericsson) Date: Thu, 16 May 2013 21:10:41 +0200 Subject: FW: Nagios3 switch.cfg In-Reply-To: <2F01CFA24B5CA043A825D93CC015A7881F62D394@LWMAILSERVER1.pinkard.com> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> <5193FC2D.3010205@op5.se> <2F01CFA24B5CA043A825D93CC015A7881F62D1DF@LWMAILSERVER1.pinkard.com> <51949074.90101@op5.se> <2F01CFA24B5CA043A825D93CC015A7881F62D394@LWMAILSERVER1.pinkard.com> Message-ID: <51952F31.5010701@op5.se> On 05/16/2013 04:30 PM, Joel Roberts wrote: > Attached is the .cfg file. The "Define" was done by the email client, > as you can see in the .cfg file, define host is entered correctly, as > is host-name. > > The Nagios installation is on Debian Linux 6.0.7 "Squeeze." It was > installed from the packages included with the distro. The version of > Nagios is 3.2.1 > Well, that particular config file should work just fine. Try upgrading from sources and see if that works better. It passes with Nagios 4 at least. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Joel.Roberts at pinkardcc.com Fri May 17 00:15:22 2013 From: Joel.Roberts at pinkardcc.com (Joel Roberts) Date: Thu, 16 May 2013 22:15:22 +0000 Subject: FW: Nagios3 switch.cfg In-Reply-To: <51952F31.5010701@op5.se> References: <2F01CFA24B5CA043A825D93CC015A7881F62CF59@LWMAILSERVER1.pinkard.com> <5193FC2D.3010205@op5.se> <2F01CFA24B5CA043A825D93CC015A7881F62D1DF@LWMAILSERVER1.pinkard.com> <51949074.90101@op5.se> <2F01CFA24B5CA043A825D93CC015A7881F62D394@LWMAILSERVER1 <51952F31.5010701@op5.se> Message-ID: <2F01CFA24B5CA043A825D93CC015A7881F62EB86@LWMAILSERVER1.pinkard.com> I think I found the issue, it looks like the templates.cfg.gz didn't unzip and put out all the default templates. After extracting it and slicing it up into the standard .cfg files, I'm able to add hosts now, will try switches next. Thank you, Joel -----Original Message----- From: Andreas Ericsson [mailto:ae at op5.se] Sent: Thursday, May 16, 2013 1:11 PM To: Nagios Users List Cc: Joel Roberts Subject: Re: [Nagios-users] FW: Nagios3 switch.cfg On 05/16/2013 04:30 PM, Joel Roberts wrote: > Attached is the .cfg file. The "Define" was done by the email client, > as you can see in the .cfg file, define host is entered correctly, as > is host-name. > > The Nagios installation is on Debian Linux 6.0.7 "Squeeze." It was > installed from the packages included with the distro. The version of > Nagios is 3.2.1 > Well, that particular config file should work just fine. Try upgrading from sources and see if that works better. It passes with Nagios 4 at least. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From RWerner at pomwonderful.com Fri May 17 00:36:43 2013 From: RWerner at pomwonderful.com (Werner, Robert) Date: Thu, 16 May 2013 22:36:43 +0000 Subject: check_openmanage on ESXi 5.0 In-Reply-To: References: Message-ID: <3D480E2907FD164191FE65820A669FFF8AA3E7A6@POM-LA-MBX02.pomwonderful.com> check_openmanage doesn't seem to work with ESXi 5.x . Anyway, there is another plugin is use for this purpose: http://www.claudiokuenzler.com/nagios-plugins/check_esxi_hardware.php it allows me to get the same checks I was getting through open manage from ESXi hosts and it works on several different vendors hardware. The only difficulties I've had are that the CIM service stoped working the other day and I had to restart it. You do need to have a valid user and password to connect to the ESXi server. Check it out though. -- Robert G. Werner Oracle Apps Systems Administrator rwerner at pomwonderful.com 559.521.5089 ________________________________ From: CSantana at noz.fr [CSantana at noz.fr] Sent: Thursday, May 16, 2013 6:59 AM To: nagios-users at lists.sourceforge.net Subject: [Nagios-users] check_openmanage on ESXi 5.0 Hello, I'm using nagios with the check_openmanage plugins to checks my ESX servers running on Dell PowerEdge R710. The plugin working fine whith my ESX on version 4.1 but my problem is that I recently upgrade it on VMware ESXi 5.0.0 Update 2 and then check_openmanage plugin return this error: ERROR: (SNMP) OpenManage is not installed or is not working correctly I install OpenManage 7.0.0 on my ESX 5.0 (I follow this steps): Steps to install OpenManage. 1. Downloaded OpenManage VIB from Dell http://www.dell.com/support/drivers/us/en/g_5/DriverDetails/DriverFileFormats?DriverId=N3R0H&FileId=2773322235 2. Uploaded VIB to ESX host and placed in /var/log/vmware/ 3. SSH to host as root 4. ran command esxcli software vib install -d /var/log/vmware/OM-SrvAdmin-Dell-Web-6.5.0-542907.VIB-ESX50i_A02.zip 5. After software install, I rebooted the host. And nothing better... SNMP works and respond to standards OIDs, my check is set with the correct SNMP community name. I have no idea of where can be the problem... Thanks if you have a solution for my problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From james.osbourn at citrix.com Tue May 21 13:49:48 2013 From: james.osbourn at citrix.com (James Osbourn) Date: Tue, 21 May 2013 11:49:48 +0000 Subject: Tactical overview host and service health Message-ID: <6F79E23ED1278E41A41A952F9A63394F0BBB3C@LONPEX01CL02.citrite.net> Can someone tell me how the host health and service health as a percentage are calculated? On the tactical overview page I see the two bars showing the overall health. I am interested in using the same information in an internal dashboard and would need to have a way of calculating the values from multiple Nagios instances. Thanks James ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From peterwood.sd at gmail.com Tue May 21 22:49:09 2013 From: peterwood.sd at gmail.com (Peter Wood) Date: Tue, 21 May 2013 13:49:09 -0700 Subject: Same contact - two different notification methods Message-ID: Hi, I have two services monitoring http on two servers: http on server1 - Email notifications http on server2 - Email + SMS notifications Http on server1 is not critical and notifications should go out via email. Http on server2 is critical and notifications should go out via email and SMS. The only place where I can setup how an user should be contacted is in the contact definition. Does that mean I have to create two contact definitions for each user: one for email notifications and one for sms notifications? For example: define contact { contact_name user1 ... email user1 at company.com } define contact { contact_name user1-sms ... email @txt.att.net ; I have AT&T but it can be any other email-to-sms service } define service { host_name server1 ... contacts user1 } define service { host_name server2 ... contacts user1-sms } Am I missing something? Is there a way to do it without creating two contact definitions for the same user? Thanks, -- Peter -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From sjcarr at gmail.com Tue May 21 23:10:18 2013 From: sjcarr at gmail.com (Steven Carr) Date: Tue, 21 May 2013 22:10:18 +0100 Subject: Same contact - two different notification methods In-Reply-To: References: Message-ID: Yes, you create separate contacts. AFAIK there is no way to distinguish which alert method you want to use, so unless the user wants to be SMS'd about every notification you need to separate them out. On 21 May 2013 21:49, Peter Wood wrote: > Hi, > > I have two services monitoring http on two servers: > http on server1 - Email notifications > http on server2 - Email + SMS notifications > > Http on server1 is not critical and notifications should go out via email. > Http on server2 is critical and notifications should go out via email and > SMS. > > The only place where I can setup how an user should be contacted is in the > contact definition. > > Does that mean I have to create two contact definitions for each user: one > for email notifications and one for sms notifications? > > For example: > > define contact { > contact_name user1 > ... > email user1 at company.com > } > > define contact { > contact_name user1-sms > ... > email @txt.att.net ; I have AT&T but it can be any other > email-to-sms service > } > > define service { > host_name server1 > ... > contacts user1 > } > > define service { > host_name server2 > ... > contacts user1-sms > } > > Am I missing something? Is there a way to do it without creating two contact > definitions for the same user? > > Thanks, > > -- Peter > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From peterwood.sd at gmail.com Tue May 21 23:59:28 2013 From: peterwood.sd at gmail.com (Peter Wood) Date: Tue, 21 May 2013 14:59:28 -0700 Subject: Same contact - two different notification methods In-Reply-To: References: Message-ID: Thanks Steve. It would have been nice if I can define [host|service]_notification_commands in the service definition. This way one can create notify-by-pager command that will use the pager directive in the contact definition. Feature request I guess. -- Peter On Tue, May 21, 2013 at 2:10 PM, Steven Carr wrote: > Yes, you create separate contacts. AFAIK there is no way to > distinguish which alert method you want to use, so unless the user > wants to be SMS'd about every notification you need to separate them > out. > > > On 21 May 2013 21:49, Peter Wood wrote: > > Hi, > > > > I have two services monitoring http on two servers: > > http on server1 - Email notifications > > http on server2 - Email + SMS notifications > > > > Http on server1 is not critical and notifications should go out via > email. > > Http on server2 is critical and notifications should go out via email and > > SMS. > > > > The only place where I can setup how an user should be contacted is in > the > > contact definition. > > > > Does that mean I have to create two contact definitions for each user: > one > > for email notifications and one for sms notifications? > > > > For example: > > > > define contact { > > contact_name user1 > > ... > > email user1 at company.com > > } > > > > define contact { > > contact_name user1-sms > > ... > > email @txt.att.net ; I have AT&T but it can be any > other > > email-to-sms service > > } > > > > define service { > > host_name server1 > > ... > > contacts user1 > > } > > > > define service { > > host_name server2 > > ... > > contacts user1-sms > > } > > > > Am I missing something? Is there a way to do it without creating two > contact > > definitions for the same user? > > > > Thanks, > > > > -- Peter > > > > > ------------------------------------------------------------------------------ > > Try New Relic Now & We'll Send You this Cool Shirt > > New Relic is the only SaaS-based application performance monitoring > service > > that delivers powerful full stack analytics. Optimize and monitor your > > browser, app, & servers with just a few lines of code. Try New Relic > > and get this awesome Nerd Life shirt! > http://p.sf.net/sfu/newrelic_d2d_may > > _______________________________________________ > > Nagios-users mailing list > > Nagios-users at lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/nagios-users > > ::: Please include Nagios version, plugin version (-v) and OS when > reporting > > any issue. > > ::: Messages without supporting info will risk being sent to /dev/null > > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ar at xlrs.de Wed May 22 10:23:57 2013 From: ar at xlrs.de (Axel) Date: Wed, 22 May 2013 10:23:57 +0200 Subject: Same contact - two different notification methods In-Reply-To: References: Message-ID: <519C809D.90507@xlrs.de> Hi, Am 21.05.2013 23:59, schrieb Peter Wood: > Thanks Steve. > > It would have been nice if I can define > [host|service]_notification_commands in the service definition. This way > one can create notify-by-pager command that will use the pager directive > in the contact definition. > > Feature request I guess. You can do this already. Use contact_groups cgroup -mail in your service definition. Rgds, Axel ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From admin at dougware.net Wed May 22 22:42:42 2013 From: admin at dougware.net (Doug Eubanks) Date: Wed, 22 May 2013 16:42:42 -0400 Subject: Escalations and Notification Intervals Message-ID: I have four escalations setup. Overall, they work well, but sometimes I get a RECOVERY and never got a WARNING or CRITICAL, or I'll get a WARNING or CRITICAL and never get the recovery. My guess is that it has to do with my notification intervals. Does that look like the problem? The normal notification is 1 time unit, or 1 minute. Recovery Notifications Escalation Information *First Notification:* #3 Notification *Notification Interval:* 4 Time-Units *Escalation Period:* 24x7 *Escalation Options:* Ok Hourly Notification Escalation Information *First Notification:* #5 Notification *Notification Interval:* 60 Time-Units *Escalation Period:* 24x7 *Escalation Options:* Warning,Unknown,Critical 10 Minute Delay / 4 Minute Page / Max 4 Pages Escalation Information *First Notification:* #2 Notification *Last Notification:* #5 Notification *Notification Interval:* 4 Time-Units *Escalation Period:* 24x7 *Escalation Options:* Warning,Unknown,Critical Thanks, Doug Eubanks admin at dougware.net K1DUG (919) 201-8750 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jeremy.page at gilbarco.com Thu May 23 14:38:33 2013 From: jeremy.page at gilbarco.com (Jeremy Page) Date: Thu, 23 May 2013 08:38:33 -0400 Subject: Not getting notifications when a service is in an UNKNOWN state Message-ID: <519E0DC9.5060206@gilbarco.com> I am not sure what I'm doing wrong, I get notified when it's warning or critical but not unknown... I can't figure out why. Any suggestions? Below is the service check. define service{ hostgroup_name hostgroup-win-2003,hostgroup-win-2008 service_description Windows CPU check check_command check_snmp_load_v1!stand!55!95!!$USER2$ use generic-service-pnp notification_options u,w,c,r notification_period workhours contacts jeremy.page at gilbarco.com check_interval 15 retry_check_interval 10 } and the command definition: define command { command_name check_snmp_load_v1 command_line $USER1$/check_snmp_load.pl -H $HOSTADDRESS$ -C $ARG5$ -T $ARG1$ -w $ARG2$ -c $ARG3$ $ARG4$ -f } Please be advised that this email may contain confidential information. If you are not the intended recipient, please notify us by email by replying to the sender and delete this message. The sender disclaims that the content of this email constitutes an offer to enter into, or the acceptance of, any agreement; provided that the foregoing does not invalidate the binding effect of any digital or other electronic reproduction of a manual signature that is included in any attachment. ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Thu May 23 14:54:51 2013 From: benny at bennyvision.com (C. Bensend) Date: Thu, 23 May 2013 07:54:51 -0500 Subject: Not getting notifications when a service is in an UNKNOWN state In-Reply-To: <519E0DC9.5060206@gilbarco.com> References: <519E0DC9.5060206@gilbarco.com> Message-ID: <97da672d75c31020a05eb3d4040e023a.squirrel@webmail.stinkweasel.net> > I am not sure what I'm doing wrong, I get notified when it's warning or > critical but not unknown... I can't figure out why. Any suggestions? > Below is the service check. > > define service{ > hostgroup_name hostgroup-win-2003,hostgroup-win-2008 > service_description Windows CPU check > check_command check_snmp_load_v1!stand!55!95!!$USER2$ > use generic-service-pnp > notification_options u,w,c,r > notification_period workhours > contacts jeremy.page at gilbarco.com > check_interval 15 > retry_check_interval 10 > } > > and the command definition: > define command { > command_name check_snmp_load_v1 > command_line $USER1$/check_snmp_load.pl -H $HOSTADDRESS$ -C > $ARG5$ -T $ARG1$ -w $ARG2$ -c $ARG3$ $ARG4$ -f > } And your contact definition? -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From grifkon at gmail.com Thu May 23 17:16:46 2013 From: grifkon at gmail.com (Grifonas) Date: Thu, 23 May 2013 18:16:46 +0300 Subject: Check_MK Event Console +Syslog Message-ID: Hi All,**** Has anyone had any success with setting up syslog forwarding to the Check_MK event console? I?ve already got relevant *snmptrapd* entries arrive to the check_mk server local syslog, but I cannot get them to be forwarded to the event console. I followed the instructions on the Check_MK documentation site ( http://mathias-kettner.de/checkmk_mkeventd_traps.html) but the connection between the syslog and the event console doesn?t seem to be working at all. Would be amazing to hear from someone who managed to get this to work! Thanks a million! Cheers, Greg K. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Thu May 23 17:43:49 2013 From: benny at bennyvision.com (C. Bensend) Date: Thu, 23 May 2013 10:43:49 -0500 Subject: Nagios v3.5.0 transitioning immediately to a HARD state upon host problem Message-ID: Hey folks, I recently made two major changes to my Nagios environment: 1) I upgraded to v3.5.0. 2) I moved from a single server to two pollers sending passive results to one central console server. Now, this new distributed system was in place for several months while I tested, and it worked fine. HOWEVER, since this was running in parallel with my production system, notifications were disabled. Hence, I didn't see this problem until I cut over for real and enabled notifications. (please excuse any cut-n-paste ugliness, had to send this info from my work account via Outlook and then try to cleanse and reformat via Squirrelmail) As a test and to capture information, I reboot 'hostname'. This log is from the nagios-console host, which is the host that accepts the passive check results and sends notifications. Here is the console host receiving a service check failure when the host is restarting: May 22 15:57:10 nagios-console nagios: SERVICE ALERT: hostname;/var disk queue;CRITICAL;SOFT;1;Connection refused by host So, the distributed poller system checks the host and sends its results to the console server: May 22 15:57:30 nagios-console nagios: HOST ALERT:hostname;DOWN;SOFT;1;CRITICAL - Host Unreachable (a.b.c.d) And then the centralized server IMMEDIATELY goes into a hard state, which triggers a notification: May 22 15:57:30 nagios-console nagios: HOST ALERT: hostname;DOWN;HARD;1;CRITICAL - Host Unreachable (a.b.c.d) May 22 15:57:30 nagios-console nagios: HOST NOTIFICATION: cbensend;hostname;DOWN;host-notify-by-email-test;CRITICAL - Host Unreachable (a.b.c.d) Um. Wat? Why would the console immediately trigger a hard state? The config files don't support this decision. And this IS a problem with the console server - the distributed monitors continue checking the host for 6 times like they should. But for some reason, the centralized console just immediately calls it a hard state. Definitions on the distributed monitoring host (the one running the actual host and service checks for this host 'hostname': define host { host_name hostname alias Old production Nagios server address a.b.c.d action_url /pnp4nagios/graph?host=$HOSTNAME$ icon_image_alt Red Hat Linux icon_image redhat.png statusmap_image redhat.gd2 check_command check-host-alive check_period 24x7 notification_period 24x7 contact_groups linux-infrastructure-admins use linux-host-template } The linux-host-template on that same system: define host { name linux-host-template register 0 max_check_attempts 6 check_interval 5 retry_interval 1 notification_interval 360 notification_options d,r active_checks_enabled 1 passive_checks_enabled 1 notifications_enabled 1 check_freshness 0 check_period 24x7 notification_period 24x7 check_command check-host-alive contact_groups linux-infrastructure-admins } And said command to determine up or down: define command { command_name check-host-alive command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 5000.0,80% -c 10000.0,100% -p 5 } Definitions on the centralized console host (the one that notifies): define host { host_name hostname alias Old production Nagios server address a.b.c.d action_url /pnp4nagios/graph?host=$HOSTNAME$ icon_image_alt Red Hat Linux icon_image redhat.png statusmap_image redhat.gd2 check_command check-host-alive check_period 24x7 notification_period 24x7 contact_groups linux-infrastructure-admins use linux-host-template,Default_monitor_server } The "Default monitor server" template on the centralized server: define host { name Default_monitor_server register 0 active_checks_enabled 0 passive_checks_enabled 1 notifications_enabled 1 check_freshness 0 freshness_threshold 86400 } And the linux-host-template template on that same centralized host: define host { name linux-host-template register 0 max_check_attempts 6 check_interval 5 retry_interval 1 notification_interval 360 notification_options d,r active_checks_enabled 1 passive_checks_enabled 1 notifications_enabled 1 check_freshness 0 check_period 24x7 notification_period 24x7 check_command check-host-alive contact_groups linux-infrastructure-admins } This is causing some real problems: 1) If a single host polling cycle has a blip, it notifies IMMEDIATELY. 2) Because it notifies immediately, it ignores host dependencies. So, when a WAN link goes down for example, it fires off notifications for *all* hosts at that site as fast as it can, when it should be retrying, and then walking the dependency tree. I do have translate_passive_host_checks=1 on the centralized monitor, but the way I understand it, that shouldn't effect a state going from SOFT to HARD. Am I misinterpreting this? Another variable - I'm using NConf for the configuration management, and it does some templating tricks to help with the distributed monitoring setup. But, all it does is generate config files, and I don't see any evidence in the configs as to why this would be happening. Any help would be greatly appreciated! Benny -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From admin at dougware.net Thu May 23 21:04:52 2013 From: admin at dougware.net (Doug Eubanks) Date: Thu, 23 May 2013 15:04:52 -0400 Subject: Nagios v3.5.0 transitioning immediately to a HARD state upon host problem In-Reply-To: References: Message-ID: I ran into a similar problem, because my template set the service to "* is_volatile=1*". http://nagios.sourceforge.net/docs/3_0/volatileservices.html Check to see if you have this flag enabled. Doug Sincerely, Doug Eubanks admin at dougware.net K1DUG (919) 201-8750 On Thu, May 23, 2013 at 11:43 AM, C. Bensend wrote: > > Hey folks, > > I recently made two major changes to my Nagios environment: > > 1) I upgraded to v3.5.0. > 2) I moved from a single server to two pollers sending passive > results to one central console server. > > Now, this new distributed system was in place for several months > while I tested, and it worked fine. HOWEVER, since this was running > in parallel with my production system, notifications were disabled. > Hence, I didn't see this problem until I cut over for real and > enabled notifications. > > (please excuse any cut-n-paste ugliness, had to send this info from > my work account via Outlook and then try to cleanse and reformat > via Squirrelmail) > > As a test and to capture information, I reboot 'hostname'. This > log is from the nagios-console host, which is the host that accepts > the passive check results and sends notifications. Here is the > console host receiving a service check failure when the host is > restarting: > > May 22 15:57:10 nagios-console nagios: SERVICE ALERT: hostname;/var disk > queue;CRITICAL;SOFT;1;Connection refused by host > > > So, the distributed poller system checks the host and sends its > results to the console server: > > May 22 15:57:30 nagios-console nagios: HOST > ALERT:hostname;DOWN;SOFT;1;CRITICAL - Host Unreachable (a.b.c.d) > > > And then the centralized server IMMEDIATELY goes into a hard state, > which triggers a notification: > > May 22 15:57:30 nagios-console nagios: HOST ALERT: > hostname;DOWN;HARD;1;CRITICAL - Host Unreachable (a.b.c.d) > May 22 15:57:30 nagios-console nagios: HOST NOTIFICATION: > cbensend;hostname;DOWN;host-notify-by-email-test;CRITICAL - > Host Unreachable (a.b.c.d) > > > Um. Wat? Why would the console immediately trigger a hard > state? The config files don't support this decision. And this > IS a problem with the console server - the distributed monitors > continue checking the host for 6 times like they should. But > for some reason, the centralized console just immediately > calls it a hard state. > > Definitions on the distributed monitoring host (the one running > the actual host and service checks for this host 'hostname': > > define host { > host_name hostname > alias Old production Nagios server > address a.b.c.d > action_url /pnp4nagios/graph?host=$HOSTNAME$ > icon_image_alt Red Hat Linux > icon_image redhat.png > statusmap_image redhat.gd2 > check_command check-host-alive > check_period 24x7 > notification_period 24x7 > contact_groups linux-infrastructure-admins > use linux-host-template > } > > The linux-host-template on that same system: > > define host { > name linux-host-template > register 0 > max_check_attempts 6 > check_interval 5 > retry_interval 1 > notification_interval 360 > notification_options d,r > active_checks_enabled 1 > passive_checks_enabled 1 > notifications_enabled 1 > check_freshness 0 > check_period 24x7 > notification_period 24x7 > check_command check-host-alive > contact_groups linux-infrastructure-admins > } > > And said command to determine up or down: > > define command { > command_name check-host-alive > command_line $USER1$/check_ping -H $HOSTADDRESS$ -w > 5000.0,80% -c 10000.0,100% -p 5 > } > > > Definitions on the centralized console host (the one that notifies): > > define host { > host_name hostname > alias Old production Nagios server > address a.b.c.d > action_url /pnp4nagios/graph?host=$HOSTNAME$ > icon_image_alt Red Hat Linux > icon_image redhat.png > statusmap_image redhat.gd2 > check_command check-host-alive > check_period 24x7 > notification_period 24x7 > contact_groups linux-infrastructure-admins > use linux-host-template,Default_monitor_server > } > > The "Default monitor server" template on the centralized server: > > define host { > name Default_monitor_server > register 0 > active_checks_enabled 0 > passive_checks_enabled 1 > notifications_enabled 1 > check_freshness 0 > freshness_threshold 86400 > } > > And the linux-host-template template on that same centralized host: > > define host { > name linux-host-template > register 0 > max_check_attempts 6 > check_interval 5 > retry_interval 1 > notification_interval 360 > notification_options d,r > active_checks_enabled 1 > passive_checks_enabled 1 > notifications_enabled 1 > check_freshness 0 > check_period 24x7 > notification_period 24x7 > check_command check-host-alive > contact_groups linux-infrastructure-admins > } > > > This is causing some real problems: > > 1) If a single host polling cycle has a blip, it notifies > IMMEDIATELY. > 2) Because it notifies immediately, it ignores host dependencies. > So, when a WAN link goes down for example, it fires off > notifications for *all* hosts at that site as fast as it can, > when it should be retrying, and then walking the dependency tree. > > I do have translate_passive_host_checks=1 on the centralized > monitor, but the way I understand it, that shouldn't effect a > state going from SOFT to HARD. Am I misinterpreting this? > > Another variable - I'm using NConf for the configuration management, > and it does some templating tricks to help with the distributed > monitoring setup. But, all it does is generate config files, and I > don't see any evidence in the configs as to why this would be > happening. > > Any help would be greatly appreciated! > > Benny > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people > over there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > > > > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From adubey at ramtech-corp.com Wed May 22 23:13:01 2013 From: adubey at ramtech-corp.com (Atul Dubey) Date: Thu, 23 May 2013 02:43:01 +0530 Subject: command for por monitor Message-ID: <002001ce5731$24bb1ee0$6e315ca0$@ramtech-corp.com> Dear Team, Actually I have to monitor my server's all the service like smtp ( port 25) and pop3 (port 110). Kindly help me to configure it. Regards, Atul Dubey 7838370198 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From gkonradt at markets.com Thu May 23 16:50:16 2013 From: gkonradt at markets.com (Greg Konradt) Date: Thu, 23 May 2013 14:50:16 +0000 Subject: Check_MK Event Console +Syslog Message-ID: <931F62FC56D33A41BE84BF59316AD55D041F5BF8@TFX-IL-MAIL2.tt.dom> Hi All, Has anyone had any success with setting up syslog forwarding to the Check_MK event console? I've already got relevant snmptrapd entries arrive to the check_mk server local syslog, but I cannot get them to be forwarded to the event console. I followed the instructions on the Check_MK documentation site (http://mathias-kettner.de/checkmk_mkeventd_traps.html) but the connection between the syslog and the event console doesn't seem to be working at all. Would be amazing to hear from someone who managed to get this to work! Thanks a million! Cheers, Greg K. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From sjcarr at gmail.com Thu May 23 21:52:39 2013 From: sjcarr at gmail.com (Steven Carr) Date: Thu, 23 May 2013 20:52:39 +0100 Subject: command for por monitor In-Reply-To: <002001ce5731$24bb1ee0$6e315ca0$@ramtech-corp.com> References: <002001ce5731$24bb1ee0$6e315ca0$@ramtech-corp.com> Message-ID: http://nagiosplugins.org/man On 22 May 2013 22:13, Atul Dubey wrote: > Dear Team, > > Actually I have to monitor my server?s all the service like smtp ( port 25) > and pop3 (port 110). > > Kindly help me to configure it. > > > > Regards, > > Atul Dubey > > 7838370198 > > > > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Thu May 23 22:56:40 2013 From: benny at bennyvision.com (C. Bensend) Date: Thu, 23 May 2013 15:56:40 -0500 Subject: Nagios v3.5.0 transitioning immediately to a HARD state upon host problem In-Reply-To: References: Message-ID: <5993bcd9608f96e6dc44280c3303115d.squirrel@webmail.stinkweasel.net> > I ran into a similar problem, because my template set the service to "* > is_volatile=1*". > > http://nagios.sourceforge.net/docs/3_0/volatileservices.html Hrmmm. Good point... However, is_volatile does not appear in any of my configuration files, for any of the Nagios servers. It isn't set by default, is it? The Nagios "config.cgi" page doesn't even list it, and livestatus (what I use to query my running daemon) doesn't give it as a column it can query. I can't imagine it's on by default in v3.5.0, but I can't really tell if it is or not. I can try explicitly *disabling* it in all hosts, but I can't really test that at the moment - out of here for a long weekend in a few minutes. If it gets annoying enough over the weekend, I might *have* to test that theory. Thank you very much. I will still appreciate any input others can give on this question - it just doesn't seem to be behaving as it's configured! Benny -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From ae at op5.se Fri May 24 09:42:37 2013 From: ae at op5.se (Andreas Ericsson) Date: Fri, 24 May 2013 09:42:37 +0200 Subject: Nagios v3.5.0 transitioning immediately to a HARD state upon host problem In-Reply-To: References: Message-ID: <519F19ED.1020501@op5.se> On 2013-05-23 17:43, C. Bensend wrote: > > Hey folks, > > I recently made two major changes to my Nagios environment: > > 1) I upgraded to v3.5.0. > 2) I moved from a single server to two pollers sending passive > results to one central console server. > > Now, this new distributed system was in place for several months > while I tested, and it worked fine. HOWEVER, since this was running > in parallel with my production system, notifications were disabled. > Hence, I didn't see this problem until I cut over for real and > enabled notifications. > > (please excuse any cut-n-paste ugliness, had to send this info from > my work account via Outlook and then try to cleanse and reformat > via Squirrelmail) > > As a test and to capture information, I reboot 'hostname'. This > log is from the nagios-console host, which is the host that accepts > the passive check results and sends notifications. Here is the > console host receiving a service check failure when the host is > restarting: > > May 22 15:57:10 nagios-console nagios: SERVICE ALERT: hostname;/var disk > queue;CRITICAL;SOFT;1;Connection refused by host > > > So, the distributed poller system checks the host and sends its > results to the console server: > > May 22 15:57:30 nagios-console nagios: HOST > ALERT:hostname;DOWN;SOFT;1;CRITICAL - Host Unreachable (a.b.c.d) > > > And then the centralized server IMMEDIATELY goes into a hard state, > which triggers a notification: > > May 22 15:57:30 nagios-console nagios: HOST ALERT: > hostname;DOWN;HARD;1;CRITICAL - Host Unreachable (a.b.c.d) > May 22 15:57:30 nagios-console nagios: HOST NOTIFICATION: > cbensend;hostname;DOWN;host-notify-by-email-test;CRITICAL - > Host Unreachable (a.b.c.d) > > > Um. Wat? Why would the console immediately trigger a hard > state? The config files don't support this decision. And this > IS a problem with the console server - the distributed monitors > continue checking the host for 6 times like they should. But > for some reason, the centralized console just immediately > calls it a hard state. > > Definitions on the distributed monitoring host (the one running > the actual host and service checks for this host 'hostname': > > define host { > host_name hostname > alias Old production Nagios server > address a.b.c.d > action_url /pnp4nagios/graph?host=$HOSTNAME$ > icon_image_alt Red Hat Linux > icon_image redhat.png > statusmap_image redhat.gd2 > check_command check-host-alive > check_period 24x7 > notification_period 24x7 > contact_groups linux-infrastructure-admins > use linux-host-template > } > > The linux-host-template on that same system: > > define host { > name linux-host-template > register 0 > max_check_attempts 6 > check_interval 5 > retry_interval 1 > notification_interval 360 > notification_options d,r > active_checks_enabled 1 > passive_checks_enabled 1 > notifications_enabled 1 > check_freshness 0 > check_period 24x7 > notification_period 24x7 > check_command check-host-alive > contact_groups linux-infrastructure-admins > } > > And said command to determine up or down: > > define command { > command_name check-host-alive > command_line $USER1$/check_ping -H $HOSTADDRESS$ -w > 5000.0,80% -c 10000.0,100% -p 5 > } > > > Definitions on the centralized console host (the one that notifies): > > define host { > host_name hostname > alias Old production Nagios server > address a.b.c.d > action_url /pnp4nagios/graph?host=$HOSTNAME$ > icon_image_alt Red Hat Linux > icon_image redhat.png > statusmap_image redhat.gd2 > check_command check-host-alive > check_period 24x7 > notification_period 24x7 > contact_groups linux-infrastructure-admins > use linux-host-template,Default_monitor_server > } > > The "Default monitor server" template on the centralized server: > > define host { > name Default_monitor_server > register 0 > active_checks_enabled 0 > passive_checks_enabled 1 > notifications_enabled 1 > check_freshness 0 > freshness_threshold 86400 > } > > And the linux-host-template template on that same centralized host: > > define host { > name linux-host-template > register 0 > max_check_attempts 6 > check_interval 5 > retry_interval 1 > notification_interval 360 > notification_options d,r > active_checks_enabled 1 > passive_checks_enabled 1 > notifications_enabled 1 > check_freshness 0 > check_period 24x7 > notification_period 24x7 > check_command check-host-alive > contact_groups linux-infrastructure-admins > } > > > This is causing some real problems: > > 1) If a single host polling cycle has a blip, it notifies > IMMEDIATELY. > 2) Because it notifies immediately, it ignores host dependencies. > So, when a WAN link goes down for example, it fires off > notifications for *all* hosts at that site as fast as it can, > when it should be retrying, and then walking the dependency tree. > > I do have translate_passive_host_checks=1 on the centralized > monitor, but the way I understand it, that shouldn't effect a > state going from SOFT to HARD. Am I misinterpreting this? > > Another variable - I'm using NConf for the configuration management, > and it does some templating tricks to help with the distributed > monitoring setup. But, all it does is generate config files, and I > don't see any evidence in the configs as to why this would be > happening. > > Any help would be greatly appreciated! > Set passive_host_checks_are_soft=1 in nagios.cfg on your master server and things should start working as intended. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From sunil at sunil.cc Fri May 24 09:50:50 2013 From: sunil at sunil.cc (Sunil Sankar) Date: Fri, 24 May 2013 13:20:50 +0530 Subject: command for por monitor In-Reply-To: References: <002001ce5731$24bb1ee0$6e315ca0$@ramtech-corp.com> Message-ID: you can either go with check_procs or check_tcp for checking the process and port check thats how we have configured it On Fri, May 24, 2013 at 1:22 AM, Steven Carr wrote: > http://nagiosplugins.org/man > > > On 22 May 2013 22:13, Atul Dubey wrote: > > Dear Team, > > > > Actually I have to monitor my server?s all the service like smtp ( port > 25) > > and pop3 (port 110). > > > > Kindly help me to configure it. > > > > > > > > Regards, > > > > Atul Dubey > > > > 7838370198 > > > > > > > > > > > ------------------------------------------------------------------------------ > > Try New Relic Now & We'll Send You this Cool Shirt > > New Relic is the only SaaS-based application performance monitoring > service > > that delivers powerful full stack analytics. Optimize and monitor your > > browser, app, & servers with just a few lines of code. Try New Relic > > and get this awesome Nerd Life shirt! > http://p.sf.net/sfu/newrelic_d2d_may > > _______________________________________________ > > Nagios-users mailing list > > Nagios-users at lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/nagios-users > > ::: Please include Nagios version, plugin version (-v) and OS when > reporting > > any issue. > > ::: Messages without supporting info will risk being sent to /dev/null > > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- Regards Sunil Sankar -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Sat May 25 16:11:56 2013 From: benny at bennyvision.com (C. Bensend) Date: Sat, 25 May 2013 09:11:56 -0500 Subject: Nagios v3.5.0 transitioning immediately to a HARD state upon host problem In-Reply-To: <519F19ED.1020501@op5.se> References: <519F19ED.1020501@op5.se> Message-ID: <868c2c41cb311c7440d76154e83ad446.squirrel@webmail.stinkweasel.net> > On 2013-05-23 17:43, C. Bensend wrote: >> >> Hey folks, >> >> I recently made two major changes to my Nagios environment: >> >> 1) I upgraded to v3.5.0. >> 2) I moved from a single server to two pollers sending passive >> results to one central console server. >> >> Now, this new distributed system was in place for several months >> while I tested, and it worked fine. HOWEVER, since this was running >> in parallel with my production system, notifications were disabled. >> Hence, I didn't see this problem until I cut over for real and >> enabled notifications. >> >> (please excuse any cut-n-paste ugliness, had to send this info from >> my work account via Outlook and then try to cleanse and reformat >> via Squirrelmail) >> >> As a test and to capture information, I reboot 'hostname'. This >> log is from the nagios-console host, which is the host that accepts >> the passive check results and sends notifications. Here is the >> console host receiving a service check failure when the host is >> restarting: >> >> May 22 15:57:10 nagios-console nagios: SERVICE ALERT: hostname;/var disk >> queue;CRITICAL;SOFT;1;Connection refused by host >> >> >> So, the distributed poller system checks the host and sends its >> results to the console server: >> >> May 22 15:57:30 nagios-console nagios: HOST >> ALERT:hostname;DOWN;SOFT;1;CRITICAL - Host Unreachable (a.b.c.d) >> >> >> And then the centralized server IMMEDIATELY goes into a hard state, >> which triggers a notification: >> >> May 22 15:57:30 nagios-console nagios: HOST ALERT: >> hostname;DOWN;HARD;1;CRITICAL - Host Unreachable (a.b.c.d) >> May 22 15:57:30 nagios-console nagios: HOST NOTIFICATION: >> cbensend;hostname;DOWN;host-notify-by-email-test;CRITICAL - >> Host Unreachable (a.b.c.d) >> >> >> Um. Wat? Why would the console immediately trigger a hard >> state? The config files don't support this decision. And this >> IS a problem with the console server - the distributed monitors >> continue checking the host for 6 times like they should. But >> for some reason, the centralized console just immediately >> calls it a hard state. *snip* > > > Set passive_host_checks_are_soft=1 in nagios.cfg on your master > server and things should start working as intended. > > -- > Andreas Ericsson andreas.ericsson at op5.se Oh lord, THANK YOU. That appears to have fixed that problem, which was a pain in the ass. In my defense, I *did* see that option, but the way I interpreted the comments didn't quite match up with the behavior I was seeing. I should have experimented with it, I guess. A slight adjustment to the comments would have thrown a red flag for me - perhaps this is just a matter of personal interpretation, but maybe the comments could be a bit more specific: diff -uNp nagios-updated.cfg nagios.cfg --- nagios-updated.cfg Sat May 25 09:05:09 2013 +++ nagios.cfg Sat May 25 09:02:37 2013 @@ -981,9 +981,9 @@ translate_passive_host_checks=0 # PASSIVE HOST CHECKS ARE SOFT OPTION # This determines whether or not Nagios will treat passive host -# checks as being HARD or SOFT. By default, a single passive host -# check result will put a host into an immediate HARD state type. -# This can be changed by enabling this option. +# checks as being HARD or SOFT. By default, a passive host check +# result will put a host into a HARD state type. This can be changed +# by enabling this option. # Values: 0 = passive checks are HARD, 1 = passive checks are SOFT passive_host_checks_are_soft=0 Does that make sense? If I had read something like that, it would have been immediately clear to me what was happening. Thank you so much, Andreas! On to the next problem with the upgrade (something that can wait until next week)... Benny -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Sat May 25 17:28:36 2013 From: benny at bennyvision.com (C. Bensend) Date: Sat, 25 May 2013 10:28:36 -0500 Subject: Nagios v3.5.0 transitioning immediately to a HARD state upon host problem In-Reply-To: <868c2c41cb311c7440d76154e83ad446.squirrel@webmail.stinkweasel.net> References: <519F19ED.1020501@op5.se> <868c2c41cb311c7440d76154e83ad446.squirrel@webmail.stinkweasel.net> Message-ID: > diff -uNp nagios-updated.cfg nagios.cfg > --- nagios-updated.cfg Sat May 25 09:05:09 2013 > +++ nagios.cfg Sat May 25 09:02:37 2013 > @@ -981,9 +981,9 @@ translate_passive_host_checks=0 > > # PASSIVE HOST CHECKS ARE SOFT OPTION > # This determines whether or not Nagios will treat passive host > -# checks as being HARD or SOFT. By default, a single passive host > -# check result will put a host into an immediate HARD state type. > -# This can be changed by enabling this option. > +# checks as being HARD or SOFT. By default, a passive host check > +# result will put a host into a HARD state type. This can be changed > +# by enabling this option. > # Values: 0 = passive checks are HARD, 1 = passive checks are SOFT > > passive_host_checks_are_soft=0 > > > Does that make sense? If I had read something like that, it would > have been immediately clear to me what was happening. > > Thank you so much, Andreas! On to the next problem with the > upgrade (something that can wait until next week)... Sorry, too little caffeine too early, got the files reversed. Here's the right diff: diff -uNp nagios.cfg nagios-updated.cfg --- nagios.cfg Sat May 25 10:25:34 2013 +++ nagios-updated.cfg Sat May 25 10:27:12 2013 @@ -981,9 +981,9 @@ translate_passive_host_checks=0 # PASSIVE HOST CHECKS ARE SOFT OPTION # This determines whether or not Nagios will treat passive host -# checks as being HARD or SOFT. By default, a passive host check -# result will put a host into a HARD state type. This can be changed -# by enabling this option. +# checks as being HARD or SOFT. By default, a single passive host +# check result will put a host into an immediate HARD state type. +# This can be changed by enabling this option. # Values: 0 = passive checks are HARD, 1 = passive checks are SOFT passive_host_checks_are_soft=0 -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From wfournier at comscore.com Mon May 27 09:50:29 2013 From: wfournier at comscore.com (Fournier, Wim) Date: Mon, 27 May 2013 07:50:29 +0000 Subject: Nagios 3.5.0 segfaulting at midnight Message-ID: Hi List, I've got 5 nagios installs, all on 3.5.0 and 3 they seem to segfault exactly at midnight. It's not all of them, but the busiest ones and not always. Has anyone else seen this? @ DEV what info would like if I file this as a bug? -- I'm a techie. I give technical answers which might not be suitable for customers and might contain too many details about our platform. Wim Fournier Senior Technical Appl. Administrator | comScore, Inc. (NASDAQ:SCOR) t +31 (0)20 5195476 | f +31 (0)20 6953786 ....................................................................................... comScore: Analytics for a Digital World Follow us on Twitter @comScoreEMEA ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From wfournier at comscore.com Mon May 27 10:54:46 2013 From: wfournier at comscore.com (Fournier, Wim) Date: Mon, 27 May 2013 08:54:46 +0000 Subject: Nagios 3.5.0 segfaulting at midnight In-Reply-To: <51A31E67.3020708@consol.de> References: <51A31E67.3020708@consol.de> Message-ID: On 5/27/13 10:50 AM, "Sven Nierlein" wrote: >On 27.05.2013 09:50, Fournier, Wim wrote: >> Hi List, >> >> I've got 5 nagios installs, all on 3.5.0 and 3 they seem to segfault >>exactly at midnight. It's not all of them, but the busiest ones and not >>always. >> Has anyone else seen this? >> >> @ DEV what info would like if I file this as a bug? > >Hi Wim, > >Afaik there is a bug already. This is a known issue in combination with >the livestatus neb module. >You could wait for the next release or use the attached patch. > > Sven Something else I added? live status ;o) Thank you Sir! ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Sven.Nierlein at Consol.de Mon May 27 10:50:47 2013 From: Sven.Nierlein at Consol.de (Sven Nierlein) Date: Mon, 27 May 2013 10:50:47 +0200 Subject: Nagios 3.5.0 segfaulting at midnight In-Reply-To: References: Message-ID: <51A31E67.3020708@consol.de> On 27.05.2013 09:50, Fournier, Wim wrote: > Hi List, > > I've got 5 nagios installs, all on 3.5.0 and 3 they seem to segfault exactly at midnight. It's not all of them, but the busiest ones and not always. > Has anyone else seen this? > > @ DEV what info would like if I file this as a bug? Hi Wim, Afaik there is a bug already. This is a known issue in combination with the livestatus neb module. You could wait for the next release or use the attached patch. Sven -------------- next part -------------- A non-text attachment was scrubbed... Name: 0007-fix_downtime_struct.dif Type: video/dv Size: 864 bytes Desc: not available URL: -------------- next part -------------- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From wfournier at comscore.com Mon May 27 10:50:41 2013 From: wfournier at comscore.com (Fournier, Wim) Date: Mon, 27 May 2013 08:50:41 +0000 Subject: Nagios 3.5.0 segfaulting at midnight In-Reply-To: References: Message-ID: On 5/27/13 9:50 AM, "Fournier, Wim" wrote: >Hi List, > >I've got 5 nagios installs, all on 3.5.0 and 3 they seem to segfault >exactly at midnight. It's not all of them, but the busiest ones and not >always. >Has anyone else seen this? > >@ DEV what info would like if I file this as a bug? Some extra info: I have log rotation set to daily, and it doesn't rotate anymore. The nagios installs live at different timezones and the crash is always at local (to the machine) midnight. Seems to me that something breaks in the log rotation (did no changes there, and rights are ok). ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Thilakraj.Shanmugam at canberra.edu.au Wed May 29 07:39:21 2013 From: Thilakraj.Shanmugam at canberra.edu.au (Thilakraj.Shanmugam) Date: Wed, 29 May 2013 05:39:21 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> Message-ID: <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> Hi Deborah et al, I have tested with nagios user as well.. still no luck with that. Could you some one update if you have any solution on this case. Kind Regards, Thilak From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] Sent: Tuesday, 14 May 2013 7:30 PM To: Nagios Users List Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Ok - if I look at your output, manually, when the plugin is run as the "root" user it produces the correct result. But, you haven't said what the nrpe user is that is running on the remote node and whether the same manual run of the check produces the same output. For example, I run remote plugins through nrpe as the "nagios" user so if I want to manually test a plugin on the remote node, I would first login as the nagios user to ensure I've got the same environment that would be used when running via nrpe. It might be that the variables you have set in the script only work as the root user. It's never a good idea to test as the root user but only as the same user as that used by nagios or nrpe. Regards, Deborah From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] Sent: 14 May 2013 09:58 To: Nagios Users List Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Hi Deborah, Thanks for the response.. please find the details below. [root at abc libexec]# pwd /usr/local/nagios/libexec [root at abc libexec]# ./check_iptables.sh <----- Executing manually script + IPT=/sbin/iptables + GREP=/bin/grep + AWK=/bin/awk + EXPR=/usr/bin/expr + WC=/usr/bin/wc + A=/usr/bin/sudo + E_SUCCESS=0 + E_CRITICAL=2 + E_UNKNOWN=3 ++ /usr/bin/sudo /sbin/iptables -nvL ++ /bin/grep Chain ++ /bin/awk '{ print $2 }' ++ /bin/grep Cid ++ /usr/bin/wc -l + CHAINS=5 + '[' 5 -ne 0 ']' + echo 'Firewall is running!' Firewall is running! + exit 0 <------ it shows firewall running ( correct output ) [root at abc libexec]# Client - NRPE config file [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh [root at abc libexec]# [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables Firewall is not running <----- executing via check_nrpe ( wrong output ) [root at abc libexec]# NRPE Logs ------------- May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network traffic will be encrypted. May 14 18:52:28 abc nrpe[31158]: Handling the connection... May 14 18:52:28 abc nrpe[31158]: Host is asking for command 'check_iptables' to be run... May 14 18:52:28 abc nrpe[31158]: Running command: /usr/local/nagios/libexec/check_iptables.sh May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and output: Firewall is not running May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not running Kind Regards, Thilak From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] Sent: Tuesday, 14 May 2013 6:44 PM To: Nagios Users List Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Hi, What is the wrong output being returned ? This might give us all a clue as to the cause of the problem. When you run the check manually, are you doing this as the same user that check_nrpe will use ? Regards, Deborah From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] Sent: 14 May 2013 08:43 To: nagios-users at lists.sourceforge.net Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Greetings! Could someone send me nagios plugin which is tested and works well for monitoring IPTABLES in Linux. I have tested below script but it is not returning correct output to nagios server. If I execute script manually, it shows correct output... But if I execute via ./check_nrpe - H localhost -c check_iptables, it shows wrong output. Below is my plugin ------------------------------ #!/bin/bash set -x IPT='/sbin/iptables' GREP='/bin/grep' AWK='/bin/awk' EXPR='/usr/bin/expr' WC='/usr/bin/wc' A='/usr/bin/sudo' E_SUCCESS="0" E_CRITICAL="2" E_UNKNOWN="3" CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | $WC -l` if [ $CHAINS -ne 0 ] ; then echo "Firewall is running!" exit ${E_SUCCESS} elif [ $CHAINS -eq 0 ] ; then echo "Firewall is not running" exit ${E_CRITICAL} fi This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. This e-mail and any files transmitted with it are strictly confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, please delete this e-mail immediately. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio endeavours to prevent the transmission of viruses via e-mail, we cannot guarantee that any e-mail or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Wed May 29 11:58:44 2013 From: benny at bennyvision.com (C. Bensend) Date: Wed, 29 May 2013 04:58:44 -0500 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> Message-ID: <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> Where's your sudoers definition that allows the nagios user to run any commands via sudo? And what does /var/log/secure (or equivalent) think about the nagios user trying to run sudo? > I have tested with nagios user as well.. still no luck with that. Could > you some one update if you have any solution on this case. > > Kind Regards, > Thilak > > From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] > Sent: Tuesday, 14 May 2013 7:30 PM > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Ok - if I look at your output, manually, when the plugin is run as the > "root" user it produces the correct result. > > But, you haven't said what the nrpe user is that is running on the remote > node and whether the same manual run of the check produces the same > output. > For example, I run remote plugins through nrpe as the "nagios" user so if > I want to manually test a plugin on the remote node, I would first login > as the nagios user to ensure I've got the same environment that would be > used when running via nrpe. It might be that the variables you have set in > the script only work as the root user. It's never a good idea to test as > the root user but only as the same user as that used by nagios or nrpe. > > Regards, > Deborah > > From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > Sent: 14 May 2013 09:58 > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Hi Deborah, Thanks for the response.. please find the details below. > > > [root at abc libexec]# pwd > /usr/local/nagios/libexec > [root at abc libexec]# ./check_iptables.sh > <----- Executing manually script > + IPT=/sbin/iptables > + GREP=/bin/grep > + AWK=/bin/awk > + EXPR=/usr/bin/expr > + WC=/usr/bin/wc > + A=/usr/bin/sudo > + E_SUCCESS=0 > + E_CRITICAL=2 > + E_UNKNOWN=3 > ++ /usr/bin/sudo /sbin/iptables -nvL > ++ /bin/grep Chain > ++ /bin/awk '{ print $2 }' > ++ /bin/grep Cid > ++ /usr/bin/wc -l > + CHAINS=5 > + '[' 5 -ne 0 ']' > + echo 'Firewall is running!' > Firewall is running! > + exit 0 > <------ it shows firewall > running ( correct output ) > [root at abc libexec]# > > > Client - NRPE config file > > [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh > [root at abc libexec]# > > > [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables > Firewall is not running > <----- executing via > check_nrpe ( wrong output ) > [root at abc libexec]# > > > NRPE Logs > ------------- > > May 14 18:52:28 abc nrpe[31158]: Added > command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c > 5% -p /db > May 14 18:52:28 abc nrpe[31158]: Added > command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c > 5% -p /app > May 14 18:52:28 abc nrpe[31158]: Added > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh > May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network > traffic will be encrypted. > May 14 18:52:28 abc nrpe[31158]: Handling the connection... > May 14 18:52:28 abc nrpe[31158]: Host is asking for command > 'check_iptables' to be run... > May 14 18:52:28 abc nrpe[31158]: Running command: > /usr/local/nagios/libexec/check_iptables.sh > May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and > output: Firewall is not running > May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not > running > > > Kind Regards, > Thilak > > > From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] > Sent: Tuesday, 14 May 2013 6:44 PM > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Hi, > What is the wrong output being returned ? This might give us all a clue as > to the cause of the problem. > When you run the check manually, are you doing this as the same user that > check_nrpe will use ? > > Regards, > Deborah > > > > From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > Sent: 14 May 2013 08:43 > To: > nagios-users at lists.sourceforge.net > Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Greetings! > > Could someone send me nagios plugin which is tested and works well for > monitoring IPTABLES in Linux. > > I have tested below script but it is not returning correct output to > nagios server. > > If I execute script manually, it shows correct output... > > But if I execute via ./check_nrpe - H localhost -c check_iptables, it > shows wrong output. > > > > Below is my plugin > ------------------------------ > > #!/bin/bash > set -x > > IPT='/sbin/iptables' > GREP='/bin/grep' > AWK='/bin/awk' > EXPR='/usr/bin/expr' > WC='/usr/bin/wc' > A='/usr/bin/sudo' > > E_SUCCESS="0" > E_CRITICAL="2" > E_UNKNOWN="3" > > CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | > $WC -l` > > if [ $CHAINS -ne 0 ] ; then > echo "Firewall is running!" > exit ${E_SUCCESS} > > elif [ $CHAINS -eq 0 ] ; then > echo "Firewall is not running" > exit ${E_CRITICAL} > fi > > > > This e-mail and any files transmitted with it are strictly confidential > and intended solely for the use of the individual or entity to whom they > are addressed. If you are not the intended recipient, please delete this > e-mail immediately. Any unauthorised distribution or copying is strictly > prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via > e-mail, we cannot guarantee that any e-mail or attachment is free from > computer viruses and you are strongly advised to undertake your own > anti-virus precautions. Kognitio grants no warranties regarding > performance, use or quality of any e-mail or attachment and undertakes no > liability for loss or damage, howsoever caused. > > > This e-mail and any files transmitted with it are strictly confidential > and intended solely for the use of the individual or entity to whom they > are addressed. If you are not the intended recipient, please delete this > e-mail immediately. Any unauthorised distribution or copying is strictly > prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via > e-mail, we cannot guarantee that any e-mail or attachment is free from > computer viruses and you are strongly advised to undertake your own > anti-virus precautions. Kognitio grants no warranties regarding > performance, use or quality of any e-mail or attachment and undertakes no > liability for loss or damage, howsoever caused. > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1_______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Wed May 29 12:06:14 2013 From: benny at bennyvision.com (C. Bensend) Date: Wed, 29 May 2013 05:06:14 -0500 Subject: Nagios-Users: please unsubscribe gchang@renegade.com Message-ID: <5012e5258ca3072a43556c5b27003ff4.squirrel@webmail.stinkweasel.net> Could one of the list admins unsubscribe gchang at renegade.com? Their email has been bouncing for a while now: Delivery has failed to these recipients or groups: gchang at renegade.com The e-mail address you entered couldn't be found. Please check the recipient's e-mail address and try to resend the message. If the problem continues, please contact your helpdesk. Diagnostic information for administrators: Generating server: renegade.com gchang at renegade.com #550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##rfc822;gchang at renegade.com -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From nagios_ml at tengu.ch Wed May 29 15:23:18 2013 From: nagios_ml at tengu.ch (Cedric Jeanneret) Date: Wed, 29 May 2013 15:23:18 +0200 Subject: scheduled downtime Retention problem Message-ID: <20130529152318.5948a3f5@wrk042.wrk.lsn.camptocamp.com> Hello, I'm having some problem with the retention status with this setup: nagios-3.4.1-3 Debian Wheezy Problem: I schedule some downtime for either a host or a service, but it's not here after a reload (or a restart) of the nagios3 service Steps: - schedule some downtime (for one month, if this helps) - wait for the icon to appear in the web interface - restart (or reload) nagios3 service - scheduled downtime is gone Some more information: I did check the retention.dat file, it contains, at the end, this block which seems completely correct: servicedowntime { host_name=HOSTNAME service_description=SERVICE downtime_id=1 entry_time=1369832618 start_time=1369832609 end_time=1372518209 triggered_by=0 fixed=1 duration=2685600 is_in_effect=1 author=USER comment=MY COMMENT } There's also a servicecomment containing some Nagios comment as well - THIS block is shown and taken in account. I tried to see whether nagios encounter some error while reading its retention file, but nothing shown up? servicecomment { host_name=HOSTNAME service_description=SERVICE entry_type=2 comment_id=4 source=0 persistent=0 entry_time=1369833542 expires=0 expire_time=0 author=(Nagios Process) comment_data=This service has been scheduled for fixed downtime from 2013-05-29 15:03:29 to 2013-06-29 17:03:29. Notifications for the service will not be sent out during that time period. } Retention configuration: grep retain nagios.cfg | grep -v '#' retain_state_information=1 use_retained_program_state=1 use_retained_scheduling_info=1 retained_host_attribute_mask=0 retained_service_attribute_mask=0 retained_process_host_attribute_mask=0 retained_process_service_attribute_mask=0 retained_contact_host_attribute_mask=0 retained_contact_service_attribute_mask=0 Another information: the Acknowledge works as expected? Any idea? Thanks a lot for your help! Cheers, C. ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From nagios_ml at tengu.ch Wed May 29 16:26:43 2013 From: nagios_ml at tengu.ch (Cedric Jeanneret) Date: Wed, 29 May 2013 16:26:43 +0200 Subject: scheduled downtime Retention problem In-Reply-To: <20130529152318.5948a3f5@wrk042.wrk.lsn.camptocamp.com> References: <20130529152318.5948a3f5@wrk042.wrk.lsn.camptocamp.com> Message-ID: <20130529162643.4682fc04@wrk042.wrk.lsn.camptocamp.com> Me gain, Of course, *after* having searched for a while, and then sent the mail, I fumble on the official nagios bug: http://tracker.nagios.org/view.php?id=338 Will check on debian tracker if they can integrate this patch? Cheers, C. On Wed, 29 May 2013 15:23:18 +0200 Cedric Jeanneret wrote: > Hello, > > I'm having some problem with the retention status with this setup: > nagios-3.4.1-3 > Debian Wheezy > > Problem: > I schedule some downtime for either a host or a service, but it's not here after a reload (or a restart) of the nagios3 service > > Steps: > - schedule some downtime (for one month, if this helps) > - wait for the icon to appear in the web interface > - restart (or reload) nagios3 service > - scheduled downtime is gone > > Some more information: > I did check the retention.dat file, it contains, at the end, this block which seems completely correct: > servicedowntime { > host_name=HOSTNAME > service_description=SERVICE > downtime_id=1 > entry_time=1369832618 > start_time=1369832609 > end_time=1372518209 > triggered_by=0 > fixed=1 > duration=2685600 > is_in_effect=1 > author=USER > comment=MY COMMENT > } > > There's also a servicecomment containing some Nagios comment as well - THIS block is shown and taken in account. > I tried to see whether nagios encounter some error while reading its retention file, but nothing shown up? > > servicecomment { > host_name=HOSTNAME > service_description=SERVICE > entry_type=2 > comment_id=4 > source=0 > persistent=0 > entry_time=1369833542 > expires=0 > expire_time=0 > author=(Nagios Process) > comment_data=This service has been scheduled for fixed downtime from 2013-05-29 15:03:29 to 2013-06-29 17:03:29. Notifications for the service will not be sent out during that time period. > } > > > Retention configuration: > > grep retain nagios.cfg | grep -v '#' > retain_state_information=1 > use_retained_program_state=1 > use_retained_scheduling_info=1 > retained_host_attribute_mask=0 > retained_service_attribute_mask=0 > retained_process_host_attribute_mask=0 > retained_process_service_attribute_mask=0 > retained_contact_host_attribute_mask=0 > retained_contact_service_attribute_mask=0 > > Another information: the Acknowledge works as expected? > > Any idea? > > Thanks a lot for your help! > > Cheers, > > C. > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From jonas at freesources.org Wed May 29 18:17:42 2013 From: jonas at freesources.org (Jonas Meurer) Date: Wed, 29 May 2013 18:17:42 +0200 Subject: [Nagios-users] Questions about Nagios quick search In-Reply-To: <51306147.1080509@op5.se> References: <512FD0E3.8080307@freesources.org> <51306147.1080509@op5.se> Message-ID: Hello, Am 2013-03-01 09:05, schrieb Andreas Ericsson: > On 02/28/2013 10:49 PM, Jonas Meurer wrote: >> Am 20.02.2013 16:13, schrieb Jonas Meurer: >>> Hello, >> >> Hey again, >> >>> we're using Nagios as monitoring system for several hundred systems. >>> While navigating through hosts and services, recently two questions >>> regarding the quick search (in navigation bar) raised: >>> >>> 1/ Why doesn't nagios search for host aliases as well? Is it possible >>> to enable alias searching? We're using rather short values for >>> host_name, and tend to add information like server position to the >>> alias. Thus searching for host_name and alias would be awesome for >>> us. >>> > > Today it's not possible to enable alias searching. Patches welcome. > If you create one, please use some format that makes it possible to add > searching on other fields as well, such as "alias~" or some > such. > >>> 2/ When searching for IP addresses, only the first match is returned. >>> In some cases (e.g. NRPE Port forwarding through firewall), several >>> hosts have the same IP address. For these cases it's rather >>> irritating, >>> that only the first matching host is returned. >>> > > Tru dat. Patches welcome. You'll want to find and remove the correct > "break" statement, I guess. Other than that it shouldn't be much > trouble. I finally managed to prepare a patch that fixes both shortcomings. It adds two new configuration options to configure the behavior of the navigation bar search: search for hostname only, or also for addresses, or also for aliases. I reported the patch as feature request at http://tracker.nagios.org/view.php?id=459 Kind regards, jonas -------------- next part -------------- A non-text attachment was scrubbed... Name: navbar-search.patch Type: text/x-diff Size: 3898 bytes Desc: not available URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-devel mailing list Nagios-devel at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-devel From Thilakraj.Shanmugam at canberra.edu.au Thu May 30 01:38:05 2013 From: Thilakraj.Shanmugam at canberra.edu.au (Thilakraj.Shanmugam) Date: Wed, 29 May 2013 23:38:05 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> Message-ID: <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> Please find the details Sudoers Definition:- nagios zurich= NOPASSWD: /sbin/iptables, /usr/local/nagios/libexec/check_iptables.sh, /usr/local/nagios/libexec/check_nrpe /var/log/secure: su: pam_unix(su:session): session opened for user nagios by root(uid=0) su: pam_unix(su:session): session closed for user nagios -----Original Message----- From: C. Bensend [mailto:benny at bennyvision.com] Sent: Wednesday, 29 May 2013 7:59 PM To: nagios-users at lists.sourceforge.net Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring Where's your sudoers definition that allows the nagios user to run any commands via sudo? And what does /var/log/secure (or equivalent) think about the nagios user trying to run sudo? > I have tested with nagios user as well.. still no luck with that. > Could you some one update if you have any solution on this case. > > Kind Regards, > Thilak > > From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] > Sent: Tuesday, 14 May 2013 7:30 PM > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Ok - if I look at your output, manually, when the plugin is run as > the "root" user it produces the correct result. > > But, you haven't said what the nrpe user is that is running on the > remote node and whether the same manual run of the check produces the > same output. > For example, I run remote plugins through nrpe as the "nagios" user so > if I want to manually test a plugin on the remote node, I would first > login as the nagios user to ensure I've got the same environment that > would be used when running via nrpe. It might be that the variables > you have set in the script only work as the root user. It's never a > good idea to test as the root user but only as the same user as that used by nagios or nrpe. > > Regards, > Deborah > > From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > Sent: 14 May 2013 09:58 > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Hi Deborah, Thanks for the response.. please find the details below. > > > [root at abc libexec]# pwd > /usr/local/nagios/libexec > [root at abc libexec]# ./check_iptables.sh > <----- Executing manually script > + IPT=/sbin/iptables > + GREP=/bin/grep > + AWK=/bin/awk > + EXPR=/usr/bin/expr > + WC=/usr/bin/wc > + A=/usr/bin/sudo > + E_SUCCESS=0 > + E_CRITICAL=2 > + E_UNKNOWN=3 > ++ /usr/bin/sudo /sbin/iptables -nvL > ++ /bin/grep Chain > ++ /bin/awk '{ print $2 }' > ++ /bin/grep Cid > ++ /usr/bin/wc -l > + CHAINS=5 > + '[' 5 -ne 0 ']' > + echo 'Firewall is running!' > Firewall is running! > + exit 0 > <------ it shows firewall > running ( correct output ) > [root at abc libexec]# > > > Client - NRPE config file > > [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i > iptable > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh > [root at abc libexec]# > > > [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables > Firewall is not running > <----- executing via > check_nrpe ( wrong output ) > [root at abc libexec]# > > > NRPE Logs > ------------- > > May 14 18:52:28 abc nrpe[31158]: Added > command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% > -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added > command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% > -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added > command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh > May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All > network traffic will be encrypted. > May 14 18:52:28 abc nrpe[31158]: Handling the connection... > May 14 18:52:28 abc nrpe[31158]: Host is asking for command > 'check_iptables' to be run... > May 14 18:52:28 abc nrpe[31158]: Running command: > /usr/local/nagios/libexec/check_iptables.sh > May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 > and > output: Firewall is not running > May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is > not running > > > Kind Regards, > Thilak > > > From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] > Sent: Tuesday, 14 May 2013 6:44 PM > To: Nagios Users List > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Hi, > What is the wrong output being returned ? This might give us all a > clue as to the cause of the problem. > When you run the check manually, are you doing this as the same user > that check_nrpe will use ? > > Regards, > Deborah > > > > From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] > Sent: 14 May 2013 08:43 > To: > nagios-users at lists.sourceforge.net > ge.net> > Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > Greetings! > > Could someone send me nagios plugin which is tested and works well for > monitoring IPTABLES in Linux. > > I have tested below script but it is not returning correct output to > nagios server. > > If I execute script manually, it shows correct output... > > But if I execute via ./check_nrpe - H localhost -c check_iptables, > it shows wrong output. > > > > Below is my plugin > ------------------------------ > > #!/bin/bash > set -x > > IPT='/sbin/iptables' > GREP='/bin/grep' > AWK='/bin/awk' > EXPR='/usr/bin/expr' > WC='/usr/bin/wc' > A='/usr/bin/sudo' > > E_SUCCESS="0" > E_CRITICAL="2" > E_UNKNOWN="3" > > CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid > | $WC -l` > > if [ $CHAINS -ne 0 ] ; then > echo "Firewall is running!" > exit ${E_SUCCESS} > > elif [ $CHAINS -eq 0 ] ; then > echo "Firewall is not running" > exit ${E_CRITICAL} > fi > > > > This e-mail and any files transmitted with it are strictly > confidential and intended solely for the use of the individual or > entity to whom they are addressed. If you are not the intended > recipient, please delete this e-mail immediately. Any unauthorised > distribution or copying is strictly prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via > e-mail, we cannot guarantee that any e-mail or attachment is free from > computer viruses and you are strongly advised to undertake your own > anti-virus precautions. Kognitio grants no warranties regarding > performance, use or quality of any e-mail or attachment and undertakes > no liability for loss or damage, howsoever caused. > > > This e-mail and any files transmitted with it are strictly > confidential and intended solely for the use of the individual or > entity to whom they are addressed. If you are not the intended > recipient, please delete this e-mail immediately. Any unauthorised > distribution or copying is strictly prohibited. > > Whilst Kognitio endeavours to prevent the transmission of viruses via > e-mail, we cannot guarantee that any e-mail or attachment is free from > computer viruses and you are strongly advised to undertake your own > anti-virus precautions. Kognitio grants no warranties regarding > performance, use or quality of any e-mail or attachment and undertakes > no liability for loss or damage, howsoever caused. > ---------------------------------------------------------------------- > -------- Introducing AppDynamics Lite, a free troubleshooting tool for > Java/.NET Get 100% visibility into your production application - at no > cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1____________________________________ > ___________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Thu May 30 12:44:15 2013 From: benny at bennyvision.com (C. Bensend) Date: Thu, 30 May 2013 05:44:15 -0500 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> Message-ID: <86ea163877807bf42f57859f75baed28.squirrel@webmail.stinkweasel.net> I'm assuming that this check is running *on* the host 'zurich'? /var/log/secure should be listing an entry, if sudo is being run. Manually, *as the nagios user*, what happens when you do the following? /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | \ /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l echo $? How about just (again, as the nagios user): /usr/bin/sudo /sbin/iptables -nvL > Please find the details > > Sudoers Definition:- > > nagios zurich= NOPASSWD: /sbin/iptables, > /usr/local/nagios/libexec/check_iptables.sh, > /usr/local/nagios/libexec/check_nrpe > > /var/log/secure: > > su: pam_unix(su:session): session opened for user nagios by root(uid=0) > su: pam_unix(su:session): session closed for user nagios > > > > -----Original Message----- > From: C. Bensend [mailto:benny at bennyvision.com] > Sent: Wednesday, 29 May 2013 7:59 PM > To: nagios-users at lists.sourceforge.net > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > > Where's your sudoers definition that allows the nagios user to run any > commands via sudo? > > And what does /var/log/secure (or equivalent) think about the nagios user > trying to run sudo? > > >> I have tested with nagios user as well.. still no luck with that. >> Could you some one update if you have any solution on this case. >> >> Kind Regards, >> Thilak >> >> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >> Sent: Tuesday, 14 May 2013 7:30 PM >> To: Nagios Users List >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Ok - if I look at your output, manually, when the plugin is run as >> the "root" user it produces the correct result. >> >> But, you haven't said what the nrpe user is that is running on the >> remote node and whether the same manual run of the check produces the >> same output. >> For example, I run remote plugins through nrpe as the "nagios" user so >> if I want to manually test a plugin on the remote node, I would first >> login as the nagios user to ensure I've got the same environment that >> would be used when running via nrpe. It might be that the variables >> you have set in the script only work as the root user. It's never a >> good idea to test as the root user but only as the same user as that >> used by nagios or nrpe. >> >> Regards, >> Deborah >> >> From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] >> Sent: 14 May 2013 09:58 >> To: Nagios Users List >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Hi Deborah, Thanks for the response.. please find the details below. >> >> >> [root at abc libexec]# pwd >> /usr/local/nagios/libexec >> [root at abc libexec]# ./check_iptables.sh >> <----- Executing manually script >> + IPT=/sbin/iptables >> + GREP=/bin/grep >> + AWK=/bin/awk >> + EXPR=/usr/bin/expr >> + WC=/usr/bin/wc >> + A=/usr/bin/sudo >> + E_SUCCESS=0 >> + E_CRITICAL=2 >> + E_UNKNOWN=3 >> ++ /usr/bin/sudo /sbin/iptables -nvL >> ++ /bin/grep Chain >> ++ /bin/awk '{ print $2 }' >> ++ /bin/grep Cid >> ++ /usr/bin/wc -l >> + CHAINS=5 >> + '[' 5 -ne 0 ']' >> + echo 'Firewall is running!' >> Firewall is running! >> + exit 0 >> <------ it shows >> firewall >> running ( correct output ) >> [root at abc libexec]# >> >> >> Client - NRPE config file >> >> [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i >> iptable >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >> [root at abc libexec]# >> >> >> [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables >> Firewall is not running >> <----- executing >> via >> check_nrpe ( wrong output ) >> [root at abc libexec]# >> >> >> NRPE Logs >> ------------- >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% >> -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% >> -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All >> network traffic will be encrypted. >> May 14 18:52:28 abc nrpe[31158]: Handling the connection... >> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >> 'check_iptables' to be run... >> May 14 18:52:28 abc nrpe[31158]: Running command: >> /usr/local/nagios/libexec/check_iptables.sh >> May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 >> and >> output: Firewall is not running >> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is >> not running >> >> >> Kind Regards, >> Thilak >> >> >> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >> Sent: Tuesday, 14 May 2013 6:44 PM >> To: Nagios Users List >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Hi, >> What is the wrong output being returned ? This might give us all a >> clue as to the cause of the problem. >> When you run the check manually, are you doing this as the same user >> that check_nrpe will use ? >> >> Regards, >> Deborah >> >> >> >> From: Thilakraj.Shanmugam [mailto:Thilakraj.Shanmugam at canberra.edu.au] >> Sent: 14 May 2013 08:43 >> To: >> nagios-users at lists.sourceforge.net >> ge.net> >> Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Greetings! >> >> Could someone send me nagios plugin which is tested and works well for >> monitoring IPTABLES in Linux. >> >> I have tested below script but it is not returning correct output to >> nagios server. >> >> If I execute script manually, it shows correct output... >> >> But if I execute via ./check_nrpe - H localhost -c check_iptables, >> it shows wrong output. >> >> >> >> Below is my plugin >> ------------------------------ >> >> #!/bin/bash >> set -x >> >> IPT='/sbin/iptables' >> GREP='/bin/grep' >> AWK='/bin/awk' >> EXPR='/usr/bin/expr' >> WC='/usr/bin/wc' >> A='/usr/bin/sudo' >> >> E_SUCCESS="0" >> E_CRITICAL="2" >> E_UNKNOWN="3" >> >> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid >> | $WC -l` >> >> if [ $CHAINS -ne 0 ] ; then >> echo "Firewall is running!" >> exit ${E_SUCCESS} >> >> elif [ $CHAINS -eq 0 ] ; then >> echo "Firewall is not running" >> exit ${E_CRITICAL} >> fi >> >> >> >> This e-mail and any files transmitted with it are strictly >> confidential and intended solely for the use of the individual or >> entity to whom they are addressed. If you are not the intended >> recipient, please delete this e-mail immediately. Any unauthorised >> distribution or copying is strictly prohibited. >> >> Whilst Kognitio endeavours to prevent the transmission of viruses via >> e-mail, we cannot guarantee that any e-mail or attachment is free from >> computer viruses and you are strongly advised to undertake your own >> anti-virus precautions. Kognitio grants no warranties regarding >> performance, use or quality of any e-mail or attachment and undertakes >> no liability for loss or damage, howsoever caused. >> >> >> This e-mail and any files transmitted with it are strictly >> confidential and intended solely for the use of the individual or >> entity to whom they are addressed. If you are not the intended >> recipient, please delete this e-mail immediately. Any unauthorised >> distribution or copying is strictly prohibited. >> >> Whilst Kognitio endeavours to prevent the transmission of viruses via >> e-mail, we cannot guarantee that any e-mail or attachment is free from >> computer viruses and you are strongly advised to undertake your own >> anti-virus precautions. Kognitio grants no warranties regarding >> performance, use or quality of any e-mail or attachment and undertakes >> no liability for loss or damage, howsoever caused. >> ---------------------------------------------------------------------- >> -------- Introducing AppDynamics Lite, a free troubleshooting tool for >> Java/.NET Get 100% visibility into your production application - at no >> cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1____________________________________ >> ___________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people over > there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1_______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From eliezer at ngtech.co.il Thu May 30 12:56:12 2013 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Thu, 30 May 2013 13:56:12 +0300 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> Message-ID: <51A7304C.1030500@ngtech.co.il> Or instead use a specific REJECT rule on specific port that otherwise will work and test it via a small script that will return if ok or not.. can work like this: echo server startup on upper ports threaded. test a client on it. get result and close both server and client. can be very simple to do in ruby. Eliezer On 5/14/2013 10:42 AM, Thilakraj.Shanmugam wrote: > Greetings! > > Could someone send me nagios plugin which is tested and works well for > monitoring IPTABLES in Linux. > > I have tested below script but it is not returning correct output to > nagios server. > > If I execute script manually, it shows correct output? > > But if I execute via ./check_nrpe ? H localhost ?c check_iptables, it > shows wrong output. > > Below is my plugin > > ------------------------------ > > #!/bin/bash > > set -x > > IPT='/sbin/iptables' > > GREP='/bin/grep' > > AWK='/bin/awk' > > EXPR='/usr/bin/expr' > > WC='/usr/bin/wc' > > A='/usr/bin/sudo' > > E_SUCCESS="0" > > E_CRITICAL="2" > > E_UNKNOWN="3" > > CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | > $WC -l` > > if [ $CHAINS -ne 0 ] ; then > > echo "Firewall is running!" > > exit ${E_SUCCESS} > > elif [ $CHAINS -eq 0 ] ; then > > echo "Firewall is not running" > > exit ${E_CRITICAL} > > fi > > > > ------------------------------------------------------------------------------ > AlienVault Unified Security Management (USM) platform delivers complete > security visibility with the essential security capabilities. Easily and > efficiently configure, manage, and operate all of your security controls > from a single console and one unified framework. Download a free trial. > http://p.sf.net/sfu/alienvault_d2d > > > > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Thilakraj.Shanmugam at canberra.edu.au Fri May 31 03:45:16 2013 From: Thilakraj.Shanmugam at canberra.edu.au (Thilakraj.Shanmugam) Date: Fri, 31 May 2013 01:45:16 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <86ea163877807bf42f57859f75baed28.squirrel@webmail.stinkweasel.net> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> <86ea163877807bf42f57859f75baed28.squirrel@webmail.stinkweasel.net> Message-ID: <7AD7AD85066563428C24C1317A33EF83ACFE2946@VERONA.ucstaff.win.canberra.edu.au> Ran as nagios user and please find the details below. ( iptables Stopped) [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l| echo $? 0 [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL Chain INPUT (policy ACCEPT 9089 packets, 3303K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 7812 packets, 3436K bytes) pkts bytes target prot opt in out source destination [nagios at server ~]$ -----Original Message----- From: C. Bensend [mailto:benny at bennyvision.com] Sent: Thursday, 30 May 2013 8:44 PM To: nagios-users at lists.sourceforge.net Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring I'm assuming that this check is running *on* the host 'zurich'? /var/log/secure should be listing an entry, if sudo is being run. Manually, *as the nagios user*, what happens when you do the following? /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | \ /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l echo $? How about just (again, as the nagios user): /usr/bin/sudo /sbin/iptables -nvL > Please find the details > > Sudoers Definition:- > > nagios zurich= NOPASSWD: /sbin/iptables, > /usr/local/nagios/libexec/check_iptables.sh, > /usr/local/nagios/libexec/check_nrpe > > /var/log/secure: > > su: pam_unix(su:session): session opened for user nagios by > root(uid=0) > su: pam_unix(su:session): session closed for user nagios > > > > -----Original Message----- > From: C. Bensend [mailto:benny at bennyvision.com] > Sent: Wednesday, 29 May 2013 7:59 PM > To: nagios-users at lists.sourceforge.net > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > > Where's your sudoers definition that allows the nagios user to run any > commands via sudo? > > And what does /var/log/secure (or equivalent) think about the nagios > user trying to run sudo? > > >> I have tested with nagios user as well.. still no luck with that. >> Could you some one update if you have any solution on this case. >> >> Kind Regards, >> Thilak >> >> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >> Sent: Tuesday, 14 May 2013 7:30 PM >> To: Nagios Users List >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Ok - if I look at your output, manually, when the plugin is run as >> the "root" user it produces the correct result. >> >> But, you haven't said what the nrpe user is that is running on the >> remote node and whether the same manual run of the check produces >> the same output. >> For example, I run remote plugins through nrpe as the "nagios" user >> so if I want to manually test a plugin on the remote node, I would >> first login as the nagios user to ensure I've got the same >> environment that would be used when running via nrpe. It might be >> that the variables you have set in the script only work as the root >> user. It's never a good idea to test as the root user but only as >> the same user as that used by nagios or nrpe. >> >> Regards, >> Deborah >> >> From: Thilakraj.Shanmugam >> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >> Sent: 14 May 2013 09:58 >> To: Nagios Users List >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Hi Deborah, Thanks for the response.. please find the details below. >> >> >> [root at abc libexec]# pwd >> /usr/local/nagios/libexec >> [root at abc libexec]# ./check_iptables.sh >> <----- Executing manually script >> + IPT=/sbin/iptables >> + GREP=/bin/grep >> + AWK=/bin/awk >> + EXPR=/usr/bin/expr >> + WC=/usr/bin/wc >> + A=/usr/bin/sudo >> + E_SUCCESS=0 >> + E_CRITICAL=2 >> + E_UNKNOWN=3 >> ++ /usr/bin/sudo /sbin/iptables -nvL >> ++ /bin/grep Chain >> ++ /bin/awk '{ print $2 }' >> ++ /bin/grep Cid >> ++ /usr/bin/wc -l >> + CHAINS=5 >> + '[' 5 -ne 0 ']' >> + echo 'Firewall is running!' >> Firewall is running! >> + exit 0 >> <------ it shows >> firewall >> running ( correct output ) >> [root at abc libexec]# >> >> >> Client - NRPE config file >> >> [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i >> iptable >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >> [root at abc libexec]# >> >> >> [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables >> Firewall is not running >> <----- executing >> via >> check_nrpe ( wrong output ) >> [root at abc libexec]# >> >> >> NRPE Logs >> ------------- >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% >> -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w >> 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All >> network traffic will be encrypted. >> May 14 18:52:28 abc nrpe[31158]: Handling the connection... >> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >> 'check_iptables' to be run... >> May 14 18:52:28 abc nrpe[31158]: Running command: >> /usr/local/nagios/libexec/check_iptables.sh >> May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 >> and >> output: Firewall is not running >> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is >> not running >> >> >> Kind Regards, >> Thilak >> >> >> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >> Sent: Tuesday, 14 May 2013 6:44 PM >> To: Nagios Users List >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Hi, >> What is the wrong output being returned ? This might give us all a >> clue as to the cause of the problem. >> When you run the check manually, are you doing this as the same user >> that check_nrpe will use ? >> >> Regards, >> Deborah >> >> >> >> From: Thilakraj.Shanmugam >> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >> Sent: 14 May 2013 08:43 >> To: >> nagios-users at lists.sourceforge.net >> r> .sourcefor> >> ge.net> >> Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> Greetings! >> >> Could someone send me nagios plugin which is tested and works well >> for monitoring IPTABLES in Linux. >> >> I have tested below script but it is not returning correct output to >> nagios server. >> >> If I execute script manually, it shows correct output... >> >> But if I execute via ./check_nrpe - H localhost -c check_iptables, >> it shows wrong output. >> >> >> >> Below is my plugin >> ------------------------------ >> >> #!/bin/bash >> set -x >> >> IPT='/sbin/iptables' >> GREP='/bin/grep' >> AWK='/bin/awk' >> EXPR='/usr/bin/expr' >> WC='/usr/bin/wc' >> A='/usr/bin/sudo' >> >> E_SUCCESS="0" >> E_CRITICAL="2" >> E_UNKNOWN="3" >> >> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid >> | $WC -l` >> >> if [ $CHAINS -ne 0 ] ; then >> echo "Firewall is running!" >> exit ${E_SUCCESS} >> >> elif [ $CHAINS -eq 0 ] ; then >> echo "Firewall is not running" >> exit ${E_CRITICAL} >> fi >> >> >> >> This e-mail and any files transmitted with it are strictly >> confidential and intended solely for the use of the individual or >> entity to whom they are addressed. If you are not the intended >> recipient, please delete this e-mail immediately. Any unauthorised >> distribution or copying is strictly prohibited. >> >> Whilst Kognitio endeavours to prevent the transmission of viruses via >> e-mail, we cannot guarantee that any e-mail or attachment is free >> from computer viruses and you are strongly advised to undertake your >> own anti-virus precautions. Kognitio grants no warranties regarding >> performance, use or quality of any e-mail or attachment and >> undertakes no liability for loss or damage, howsoever caused. >> >> >> This e-mail and any files transmitted with it are strictly >> confidential and intended solely for the use of the individual or >> entity to whom they are addressed. If you are not the intended >> recipient, please delete this e-mail immediately. Any unauthorised >> distribution or copying is strictly prohibited. >> >> Whilst Kognitio endeavours to prevent the transmission of viruses via >> e-mail, we cannot guarantee that any e-mail or attachment is free >> from computer viruses and you are strongly advised to undertake your >> own anti-virus precautions. Kognitio grants no warranties regarding >> performance, use or quality of any e-mail or attachment and >> undertakes no liability for loss or damage, howsoever caused. >> --------------------------------------------------------------------- >> - >> -------- Introducing AppDynamics Lite, a free troubleshooting tool >> for Java/.NET Get 100% visibility into your production application - >> at no cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1___________________________________ >> _ >> ___________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> rge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to >> /dev/null > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people over > there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > ---------------------------------------------------------------------- > -------- Introducing AppDynamics Lite, a free troubleshooting tool for > Java/.NET Get 100% visibility into your production application - at no > cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > ge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > ---------------------------------------------------------------------- > -------- Introducing AppDynamics Lite, a free troubleshooting tool for > Java/.NET Get 100% visibility into your production application - at no > cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1____________________________________ > ___________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 -------------- next part -------------- _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Fri May 31 12:04:43 2013 From: benny at bennyvision.com (C. Bensend) Date: Fri, 31 May 2013 05:04:43 -0500 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF83ACFE2946@VERONA.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> <86ea163877807bf42f57859f75baed28.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF83ACFE2946@VERONA.ucstaff.win.canberra.edu.au> Message-ID: > Ran as nagios user and please find the details below. ( iptables Stopped) > > > [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | > /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l| echo $? > 0 That 'echo $?' was supposed to be on the next line, not a continuation of the command. Can you run that again, but as two separate commands, one right after the other? I want to see the result of your first command (the iptables one). > [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL > Chain INPUT (policy ACCEPT 9089 packets, 3303K bytes) > pkts bytes target prot opt in out source > destination > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > > Chain OUTPUT (policy ACCEPT 7812 packets, 3436K bytes) > pkts bytes target prot opt in out source > destination > [nagios at server ~]$ I'm assuming "server" == "zurich", right? I wonder if you can cut out the first grep and awk, and just look for 'Cid' ? > -----Original Message----- > From: C. Bensend [mailto:benny at bennyvision.com] > Sent: Thursday, 30 May 2013 8:44 PM > To: nagios-users at lists.sourceforge.net > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > > I'm assuming that this check is running *on* the host 'zurich'? > > /var/log/secure should be listing an entry, if sudo is being run. > > Manually, *as the nagios user*, what happens when you do the following? > > /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | \ > /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l echo $? > > > How about just (again, as the nagios user): > > /usr/bin/sudo /sbin/iptables -nvL > > >> Please find the details >> >> Sudoers Definition:- >> >> nagios zurich= NOPASSWD: /sbin/iptables, >> /usr/local/nagios/libexec/check_iptables.sh, >> /usr/local/nagios/libexec/check_nrpe >> >> /var/log/secure: >> >> su: pam_unix(su:session): session opened for user nagios by >> root(uid=0) >> su: pam_unix(su:session): session closed for user nagios >> >> >> >> -----Original Message----- >> From: C. Bensend [mailto:benny at bennyvision.com] >> Sent: Wednesday, 29 May 2013 7:59 PM >> To: >> nagios-users at lists.sourceforge.net >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> >> Where's your sudoers definition that allows the nagios user to run any >> commands via sudo? >> >> And what does /var/log/secure (or equivalent) think about the nagios >> user trying to run sudo? >> >> >>> I have tested with nagios user as well.. still no luck with that. >>> Could you some one update if you have any solution on this case. >>> >>> Kind Regards, >>> Thilak >>> >>> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >>> Sent: Tuesday, 14 May 2013 7:30 PM >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Ok - if I look at your output, manually, when the plugin is run as >>> the "root" user it produces the correct result. >>> >>> But, you haven't said what the nrpe user is that is running on the >>> remote node and whether the same manual run of the check produces >>> the same output. >>> For example, I run remote plugins through nrpe as the "nagios" user >>> so if I want to manually test a plugin on the remote node, I would >>> first login as the nagios user to ensure I've got the same >>> environment that would be used when running via nrpe. It might be >>> that the variables you have set in the script only work as the root >>> user. It's never a good idea to test as the root user but only as >>> the same user as that used by nagios or nrpe. >>> >>> Regards, >>> Deborah >>> >>> From: Thilakraj.Shanmugam >>> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >>> Sent: 14 May 2013 09:58 >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Hi Deborah, Thanks for the response.. please find the details below. >>> >>> >>> [root at abc libexec]# pwd >>> /usr/local/nagios/libexec >>> [root at abc libexec]# ./check_iptables.sh >>> <----- Executing manually script >>> + IPT=/sbin/iptables >>> + GREP=/bin/grep >>> + AWK=/bin/awk >>> + EXPR=/usr/bin/expr >>> + WC=/usr/bin/wc >>> + A=/usr/bin/sudo >>> + E_SUCCESS=0 >>> + E_CRITICAL=2 >>> + E_UNKNOWN=3 >>> ++ /usr/bin/sudo /sbin/iptables -nvL >>> ++ /bin/grep Chain >>> ++ /bin/awk '{ print $2 }' >>> ++ /bin/grep Cid >>> ++ /usr/bin/wc -l >>> + CHAINS=5 >>> + '[' 5 -ne 0 ']' >>> + echo 'Firewall is running!' >>> Firewall is running! >>> + exit 0 >>> <------ it shows >>> firewall >>> running ( correct output ) >>> [root at abc libexec]# >>> >>> >>> Client - NRPE config file >>> >>> [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i >>> iptable >>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>> [root at abc libexec]# >>> >>> >>> [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables >>> Firewall is not running >>> <----- executing >>> via >>> check_nrpe ( wrong output ) >>> [root at abc libexec]# >>> >>> >>> NRPE Logs >>> ------------- >>> >>> May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% >>> -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w >>> 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All >>> network traffic will be encrypted. >>> May 14 18:52:28 abc nrpe[31158]: Handling the connection... >>> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >>> 'check_iptables' to be run... >>> May 14 18:52:28 abc nrpe[31158]: Running command: >>> /usr/local/nagios/libexec/check_iptables.sh >>> May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 >>> and >>> output: Firewall is not running >>> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is >>> not running >>> >>> >>> Kind Regards, >>> Thilak >>> >>> >>> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >>> Sent: Tuesday, 14 May 2013 6:44 PM >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Hi, >>> What is the wrong output being returned ? This might give us all a >>> clue as to the cause of the problem. >>> When you run the check manually, are you doing this as the same user >>> that check_nrpe will use ? >>> >>> Regards, >>> Deborah >>> >>> >>> >>> From: Thilakraj.Shanmugam >>> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >>> Sent: 14 May 2013 08:43 >>> To: >>> nagios-users at lists.sourceforge.net >>> r>> .sourcefor> >>> ge.net> >>> Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Greetings! >>> >>> Could someone send me nagios plugin which is tested and works well >>> for monitoring IPTABLES in Linux. >>> >>> I have tested below script but it is not returning correct output to >>> nagios server. >>> >>> If I execute script manually, it shows correct output... >>> >>> But if I execute via ./check_nrpe - H localhost -c check_iptables, >>> it shows wrong output. >>> >>> >>> >>> Below is my plugin >>> ------------------------------ >>> >>> #!/bin/bash >>> set -x >>> >>> IPT='/sbin/iptables' >>> GREP='/bin/grep' >>> AWK='/bin/awk' >>> EXPR='/usr/bin/expr' >>> WC='/usr/bin/wc' >>> A='/usr/bin/sudo' >>> >>> E_SUCCESS="0" >>> E_CRITICAL="2" >>> E_UNKNOWN="3" >>> >>> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid >>> | $WC -l` >>> >>> if [ $CHAINS -ne 0 ] ; then >>> echo "Firewall is running!" >>> exit ${E_SUCCESS} >>> >>> elif [ $CHAINS -eq 0 ] ; then >>> echo "Firewall is not running" >>> exit ${E_CRITICAL} >>> fi >>> >>> >>> >>> This e-mail and any files transmitted with it are strictly >>> confidential and intended solely for the use of the individual or >>> entity to whom they are addressed. If you are not the intended >>> recipient, please delete this e-mail immediately. Any unauthorised >>> distribution or copying is strictly prohibited. >>> >>> Whilst Kognitio endeavours to prevent the transmission of viruses via >>> e-mail, we cannot guarantee that any e-mail or attachment is free >>> from computer viruses and you are strongly advised to undertake your >>> own anti-virus precautions. Kognitio grants no warranties regarding >>> performance, use or quality of any e-mail or attachment and >>> undertakes no liability for loss or damage, howsoever caused. >>> >>> >>> This e-mail and any files transmitted with it are strictly >>> confidential and intended solely for the use of the individual or >>> entity to whom they are addressed. If you are not the intended >>> recipient, please delete this e-mail immediately. Any unauthorised >>> distribution or copying is strictly prohibited. >>> >>> Whilst Kognitio endeavours to prevent the transmission of viruses via >>> e-mail, we cannot guarantee that any e-mail or attachment is free >>> from computer viruses and you are strongly advised to undertake your >>> own anti-virus precautions. Kognitio grants no warranties regarding >>> performance, use or quality of any e-mail or attachment and >>> undertakes no liability for loss or damage, howsoever caused. >>> --------------------------------------------------------------------- >>> - >>> -------- Introducing AppDynamics Lite, a free troubleshooting tool >>> for Java/.NET Get 100% visibility into your production application - >>> at no cost. >>> Code-level diagnostics for performance bottlenecks with <2% overhead >>> Download for free and get started troubleshooting in minutes. >>> http://p.sf.net/sfu/appdyn_d2d_ap1___________________________________ >>> _ >>> ___________ >>> Nagios-users mailing list >>> Nagios-users at lists.sourceforge.net >>> rge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >>> ::: Please include Nagios version, plugin version (-v) and OS when >>> reporting any issue. >>> ::: Messages without supporting info will risk being sent to >>> /dev/null >> >> >> -- >> "The very existence of flamethrowers proves that sometime, somewhere, >> someone said to themselves, 'You know, I want to set those people over >> there on fire, but I'm just not close enough to get the job >> done.'" -- George Carlin >> >> >> ---------------------------------------------------------------------- >> -------- Introducing AppDynamics Lite, a free troubleshooting tool for >> Java/.NET Get 100% visibility into your production application - at no >> cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1 >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> ge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null >> >> ---------------------------------------------------------------------- >> -------- Introducing AppDynamics Lite, a free troubleshooting tool for >> Java/.NET Get 100% visibility into your production application - at no >> cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1____________________________________ >> ___________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people over > there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2_______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From Thilakraj.Shanmugam at canberra.edu.au Fri May 31 13:11:52 2013 From: Thilakraj.Shanmugam at canberra.edu.au (Thilakraj.Shanmugam) Date: Fri, 31 May 2013 11:11:52 +0000 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> <86ea163877807bf42f57859f75baed28.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF83ACFE2946@VERONA.ucstaff.win.canberra.edu.au> Message-ID: <7AD7AD85066563428C24C1317A33EF83ACFE41D4@VERONA.ucstaff.win.canberra.edu.au> Please find the details.. [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l 0 [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep Cid | /usr/bin/wc -l 0 [nagios at server ~]$ [nagios at server ~]$ echo $? 0 [nagios at servef ~]$ Yes, Server = zurich -----Original Message----- From: C. Bensend [mailto:benny at bennyvision.com] Sent: Friday, 31 May 2013 8:05 PM To: nagios-users at lists.sourceforge.net Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > Ran as nagios user and please find the details below. ( iptables > Stopped) > > > [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep > 'Chain' | /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l| echo $? > 0 That 'echo $?' was supposed to be on the next line, not a continuation of the command. Can you run that again, but as two separate commands, one right after the other? I want to see the result of your first command (the iptables one). > [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL Chain INPUT > (policy ACCEPT 9089 packets, 3303K bytes) > pkts bytes target prot opt in out source > destination > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > > Chain OUTPUT (policy ACCEPT 7812 packets, 3436K bytes) > pkts bytes target prot opt in out source > destination > [nagios at server ~]$ I'm assuming "server" == "zurich", right? I wonder if you can cut out the first grep and awk, and just look for 'Cid' ? > -----Original Message----- > From: C. Bensend [mailto:benny at bennyvision.com] > Sent: Thursday, 30 May 2013 8:44 PM > To: nagios-users at lists.sourceforge.net > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > > I'm assuming that this check is running *on* the host 'zurich'? > > /var/log/secure should be listing an entry, if sudo is being run. > > Manually, *as the nagios user*, what happens when you do the following? > > /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | \ > /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l echo $? > > > How about just (again, as the nagios user): > > /usr/bin/sudo /sbin/iptables -nvL > > >> Please find the details >> >> Sudoers Definition:- >> >> nagios zurich= NOPASSWD: /sbin/iptables, >> /usr/local/nagios/libexec/check_iptables.sh, >> /usr/local/nagios/libexec/check_nrpe >> >> /var/log/secure: >> >> su: pam_unix(su:session): session opened for user nagios by >> root(uid=0) >> su: pam_unix(su:session): session closed for user nagios >> >> >> >> -----Original Message----- >> From: C. Bensend [mailto:benny at bennyvision.com] >> Sent: Wednesday, 29 May 2013 7:59 PM >> To: >> nagios-users at lists.sourceforge.net> rge.net> >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> >> Where's your sudoers definition that allows the nagios user to run >> any commands via sudo? >> >> And what does /var/log/secure (or equivalent) think about the nagios >> user trying to run sudo? >> >> >>> I have tested with nagios user as well.. still no luck with that. >>> Could you some one update if you have any solution on this case. >>> >>> Kind Regards, >>> Thilak >>> >>> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >>> Sent: Tuesday, 14 May 2013 7:30 PM >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Ok - if I look at your output, manually, when the plugin is run as >>> the "root" user it produces the correct result. >>> >>> But, you haven't said what the nrpe user is that is running on the >>> remote node and whether the same manual run of the check produces >>> the same output. >>> For example, I run remote plugins through nrpe as the "nagios" user >>> so if I want to manually test a plugin on the remote node, I would >>> first login as the nagios user to ensure I've got the same >>> environment that would be used when running via nrpe. It might be >>> that the variables you have set in the script only work as the root >>> user. It's never a good idea to test as the root user but only as >>> the same user as that used by nagios or nrpe. >>> >>> Regards, >>> Deborah >>> >>> From: Thilakraj.Shanmugam >>> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >>> Sent: 14 May 2013 09:58 >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Hi Deborah, Thanks for the response.. please find the details below. >>> >>> >>> [root at abc libexec]# pwd >>> /usr/local/nagios/libexec >>> [root at abc libexec]# ./check_iptables.sh >>> <----- Executing manually script >>> + IPT=/sbin/iptables >>> + GREP=/bin/grep >>> + AWK=/bin/awk >>> + EXPR=/usr/bin/expr >>> + WC=/usr/bin/wc >>> + A=/usr/bin/sudo >>> + E_SUCCESS=0 >>> + E_CRITICAL=2 >>> + E_UNKNOWN=3 >>> ++ /usr/bin/sudo /sbin/iptables -nvL /bin/grep Chain /bin/awk '{ >>> ++ print $2 }' >>> ++ /bin/grep Cid >>> ++ /usr/bin/wc -l >>> + CHAINS=5 >>> + '[' 5 -ne 0 ']' >>> + echo 'Firewall is running!' >>> Firewall is running! >>> + exit 0 >>> <------ it shows >>> firewall >>> running ( correct output ) >>> [root at abc libexec]# >>> >>> >>> Client - NRPE config file >>> >>> [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i >>> iptable >>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>> [root at abc libexec]# >>> >>> >>> [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables >>> Firewall is not running >>> <----- >>> executing via >>> check_nrpe ( wrong output ) >>> [root at abc libexec]# >>> >>> >>> NRPE Logs >>> ------------- >>> >>> May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w >>> 15% -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w >>> 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All >>> network traffic will be encrypted. >>> May 14 18:52:28 abc nrpe[31158]: Handling the connection... >>> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >>> 'check_iptables' to be run... >>> May 14 18:52:28 abc nrpe[31158]: Running command: >>> /usr/local/nagios/libexec/check_iptables.sh >>> May 14 18:52:28 abc nrpe[31158]: Command completed with return code >>> 2 and >>> output: Firewall is not running >>> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is >>> not running >>> >>> >>> Kind Regards, >>> Thilak >>> >>> >>> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >>> Sent: Tuesday, 14 May 2013 6:44 PM >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Hi, >>> What is the wrong output being returned ? This might give us all a >>> clue as to the cause of the problem. >>> When you run the check manually, are you doing this as the same user >>> that check_nrpe will use ? >>> >>> Regards, >>> Deborah >>> >>> >>> >>> From: Thilakraj.Shanmugam >>> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >>> Sent: 14 May 2013 08:43 >>> To: >>> nagios-users at lists.sourceforge.net>> o>> s.sourcefo> >>> r>> s >>> .sourcefor> >>> ge.net> >>> Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Greetings! >>> >>> Could someone send me nagios plugin which is tested and works well >>> for monitoring IPTABLES in Linux. >>> >>> I have tested below script but it is not returning correct output to >>> nagios server. >>> >>> If I execute script manually, it shows correct output... >>> >>> But if I execute via ./check_nrpe - H localhost -c check_iptables, >>> it shows wrong output. >>> >>> >>> >>> Below is my plugin >>> ------------------------------ >>> >>> #!/bin/bash >>> set -x >>> >>> IPT='/sbin/iptables' >>> GREP='/bin/grep' >>> AWK='/bin/awk' >>> EXPR='/usr/bin/expr' >>> WC='/usr/bin/wc' >>> A='/usr/bin/sudo' >>> >>> E_SUCCESS="0" >>> E_CRITICAL="2" >>> E_UNKNOWN="3" >>> >>> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP >>> Cid >>> | $WC -l` >>> >>> if [ $CHAINS -ne 0 ] ; then >>> echo "Firewall is running!" >>> exit ${E_SUCCESS} >>> >>> elif [ $CHAINS -eq 0 ] ; then >>> echo "Firewall is not running" >>> exit ${E_CRITICAL} >>> fi >>> >>> >>> >>> This e-mail and any files transmitted with it are strictly >>> confidential and intended solely for the use of the individual or >>> entity to whom they are addressed. If you are not the intended >>> recipient, please delete this e-mail immediately. Any unauthorised >>> distribution or copying is strictly prohibited. >>> >>> Whilst Kognitio endeavours to prevent the transmission of viruses >>> via e-mail, we cannot guarantee that any e-mail or attachment is >>> free from computer viruses and you are strongly advised to undertake >>> your own anti-virus precautions. Kognitio grants no warranties >>> regarding performance, use or quality of any e-mail or attachment >>> and undertakes no liability for loss or damage, howsoever caused. >>> >>> >>> This e-mail and any files transmitted with it are strictly >>> confidential and intended solely for the use of the individual or >>> entity to whom they are addressed. If you are not the intended >>> recipient, please delete this e-mail immediately. Any unauthorised >>> distribution or copying is strictly prohibited. >>> >>> Whilst Kognitio endeavours to prevent the transmission of viruses >>> via e-mail, we cannot guarantee that any e-mail or attachment is >>> free from computer viruses and you are strongly advised to undertake >>> your own anti-virus precautions. Kognitio grants no warranties >>> regarding performance, use or quality of any e-mail or attachment >>> and undertakes no liability for loss or damage, howsoever caused. >>> -------------------------------------------------------------------- >>> - >>> - >>> -------- Introducing AppDynamics Lite, a free troubleshooting tool >>> for Java/.NET Get 100% visibility into your production application - >>> at no cost. >>> Code-level diagnostics for performance bottlenecks with <2% overhead >>> Download for free and get started troubleshooting in minutes. >>> http://p.sf.net/sfu/appdyn_d2d_ap1__________________________________ >>> _ >>> _ >>> ___________ >>> Nagios-users mailing list >>> Nagios-users at lists.sourceforge.net>> o>> s.sourcefo> rge.net> >>> https://lists.sourceforge.net/lists/listinfo/nagios-users >>> ::: Please include Nagios version, plugin version (-v) and OS when >>> reporting any issue. >>> ::: Messages without supporting info will risk being sent to >>> /dev/null >> >> >> -- >> "The very existence of flamethrowers proves that sometime, somewhere, >> someone said to themselves, 'You know, I want to set those people >> over there on fire, but I'm just not close enough to get the job >> done.'" -- George Carlin >> >> >> --------------------------------------------------------------------- >> - >> -------- Introducing AppDynamics Lite, a free troubleshooting tool >> for Java/.NET Get 100% visibility into your production application - >> at no cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1 >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net> r> .sourcefor> ge.net> >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to >> /dev/null >> >> --------------------------------------------------------------------- >> - >> -------- Introducing AppDynamics Lite, a free troubleshooting tool >> for Java/.NET Get 100% visibility into your production application - >> at no cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1___________________________________ >> _ >> ___________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net> rge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to >> /dev/null > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people over > there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > ---------------------------------------------------------------------- > -------- Introducing AppDynamics Lite, a free troubleshooting tool for > Java/.NET Get 100% visibility into your production application - at no > cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net ge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > ---------------------------------------------------------------------- > -------- Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production Get down to > code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2____________________________________ > ___________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null From benny at bennyvision.com Fri May 31 14:36:17 2013 From: benny at bennyvision.com (C. Bensend) Date: Fri, 31 May 2013 07:36:17 -0500 Subject: Nagios Plugin for IPTABLES Monitoring In-Reply-To: <7AD7AD85066563428C24C1317A33EF83ACFE41D4@VERONA.ucstaff.win.canberra.edu.au> References: <7AD7AD85066563428C24C1317A33EF8350B31BB7@genoa.ucstaff.win.canberra.edu.au> <9bfb3d7160274037a5ec1838584ac8db@DBXPR03MB062.eurprd03.prod.outlook.com> <7AD7AD85066563428C24C1317A33EF8350B31CFB@genoa.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF8350B3E021@genoa.ucstaff.win.canberra.edu.au> <3d9843402dfd3a11a185fd7b076557c6.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF8350B3E997@genoa.ucstaff.win.canberra.edu.au> <86ea163877807bf42f57859f75baed28.squirrel@webmail.stinkweasel.net> <7AD7AD85066563428C24C1317A33EF83ACFE2946@VERONA.ucstaff.win.canberra.edu.au> <7AD7AD85066563428C24C1317A33EF83ACFE41D4@VERONA.ucstaff.win.canberra.edu.au> Message-ID: <40b7062bc70885a8d5b6b06232828a65.squirrel@webmail.stinkweasel.net> OK. So, what differs when you try that first command when iptables *is* running? > Please find the details.. > > [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' > | /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l > 0 > [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep Cid | > /usr/bin/wc -l > 0 > [nagios at server ~]$ > [nagios at server ~]$ echo $? > 0 > [nagios at servef ~]$ > > Yes, Server = zurich > -----Original Message----- > From: C. Bensend [mailto:benny at bennyvision.com] > Sent: Friday, 31 May 2013 8:05 PM > To: nagios-users at lists.sourceforge.net > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > >> Ran as nagios user and please find the details below. ( iptables >> Stopped) >> >> >> [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep >> 'Chain' | /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l| echo >> $? >> 0 > > That 'echo $?' was supposed to be on the next line, not a continuation of > the command. Can you run that again, but as two separate commands, one > right after the other? I want to see the result of your first command > (the iptables one). > >> [nagios at server ~]$ /usr/bin/sudo /sbin/iptables -nvL Chain INPUT >> (policy ACCEPT 9089 packets, 3303K bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain OUTPUT (policy ACCEPT 7812 packets, 3436K bytes) >> pkts bytes target prot opt in out source >> destination >> [nagios at server ~]$ > > I'm assuming "server" == "zurich", right? > > I wonder if you can cut out the first grep and awk, and just look for > 'Cid' ? > > >> -----Original Message----- >> From: C. Bensend [mailto:benny at bennyvision.com] >> Sent: Thursday, 30 May 2013 8:44 PM >> To: nagios-users at lists.sourceforge.net >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> >> I'm assuming that this check is running *on* the host 'zurich'? >> >> /var/log/secure should be listing an entry, if sudo is being run. >> >> Manually, *as the nagios user*, what happens when you do the following? >> >> /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | \ >> /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l echo $? >> >> >> How about just (again, as the nagios user): >> >> /usr/bin/sudo /sbin/iptables -nvL >> >> >>> Please find the details >>> >>> Sudoers Definition:- >>> >>> nagios zurich= NOPASSWD: /sbin/iptables, >>> /usr/local/nagios/libexec/check_iptables.sh, >>> /usr/local/nagios/libexec/check_nrpe >>> >>> /var/log/secure: >>> >>> su: pam_unix(su:session): session opened for user nagios by >>> root(uid=0) >>> su: pam_unix(su:session): session closed for user nagios >>> >>> >>> >>> -----Original Message----- >>> From: C. Bensend [mailto:benny at bennyvision.com] >>> Sent: Wednesday, 29 May 2013 7:59 PM >>> To: >>> nagios-users at lists.sourceforge.net>> rge.net> >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> >>> Where's your sudoers definition that allows the nagios user to run >>> any commands via sudo? >>> >>> And what does /var/log/secure (or equivalent) think about the nagios >>> user trying to run sudo? >>> >>> >>>> I have tested with nagios user as well.. still no luck with that. >>>> Could you some one update if you have any solution on this case. >>>> >>>> Kind Regards, >>>> Thilak >>>> >>>> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >>>> Sent: Tuesday, 14 May 2013 7:30 PM >>>> To: Nagios Users List >>>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>>> >>>> Ok - if I look at your output, manually, when the plugin is run as >>>> the "root" user it produces the correct result. >>>> >>>> But, you haven't said what the nrpe user is that is running on the >>>> remote node and whether the same manual run of the check produces >>>> the same output. >>>> For example, I run remote plugins through nrpe as the "nagios" user >>>> so if I want to manually test a plugin on the remote node, I would >>>> first login as the nagios user to ensure I've got the same >>>> environment that would be used when running via nrpe. It might be >>>> that the variables you have set in the script only work as the root >>>> user. It's never a good idea to test as the root user but only as >>>> the same user as that used by nagios or nrpe. >>>> >>>> Regards, >>>> Deborah >>>> >>>> From: Thilakraj.Shanmugam >>>> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >>>> Sent: 14 May 2013 09:58 >>>> To: Nagios Users List >>>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>>> >>>> Hi Deborah, Thanks for the response.. please find the details below. >>>> >>>> >>>> [root at abc libexec]# pwd >>>> /usr/local/nagios/libexec >>>> [root at abc libexec]# ./check_iptables.sh >>>> <----- Executing manually script >>>> + IPT=/sbin/iptables >>>> + GREP=/bin/grep >>>> + AWK=/bin/awk >>>> + EXPR=/usr/bin/expr >>>> + WC=/usr/bin/wc >>>> + A=/usr/bin/sudo >>>> + E_SUCCESS=0 >>>> + E_CRITICAL=2 >>>> + E_UNKNOWN=3 >>>> ++ /usr/bin/sudo /sbin/iptables -nvL /bin/grep Chain /bin/awk '{ >>>> ++ print $2 }' >>>> ++ /bin/grep Cid >>>> ++ /usr/bin/wc -l >>>> + CHAINS=5 >>>> + '[' 5 -ne 0 ']' >>>> + echo 'Firewall is running!' >>>> Firewall is running! >>>> + exit 0 >>>> <------ it shows >>>> firewall >>>> running ( correct output ) >>>> [root at abc libexec]# >>>> >>>> >>>> Client - NRPE config file >>>> >>>> [root at abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i >>>> iptable >>>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>>> [root at abc libexec]# >>>> >>>> >>>> [root at abc libexec]# ./check_nrpe -H localhost -c check_iptables >>>> Firewall is not running >>>> <----- >>>> executing via >>>> check_nrpe ( wrong output ) >>>> [root at abc libexec]# >>>> >>>> >>>> NRPE Logs >>>> ------------- >>>> >>>> May 14 18:52:28 abc nrpe[31158]: Added >>>> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w >>>> 15% -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added >>>> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w >>>> 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added >>>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>>> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All >>>> network traffic will be encrypted. >>>> May 14 18:52:28 abc nrpe[31158]: Handling the connection... >>>> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >>>> 'check_iptables' to be run... >>>> May 14 18:52:28 abc nrpe[31158]: Running command: >>>> /usr/local/nagios/libexec/check_iptables.sh >>>> May 14 18:52:28 abc nrpe[31158]: Command completed with return code >>>> 2 and >>>> output: Firewall is not running >>>> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is >>>> not running >>>> >>>> >>>> Kind Regards, >>>> Thilak >>>> >>>> >>>> From: Deborah Martin [mailto:Deborah.Martin at kognitio.com] >>>> Sent: Tuesday, 14 May 2013 6:44 PM >>>> To: Nagios Users List >>>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>>> >>>> Hi, >>>> What is the wrong output being returned ? This might give us all a >>>> clue as to the cause of the problem. >>>> When you run the check manually, are you doing this as the same user >>>> that check_nrpe will use ? >>>> >>>> Regards, >>>> Deborah >>>> >>>> >>>> >>>> From: Thilakraj.Shanmugam >>>> [mailto:Thilakraj.Shanmugam at canberra.edu.au] >>>> Sent: 14 May 2013 08:43 >>>> To: >>>> nagios-users at lists.sourceforge.net>>> o>>> s.sourcefo> >>>> r>>> s >>>> .sourcefor> >>>> ge.net> >>>> Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>>> >>>> Greetings! >>>> >>>> Could someone send me nagios plugin which is tested and works well >>>> for monitoring IPTABLES in Linux. >>>> >>>> I have tested below script but it is not returning correct output to >>>> nagios server. >>>> >>>> If I execute script manually, it shows correct output... >>>> >>>> But if I execute via ./check_nrpe - H localhost -c check_iptables, >>>> it shows wrong output. >>>> >>>> >>>> >>>> Below is my plugin >>>> ------------------------------ >>>> >>>> #!/bin/bash >>>> set -x >>>> >>>> IPT='/sbin/iptables' >>>> GREP='/bin/grep' >>>> AWK='/bin/awk' >>>> EXPR='/usr/bin/expr' >>>> WC='/usr/bin/wc' >>>> A='/usr/bin/sudo' >>>> >>>> E_SUCCESS="0" >>>> E_CRITICAL="2" >>>> E_UNKNOWN="3" >>>> >>>> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP >>>> Cid >>>> | $WC -l` >>>> >>>> if [ $CHAINS -ne 0 ] ; then >>>> echo "Firewall is running!" >>>> exit ${E_SUCCESS} >>>> >>>> elif [ $CHAINS -eq 0 ] ; then >>>> echo "Firewall is not running" >>>> exit ${E_CRITICAL} >>>> fi >>>> >>>> >>>> >>>> This e-mail and any files transmitted with it are strictly >>>> confidential and intended solely for the use of the individual or >>>> entity to whom they are addressed. If you are not the intended >>>> recipient, please delete this e-mail immediately. Any unauthorised >>>> distribution or copying is strictly prohibited. >>>> >>>> Whilst Kognitio endeavours to prevent the transmission of viruses >>>> via e-mail, we cannot guarantee that any e-mail or attachment is >>>> free from computer viruses and you are strongly advised to undertake >>>> your own anti-virus precautions. Kognitio grants no warranties >>>> regarding performance, use or quality of any e-mail or attachment >>>> and undertakes no liability for loss or damage, howsoever caused. >>>> >>>> >>>> This e-mail and any files transmitted with it are strictly >>>> confidential and intended solely for the use of the individual or >>>> entity to whom they are addressed. If you are not the intended >>>> recipient, please delete this e-mail immediately. Any unauthorised >>>> distribution or copying is strictly prohibited. >>>> >>>> Whilst Kognitio endeavours to prevent the transmission of viruses >>>> via e-mail, we cannot guarantee that any e-mail or attachment is >>>> free from computer viruses and you are strongly advised to undertake >>>> your own anti-virus precautions. Kognitio grants no warranties >>>> regarding performance, use or quality of any e-mail or attachment >>>> and undertakes no liability for loss or damage, howsoever caused. >>>> -------------------------------------------------------------------- >>>> - >>>> - >>>> -------- Introducing AppDynamics Lite, a free troubleshooting tool >>>> for Java/.NET Get 100% visibility into your production application - >>>> at no cost. >>>> Code-level diagnostics for performance bottlenecks with <2% overhead >>>> Download for free and get started troubleshooting in minutes. >>>> http://p.sf.net/sfu/appdyn_d2d_ap1__________________________________ >>>> _ >>>> _ >>>> ___________ >>>> Nagios-users mailing list >>>> Nagios-users at lists.sourceforge.net>>> o>>> s.sourcefo> rge.net> >>>> https://lists.sourceforge.net/lists/listinfo/nagios-users >>>> ::: Please include Nagios version, plugin version (-v) and OS when >>>> reporting any issue. >>>> ::: Messages without supporting info will risk being sent to >>>> /dev/null >>> >>> >>> -- >>> "The very existence of flamethrowers proves that sometime, somewhere, >>> someone said to themselves, 'You know, I want to set those people >>> over there on fire, but I'm just not close enough to get the job >>> done.'" -- George Carlin >>> >>> >>> --------------------------------------------------------------------- >>> - >>> -------- Introducing AppDynamics Lite, a free troubleshooting tool >>> for Java/.NET Get 100% visibility into your production application - >>> at no cost. >>> Code-level diagnostics for performance bottlenecks with <2% overhead >>> Download for free and get started troubleshooting in minutes. >>> http://p.sf.net/sfu/appdyn_d2d_ap1 >>> _______________________________________________ >>> Nagios-users mailing list >>> Nagios-users at lists.sourceforge.net>> r>> .sourcefor> ge.net> >>> https://lists.sourceforge.net/lists/listinfo/nagios-users >>> ::: Please include Nagios version, plugin version (-v) and OS when >>> reporting any issue. >>> ::: Messages without supporting info will risk being sent to >>> /dev/null >>> >>> --------------------------------------------------------------------- >>> - >>> -------- Introducing AppDynamics Lite, a free troubleshooting tool >>> for Java/.NET Get 100% visibility into your production application - >>> at no cost. >>> Code-level diagnostics for performance bottlenecks with <2% overhead >>> Download for free and get started troubleshooting in minutes. >>> http://p.sf.net/sfu/appdyn_d2d_ap1___________________________________ >>> _ >>> ___________ >>> Nagios-users mailing list >>> Nagios-users at lists.sourceforge.net>> rge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >>> ::: Please include Nagios version, plugin version (-v) and OS when >>> reporting any issue. >>> ::: Messages without supporting info will risk being sent to >>> /dev/null >> >> >> -- >> "The very existence of flamethrowers proves that sometime, somewhere, >> someone said to themselves, 'You know, I want to set those people over >> there on fire, but I'm just not close enough to get the job >> done.'" -- George Carlin >> >> >> ---------------------------------------------------------------------- >> -------- Introducing AppDynamics Lite, a free troubleshooting tool for >> Java/.NET Get 100% visibility into your production application - at no >> cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1 >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net> ge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null >> >> ---------------------------------------------------------------------- >> -------- Get 100% visibility into Java/.NET code with AppDynamics Lite >> It's a free troubleshooting tool designed for production Get down to >> code-level detail for bottlenecks, with <2% overhead. >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap2____________________________________ >> ___________ >> Nagios-users mailing list >> Nagios-users at lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people over > there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2 > _______________________________________________ > Nagios-users mailing list > Nagios-users at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null