<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000000"> Do you have something like a nagios.log file? Where Nagios logs its alerts, external commands,etc? You can set this in your nagios.cfg file. In here you should see something like: [1175986495] SERVICE ALERT: ${host};${servicecheck};CRITICAL;SOFT;1;CHECK_NRPE: Could not complete SSL handshake This should give you an idea where the problem lies. - Jeffrey Andy Shellam wrote: <blockquote cite="mid4618B284.4000502@mailnetwork.co.uk" type="cite"> <pre wrap="">Hi Jeffrey, That's what I thought - but as I said, all checks that use NRPE on any of these servers are succeeding, plus the times that the errors are logged do not correspond to a time that Nagios runs a check. Andy. Jeffrey Lensen wrote: </pre> <blockquote type="cite"> <pre wrap="">Hey Andy, Have you tried running your NRPE checkcommands manually? ${NRPE_DIR}/check_nrpe -H ${host} -c ${command} -a ${arguments_if_you_have_any} What does this return? Usually when you get an error like this, it means that you have not specified the ipaddress of the Nagios server (doing the nrpe checkcommands) in the nrpe.cfg on the machine(s) being checked. So make sure you have something like this: allowed_hosts=127.0.0.1,${nagios_ip} Hope this helps, Jeffrey Andy Shellam wrote: </pre> <blockquote type="cite"> <pre wrap="">Hi, I'm running NRPE 2.7.1 on a Fedora 6 machine. My Nagios 2.8 server is talking to it fine, and all NRPE checks are succeeding. However, every 5 minutes I'm getting the following error logged in my /var/log/messages log on the FC6 machine: Apr 8 08:33:58 acs20aa6 nrpe[23649]: Error: Could not complete SSL handshake. 5 Yet when I look in my /var/log/secure log (which stores every command run through sudo from NRPE), I cannot match the SSL handshake error to a time of a check attempt from my Nagios server, e.g. for the above error: Apr 8 08:31:10 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_uptime Apr 8 08:31:10 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_dns -H portland-1.andyshellam.eu -a 89.200.137.203 -t 5 -w 3 -c 5 Apr 8 08:31:10 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_load -w 5,4,3 -c 10,8,6 Apr 8 08:35:18 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_disk -w 25% -c 10% -p / Apr 8 08:35:19 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_procs -w 1:1 -c 1:1 -C named Apr 8 08:35:19 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_swap -w 25% -c 10% Apr 8 08:35:32 acs20aa6 sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_procs -w 150 -c 200 As you can see, there is no check being carried out at 8:33 (the time of the SSL error.) Plus there are no failing NRPE checks on the Nagios server for this host. I'm baffled. I've just checked on 2 of my other machines, which are running NRPE 2.7.1 on Fedora 4 and FreeBSD 6.1, and they both have the same problem - a reported SSL handshake error when no checks were being carried out. Now, on the FreeBSD machine, it has a firewall only letting my Nagios server talk to port 5666, so I know it's not possible for it to be another Nagios machine somewhere. Any ideas what could be causing NRPE to fail a connection attempt every 5 minutes, when it doesn't appear to be Nagios talking to it? Thanks Andy ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash <a class="moz-txt-link-freetext" href="http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV">http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV</a> _______________________________________________ Nagios-users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Nagios-users@lists.sourceforge.net">Nagios-users@lists.sourceforge.net</a> <a class="moz-txt-link-freetext" href="https://lists.sourceforge.net/lists/listinfo/nagios-users">https://lists.sourceforge.net/lists/listinfo/nagios-users</a> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null </pre> </blockquote> <pre wrap=""> !DSPAM:37,4618b06689291545070445! </pre> </blockquote> <pre wrap=""> ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash <a class="moz-txt-link-freetext" href="http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV">http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV</a> _______________________________________________ Nagios-users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Nagios-users@lists.sourceforge.net">Nagios-users@lists.sourceforge.net</a> <a class="moz-txt-link-freetext" href="https://lists.sourceforge.net/lists/listinfo/nagios-users">https://lists.sourceforge.net/lists/listinfo/nagios-users</a> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null </pre> </blockquote> </body> </html>