Monday, September 15, 2014

How to install Nagios Monitoring Server and configuration setup




How to Configure Nagios Server on CentOS-5

Introduction
This guide is intended to provide you with simple instructions on how to install Nagios from source
(code) on Fedora and have it monitoring your local machine inside of 20 minutes. No advanced
installation options are discussed here - just the basics that will work for 95% of users who want to get started. These instructions were written based on a standard Fedora Core 6 Linux distribution.

What You’ll End Up With If you follow these instructions, here’s what you’ll end up with:
Nagios and the plugins will be installed underneath /usr/local/nagios. Nagios will be configured to monitor a few aspects of your local system (CPU load, disk usage, etc.) The Nagios web interface will be accessible at http://localhost/nagios


Prerequisites:
During portions of the installation you’ll need to have root access to your machine.
Make sure you’ve installed the following packages on your Fedora installation before continuing.
            Apache
            PHP
            GCC compiler
            GD development libraries

You can use yum to install these packages by running the following commands (as root):
yum install httpd php
yum install gcc glibc glibc-common
yum install gd gd-devel

Create a new nagios user account and give it a password.
/usr/sbin/useradd -m nagios
passwd nagios

Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache

2) Download Nagios and the Plugins
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads

Download the source code tarballs of both Nagios and the Nagios plugins (visit
http://www.nagios.org/download/ for links to the latest versions). These directions were tested with Nagios 3.1.1 and Nagios Plugins 1.4.11.

3) Compile and Install Nagios
Extract the Nagios source code tarball.
cd ~/downloads
tar xzf nagios-3.2.3.tar.gz
cd nagios-3.2.3

Run the Nagios configure script, passing the name of the group you created earlier like so:
./configure --with-command-group=nagcmd

Compile the Nagios source code.
make all

Install binaries, init script, sample config files and set permissions on the external command directory.
make install
make install-init
make install-config
make install-commandmode

Don’t start Nagios yet - there’s still more that needs to be done...

4) Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample files should work fine for getting started with Nagios. You’ll need to make just one change before you proceed...

Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you’d like to use for receiving alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg

define contact{
contact_name            nagiosadmin ; Short name of user
use               generic-contact ; Inherit default values from generic-contact template (defined above)
alias                   Kedar ; Full name of user
email                   kedar@nitty-witty.com ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
}

5) Configure the Web Interface
Install the Nagios web config file in the Apache conf.d directory.
make install-webconf

Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account - you’ll need it later.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Restart Apache to make the new settings take effect.
service httpd restart

Note: Consider implementing the enhanced CGI security measures described here to ensure that
your web authentication credentials are not compromised.

6) Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
cd ~/downloads
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11

Compile and install the plugins.
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install

7) Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig --add nagios
chkconfig nagios on

Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If there are no errors, start Nagios.
service nagios start

8) Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This can result in "Internal Server Error" messages when you attempt to access the Nagios CGIs.
See if SELinux is in Enforcing mode.
getenforce

Put SELinux into Permissive mode.
setenforce 0

To make this change permanent, you’ll have to modify the settings in /etc/selinux/config and reboot.
Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:
chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

9) Login to the Web Interface
You should now be able to access the Nagios web interface at the URL below. You’ll be prompted for the username (nagiosadmin) and password you specified earlier.
http://localhost/nagios/

reset nagios admin password:
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Click on the "Service Detail" navbar link to see details of what's being monitored on your local machine. It will take a few minutes for Nagios to check all the services associated with your machine, as the checks are spread out over time.
===========================================================

Define Host for a local machine:

Edit
# vi /usr/local/nagios/etc/objects/localhost.cfg

define host{
        use                     linux-server           
        host_name               localhost
        alias                   localhost
        address                 127.0.0.1
        parents                            radius
            check_command           check-host-alive
        notification_period     24x7
        }

# Define a service to "ping" the local machine

define service{
        use                             local-service        
        host_name                       localhost
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60%
        }

tly running procs
# on the local machine.  Warning if > 250 processes, critical if
# > 400 users.

define service{
        use                             local-service         ; Name of service template to use
        host_name                       localhost
        service_description             Total Processes
        check_command                   check_local_procs!250!400!RSZDT
        }
 
REMOTE HOST (LINUX MACHINE) CONFIGURATION :

Steps to install Nagios Plugins and NRPE on the “remote host”: (CLIENT)

1. Download Nagios Plugins and NRPE Add-on
Download following files from Nagios.org and move to /home/downloads:
nagios-plugins-1.4.11.tar.gz
nrpe-2.12.tar.gz
2. Create nagios account
[remotehost]# useradd nagios
[remotehost]# passwd nagios

3. Install nagios-plugin
[remotehost]# cd /home/downloads
[remotehost]# tar xvfz nagios-plugins-1.4.11.tar.gz
[remotehost]# cd nagios-plugins-1.4.11
[remotehost]# export LDFLAGS=-ldl

[remotehost]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-redhat-pthread-workaround
[remotehost]# make
[remotehost]# make install

[remotehost]# chown nagios.nagios /usr/local/nagios
[remotehost]# chown -R nagios.nagios /usr/local/nagios/libexec/

Note: On Red Hat, For me the ./configure command was hanging with the the message: “checking for redhat spopen problem…”. Add --enable-redhat-pthread-workaround to the ./configure command as a work-around for the above problem.

4. Install NRPE
[remotehost]# cd /home/downloads
[remotehost]# tar xvfz nrpe-2.12.tar.gz
[remotehost]# cd nrpe-2.12

[remotehost]# ./configure
[remotehost]# make all
[remotehost]# make install-plugin
[remotehost]# make install-daemon
[remotehost]# make install-daemon-config
[remotehost]# make install-xinetd

5. Setup NRPE to run as daemon (i.e as part of xinetd):
Modify the /etc/xinetd.d/nrpe to add the ip-address of the Nagios monitoring server to the only_from directive. Note that there is a space after the 127.0.0.1 and the nagios monitoring server ip-address (in this example, nagios monitoring server ip-address is: 192.168.1.2)
       only_from       = 127.0.0.1 192.168.1.2
Modify the /etc/services and add the following at the end of the file.
       nrpe 5666/tcp # NRPE
Start the service
       [remotehost]#service xinetd restart
Verify whether NRPE is listening
       [remotehost]# netstat -at | grep nrpe
       tcp 0      0 *:nrpe *:*                         LISTEN
Verify to make sure the NRPE is functioning properly
[remotehost]# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

6. Modify the /usr/local/nagios/etc/nrpe.cfg
The nrpe.cfg file located on the remote host contains the commands that are needed to check the services on the remote host. By default the nrpe.cfg comes with few standard check commands as samples. check_users and check_load are shown below as an example.
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

In all the check commands, the “-w” stands for “Warning” and “-c” stands for “Critical”. for e.g. in the check_disk command below, if the available disk space gets to 20% of less, nagios will send warning message. If it gets to 10% or less, nagios will send critical message. Change the value of “-c” and “-w” parameter below depending on your environment.
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1

Note: You can execute any of the commands shown in the nrpe.cfg on the command line on remote host and see the results for yourself. For e.g. When I executed the check_disk command on the command line, it displayed the following:
[remotehost]#/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
DISK CRITICAL - free space: / 6420 MB (10% inode=98%);| /=55032MB;51792;58266;0;64741

In the above example, since the free disk space on /dev/hda1 is only 10% , it is displaying the CRITICAL message, which will be returned to nagios server.

III. 4 Configuration steps on the Nagios monitoring server to monitor remote host (SERVER):
.
1. Download NRPE Add-on
Download nrpe-2.12.tar.gz from Nagios.org and move to /home/downloads:
2. Install check_nrpe on the nagios monitoring server
[nagios-server]# tar xvfz nrpe-2.12.tar.gz
[nagios-server]# cd nrpe-2.1.2
[nagios-server]# ./configure
[nagios-server]# make all
[nagios-server]# make install-plugin

./configure will give a configuration summary as shown below:

*** Configuration summary for nrpe 2.12 05-31-2008 ***:
General Options:
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios

Note: I got the “checking for SSL headers… configure: error: Cannot find ssl headers” error message while performing ./configure. Install openssl-devel as shown below and run the ./configure again to fix the problem.

[nagios-server]# rpm -ivh openssl-devel-0.9.7a-43.16.i386.rpm krb5-devel-1.3.4-47.i386.rpm zlib-devel-1.2.1.2-1.2.i386.rpm e2fsprogs-devel-1.35-12.5.
el4.i386.rpm
warning: openssl-devel-0.9.7a-43.16.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing… ########################################### [100%]
1:e2fsprogs-devel ########################################### [ 25%]
2:krb5-devel ########################################### [ 50%]
3:zlib-devel ########################################### [ 75%]
4:openssl-devel ########################################### [100%]

Verify whether nagios monitoring server can talk to the remotehost.
[nagios-server]#/usr/local/nagios/libexec/check_nrpe -H 192.168.1.3
NRPE v2.12

Note: 192.168.1.3 in the ip-address of the remotehost where the NRPE and nagios plugin was installed as explained in Section II above.
3. Create host and service definition for remotehost
Create a new configuration file /usr/local/nagios/etc/objects/remotehost.cfg to define the host and service definition for this particular remotehost. It is good to take the localhost.cfg and copy it as remotehost.cfg and start modifying it according to your needs.

REMOTE HOST SERVICE DEFINITION SAMPLE:

host definition sample:
define host{
        use                                   linux-server
        host_name                       remotehost
        alias                                 remotehost
        address                            192.168.0.5
        contact_groups                admins
        check_command             check-host-alive
        check_interval                 5
        retry_interval                   1
        max_check_attempts      5
        check_period                   24x7      
        notification_interval        30
        notification_options         d,u,r
        }

Service definition sample:
# DEFINE SERVICES:

# Define a service to "ping" the local machine

define service{
        use                             local-service
        host_name                       tipposky
        service_description             PING
        check_period                    24x7
        check_command                   check_ping!100.0,20%!500.0,60%
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             Root Partition
        check_command                   check_nrpe!check_hda1
        check_period                    24x7
        notification_options            w,c,r
        contact_groups                  admins
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             VMWARE Partition
        check_command                   check_nrpe!check_hda2
        check_period                    24x7
        notification_options            w,c,r
        contact_groups                  admins
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             Current Users
        check_period                    24x7
        check_command                   check_local_users!20!50
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             Total Processes
        check_period                    24x7
        check_command                   check_local_procs!250!400!RSZDT
        }
define service{
        use                             local-service
        host_name                       tipposky
        service_description             Current Load
        check_period                    24x7
        check_command                   check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             Swap Usage
        check_period                    24x7
        check_command                   check_local_swap!20!10
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             SSH
        check_period                    24x7
        check_command                   check_ssh!-p 6381
        notifications_enabled           0
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             HTTP
        check_period                    24x7
        check_command                   check_http
        notifications_enabled           0
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             FTP
        check_period                    24x7
        check_command                   check_ftp!21
        }

define service{
        use                             local-service
        host_name                       tipposky
        service_description             QMail Port
        check_period                    24x7
        check_command                   check_tcp!25
        }
define service {
        use                             generic-service
        host_name                       tipposky
        service_description             DNS Service
        check_command                   check_dns!ns1.techmarksolutions.in
        }
Command definitions Sample:
To activate check_nrpe command define a command in commands.cfg file
Edit vi /usr/local/nagios/etc/objects/commands.cfg and add the following:

# 'check_dns' command definition
define command {
        command_name              check_dns
        command_line                 $USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$
        }
# 'check_openvpn' command definition
define command {
        command_name              check_openvpn
        command_line                 /usr/local/nagios/libexec/check_openvpn -t $ARG1$ -p $ARG2$ -n $ARG3$
        }
# 'check_nrpe' command definition
define command{
        command_name              check_nrpe
        command_line                 $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
        }

Note: In all the above examples, replace remotehost with the corresponding hostname of your remotehost.
4. Restart the nagios service
Restart the nagios as shown below and login to the nagios web (http://nagios-server/nagios/) to verify the status of the remotehost linux sever that was added to nagios for monitoring.
[nagios-server]# service nagios reload






HOST GROUP DEFINITION:
# Define an optional hostgroup for Linux machines
# vi /usr/local/nagios/etc/objects/localhost.cfg

define hostgroup{
        hostgroup_name             linux-servers ; The name of the hostgroup
        alias                                 Linux Servers ; Long name of the group
        members                          nagios1, tipposky, kekule, manjilas
        }

define hostgroup{
        hostgroup_name             Radius          ; name of the hostgroup
        alias                                 BroadBand        ; Long name of the group
        members                          radius, MikroTik
        }



REMOTE WINDOWS HOST CONFIGURATION:

Edit the main Nagios config file.
# vi /usr/local/nagios/etc/nagios.cfg

Remove the leading pound (#) sign from the following line in the main configuration file:
#cfg_file=/usr/local/nagios/etc/objects/windows.cfg

Installing the Windows Agent

Before you can begin monitoring private services and attributes of Windows machines, you'll need to install an agent on those machines. I recommend using the NSClient++ addon, which can be found at http://sourceforge.net/projects/nscplus. These instructions will take you through a basic installation of the NSClient++ addon, as well as the configuration of Nagios for monitoring the Windows machine.

1. Download the latest stable version of the NSClient++.msi exe file from /icon

2. Install NSClient++.msi
3. Open the services manager and make sure the NSClientpp service is allowed to interact with the desktop (see the 'Log On' tab of the services manager). If it isn't already allowed to interact with the desktop, check the box to allow it to.

7. Edit the NSC.INI file (located in the C:\Program Files\NSClient++ directory) and make the following changes:
    * Uncomment all the modules listed in the [modules] section, except for CheckWMI.dll and RemoteConfiguration.dll
    * Optionally require a password for clients by changing the 'password' option in the [Settings] section.
    * Uncomment the 'allowed_hosts' option in the [Settings] section. Add the IP address of the Nagios server to this line, or leave it blank to allow all hosts to connect.
    * Make sure the 'port' option in the [NSClient] section is uncommented and set to '12489' (the default port).

8. Start the NSClient++ service from Start menu -> Programmed-> NSClient++ ->
            nsclient++ /start

9. If installed properly, a new icon should appear in your system tray. It will be a yellow circle with a black 'M' inside.

10. Success! The Windows server can now be added to the Nagios monitoring configuration...


WINDOWS HOST CONFIGURATION ON NAGIOS SERVER:

Open the windows.cfg file for editing.

vi /usr/local/nagios/etc/objects/windows.cfg (USE sample windows.cgi file)

DEFINE HOST
# WINDOWS.CFG - SAMPLE CONFIG FILE FOR MONITORING A WINDOWS MACHINE
# NOTES: This config file assumes that you are using the sample configuration
#        files that get installed with the Nagios quickstart guide.

HOST DEFINITIONS
# Define a host for the Windows machine we'll be monitoring
# Change the host_name, alias, and address to fit your situation

define host{
        use                       winserver       ; Inherit default values from a template
        host_name           winhosting      ; The name we're giving to this host
        alias                     windowserver    ; A longer name associated with the host
        address                202.53.88.101   ; IP address of the host
        check_command   check-host-alive
        contact_groups    admins
        notification_period     24x7
        notification_options    d,u,r
        }

HOST GROUP DEFINITIONS
# Define a hostgroup for Windows machines
# All hosts that use the windows-server template will automatically be a member of this group.
define hostgroup{
        hostgroup_name  windows-servers ; The name of the hostgroup
        alias           Windows Servers ; Long name of the group
        }

SERVICE DEFINITIONS

# Create a service for monitoring the version of NSCLient++ that is installed
# Change the host_name to match the name of the host you defined above

define service{
        use                     generic-service
        host_name               winhosting
        service_description     NSClient++ Version
        check_command           check_nt!CLIENTVERSION
        }

# Create a service for monitoring the uptime of the server
# Change the host_name to match the name of the host you defined above

define service{
        use                     generic-service
        host_name               winhosting
        service_description     Uptime
        check_period            24x7
        contact_groups          admins
        notification_period     24x7
        notification_options    w,u,c,r
        check_command           check_nt!UPTIME
        }

# Change the host_name to match the name of the host you defined above
define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          CPU Load
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_nt!CPULOAD!-l 5,80,90
        }

# Create a service for monitoring memory usage
# Change the host_name to match the name of the host you defined above
define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          Memory Usage
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_nt!MEMUSE!-w 80 -c 90
        }

# Create a service for monitoring C:\ disk usage
# Change the host_name to match the name of the host you defined above
define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          C:\ Drive Space
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_nt!USEDDISKSPACE!-l c -w 80 -c 90
        }

define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          D:\ Drive Space
        check_command             check_nt!USEDDISKSPACE!-l d -w 80 -c 90
        }

# Create a service for monitoring the W3SVC service
# Change the host_name to match the name of the host you defined above
define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          W3SVC
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
        }

# Create a service for monitoring the Explorer.exe process
# Change the host_name to match the name of the host you defined above
define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          Explorer
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
        }

define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          FTP
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_ftp
        }

define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          SMTP
        check_command             check_smtp
        }

define service{
        use                                   generic-service
        host_name                       winhosting
        service_description          MS SQL port Check
        check_period                   24x7
        contact_groups                admins
        notification_period          24x7
        notification_options         w,u,c,r
        check_command             check_tcp!1433
        }

define service{
        use                                   generic-service
        host_name                       winhosting
        service_description        MRTG Traffic Link
        check_period                 24x7
        check_command           check_local_mrtgtraf!/var/www/html/mymrtg/
202.53.88.101_65539.log!AVG!1000000,2000000!5000000,5000000!5
        notifications_enabled           0
        }

No comments:

Post a Comment