How to Configure Nagios
Server on CentOS-5
Introduction
This guide is intended to provide you with simple
instructions on how to install Nagios from source
(code) on Fedora and have it monitoring your local machine
inside of 20 minutes. No advanced
installation options are discussed here - just the basics
that will work for 95% of users who want to get started. These instructions
were written based on a standard Fedora Core 6 Linux distribution.
What You’ll End Up With If you follow these instructions,
here’s what you’ll end up with:
Nagios and the plugins will be installed underneath
/usr/local/nagios. Nagios will be configured to monitor a few aspects of your
local system (CPU load, disk usage, etc.) The Nagios web interface will be
accessible at http://localhost/nagios
Prerequisites:
During portions of the installation you’ll need to have root
access to your machine.
Make sure you’ve installed the following packages on your
Fedora installation before continuing.
Apache
PHP
GCC
compiler
GD
development libraries
You can use yum to install these packages by running the
following commands (as root):
yum install httpd php
yum install gcc glibc glibc-common
yum install gd gd-devel
Create a new nagios user account and give it a password.
/usr/sbin/useradd -m nagios
passwd nagios
Create a new nagcmd group for allowing external commands to
be submitted through the web interface. Add both the nagios user and the apache
user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache
2) Download Nagios and the Plugins
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarballs of both Nagios and the
Nagios plugins (visit
http://www.nagios.org/download/ for links to the latest
versions). These directions were tested with Nagios 3.1.1 and Nagios Plugins
1.4.11.
3) Compile and Install Nagios
Extract the Nagios source code tarball.
cd ~/downloads
tar xzf nagios-3.2.3.tar.gz
cd nagios-3.2.3
Run the Nagios configure script, passing the name of the
group you created earlier like so:
./configure --with-command-group=nagcmd
Compile the Nagios source code.
make all
Install binaries, init script, sample config files and set
permissions on the external command directory.
make install
make install-init
make install-config
make install-commandmode
Don’t start Nagios yet - there’s still more that needs to be
done...
4) Customize Configuration
Sample configuration files have now been installed in the
/usr/local/nagios/etc directory. These sample files should work fine for
getting started with Nagios. You’ll need to make just one change before you proceed...
Edit the /usr/local/nagios/etc/objects/contacts.cfg config
file with your favorite editor and change the email address associated with the
nagiosadmin contact definition to the address you’d like to use for receiving alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg
define contact{contact_name nagiosadmin ; Short name of useruse generic-contact ; Inherit default values from
generic-contact template (defined above)alias Kedar ; Full name of useremail kedar@nitty-witty.com ; <<***** CHANGE THIS
TO YOUR EMAIL ADDRESS ******}
5) Configure the Web Interface
Install the Nagios web config file in the Apache conf.d
directory.
make install-webconf
Create a nagiosadmin account for logging into the Nagios web
interface. Remember the password you assign to this account - you’ll need it
later.
htpasswd -c /usr/local/nagios/etc/htpasswd.users
nagiosadmin
Restart Apache to make the new settings take effect.
service httpd restart
Note: Consider implementing the enhanced CGI security
measures described here to ensure that
your web authentication credentials are not compromised.
6) Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
cd ~/downloads
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
Compile and install the plugins.
./configure --with-nagios-user=nagios
--with-nagios-group=nagios
make
make install
7) Start Nagios
Add Nagios to the list of system services and have it
automatically start when the system boots.
chkconfig --add nagios
chkconfig nagios on
Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v
/usr/local/nagios/etc/nagios.cfg
If there are no errors, start Nagios.
service nagios start
8) Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux)
installed and in Enforcing mode by default. This can result in "Internal
Server Error" messages when you attempt to access the Nagios CGIs.
See if SELinux is in Enforcing mode.
getenforce
Put SELinux into Permissive mode.
setenforce 0
To make this change permanent, you’ll have to modify the
settings in /etc/selinux/config and reboot.
Instead of disabling SELinux or setting it to permissive
mode, you can use the following command to run the CGIs under SELinux enforcing/targeted
mode:
chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
chcon -R -t httpd_sys_content_t /usr/local/nagios/share/
9) Login to the Web Interface
You should now be able to access the Nagios web interface at
the URL below. You’ll be prompted for the username (nagiosadmin) and password
you specified earlier.
http://localhost/nagios/
reset nagios admin password:
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Click on the "Service Detail" navbar link to see
details of what's being monitored on your local machine. It will take a few
minutes for Nagios to check all the services associated with your machine, as
the checks are spread out over time.
===========================================================
Define Host for a local machine:
Edit
# vi /usr/local/nagios/etc/objects/localhost.cfg
define host{
use linux-server
host_name localhost
alias localhost
address 127.0.0.1
parents radius
check_command check-host-alive
notification_period 24x7
}
# Define a service to "ping" the local machine
define service{
use local-service
host_name localhost
service_description PING
check_command
check_ping!100.0,20%!500.0,60%
}
tly running procs
# on the local machine.
Warning if > 250 processes, critical if
# > 400 users.
define service{
use local-service ; Name of service template to use
host_name localhost
service_description Total Processes
check_command check_local_procs!250!400!RSZDT
}
REMOTE HOST (LINUX
MACHINE) CONFIGURATION :
Steps to install Nagios Plugins and NRPE on the “remote host”: (CLIENT)
1. Download Nagios Plugins and NRPE Add-on
Download following files from Nagios.org and move to /home/downloads:
nagios-plugins-1.4.11.tar.gz
nrpe-2.12.tar.gz
2. Create nagios account
[remotehost]# useradd nagios
[remotehost]# passwd nagios
3. Install nagios-plugin
[remotehost]# cd /home/downloads
[remotehost]# tar xvfz nagios-plugins-1.4.11.tar.gz
[remotehost]# cd nagios-plugins-1.4.11
[remotehost]# export LDFLAGS=-ldl
[remotehost]# ./configure --with-nagios-user=nagios
--with-nagios-group=nagios --enable-redhat-pthread-workaround
[remotehost]# make
[remotehost]# make install
[remotehost]# chown nagios.nagios /usr/local/nagios
[remotehost]# chown -R nagios.nagios
/usr/local/nagios/libexec/
Note: On Red Hat, For me the ./configure command was hanging with the the message: “checking for redhat spopen problem…”. Add --enable-redhat-pthread-workaround to the ./configure command as a work-around for the above problem.
4. Install NRPE
[remotehost]# cd /home/downloads
[remotehost]# tar xvfz nrpe-2.12.tar.gz
[remotehost]# cd nrpe-2.12
[remotehost]# ./configure
[remotehost]# make all
[remotehost]# make install-plugin
[remotehost]# make install-daemon
[remotehost]# make install-daemon-config
[remotehost]# make install-xinetd
5. Setup NRPE to run as daemon (i.e as part of xinetd):
Modify the /etc/xinetd.d/nrpe to add the ip-address of the
Nagios monitoring server to the only_from directive. Note that there is a space
after the 127.0.0.1 and the nagios monitoring server ip-address (in this
example, nagios monitoring server ip-address is: 192.168.1.2)
only_from = 127.0.0.1 192.168.1.2
Modify the /etc/services and add the following at the end of
the file.
nrpe 5666/tcp #
NRPE
Start the service
[remotehost]#service xinetd restart
Verify whether NRPE is listening
[remotehost]#
netstat -at | grep nrpe
tcp 0 0 *:nrpe *:* LISTEN
Verify to make sure the NRPE is functioning properly
[remotehost]# /usr/local/nagios/libexec/check_nrpe -H
localhost
NRPE v2.12
6. Modify the /usr/local/nagios/etc/nrpe.cfg
The nrpe.cfg file located on the remote host contains the
commands that are needed to check the services on the remote host. By default
the nrpe.cfg comes with few standard check commands as samples. check_users and
check_load are shown below as an example.
command[check_users]=/usr/local/nagios/libexec/check_users
-w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w
15,10,5 -c 30,25,20
In all the check commands, the “-w” stands for “Warning” and “-c” stands for “Critical”. for e.g. in the check_disk command below, if the available disk space gets to 20% of less, nagios will send warning message. If it gets to 10% or less, nagios will send critical message. Change the value of “-c” and “-w” parameter below depending on your environment.
command[check_disk]=/usr/local/nagios/libexec/check_disk -w
20% -c 10% -p /dev/hda1
Note: You can execute any of the commands shown in the nrpe.cfg on the command line on remote host and see the results for yourself. For e.g. When I executed the check_disk command on the command line, it displayed the following:
[remotehost]#/usr/local/nagios/libexec/check_disk -w 20% -c
10% -p /dev/hda1
DISK CRITICAL - free space: / 6420
MB (10% inode=98%);| /=55032MB;51792;58266;0;64741
In the above example, since the free disk space on /dev/hda1 is only 10% , it is displaying the CRITICAL message, which will be returned to nagios server.
III. 4 Configuration
steps on the Nagios monitoring server to monitor remote host (SERVER):
.
1. Download NRPE Add-on
Download nrpe-2.12.tar.gz from Nagios.org and move to /home/downloads:
2. Install check_nrpe on the nagios monitoring server
[nagios-server]# tar xvfz nrpe-2.12.tar.gz
[nagios-server]# cd nrpe-2.1.2
[nagios-server]# ./configure
[nagios-server]# make all
[nagios-server]# make install-plugin
./configure will give a configuration summary as shown
below:
*** Configuration summary for nrpe 2.12 05-31-2008 ***:
General Options:
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios
Note: I got the “checking for SSL
headers… configure: error: Cannot find ssl headers” error message
while performing ./configure. Install openssl-devel as shown below and run the
./configure again to fix the problem.
[nagios-server]# rpm -ivh
openssl-devel-0.9.7a-43.16.i386.rpm krb5-devel-1.3.4-47.i386.rpm
zlib-devel-1.2.1.2-1.2.i386.rpm e2fsprogs-devel-1.35-12.5.
el4.i386.rpm
warning: openssl-devel-0.9.7a-43.16.i386.rpm: V3 DSA
signature: NOKEY, key ID db42a60e
Preparing… ###########################################
[100%]
1:e2fsprogs-devel
########################################### [ 25%]
2:krb5-devel ########################################### [
50%]
3:zlib-devel ########################################### [
75%]
4:openssl-devel ###########################################
[100%]
Verify whether nagios monitoring server can talk to the
remotehost.
[nagios-server]#/usr/local/nagios/libexec/check_nrpe -H
192.168.1.3
NRPE v2.12
Note: 192.168.1.3 in the ip-address of the remotehost where the NRPE and nagios plugin was installed as explained in Section II above.
3. Create host and service definition for remotehost
Create a new configuration file /usr/local/nagios/etc/objects/remotehost.cfg
to define the host and service definition for this particular remotehost. It is
good to take the localhost.cfg and copy it as remotehost.cfg and start
modifying it according to your needs.
REMOTE HOST SERVICE DEFINITION SAMPLE:
host definition sample:
define host{
use linux-server
host_name remotehost
alias remotehost
address 192.168.0.5
contact_groups admins
check_command check-host-alive
check_interval 5
retry_interval 1
max_check_attempts 5
check_period 24x7
notification_interval 30
notification_options d,u,r
}
Service definition sample:
# DEFINE SERVICES:
# Define a service to "ping" the local machine
define service{
use local-service
host_name tipposky
service_description PING
check_period
24x7
check_command
check_ping!100.0,20%!500.0,60%
}
define service{
use local-service
host_name
tipposky
service_description
Root Partition
check_command
check_nrpe!check_hda1
check_period
24x7
notification_options w,c,r
contact_groups
admins
}
define service{
use local-service
host_name
tipposky
service_description
VMWARE Partition
check_command check_nrpe!check_hda2
check_period
24x7
notification_options
w,c,r
contact_groups
admins
}
define service{
use local-service
host_name
tipposky
service_description
Current Users
check_period
24x7
check_command
check_local_users!20!50
}
define service{
use local-service
host_name
tipposky
service_description
Total Processes
check_period
24x7
check_command
check_local_procs!250!400!RSZDT
}
define service{
use local-service
host_name
tipposky
service_description
Current Load
check_period
24x7
check_command
check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}
define service{
use local-service
host_name
tipposky
service_description
Swap Usage
check_period 24x7
check_command
check_local_swap!20!10
}
define service{
use local-service
host_name
tipposky
service_description SSH
check_period
24x7
check_command
check_ssh!-p 6381
notifications_enabled 0
}
define service{
use local-service
host_name tipposky
service_description
HTTP
check_period
24x7
check_command
check_http
notifications_enabled 0
}
define service{
use local-service
host_name
tipposky
service_description
FTP
check_period
24x7
check_command
check_ftp!21
}
define service{
use local-service
host_name
tipposky
service_description QMail Port
check_period
24x7
check_command
check_tcp!25
}
define service {
use generic-service
host_name
tipposky
service_description
DNS Service
check_command
check_dns!ns1.techmarksolutions.in
}
Command definitions Sample:
To activate check_nrpe command define a command in
commands.cfg file
Edit vi /usr/local/nagios/etc/objects/commands.cfg and add
the following:
# 'check_dns' command definition
define command {
command_name check_dns
command_line $USER1$/check_dns -H $ARG1$ -s
$HOSTADDRESS$
}
# 'check_openvpn' command definition
define command {
command_name check_openvpn
command_line /usr/local/nagios/libexec/check_openvpn
-t $ARG1$ -p $ARG2$ -n $ARG3$
}
# 'check_nrpe' command definition
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$
-c $ARG1$
}
Note: In all the above examples, replace remotehost
with the corresponding hostname of your remotehost.
4. Restart the nagios service
Restart the nagios as shown below and login to the nagios
web (http://nagios-server/nagios/) to verify the status of the remotehost linux
sever that was added to nagios for monitoring.
[nagios-server]# service nagios reload
HOST GROUP DEFINITION:
# Define an optional hostgroup for Linux machines
# vi
/usr/local/nagios/etc/objects/localhost.cfg
define hostgroup{
hostgroup_name linux-servers
; The name of the hostgroup
alias Linux
Servers ; Long name of the group
members nagios1,
tipposky, kekule, manjilas
}
define hostgroup{
hostgroup_name Radius ; name of the hostgroup
alias BroadBand ; Long name of the group
members radius,
MikroTik
}
REMOTE WINDOWS HOST CONFIGURATION:
Edit the main Nagios config file.
# vi /usr/local/nagios/etc/nagios.cfg
Remove the leading pound (#) sign from the following line in
the main configuration file:
#cfg_file=/usr/local/nagios/etc/objects/windows.cfg
Installing the Windows Agent
Before you can begin monitoring private services and
attributes of Windows machines, you'll need to install an agent on those machines.
I recommend using the NSClient++ addon, which can be found at
http://sourceforge.net/projects/nscplus. These instructions will take you
through a basic installation of the NSClient++ addon, as well as the
configuration of Nagios for monitoring the Windows machine.
1. Download the latest stable version of the NSClient++.msi
exe file from /icon
2. Install NSClient++.msi
3. Open the services manager and make sure the NSClientpp
service is allowed to interact with the desktop (see the 'Log On' tab of the
services manager). If it isn't already allowed to interact with the desktop,
check the box to allow it to.
7. Edit the NSC.INI file (located in the C:\Program
Files\NSClient++ directory) and make the following changes:
* Uncomment all
the modules listed in the [modules] section, except for CheckWMI.dll and
RemoteConfiguration.dll
* Optionally
require a password for clients by changing the 'password' option in the
[Settings] section.
* Uncomment the
'allowed_hosts' option in the [Settings] section. Add the IP address of the
Nagios server to this line, or leave it blank to allow all hosts to connect.
* Make sure the
'port' option in the [NSClient] section is uncommented and set to '12489' (the
default port).
8. Start the NSClient++ service from Start menu ->
Programmed-> NSClient++ ->
nsclient++
/start
9. If installed properly, a new icon should appear in your
system tray. It will be a yellow circle with a black 'M' inside.
10. Success! The Windows server can now be added to the
Nagios monitoring configuration...
WINDOWS HOST CONFIGURATION ON NAGIOS SERVER:
Open the windows.cfg file for editing.
vi /usr/local/nagios/etc/objects/windows.cfg (USE
sample windows.cgi file)
DEFINE HOST
# WINDOWS.CFG - SAMPLE CONFIG FILE FOR MONITORING A
WINDOWS MACHINE
# NOTES: This config file assumes that you are using the
sample configuration
# files that
get installed with the Nagios quickstart guide.
HOST
DEFINITIONS
# Define a host for the Windows machine we'll be
monitoring
# Change the host_name, alias, and address to fit your
situation
define host{
use winserver ; Inherit default values from a template
host_name winhosting ; The name we're giving to this host
alias windowserver ; A longer name associated with the host
address 202.53.88.101 ; IP address of the host
check_command check-host-alive
contact_groups admins
notification_period 24x7
notification_options d,u,r
}
HOST GROUP
DEFINITIONS
# Define a hostgroup for Windows machines
# All hosts that use the windows-server template will
automatically be a member of this group.
define hostgroup{
hostgroup_name windows-servers ;
The name of the hostgroup
alias Windows Servers ; Long name of the
group
}
SERVICE
DEFINITIONS
# Create a service for monitoring the version of
NSCLient++ that is installed
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description NSClient++
Version
check_command
check_nt!CLIENTVERSION
}
# Create a service for monitoring the uptime of the
server
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description Uptime
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command
check_nt!UPTIME
}
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description CPU Load
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_nt!CPULOAD!-l 5,80,90
}
# Create a service for monitoring memory usage
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description Memory Usage
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_nt!MEMUSE!-w 80 -c 90
}
# Create a service for monitoring C:\ disk usage
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description C:\ Drive Space
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}
define service{
use generic-service
host_name winhosting
service_description D:\
Drive Space
check_command check_nt!USEDDISKSPACE!-l d -w 80 -c 90
}
# Create a service for monitoring the W3SVC service
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description W3SVC
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
}
# Create a service for monitoring the Explorer.exe
process
# Change the host_name to match the name of the host you
defined above
define service{
use generic-service
host_name winhosting
service_description Explorer
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
}
define service{
use generic-service
host_name winhosting
service_description FTP
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_ftp
}
define service{
use generic-service
host_name winhosting
service_description SMTP
check_command check_smtp
}
define service{
use generic-service
host_name winhosting
service_description MS SQL port Check
check_period 24x7
contact_groups admins
notification_period 24x7
notification_options w,u,c,r
check_command check_tcp!1433
}
define service{
use generic-service
host_name
winhosting
service_description MRTG
Traffic Link
check_period 24x7
check_command
check_local_mrtgtraf!/var/www/html/mymrtg/
202.53.88.101_65539.log!AVG!1000000,2000000!5000000,5000000!5
notifications_enabled 0
}
No comments:
Post a Comment