Nagios in CentOS

NRPE

Installation

Add sources containing nagios packages:

yum install epel-release

Install NRPE and the plugins that is required to add the services via the function „Add UNIX client services“ when adding a new host in the configuration UI in op5 Monitor

yum install nrpe nagios-plugins-users nagios-plugins-load nagios-plugins-swap nagios-plugins-disk nagios-plugins-procs

Create custom configuration as .cnf file at /etc/nrpe.d/

allowed_hosts=127.0.0.1,10.0.0.10

Restart the nrpe agent on the host, and make sure that nrpe is started at boot: CentOS/RHEL 6:

service nrpe restart
chkconfig nrpe on

CentOS/RHEL 7:

systemctl restart nrpe
systemctl enable nrpe
If the host is behind a firewall, or you have enabled firewall software on the host, you need to open for incoming traffic on TCP port 5666.
 iptables -I INPUT -s 0/0 -p tcp --dport 5666 -j ACCEPT
 /sbin/service iptables save

Nagios plugins are located at /usr/lib64/nagios/plugins/ folder.

Source

Problems

CHECK_NRPE: Error - Could not complete SSL handshake.

If you are recieving error like

CHECK_NRPE: Error - Could not complete SSL handshake.

there are multiple reasons that can cause this error as this message is kind of generic error.

Typical problems:

  • Server from you are accessing NRPE is not listed in allowed_hosts directive on NRPE server.

One of the tricky reasons that can cause this error is /etc/hosts.allow file. Even if you add server's IP in allowed_hosts, server cannot connect because this IP also needs to be listed in /etc/hosts.allow file by adding line:

nrpe: 10.10.10.10   monitoring-server.my-company.com

There is no need to restart nrpe server. This is required as NRPE server on centos is compiled using tcp_wrappers library which parses this file, this can be verified by running

ldd /usr/sbin/nrpe | grep libwrap

More info about TCP Wrappers: https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-tcpwrappers.html

Nagios check_disk failure in RHEL / CentOS 6.2

If NRPE is responding with

DISK UNKNOWN - free space:|

on CentOS 6 or with

DISK CRITICAL - /sys/kernel/config is not accessible: Permission denied

CentOS 7, there is issue with SElinux policy.

There are also related entries in /var/log/audit/audit.log.

Since version 6.2, the Nagios check_disk plugin is not working with Permission denied errors. This problem is related to the SElinux policy.

Fortunately, there is a simple workaround while we wait for an updated selinux-policy package. As root, do the following:

chcon -t nagios_unconfined_plugin_exec_t /usr/lib64/nagios/plugins/check_disk

If you do not want change SElinux policy, another workaround is to exclude offending file systems using -X flags in check definition.

/usr/lib64/nagios/plugins/check_disk -w 10% -c 5% -X configfs -X cgroup -X tmpfs -X selinuxfs -X sysfs -X proc -X mqueue -X binfmt_misc -X devtmpfs

Source:

linux/centos/nagios.txt · Poslední úprava: 15.09.2016 16:56 autor: vm

Nástroje pro stránku