Nagios Monitoring

Nagios Monitoring

Nagios is a system that can be used to monitor your services and server resources, to ensure you known when maintenance needs to be scheduled in response to an outage, or to prevent a warning becoming a critical problem.

1. To start with update you apt repository list.

apt-get update

2. Search for available Nagios3 packages using the command given below

apt-cache search nagios3

3. Install only the below nagios3 packages and avoid the rest shown in the search

apt-get install nagios3 nagios3-common nagios3-core nagios3-doc check-mk-config-nagios3

4. Open a browser and type in server ip address followed by backlash Nagios to see the Nagios GUI.

 http://192.168.8.115/nagios3

5. Username and Password pops up asking for credentials. Enter nagiosadmin as Username and Password:( password entered while installing the nagios3 packages in step 3)

 

Setting up services

Setting up NTP

Go to /etc/nagios-plugins/config, edit the ntp.cfg file and add these lines.

# 'check_ntp_ntpq' command definition
 define command{
command_name check_ntp_time
command_line /usr/lib/nagios/plugins/check_ntp_time -H $ARG1$ -c $ARG2$ -w $ARG3$
}

Now go to /etc/nagios3/conf.d find and edit the localhost_nagios2.cfg file by adding these lines.

# Define a service to check the load on the local machine.
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description NTP Time Difference

check_command check_ntp_time!ntp.bict.lab!30!60

Check your configuration is correct using the following command. If you have any errors or warnings, resolve these before continuing

nagios3 –v /etc/nagios3/nagios.cfg

After all the changes have been made, restart Nagios by issuing this command

service nagios3 restart

Return to your Nagios monitoring webpage, and open the services section. Initially it will say that the check is pending, then after about a minute, it will update with the latest response data. Confirm that this service remains OK

 

Debian Updates

The Nagios Exchange (http://exchange.nagios.org) for the suitable plugin for checking the Debian server has all the latest security updates. Plugin is downloaded (check_debian_packages) and placed in the \usr\lib\nagios\plugins directory.

Edit /etc/crontab add these lines

crontab -e 

# Minute Hour Day of Month Month Day of Week Command 

* 1 * * * apt-get update >> update

Next is install sudo.

apt-get install sudo

Add this line in /etc/sudoers

nagios ronald=NOPASSWD:/usr/lib/nagios/plugins/check_debian_packages

Now go to /etc/nagios3/conf.d find and edit the localhost_nagios2.cfg file by adding these lines. This checks Debian update service is running.

# Define a service to check the Debian package update
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description Debian Updates
check_command check_debian_packages
}

After all the changes have been made, restart Nagios by issuing this command

service nagios3 restart

 

Bind9

Create a file named check_bind.sh in /usr/lib/nagios/plugins and make it executable. Add the following lines to the script.

#!/bin/bash
STATUS=`service bind9 status`
if [ "$STATUS" = "bind9 is running." ] && [ "$?" = "0" ];
then
echo "$STATUS"
exit 0
else
echo "$STATUS"
exit 2
fi

Do this command to make it executable.

chmod +x check_bind.sh

Now go to /etc/nagios3/conf.d find and edit the localhost_nagios2.cfg file by adding these lines. This checks Bind9 service is running.

# Define a service to check that BIND9 is working
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description BIND9
check_command check_bind.sh
}

After all the changes have been made, restart Nagios by issuing this command

service nagios3 restart

 

Check DNS

The plugin (check_dns) is in the /usr/lib/nagios/plugins. Adding the below mentioned lines in the dns.cfg file which is in the /etc/nagios-plugins/config .

# 'check_dns' command definition
define command{
command_name check_dns_hostname
command_line /usr/lib/nagios/plugins/check_dns -H '$ARG1$'
}

 

# 'check_dns' command definition 
define command{ 
command_name check_dns_hostname_IP
command_line /usr/lib/nagios/plugins/check_dns -H '$ARG1$' -a '$ARG2$'

Now go to /etc/nagios3/conf.d find and edit the localhost_nagios2.cfg file by adding these lines. This checks DNS hostname and IP address checks are done.

define service{
use generic-service ; Name of service template to use
host_name localhost
service_description DNS Hostname
check_command check_dns_hostname!_ldap._tcp.patan.t311
}

 

# Define a service to check the DNS hostname and IP Address
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description DNS Hostname and IP Address
check_command check_dns_hostname_IP!gc._msdcs.patan.t311!192.168.8.115
} 

After all the changes have been made, restart Nagios by issuing this command

 service nagios3 restart

Return to your Nagios monitoring webpage, and open the services section. Initially it will say that the check is pending, then after about a minute, it will update with the latest response data. Confirm that this service remains OK

Nagios Notifications (Enable Outbound Email)

Run the command

dpkg-reconfigure exim4-config

Accept all the default values except the three mentioned below.

For: -General type of mail configuration: Select

mail sent by smarthost; received via SMTP or fetchmail

For: -Domains to relay mail for: Select

ucol.ac.nz

For: -IP address or host name of the outgoing smarthost:

203.98.31.34(UCOL’s mail server IP address)

Now e-mail can be sent from the server, to test it adopt the following command on the server

echo “Test email Nagios” | mail –s Testing 1273356@ucol.ac.nz

This command had sent a message on my student mail so this means the email service is working fine on the server

Now to create and add some new contacts into the nagios contacts file, add the following lines to /etc/Nagios/config.d/contacts_nagios2.cfg

define contact{
contact_name ronald
alias ronald
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email 1273356@ucol.ac.nz
}

 

define contactgroup{
contactgroup_name admins
alias Nagios Administrators
members root, ronald
}

After all the changes have been made, restart Nagios by issuing this command

service nagios3 restart

To test Nagios monitoring is able to send emails, I stop Bind9 service by issuing this command.

service bind9 stop

I waited for Nagios to do 4 checks before it sends email, when Nagios started showing critical I went to check if email was sent to my student account and yes it did. I issued bind9 restart command and this also sends a recovery email that service is up and running.

 

 

Intercom Notification

Now to create and add some new contacts into the nagios contacts file, add the following lines to /etc/Nagios/config.d/contacts_nagios2.cfg

define contact{
contact_name intercom
alias ronaldp
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-phone
host_notification_commands notify-host-by-phone
email 1273356@ucol.ac.nz
}

 

define contactgroup{
contactgroup_name admins
alias Nagios Administrators
members root, intercom, ronald
}

The below mentioned commands are given in the contacts_nagios2.cfg. The notification should escalate 5 minutes after your contact was initially notified.

Define servicescalation{
host_name localhost
service_description BIND9
first_notifaication 2
last_notification 3
notification_interval 1
contact_name intercom
}

Now we need to convert text to voice for intercom. Do this command:

apt-get install festival

To test these use this command. This will convert text to .wav file.

text2wav ronald.txt –o ronald.wav

Now we need to install PJsua, software used to make VOIP calls and play a specified audio file.

apt-get update apt-get install -y emacs tshark gcc make python git gnustep-gui-runtime alsa-utils linux-sound-base sox beep alsa-utils gcc build-essential make g++ gpp alsaplayer-daemon libasound2 libasound2-dev gcc build-essential make g++ gpp libpulse-dev alsaplayer-daemon libasound2 libasound2-dev portaudio19-dev libportaudio2 pulseaudio alsa-utils libasound2-plugins libasound2 binutils binutils-dev 

The above command will generate an error, you will need to update the package list with the latest package name.

apt-get install oss4-base

The above command will override the error caused by linux-sound-base. The package name has been changed to the latest name.

wget http://www.pjsip.org/release/2.0.1/pjproject-2.0.1.tar.bz2

 

tar jxf pjproject-2.0.1.tar.bz2

 

cd pjproject-2.0.1

 

sudo make clean

 

./configure

 

make dep

 

make

 

sudo make install

 

ln -s ~/pjproject-2.0.1/pjsip-apps/bin/pjsua-i686-pc-linux-gnu ~/pjsua

 

cd

 

./pjsua --help
cat <<EOF >> ~/commands.txt
sleep 40000
q
EOF

 

cat ~/commands.txt | ~/pjsua --id sip:311@10.150.44.3 --registrar sip:10.150.44.3 --realm=10.150.44.3 --add-codec=gsm --srtp-secure=0 --duration=40 --auto-conf --auto-play --local-port=5061 --null-audio sip:3111@10.150.44.3 –username=311 –password=blah –play-file=/var/ronald.wav

The above command makes a call using the parameter specified. Now the service and host notification commands need to be updated. /etc/nagios3/commands.cfg file needs to be edited.

# 'notify-host-by-phone' command definition
define command{
command_name notify-host-by-phone
command_line /var/lib/nagios/ronald.sh "%b***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" 
}

 

# 'notify-service-by-phone' command definition
define command{
command_name notify-service-by-phone
command_line /var/lib/nagios/ronald.sh "%b***** Nagios ***** \n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" 
}

Now copy the PJsua and commands.txt place it into /var/lib/Nagios/. Create a script and make it executable and the parameters should be like this.

#!/bin/bash
echo $1 $2 $3 $4 |text2wave -o /var/tmp/output.wav
cat /var/lib/nagios/commands.txt | /var/lib/nagios/pjsua --id sip:311@10.150.44.3 --registrar sip:10.150.44.3 --username=311 --password=blah --play-file=/var/tmp/output.wav --realm=10.150.44.3 --add-codec=gsm --srtp-secure=0 --duration=10 --auto-conf --auto-play --null-audio sip:3111@10.150.44.3

To test this do service bind9 down which will escalate a voice call when service goes down through phone.

 

Downtime

If you are planning maintenance on a service, you can schedule downtime in Nagios, which will prevent notifications being sent out.

1. From the Services menu, select the service you are going to schedule downtime for

2. On the right hand side, select “Schedule downtime for this service”

3. Complete the form, then press commit to add it to the schedule.

4. By default you will receive and error, follow these steps to fix it.

5. You can fix this by running the following commands:

Edit /etc/nagios3/nagios.cfg

check_external_commands=1

Run this commands in the terminal.

/etc/init.d/nagios3 stop 

 

dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw

 

dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3

 

/etc/init.d/nagios3 start

Now a downtime schedule can be committed.

 

Dependency

When you configure monitoring of hosts and services, you will have hosts and services depending on each other. As a result of this, you can become swamped with notifications if a master host or service fails. In your current configuration NTP_Time_Difference is dependent on bind9 to resolve ntp.bict.lab, and a failure in bind9 will result in an unknown NTP_Time_Difference notification. Add the following to /etc/nagios3/config.d/localhost_nagios2.cfg

define servicedependency{
host_name localhost
service_description bind9
dependent_host_name localhost
dependent_service_description NTP_Time_Difference
execution_failure_criteria c
notification_failure_criteria c
}

 

Nagios Integration
SNMP

SNMP is commonly used to obtain information from network devices, in the lab switch indicated, the connection details are as follows:

•IP = 10.150.200.83 (/16)

•Community = public

Your task for this section is to configure a Nagios host called “LabSwitch” and a service check for each port that will provide a warning when the port reaches 75mbit/second and will provide a critical notification when it exceeds 90mbit/second. You will need to check the numerical unit provided by the switch and convert the requirements to appropriate values for the switch

1. apt-get install snmp

2. Run the following command to view all object ID’s (OID) available on the lab switch: snmpwalk -v 2c -c public -m all -Os 10.150.200.83 iso

3. Visit the following site and search for the switch model number:
http://pro-networking-h17007.external.hp.com/us/en/support/converter/index.aspx

4. Select software downloads, and then download the MIB’s file.

5. Extract all of the .mib files into /root/.snmp/mibs

6. We need to create a .snmp file and mibs file. To do this run this commands:

mkdir .snmp than cd .snmp

 

mkdir mibs than cd mibs

Re-run the snmpwalk command from step 1, notice now that the MIB descriptions are available, the output is much easier to follow.

The output will look like this:

                           clip_image004

ifHCOutOctets.1 is the important bit.

In order for Nagios to understand and translate that information we need to translate the info in numbers. To do this we can run snmptranslate, here how you run it.

snmptranslate -On IF-MIB::ifHCOutOctets.1

The output of the result should look like this:

.1.3.6.1.2.1.31.1.1.1.10.1

Go to /etc/nagios-plugins/config, edit the snmp.cfg file and add these lines.

# 'check_snmp' command definition
define command{
command_name check_snmp
command_line /usr/lib/nagios/plugins/check_snmp -H '$ARG1$' -o '$ARG2$' -w '$ARG3$' --rate -c '$ARG4$' -C '$ARG5$' 
}

Go to /etc/nagios3/conf.d/ , edit the localhost_nagios2.cfg file and add these lines.

# Define a service rule to monitor the bandwidth
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description SNMP
check_command check_snmp!10.150.200.83!.1.3.6.1.2.1.2.2.1.10.2!9834375!11801250!public
}

After all the changes have been made, restart Nagios by issuing this command

service nagios3 restart

 

Domain Authentication

Enable authnz_ldap.load module by giving command

a2enmod authnz_ldap

After that do

Service apache2 restart

clip_image005

Edit Nagios web configuration file nagios.conf

The location of the web config file is: /etc/apache2/conf.d/nagios.conf

<DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3|/etc/nagios3/stylesheets)>
Options FollowSymLinks
DirectoryIndex index.php index.html
AllowOverride AuthConfig 
Order Allow,Deny
Allow From All
#AuthName "Nagios Access"
#AuthType Basic
#AuthUserFile /etc/nagios3/htpasswd.users
# nagios 1.x:
#AuthUserFile /etc/nagios/htpasswd.users
#require valid-user
AuthType Basic
AuthName "Nagios Domain"
AuthBasicProvider ldap
AuthLDAPURL "ldap://localhost:389/cn=Users,dc=patan,dc=t311?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "cn=nagios,cn=Users,dc=patan,dc=t311"
AuthLDAPBindPassword PASSW0RD
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on 
require ldap-group CN=Administrators,CN=Builtin,DC=patan,DC=t311 
</DirectoryMatch> 
<Directory /usr/share/nagios3/htdocs>
Options +ExecCGI
</Directory>

Edit cgi authentication file cgi.cfg

nagiosinstallationdir = /etc/nagios/ 

Run the following two commands:

grep “#” /etc/nagios/cgi.cfg | grep -i “nagiosadmin” 
#authorized_for_system_information=nagiosadmin
#authorized_for_configuration_information=nagiosadmin
#authorized_for_system_commands=nagiosadmin
#authorized_for_all_services=nagiosadmin
#authorized_for_all_hosts=nagiosadmin
#authorized_for_all_service_commands=nagiosadmin
#authorized_for_all_host_commands=nagiosadmin
grep “*” /etc/nagios/cgi.cfg | grep -v “*”
authorized_for_system_information=* 
authorized_for_configuration_information=* 
authorized_for_system_commands=*
authorized_for_all_services=*
authorized_for_all_hosts=*
authorized_for_all_service_commands=*
authorized_for_all_host_commands=*

The commands above will replace “nagiosadmin” with “*” in order to give any LDAP user full functionality of Nagios.

4. Restart apache2 and nagios using the commands:

service apache2 restart 
service nagios3 restart 

Now the nagios web interface can be logged in using the new LDAP authenticated user from Active Directory.

140 thoughts on “Nagios Monitoring

  1. Just how would you such as to bypass the high retail prices at the home furniture retail stores
    by utilizing timber home furniture strategies and make some on your own? It is actually possible and a great deal of people are already doing it.

    As opposed of what many people assume, it is certainly
    not important to be a pro to make wood furniture.

  2. Hardwood household furniture has something very natural regarding
    it. There is this sense of warmth, of attribute as well as of
    beauty that can be be found in hardwood household
    furniture. Wood is birthed coming from the earth.

  3. The absolute most usual cause that many people can read out a blog post
    is to learn something brand fresh. Blog posts that
    include guides regarding technology, wellbeing and
    health, step-by-step processes, usually profit a great deal of search traffic.
    This is only because individuals are searching directions for how exactly to accomplish things online every day.
    Daily, folks might browse blogs which tell stories that
    are interesting, fantastic info, or even intrigue them in another way.

  4. Fine art is actually a straightforward method to take personality and also a little personal
    style to the interior of your home. If you have actually found it difficult
    to incorporate it to your residence, perhaps these 7 tips
    will definitely provide you a location to start.

  5. Art is a basic way to bring character and also a little private flair
    to the inside of your home. Possibly these seven concepts will provide you a place to begin if you have actually found it
    tough to add it to your residence.

  6. During recnt years collection agencies, more than ever in the past, have placed
    emphasis on quality, enthusiasm, scarcity and also charm in the investment of ancient furniture.
    Despite the wish to own examples which are actually real, and also
    whose value is going to raise, colleectors have offered little bit of focus tto particular crucial understanding concerning
    style.

  7. I like what you guys are up also. Such clever work and reporting! Carry on the excellent works guys I have incorporated you guys to my blogroll. I think it will improve the value of my site . Koo Grove Octavia

  8. Hey! This is my 1st comment here so I just wanted to give a quick shout out and say I really enjoy reading through your blog posts. Can you recommend any other blogs/websites/forums that go over the same subjects? Thanks a ton! Faythe Arel Greenburg

  9. РЕМОНТ БАЙКАЛ-5Ц исполнение 1 – гигрометр – Настройка БАЙКАЛ-5Ц исполнение 1 – Сервис БАЙКАЛ-5Ц исполнение 1 https://prom-electric.ru/remont-bajkal-5ts-ispolnenie-1-gigrometr-nastrojka-bajkal-5ts-ispolnenie-1-servis-bajkal-5ts-ispolnenie-1/ БАЙКАЛ-5Ц исполнение 1 – гигрометр, Диагностика БАЙКАЛ-5Ц исполнение 1, Ремонт БАЙКАЛ-5Ц исполнение 1 . Доставка.

  10. When I initially commented I seem to have clicked on the -Notify me when new comments are added- checkbox and from now on each time a comment is added I get 4 emails with the exact same comment. Perhaps there is an easy method you can remove me from that service? Thanks a lot! Aviva Ax Lovato

  11. Hello there. I found your web site by way of Google even as searching for a related subject, your web site came up. It seems great. I have bookmarked it in my google bookmarks to come back then. Deloris Derwin Grath

  12. Thanks for the sensible critique. Me & my neighbor were just preparing to do a little research about this. We got a grab a book from our area library but I think I learned more from this post. I am very glad to see such wonderful information being shared freely out there. Maire Hugo Methuselah

  13. semoga setelah menerapkan cara yang di bahas ini, saya selaku BeHangat. Com bisa semakin baik untuk meningkatkan pengunjung dan lain-lain. TrimS kak. Charin Wes Mitchell

  14. Awesome post. I am a regular visitor of your website and appreciate you taking the time to maintain the nice site. I will be a frequent visitor for a really long time. Willow Ozzie Greggs

  15. Nice seeing the Lindberg Diamond Duster kit completed as I have seen only one other photo posted on line of an assembled kit. It had been entered into a contest, clad in green metal flake paint. Denice Gail Tam

  16. Hey There. I discovered your blog using msn. This is a really smartly written article. I will be sure to bookmark it and return to read extra of your useful information. Thanks for the post. I will certainly comeback. Daisie Sandor Margie

  17. Howdy! This blog post could not be written much better! Reading through this post reminds me of my previous roommate! He continually kept talking about this. I will forward this information to him. Pretty sure he will have a good read. Thanks for sharing! Kalina Saleem Henning

  18. hi po good eve po.. pwede po bang pa send po ung reviewer po ng CS exam po. hindi ko po kasi ma download po kasi may bayad po .. tnx. Katinka Roderic Toinette

  19. The PA are employees of Israel. Power wins, Palestine is lost. Our only duty now is to be sure nobody ever forgets how the “Jewish” State came into being, stealing a homeland from another people, destroying that people entirely. Adelaida Kienan Sitnik

  20. I am so happy, my dear friend, so absorbed in the exquisite sense of mere tranquil existence, that I neglect my talents. I should be incapable of drawing a single stroke at the present moment; and yet I feel that I never was a greater artist than now. Anna-Maria Rowland Winnifred

  21. I possess read a few of the articles on the website currently, and I enjoy your type of blogging. I added it to my favorites blog list and will be checking again soon. Please check out my site too and i want to know what you think. Frank Lek Blake

  22. As I web-site possessor I believe the content matter here is rattling fantastic , appreciate it for your hard work. You should keep it up forever! Good Luck. Pauly Herby Tarah

  23. I am not a person that is quickly pleased, however today, I am. You have actually offered me with a great deal to take into consideration in relation to this topic. I appreciated your viewpoint and how very closely it matches my own. I just wished to say, Thank you for writing this. Danyelle Nikolos Lars

  24. Nice read, I just passed this onto a friend who was doing some research on that. And he actually bought me lunch since I found it for him smile So let me rephrase that: Thanks for lunch! Beryle Dewie Victoir

  25. Pretty section of content. I just stumbled upon your website and in accession capital to assert that I get in fact enjoyed account your blog posts. Anyway I will be subscribing to your feeds and even I achievement you access consistently rapidly.| Audi Allister Domash

  26. Great beat ! I would like to apprentice while you amend your website, how can i subscribe for a blog website? The account aided me a acceptable deal. I had been a little bit acquainted of this your broadcast provided bright clear concept Sela Weider Adelina

  27. Christina, please know that our thoughts and prayers are with your entire family. The word cancer sends shivers down my spine since it has hit my family too often. Know that we are here for you if you ever need anything. Watching you these last few weeks has shown what a dedicated individual you are. Even when faced with this news, you kept on top of other commitments. Hugs coming your way and all of the strength in the world to your father as he gets ready to beat this beast. Caron Byram Tichonn

  28. Awesome write-up. I am a normal visitor of your site and appreciate you taking the time to maintain the excellent site. I will be a regular visitor for a really long time. Susie Florian Brena

  29. I blog frequently and I seriously appreciate your information. Your article has really peaked my interest. I am going to take a note of your blog and keep checking for new details about once a week. I subscribed to your Feed as well. Aridatha Tedmund Mab

Leave a Reply

Your email address will not be published. Required fields are marked *