Friday, February 5, 2010

Monitor windows server with Nagios - Configure nrpe

To do some more advance application monitoring we need to configure nrpe between nagios and nsclient++.
The first thing we need to monitor is that no files get stuck in import or export folders. (Next problem will be to monitor MS SQL servers, will probably have to find another plug-in for this.

Reference:
http://nagios.sourceforge.net/docs/nrpe/NRPE.pdf

1) Config nsclient
uncomment
NRPEListener.dll
allow_arguments=1
use_ssl=1

It is a risk to allow arguments. The alternative I think is to create local commands/ alias on the remote machine.

Test in nsclient command line (start nsclient /test)
CheckFile2 path=c:\test pattern=*.txt MaxCrit=1 filter+written=gt:10m
(checks for files older than 10minutes in c:\test)

2) Install nrpe plug-in in Nagios(local server)
The NRPE addon consists of two pieces:
– The check_nrpe plugin, which resides on the local monitoring machine
– The NRPE daemon, which runs on the remote Linux/Unix machine

To monitor a windows machine we need the plugin. The demaon will be NSClient on windows. If we want to test nrpe on the local machine we should also install the daemon locally.

a) Install check_nrpe plugin
sudo apt-get install libssl-dev

sudo -s

mkdir ~/downloads
cd ~/downloads

http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
tar xzf nrpe-2.12.tar.gz
cd nrpe-2.12

./configure
make all
make install-plugin

b) Test
sudo /usr/local/nagios/libexec/check_nrpe -H 192.168.0.100

It is very hard to get a clear answer about ssl but I am now sure it is enabled by default and it is controlled by the remote machines setting. If ssl is enabled in nsclient and you run a command without ssl you get an error
sudo /usr/local/nagios/libexec/check_nrpe -H 192.168.0.100 -n
(-n => skip ssl)

To make it secure I think it is also necessary to generate a new key or something. (See nrpe README.SSL). I have not tested that yet.

3) Configure Nagios
a) Add some nrpe commands
gedit /usr/local/nagios/etc/objects/commands.cfg

define command {
command_name check_nrpe_CheckOldFiles
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c CheckFile2 -a path=$ARG1$ pattern=$ARG2$ MaxCrit=1 filter+written=gt:$ARG3$ max-dir-depth=0
}
!!!!!!!!!!! I encountered some problems with checkfile2, when too many files are found I get a "buffert too small" error. My biggest problem issue was with a sub folder with many old files. This I finally fixed by adding the max-dir-depth=0 argument. The actual buffert problem I cannot solve for the moment. max-dir-depth set the number of sub folder levels checkfile2 will look into.
Error in nsclient log
2010-02-07 18:05:38: error:include\NSCHelper.cpp:241: Inject buffer to small, increase the value of: string_length.
2010-02-07 18:07:43: error:NSClient++.cpp:1101: UNKNOWN: Return buffer to small to handle this command.

!!!

define command {
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}


b) Add some nrpe services
gedit /usr/local/nagios/etc/objects/windows.cfg

#Check for old files in c:\test
define service{
use generic-service
host_name myHost
service_description Check old files in test
#path, pattern, age
check_command check_nrpe_CheckOldFiles!c:/test!*!10m
}

#Use the generic check_nrpe command.
#(will not work on windows but will show-up in log on client)
define service{
use generic-service
host_name myHost
service_description CPU load
check_command check_nrpe!check_load
}


c) Check config and restart
sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
sudo /etc/init.d/nagios restart

d) test
nagios command line
/usr/local/nagios/libexec/check_nrpe -H 192.168.169.100

/usr/local/nagios/libexec/check_nrpe -H 192.168.169.100 -c CheckFile2 -a path=c:/test pattern=*.txt MaxCrit=1 filter+written=gt:10m

2 comments:

  1. Does any one who can guide me how to use the nagios to Monitor the Microsoft sql and mysql?
    Thank you in advance!!

    i use linux nagios with CentOS to monitor windows and linux..

    ReplyDelete
  2. Well...there is two posts in this blog on how to monitor MSSQL and MYSQL.... many many guides if you bother to search. From your post I think you need to study a bit first.

    ReplyDelete