Book Image

Nagios Core Administration Cookbook Second Edition - Second Edition

By : Tom Ryder
Book Image

Nagios Core Administration Cookbook Second Edition - Second Edition

By: Tom Ryder

Overview of this book

Nagios Core is an open source monitoring framework suitable for any network that ensures both internal and customer-facing services are running correctly and manages notification and reporting behavior to diagnose and fix outages promptly. It allows very fine configuration of exactly when, where, what, and how to check network services to meet both the uptime goals of your network and systems team and the needs of your users. This book shows system and network administrators how to use Nagios Core to its fullest as a monitoring framework for checks on any kind of network services, from the smallest home network to much larger production multi-site services. You will discover that Nagios Core is capable of doing much more than pinging a host or to see whether websites respond. The recipes in this book will demonstrate how to leverage Nagios Core's advanced configuration, scripting hooks, reports, data retrieval, and extensibility to integrate it with your existing systems, and to make it the rock-solid center of your network monitoring world.

Related Content you might be interested in

Current Title:

Small book image
Nagios Core Administration Cookbook Second Edition - Second Edition
Tom Ryder
Feb, 2016 | 386 pages
No titles found
Table of Contents (18 chapters)
Nagios Core Administration Cookbook Second Edition
Nagios Core Administration Cookbook Second Edition
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Understanding Hosts, Services, and Contacts
Understanding Hosts, Services, and Contacts
Introduction
Creating a new network host
Creating a new HTTP service
Creating a new e-mail contact
Verifying configuration
Creating a new hostgroup
Creating a new servicegroup
Creating a new contactgroup
Creating a new time period
Running a service on all hosts on a group
2
Working with Commands and Plugins
Working with Commands and Plugins
Introduction
Finding a plugin
Installing a plugin
Removing a plugin
Creating a new command
Customizing an existing command
Using an alternative check command for hosts
Writing a new plugin from scratch
Implementing threshold checks in a plugin
Using macros as environment variables in a plugin
3
Working with Checks and States
Working with Checks and States
Introduction
Specifying how frequently to check a host or service
Changing thresholds for PING RTT and packet loss
Changing thresholds for disk usage
Scheduling downtime for a host or service
Managing brief outages with flapping
Adjusting flapping percentage thresholds for a service
4
Configuring Notifications
Configuring Notifications
Introduction
Configuring notification periods
Configuring notifications for groups
Choosing states for notification
Specifying the number of failed checks before notification
Automating contact rotation
Defining an escalation for repeated notifications
Defining a custom notification method
Filtering notifications based on a host or service value
5
Monitoring Methods
Monitoring Methods
Introduction
Monitoring PING for any host
Monitoring SSH for any host
Checking an alternative SSH port
Monitoring mail services
Monitoring web services
Checking that a website returns a given string
Monitoring database services
Monitoring the output of an SNMP query
Monitoring a RAID or other hardware device
Creating an SNMP OID for monitoring
6
Enabling Remote Execution
Enabling Remote Execution
Introduction
Monitoring local services on a remote machine with NRPE
Setting the listening address for NRPE
Setting allowed client hosts for NRPE
Creating new NRPE command definitions securely
Giving limited sudo(8) privileges to NRPE
Using check_by_ssh with key authentication instead of NRPE
Using check_mk instead of NRPE
7
Using the Web Interface
Using the Web Interface
Introduction
Using the Tactical Overview
Viewing and interpreting availability reports
Viewing and interpreting trends
Viewing and interpreting notification history
Adding comments on hosts or services in the web interface
Viewing configuration in the web interface
Scheduling checks from the web interface
Acknowledging a problem via the web interface
8
Managing Network Layout
Managing Network Layout
Introduction
Creating a network host hierarchy
Using the network map
Choosing icons for hosts
Establishing a host dependency
Establishing a service dependency
Monitoring individual nodes in a cluster
Using the network map as an overlay
9
Managing Configuration
Managing Configuration
Introduction
Grouping configuration files in directories
Keeping a configuration under version control
Configuring host roles using groups
Building groups using regular expressions
Using inheritance to simplify configuration
Defining macros in a resource file
Using another object's directives in a host or service check
Using custom directives
Dynamically building host definitions
10
Security and Performance
Security and Performance
Introduction
Using authentication for the Nagios Core web interface
Using authenticated contacts
Writing debugging information to the Nagios log file
Monitoring Nagios performance with nagiostats
Setting up a redundant monitoring host
11
Automating and Extending Nagios Core
Automating and Extending Nagios Core
Introduction
Allowing and submitting passive checks
Submitting passive checks from a remote host with NSCA
Submitting passive checks in response to SNMP traps
Setting up an event handler script
Tracking host and service states with Nagiosgraph
Reading status in a MySQL database with NDOUtils
Reading status from a Unix socket with MK Livestatus
Writing customized Nagios Core reports
Getting extra visualizations with NagVis
Writing custom Nagios Core management scripts
Index
Index

Giving limited sudo(8) privileges to NRPE

In this recipe, we'll learn how to deal with the difficulty of executing permissions for NRPE. The majority of standard Nagios plugins don't require special privileges to run, although this also depends on how stringent your system's security restrictions are. However, some of the plugins require being run as root or perhaps as another user other than nagios. This is sometimes the case with plugins that need to make requests of system-level resources such as checking the integrity of RAID arrays.

There are four general approaches to fixing this:

  • Bad: Change the plugins to setuid, meaning that they will always be run as the user who owns them, no matter who executes them. The problem with this is that setting this bit allows anyone to run the program as root, not just nrpe, a very common vector for exploits.

  • Worse: Run nrpe as root or as the appropriate user. This is done by changing the nrpe_user and nrpe_group properties in nrpe.cfg. This is even...

Previous Section
End of Section 7
Next Section