Thursday, 3 November 2016

Install and Configure Nagios on Cent OS 7 with remote NRPE host

In this tutorial, we will set up a nagios server and a remote NRPE host.

Lets install the prerequisites first

$sudo yum install -y gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel xinetd unzip mailx httpd php5 php5-gd postfix

We must create a user and group that will run the Nagios process. Create a "nagios" user and "nagcmd" group, then add the user to the group with these commands

$sudo useradd nagios
$sudo groupadd nagcmd
$sudo usermod -a -G nagcmd nagios

Install Nagios Core

$curl -L -O https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.1.1.tar.gz
$tar xvf nagios-*.tar.gz
$cd nagios-*
$./configure --with-command-group=nagcmd
$make all
$sudo make install
$sudo make install-commandmode
$sudo make install-init
$sudo make install-config
$sudo make install-webconf
$sudo usermod -G nagcmd apache

Now lets install the nagios plugins
$cd ..
$curl -L -O http://nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz
$tar xvf nagios-plugins-*.tar.gz
$cd nagios-plugins-*
$./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
$make
$sudo make install

Now lets install NRPE
$cd ..
$curl -L -O http://downloads.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz
$tar xvf nrpe-*.tar.gz
$cd nrpe-*
$./configure --enable-command-args --with-nagios-user=nagios --with-nagios-group=nagios --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu
$make all
$sudo make install
$sudo make install-xinetd
$sudo make install-daemon-config

Now lets edit the start-up script 
$sudo vi /etc/xinetd.d/nrpe

Modify the only_from line by adding the private IP address of the your Nagios server to the end (substitute in the actual IP address of your server):

only_from = 127.0.0.1 x.x.x.x

Restart the xinetd service to start NRPE:

$sudo service xinetd restart

Now let's perform the initial Nagios configuration. You only need to perform this section once, on your Nagios server.

$sudo vi /usr/local/nagios/etc/nagios.cfg

Now find an uncomment this line

#cfg_dir=/usr/local/nagios/etc/servers

Now create the directory that will store the configuration file for each server that you will monitor:

$sudo mkdir /usr/local/nagios/etc/servers

Open the Nagios contacts configuration in your favorite text editor. We'll use vi to edit the file:

$sudo vi /usr/local/nagios/etc/objects/contacts.cfg

Find the email directive, and replace its value (the highlighted part) with your own email address:

email                           nagios@localhost        ; <<***** CHANGE THIS TO YOUR EMAIL ADDRES

Let's add a new command to our Nagios configuration:

$sudo vi /usr/local/nagios/etc/objects/commands.cfg

Add the following to the end of the file:

define command{
        command_name check_nrpe
        command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

For mail Notification

We have to change the command "notify-host-by-email" and "notify-service-by-email" as below inorder for the mail notification to work

$sudo vim /usr/local/nagios/etc/objects/commands.cfg

define command{
        command_name    notify-host-by-email
        command_line    /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
        }

# 'notify-service-by-email' command definition
define command{
        command_name    notify-service-by-email
        command_line    /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
        }


Configure Apache

Use htpasswd to create an admin user, called "nagiosadmin", that can access the Nagios web interface:

$sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Enter a password at the prompt. Remember this login, as you will need it to access the Nagios web interface.

Nagios is ready to be started. Let's do that, and restart Apache:

$sudo systemctl start nagios.service
$sudo systemctl restart httpd.service

To enable Nagios to start on server boot, run this command:

$sudo systemctl enable nagios.service

Open your favorite web browser, and go to your Nagios server

http://nagios_server_ip/nagios


#################################################################################

Monitor a CentOS 7 Host with NRPE


On a server that you want to monitor, install the EPEL repository:

$sudo yum install epel-release

Now install Nagios Plugins and NRPE:

$sudo yum install nrpe nagios-plugins-all

Now, let's update the NRPE configuration file. Open it in your favorite editor (we're using vi):

$sudo vi /etc/nagios/nrpe.cfg

Find the allowed_hosts directive, and add the private IP address of your Nagios server to the comma-delimited list (substitute it in place of the highlighted example):

allowed_hosts=127.0.0.1,x.x.x.x

Restart NRPE to put the change into effect:

$sudo systemctl start nrpe.service
$sudo systemctl enable nrpe.service


Add Host to Nagios Configuration

On your Nagios server, create a new configuration file for each of the remote hosts that you want to monitor in /usr/local/nagios/etc/servers/. Replace the highlighted word, "yourhost", with the name of your host:

$sudo vi /usr/local/nagios/etc/servers/yourhost.cfg


Add in the following host definition, replacing the host_name value with your remote hostname ("web-1" in the example), the alias value with a description of the host, and the address value with the private IP address of the remote host:

define host {
        use                             linux-server
        host_name                       client1.example.com
        alias                           Monitor 1
        address                         x.x.x.x
        max_check_attempts              5
        check_period                    24x7
        notification_interval           30
        notification_period             24x7
contacts                        nagiosadmin
}


With the configuration file above, Nagios will only monitor if the host is up or down. If this is sufficient for you, save and exit then restart Nagios. If you want to monitor particular services, read on.

Add any of these service blocks for services you want to monitor. Note that the value of check_command determines what will be monitored, including status threshold values. Here are some examples that you can add to your host's configuration file:

Ping:

define service {
        use                             generic-service
        host_name                       yourhost
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60%
}

SSH 

define service {
        use                             generic-service
        host_name                       yourhost
        service_description             SSH
        check_command                   check_ssh
        notifications_enabled           0
}


$sudo systemctl reload nagios.service

HTTP
define service {
        use                             generic-service
        host_name                       client1.example.com
        service_description             HTTP
        check_command                   check_http
        notifications_enabled           1
}

Port Check: We are going to check the availablility of port 80 with a check interval of 10 seconds

define service {
        use                             generic-service
        host_name                       client1.example.com
        service_description             HTTP_PORT_CHECK
        check_command                   check_tcp!80
        check_interval                  0.2
        notifications_enabled           1
}

Note:
check_interval 1 = 60 seconds
check_interval .5 = 30 seconds


To check memory utilization on the remote host

Download the Memory check Plugin

$wget https://raw.githubusercontent.com/justintime/nagios-plugins/master/check_mem/check_mem.pl

$sudo mv check_mem.pl /usr/lib64/nagios/plugins/check_mem
chmod +x /usr/lib64/nagios/plugins/check_mem

You can check whether the script generates output properly by manually running the following command on localhost. When used with NRPE, this command is supposed to check free memory, warn when free memory is less than 20%, and generate critical alarm when free memory is less than 10%.

$/usr/lib64/nagios/plugins/check_mem -f -w 20 -c 10

OK - 34.0% (2735744 kB) free.|TOTAL=8035340KB;;;; USED=5299596KB;6428272;7231806;; FREE=2735744KB;;;; CACHES=2703504KB;;;;

If you see something like the above as an output, that means the command is working okay.

Now that the script is ready, we define the command to check RAM usage for NRPE. As mentioned before, the command will check free memory, warn when free memory is less than 20%, and generate critical alarm when free memory is less than 10%.

$sudo vim /etc/nagios/nrpe.cfg
command[check_mem]=/usr/lib64/nagios/plugins/check_mem  -f -w 20 -c 10



Now in the Nagios server add the following section to the /usr/local/nagios/etc/servers/yourhost.cfg


define service{
        use                            generic-service
        host_name                      client1.example.com
        service_description            Check RAM
        check_command                  check_nrpe!check_mem
}


Restart the nrpe service in the remote host

Restart the nagios service in the Nagios server

Nagios should start checking RAM usage of a remote-server using NRPE. If you are having any problem, you could check the following.

Make sure that NRPE port is allowed all the way to the remote host. Default NRPE port is TCP 5666.
You could try manually checking NRPE operation by executing the check_nrpe command: /usr/local/nagios/libexec/check_nrpe -H remote-server
You could also try to run the check_mem command manually: /usr/local/nagios/libexec/check_nrpe -H remote-server –c check_mem



High Availability with IREDMAIL Integrated with Active Directory

This is step by step guide for Centos 7. Server1 will be the Active node and Server2 will be the failover node. After failover when ...