Setting up NRPE daemon: Difference between revisions

Revision as of 21:43, 13 November 2009

To install, add the edge testing repository, then run:

apk add nrpe

Set up config file to bind to local IP, only allow needed hosts to connect (in our case, our redundant Nagios servers). Add a definition for a check command, for example:

command[check_routes]=/usr/bin/check_routes.sh

Create the above script, and populate (code below needs a cleanup, but was done more as proof-of-concept):

##!/bin/ash
##
## Script to check whether routes to branches are being received properly

NUMROUTES=`ip route | grep -n  | awk -F ':' '{print $1}' | tail -n 1`
if [[ $NUMROUTES > 80 ]];
then echo "OK: $NUMROUTES routes in routing table" && exit 0;
elif [[ $NUMROUTES < 80 ]] && [[ $NUMROUTES > 15 ]];
then echo "WARNING: $NUMROUTES routes in routing table" && exit 1;
elif $NUMROUTES = "" ;
then echo "WARNING: No routing information received" && exit 1;
else echo "CRITICAL: $NUMROUTES routes in routing table" && exit 2;
fi

Restart NRPE. Allow port 5666 through Shorewall (in /etc/shorewall/rules) through to monitoring hosts. On the monitoring host, run the following command to test:

root#/usr/local/nagios/libexec/check_nrpe -H 10.14.8.3 -p 5666 -c check_routes

You should get output like:

OK: 173 routes in routing table

If you are having trouble, enable debugging in /etc/nrpe.cfg, and check /var/log/messages for errors. Most likely error(s) has to do with permissions of what you are trying to execute. Remember that scripts are executed as nagios user, not root, so keep the "fancy tricks" to a minimum.

@@ Line 1: / Line 1: @@
-Note: This was tested using Alpine 1.9.1, running under VMware Workstation 5.5.1 build-19175.  Host O/S for VMware Windows XP Home SP3.  CPU: Intel Atom N270.
-Mostly due to laziness, didn't find openssl-dev, since apk wasn't available, so SSL support isn't compiled in when following he below steps.
 Source code: http://nagios.org/
-Steps for compilation:
+To install, add the edge testing repository, then run:
+ apk add nrpe
-# Downloaded nrpe-2.12
+Set up config file to bind to local IP, only allow needed hosts to connect (in our case, our redundant Nagios servers).
-# apk add alpine-sdk
+Add a definition for a check command, for example:
-# apk add net-snmp # Wanted for some nrpe plugins
+  command[check_routes]=/usr/bin/check_routes.sh
-# apk add linux-grsec-dev
+Create the above script, and populate (code below needs a cleanup, but was done more as proof-of-concept):
-# ./configure --disable-ssl
+  ##!/bin/ash
-# make all
+  ##
-# make install-plugin
+  ## Script to check whether routes to branches are being received properly
-# make install-daemon
-# Since sample config didn't compile using above steps, configured the following config for testing:<br>
-  pid_file=/var/run/nrpe.pid
- server_port=5666
- server_address=192.168.48.128
- allowed_hosts=192.168.48.128
-Ran the following command to test: <br>
-  root#/usr/local/nagios/libexec/check_nrpe -n -H 192.168.48.128
-  NRPE v2.12
-  root#
-For expanding NRPE's capabilities, consider scripts included with the nagios-plugins source code, also from the above site.  To compile and run on Alpine, the alpine-sdk and net-snmp packages will be required (some plugins appear to have to issues with the version of net-snmp included with Alpine 1.9.1, but this will most likely be resolved with future nagios-plugins updates).
-To compile nagios-plugins successfully, compile with the --with-openssl=no (since the openssl-dev package is not present).  All other defaults appear to function correctly.
+ NUMROUTES=`ip route | grep -n '' | awk -F ':' '{print $1}' | tail -n 1`
+ if [[ $NUMROUTES > 80 ]];
+ then echo "OK: $NUMROUTES routes in routing table" && exit 0;
+ elif [[ $NUMROUTES < 80 ]] && [[ $NUMROUTES > 15 ]];
+ then echo "WARNING: $NUMROUTES routes in routing table" && exit 1;
+ elif [[ $NUMROUTES = "" ]];
+ then echo "WARNING: No routing information received" && exit 1;
+ else echo "CRITICAL: $NUMROUTES routes in routing table" && exit 2;
+ fi
+Restart NRPE.
+Allow port 5666 through Shorewall (in /etc/shorewall/rules) through to monitoring hosts.
+On the monitoring host, run the following command to test:
+ root#/usr/local/nagios/libexec/check_nrpe -H 10.14.8.3 -p 5666 -c check_routes
+You should get output like:
+  OK: 173 routes in routing table
-NOW: Compile both NRPE and nagios-plugins with SSL support, once the proper version of openssl-dev is acquired and installed.
+If you are having trouble, enable debugging in /etc/nrpe.cfg, and check /var/log/messages for errors.  Most likely error(s) has to do with permissions of what you are trying to execute.  Remember that scripts are executed as nagios user, not root, so keep the "fancy tricks" to a minimum.