Setting up NRPE daemon: Difference between revisions

From Alpine Linux
(added example of opennhrp monitoring)
m (clarified a few parts)
Line 1: Line 1:
Install daemon:
Install daemon:
  apk add nrpe
  apk add nrpe && rc-update add nrpe default
Set up config file to bind to local IP, only allow needed hosts to connect.
Set up config file to bind to local IP, only allow needed hosts to connect (in /etc/nrpe.cfg):
server_address=10.14.8.3
allowed_hosts=10.14.8.149,10.14.8.150
Add a definition for a check command to /etc/nrpe.cfg, for example:
Add a definition for a check command to /etc/nrpe.cfg, for example:
  command[check_routes]=/usr/bin/check_routes.sh
  command[check_routes]=/usr/bin/check_routes.sh
Line 17: Line 19:
  fi
  fi
Restart NRPE.
Restart NRPE.
Allow port 5666 through Shorewall (in /etc/shorewall/rules) through to monitoring hosts.
Allow port 5666 (or whatever port you've specified for nrpe in /etc/nrpe.cfg) through Shorewall (in /etc/shorewall/rules) through to monitoring hosts.
On the monitoring host, run the following command to test:
On the monitoring host, run the following command to test, where 10.14.8.3 is the IP of the host to monitor:
  /usr/local/nagios/libexec/check_nrpe -H 10.14.8.3 -p 5666 -c check_routes
  /usr/local/nagios/libexec/check_nrpe -H 10.14.8.3 -p 5666 -c check_routes
You should get output like:
You should get output like:

Revision as of 14:06, 23 August 2010

Install daemon:

apk add nrpe && rc-update add nrpe default

Set up config file to bind to local IP, only allow needed hosts to connect (in /etc/nrpe.cfg):

server_address=10.14.8.3
allowed_hosts=10.14.8.149,10.14.8.150

Add a definition for a check command to /etc/nrpe.cfg, for example:

command[check_routes]=/usr/bin/check_routes.sh

Create the above script, and populate:

##!/bin/bash
##
NUMROUTES=`ip route | grep -n  | awk -F ':' '{print $1}' | tail -n 1`
if [[ $NUMROUTES > 80 ]];
then echo "OK: $NUMROUTES routes in routing table" && exit 0;
elif [[ $NUMROUTES < 80 ]] && [[ $NUMROUTES > 15 ]];
then echo "WARNING: $NUMROUTES routes in routing table" && exit 1;
elif $NUMROUTES = "" ;
then echo "WARNING: No routing information received" && exit 1;
else echo "CRITICAL: $NUMROUTES routes in routing table" && exit 2;
fi

Restart NRPE. Allow port 5666 (or whatever port you've specified for nrpe in /etc/nrpe.cfg) through Shorewall (in /etc/shorewall/rules) through to monitoring hosts. On the monitoring host, run the following command to test, where 10.14.8.3 is the IP of the host to monitor:

/usr/local/nagios/libexec/check_nrpe -H 10.14.8.3 -p 5666 -c check_routes

You should get output like:

OK: 173 routes in routing table

If you are having trouble, enable debugging in /etc/nrpe.cfg, and check /var/log/messages for errors. Most likely error(s) has to do with permissions of what you are trying to execute.


Example of monitoring opennhrp connection:

#!/bin/bash 
# $1 is hostname to check

if `echo $1` == "" ; 
then echo "Hostname must be specified as argument" && exit 1; 
fi

ping -c 1 -w 5 $1 > /dev/null 

HOSTOUTPUT="`host $1`" 
HOSTNETWORK="`echo $HOSTOUTPUT | awk -F ' ' '{print $NF}' | awk -F '.' '{print $1"."$2}'`" 
ROUTETONETWORK="`ip route | grep $HOSTNETWORK'\.'`" 
NEXTHOP="`echo $ROUTETONETWORK | awk -F ' ' '{print $3}'`" 
TUNNELSTATUS="`/usr/sbin/opennhrpctl show | grep -A 3 $NEXTHOP | grep Flags | awk -F ' ' '{print $NF}'`"

echo $TUNNELSTATUS