Difference between revisions of "How to Setup and configure Nagios"
(→4.0 IRC Notification Bot Configuration (Server configuration)) |
(→4.0 IRC Notification Bot Configuration (Server configuration)) |
||
Line 454: | Line 454: | ||
{|border="1" cellpadding="1" cellspacing="0" align="left" | {|border="1" cellpadding="1" cellspacing="0" align="left" | ||
|- | |- | ||
− | |/var/log/nagios/status.dat | + | |/var/log/nagios/status.dat || Points to the log file it will read |
− | |Points to the log file it will read | ||
|- | |- | ||
− | |irc.freenode.net:6667 | + | |irc.freenode.net:6667 || IRC server |
− | |IRC server | ||
|- | |- | ||
− | |mathon | + | |mathon || Channel name |
− | |Channel name | ||
|- | |- | ||
− | |The "-C" flag | + | |The "-C" flag || Allows it to send colored messages |
− | |Allows it to send colored messages | ||
|- | |- | ||
− | |test22283833 | + | |test22283833 || IRCnickname |
− | |IRCnickname | ||
|- | |- | ||
− | |ident/realname | + | |ident/realname || The ident and real name string for the bot |
− | |The ident and real name string for the bot | ||
|- | |- | ||
− | |The "-I" flag 900 | + | |The "-I" flag 900 || How often to send a message to the channel in this case its 15min (900 seconds) |
− | |How often to send a message to the channel in this case its 15min (900 seconds) | ||
|- | |- | ||
|} | |} |
Revision as of 15:38, 27 November 2010
- Version 0.2
Contents
1.0 About Nagios
Nagios is a system and network monitoring application. It watches hosts and services that you specify, and provides critical notifications to administrators, when the system/network performance is being negatively impacted.
Nagios was originally designed to run under Linux, but it possessess the capability of being compatible with a host of other OSs as well.
Some of the many features of Nagios include:
- Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
- Monitoring of host resources (processor load, disk usage, etc.)
- Simple plug-in design that allows users to easily develop their own service checks
- Parallelized service checks
- Ability to define network host hierarchy using "parent" hosts, allowing detection of and distinction between hosts that are down and those that are unreachable
- Contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method)
- Ability to define event handlers to be run during service or host events for proactive problem resolution
- Automatic log file rotation
- Support for implementing redundant monitoring hosts
- Optional web interface for viewing current network status, notification and problem history, log file, etc.
2.0 Server Installation
This guide will provide you with instructions on how to install Nagios from source (code) on Fedora 13 and have it monitoring your local and client machines.
2.1 Features available after instalation
- Nagios and the all plugins will be installed underneath /usr/local/nagios
- Nagios will be configured to monitor a few aspects of your local system (CPU load, disk usage, etc.)
- The Nagios web interface will be accessible at http://localhost/nagios/
- Monitor Nagios clients
2.2 Prerequisites
During portions of the installation you will need to have root access to your machine.
Note: root password is **********
Make sure you've installed the following packages on your Fedora 13 installation before continuing.
- Apache
- PHP
- GCC compiler
- GD development libraries
Note: you have to be root to install the following packages.
yum install httpd php
yum install gcc glibc glibc-common
yum install gd gd-devel
2.3 Create Account Information
1. While you still have root privilages from a previous step, create a new nagios user account and give it a password.
useradd -m nagios
passwd **********
2. Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache
2.4 Download Nagios and the Plugins
1. Create a directory for storing the downloads.
mkdir ~/nagios/downloads
cd ~/nagios/downloads
Download the source code tarballs of both Nagios and the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest versions).
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.2.3.tar.gz
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz
2.5 Compile and Install Nagios
1. Extract the Nagios source code tarball.
cd ~/nagios/downloads
tar xzf nagios-3.2.3.tar.gz
cd nagios-3.2.3
2. Run the Nagios configure script, passing the name of the group you created earlier, using the following command:
./configure --with-command-group=nagcmd
3. Compile the Nagios source code.
make all
4. Install binaries, init script, sample config files and set permissions on the external command directory.
Note: you have to be root to issue the following commands.
make install
make install-init
make install-config
make install-commandmode
Note: DO NOT start Nagios yet
2.6 Customize Configuration
Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you'd like to use for receiving alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg
Note: this will be changed to Chris Tyler’s email.
2.7 Configure the Web Interface
1. Install the Nagios web config file in the Apache conf.d directory.
cd /home/nagios/downloads/nagios-3.2.3
Note: you have to be root to issue the following command.
make install-webconf
2. Create a nagiosadmin account for logging into the Nagios web interface.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Type the password: **********
3. Restart Apache to make the new settings take effect.
service httpd restart
2.8 Compile and Install the Nagios Plugins
1. Extract the Nagios plugins source code tarball.
cd ~/downloads
tar xzf nagios-plugins-1.4.15.tar.gz
cd nagios-plugins-1.4.15
2. Compile and install the plugins.
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
Note: you have to be root to issue make install command.
make install
2.9 Start Nagios
1. Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig --add nagios
chkconfig nagios on
2. Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
You have to have no warnings or errors: Total Warnings: 0 Total Errors: 0
3. If there are no errors, start Nagios. If you got errors, please check nagios.cfg file in step 2, and try it again.
service nagios start
2.10 Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This can result in "Internal Server Error" messages when you attempt to access the Nagios CGIs.
1. See if SELinux is in Enforcing mode.
getenforce
2. Put SELinux into Permissive mode.
setenforce 0
3. To make this change permanent, you'll have to modify the settings in /etc/selinux/config and reboot. Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:
chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
chcon -R -t httpd_sys_content_t /usr/local/nagios/share/
2.11 Login to the Web Interface
You should now be able to access the Nagios web interface at the URL below. You'll be prompted for the username (nagiosadmin) and password you specified earlier. For a password that you configured please refere to the section 2.7, step 2.
Click on the "Service Detail" navigational bar link to see details of what's being monitored on your local machine. It will take a few minutes for Nagios to check all the services associated with your machine, as the checks are spread out over time.
2.12 Open Port 5666 on Firewall
Make sure your machine's firewall rules are configured to allow access to the web server if you want to access the Nagios interface remotely.
1. Create a rule for iptables.
iptables -I INPUT -p tcp -m tcp ---dport 5666 -j ACCEPT
2. Save the new iptables rule so it will survive machine reboots.
service iptables save
2.13 You're Done
Congratulations! You sucessfully installed Nagios. Your journey into monitoring is just beginning. You have just completed the basic configuration of the Nagios Server. You'll no doubt want to monitor more than just your local machine, so keep reading and you will find how to configure the client machine with some modifications on Nagios server. If you did everything as per specifications, the following page will be displayed upon initial access of the Nagios Server GUI:
3.0 Additional Server configuration
3.1 Downlad and Install NRPE Plugin for Nagios Server
1. Create a Nagios_NRPE folder.
mkdir -p ~/Nagios/Nagios_NRPE
cd ~/Nagios/Nagios_NRPE
2. Save file to directory ~/Nagios
http://www.nagios.org/download/download.php
3. Extract the Files:
tar -xzf nrpe-2.12.tar.gz
cd nrpe-2.12
3.2 Compile and Configure NRPE
Note: you have to be root to issue make install command.
./configure
make all
make install-plugin
3.3 Test Connection to NRPE daemon on Remote Server
Make sure that the NRPE on your Nagios server can talk to the NRPE daemon on the remote server we want to monitor. Replace “<IP of Remote Server>” with the remote servers IP address.
/usr/local/nagios/libexec/check_nrpe -H 142.204.133.90 NRPE v2.12
3.4 Create NRPE Command Definition
Note: The command.cfg file does not exist in /usr/local/nagios/etc/ directory so it has to be created, and the script block has to be added to the aformentioned file.
1. A command definition needs to be created in order for the check_nrpe plugin to be used by nagios.
vi /usr/local/nagios/etc/objects/commands.cfg
2. Add the following at the end of the file:
define command{ command_name check_nrpe command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ }
3.5 Create host and service definitions
You'll need to create some object definitions in order to monitor the remote Linux/Unix machine. These definitions can be placed in their own file or added to an already exiting object configuration file.
First, create a new template for each different type of host you'll be monitoring. Let's create a new template for Linux boxes.
1. Create new linux-box-remote object template file:
vi /usr/local/nagios/etc/objects/linux-box-remote.cfg
Note: Information below is just an example of the template file.
define host{ name linux-box-remote ; Name of this template use generic-host ; Inherit default values check_period 24x7 check_interval 5 retry_interval 1 max_check_attempts 10 check_command check-host-alive notification_period 24x7 notification_interval 30 notification_options d,r contact_groups admins register 0 ; DONT REGISTER THIS - ITS A TEMPLATE } define host{ use linux-box-remote ; Inherit default values from a template host_name Centos5 ; The name we're giving to this server alias Centos5 ; A longer name for the server address 142.204.133.90 ; IP address of the server } define service{ use generic-service host_name Centos5 service_description CPU Load check_command check_nrpe!check_load } define service{ use generic-service host_name Centos5 service_description Current Users check_command check_nrpe!check_users } define service{ use generic-service host_name Centos5 service_description /dev/hda1 Free Space check_command check_nrpe!check_hda1 } define service{ use generic-service host_name Centos5 service_description Total Processes check_command check_nrpe!check_total_procs } define service{ use generic-service host_name Centos5 service_description Zombie Processes check_command check_nrpe!check_zombie_procs }
2. Activate the linux-box-remote.cfg template:
vi /usr/local/nagios/etc/nagios.cfg
And add the following lines:
# Definitions for monitoring remote Linux machine
cfg_file=/usr/local/nagios/etc/objects/linux-box-remote.cfg
3. Verify Nagios Configuration Files:
If there are errors, fix them. If everything is fine, restart Nagios.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
You have to have no warnings or errors:
Total Warnings: 0 Total Errors: 0
4. Restart Nagios:
service nagios restart
4.0 IRC Notification Bot Configuration (Server configuration)
Note: please keep in mind this was done on Fedora 13 with Nagios 3.2.3 and NagIRCBot 0.0.30.
1. Become the root user.
su –
2. Install edition packages.
yum install openssl-devel
yum nstall gcc
3. After unpacking the tarball, in the make file you must change the following line:
from:
LDFLAGS+=$(DEBUG) -lssl -lstdc++
to:
LDFLAGS+=$(DEBUG) -lssl -lstdc++ -lcrypto
4. When you change the make file from the step 3, issue make/make install.
make
make install
5. Once its installed you can start up nagircbot:
nagircbot -f /var/log/nagios/status.dat -s irc.freenode.net:6667 -c \#mathon -C -n test22283833 -u ident -U realname -I 900
6. Lets examine the command from step 5, which will be the main command for starting nagircbot:
/var/log/nagios/status.dat | Points to the log file it will read |
irc.freenode.net:6667 | IRC server |
mathon | Channel name |
The "-C" flag | Allows it to send colored messages |
test22283833 | IRCnickname |
ident/realname | The ident and real name string for the bot |
The "-I" flag 900 | How often to send a message to the channel in this case its 15min (900 seconds) |
7. Congratulations! You just completed the IRC bot configuration.
5.0 Client Installation
5.1 Create Account Information on Client Machine
SSH to Iraq machine (142.204.133.98) and issue the following commands:
1. Become the root user.
su -
2. Create a new nagios user account and give it a password.
useradd -m nagios
passwd senecaCdot
3. Create a folder for Nagios plugins.
mkdir ~/downloads
cd ~/downloads
Note: For the next step make sure you are connected to the Internet to download nagios plugins.
3. Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest versions).
wget http://osdn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.8.tar.gz
4. Extract the NRPE source code tarball.
tar xzf nrpe-2.8.tar.gz
cd nrpe-2.8
5. Compile the NRPE add-on.
./configure
make all
6. Install the NRPE plug-in.
make install-plugin
5.2 Compile and Configure Nagios Plugins
Note: You need openssl-devel package installed to compile plugins with ssl support. You have to be root to issue make install commands.
1. Become root user.
su -
2. Install openssl-devel package.
yum -y install openssl-devel
2. Instal Plugins:
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
3. The permissions on the plugin directory and the plugins will need to be changed to nagios user.
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec
4. Package xinted is needed.
yum install xinetd
5. Start xinetd service.
service xinetd start
5.3 Downlad and Install NRPE Daemon
1. Create a forlder ~/Nagios/Nagios_NRPE.
mkdir -p ~/Nagios/Nagios_NRPE
cd ~/Nagios/Nagios_NRPE
Save file to directory ~/Nagios
http://www.nagios.org/download/download.php
2. Extract the files:
tar -xzf nrpe-2.12.tar.gz
cd nrpe-2.12
5.4 Compile and Configure NRPE
1. Install NRPE:
Note: you have to be root to issue make install command.
./configure
General Options: ------------------------- NRPE port: 5666 NRPE user: nagios NRPE group: nagios Nagios user: nagios Nagios group: nagios
make all
make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd
5.5 Post NRPE Configuration
1. Edit Xinetd NRPE entry:
Add Nagios Monitoring server to the “only_from” directive.
vi /etc/xinetd.d/nrpe only_from = 127.0.0.1 <142.204.133.90 >
2. Edit services file entry and add entry for nrpe daemon.
vi /etc/services
nrpe 5666/tcp # NRPE
3. Restart Xinetd and set to start at boot:
chkconfig xinetd on
service xinetd restart
5.6 Test NRPE Daemon Install
1. Check NRPE daemon is running and listening on port 5666:
netstat -at |grep nrpe
2. Output should be:
tcp 0 0 *:nrpe *.* LISTEN
3. Check NRPE daemon is functioning:
/usr/local/nagios/libexec/check_nrpe -H localhost
4. Output should be NRPE version:
NRPE v2.12
5.7 Open Port 5666 on Firewall
Note: Make sure to open port 5666 on the firewall of the remote server so that the Nagios monitoring server can access the NRPE daemon.
1. Create a rule for iptables.
iptables -I INPUT -p tcp -m tcp ---dport 5666 -j ACCEPT
2. Save the new iptables rule so it will survive machine reboots.
service iptables save
5.8 Congratulations
Congratulations! You have successfully completed the configuration of the Nagios Server/Client setup.