Nagios Server
Nagios is an open source monitoring solution running on Linux.
Nagios is designed to periodically check critical network, application, or server parameters.
These parameters include microprocessor load, number of running processes, log files, disk and memory usage, as well as many other services such as SMTP (Simple Mail Transfer Protocol), HTTP (Hypertext Transfer Protocol), POP3 (Post Office Protocol 3), etc. can be checked.
These parameters require a microprocessor load, a database such as PHP or MySQL to run Nagois, and a web server such as Apache or Nginx. We will proceed under the assumption that all of these have already been configured。
2. Installing Nagios
①Install
# pkg install nagios4
➁Add Apache User to Nagios Group
# pw groupmod nagios -m www
➂Preparing the Configuration File
# cd /usr/local/etc/nagios
# cp nagios.cfg-sample nagios.cfg
# cp cgi.cfg-sample cgi.cfg
# cp resource.cfg-sample resource.cfg
# chown -R nagios:nagios /usr/local/etc/nagios/
Copy the samples in the "objects" directory as well.
# cd /usr/local/etc/nagios/objects
# cp commands.cfg-sample commands.cfg
# cp contacts.cfg-sample contacts.cfg
# cp localhost.cfg-sample localhost.cfg
# cp printer.cfg-sample printer.cfg
# cp switch.cfg-sample switch.cfg
# cp templates.cfg-sample templates.cfg
# cp timeperiods.cfg-sample timeperiods.cfg
# cp windows.cfg-sample windows.cfg
3. Verifying Nagios Plugins
# pkg install nagios-plugins
The following nagios-plugins are available
# ls /usr/local/libexec/nagios/
check_apt check_ftp check_mrtgtraf check_pop check_tcp
check_breeze check_http check_nagios check_procs check_time
check_by_ssh check_icmp check_nntp check_real check_udp
check_clamd check_ifoperstatus check_nntps check_rpc check_ups
check_cluster check_ifstatus check_nt check_sensors check_users
check_dhcp check_imap check_ntp check_simap check_wave
check_dig check_ircd check_ntp_peer check_smtp negate
check_disk check_jabber check_ntp_time check_spop remove_perfdata
check_disk_smb check_load check_nwstat check_ssh urlize
check_dummy check_log check_oracle check_ssl_validity utils.pm
check_file_age check_mailq check_overcr check_ssmtp utils.sh
check_flexlm check_mrtg check_ping check_swap
4.Integrating Nagios and Apache
Create the nagios.conf file and have Apache load it
# vi /usr/local/etc/apache24/Includes/nagios.conf
Describe the following
Alias /nagios /usr/local/www/nagios
<Directory "/usr/local/www/nagios">
Options FollowSymLinks
AllowOverride None
# Access Control
<RequireAll>
# Allow only specific IP addresses or networks
Require ip 127.0.0.1 192.168.11.0/24
# User Authentication: Allow access to all valid users
Require valid-user
</RequireAll>
# Configuring Basic Authentication
AuthType Basic
AuthName "Nagios Access"
AuthUserFile "/usr/local/etc/nagios/htpasswd.users"
</Directory>
# Nagios CGI Execution Directory
ScriptAlias /nagios/cgi-bin /usr/local/www/nagios/cgi-bin
<Directory "/usr/local/www/nagios/cgi-bin">
Options ExecCGI
AllowOverride None
<RequireAll>
Require ip 127.0.0.1 192.168.11.0/24
Require valid-user
</RequireAll>
AuthType Basic
AuthName "Nagios Access"
AuthUserFile "/usr/local/etc/nagios/htpasswd.users"
</Directory>
Restart Apache
# service apache24 restart
5. Creating a Nagios Web User
Create a user account to access the Nagios Web Dashboard. This user account is used for authentication.
The default name of the user is nagiosadmin, which is defined as the preferred user name in the /usr/local/etc/nagios/cgi.cfg file.
# htpasswd -c /usr/local/etc/nagios/htpasswd.users nagiosadmin
New password: [password]
Re-type new password: [again password]
Adding password for user nagiosadmin
Set ownership and permissions
# chown www:www /usr/local/etc/nagios/htpasswd.users
# chmod 640 /usr/local/etc/nagios/htpasswd.users
6. Starting Nagios
Start and enable the Nagios service
# sysrc nagios_enable="yes"
# service nagios start
Check if the service is running
# service nagios status
nagios is running as pid 2926.
7. Access the Nagios Web Interface
Access http://[IP_Address]/nagios/ with any browser
Username : nagoisadmin
Password : Password specified when the user was created above
After successful login, the following dashboard will appear
Show host availability
Click on [Hosts] in the left menu
Currently, only the Nagios Server is displayed.
Click [Tactical Overview] on the left menu to view the monitoring data
Click [Current Status] [Services] on the left menu : The current monitoring service details are displayed.
※ If you have assigned port 2244 via custom settings for SSH, modify localhost.cfg as follows:
# vi /usr/local/etc/nagios/objects/localhost.cfg
Per Line143
check_command check_ssh
↓
check_command check_ssh!-p 2244
# service nagios restart
7. Nagios Agent Configuration
To monitor the agent. Install the following
・NRPE Agent to run plugins
① Installing Nagios NRPE Agent
# pkg install nrpe
➁Autostart and Process Launch
# vi /etc/rc.conf
Add the following
nrpe_enable="YES"
# service nrpe start
➁Open the NRPE port in the firewall
By default, NRPE uses TCP port 5666.
If a firewall is in use, open this port to allow external checks from the Nagios monitoring server.
# vi /usr/local/etc/ipfw.rules
Add the following
$IPF xxx allow tcp from any to any 5666 in
$IPF xxx allow tcp from any to any 5666 out
Restart ipfw to reload the rules
# service ipfw restart
8. Adding a monitored host
Add the following server to the host and configure it as a target for simple ping death/activity monitoring
OS : FreeBSD14.3
IPアドレス : 192.168.11.85
①Configuration File Editing
# vi /usr/local/etc/nagios/nagios.cfg
Line 51 : Uncomment
cfg_dir=/usr/local/etc/nagios/servers
➁ Directory Create
# mkdir /usr/local/etc/nagios/servers
# chgrp nagios /usr/local/etc/nagios/servers
# chmod 750 /usr/local/etc/nagios/servers
➂ Create new definition file
The name "korodes.cfg" can be arbitrary.
# vi /usr/local/etc/nagios/servers/korodes.cfg
The following description
define host {
use freebsd-server
host_name korodes
alias korodes
address 192.168.11.85
}
define service {
use generic-service
host_name korodes
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
④ Restart Nagios server
# service nagios restart
Log in to the Nagios server (http://[server IP address]/nagios) and look at Hosts, and the host is added.
9. Adding Monitoring Services
Add monitoring services to the hosts added above.
OS : FreeBSD14.3
IPアドレス : 192.168.11.85
You need to install the NRPE daemon and the Nagios plugin.
9.1 Configuration on the server to be monitored
①Install the Nagios plugin
# pkg install nagios-plugins
➁ Install the NRPE agent
# pkg install nrpe
➂Open the NRPE port in the firewall
# vi /usr/local/etc/ipfw.rules
Add the following
$IPF xxx allow tcp from any to any 5666 in
$IPF xxx allow tcp from any to any 5666 out
Restart ipfw to reload the rules
# service ipfw restart
④ Configuration File Editing
# vi /usr/local/etc/nrpe.cfg
Line 106 : Add a host to allow connections (specify Nagios server)
allowed_hosts=127.0.0.1,::1,192.168.11.83
Line 122 : Allow command arguments
dont_blame_nrpe=1
Line 300-304 : Comment and add
# command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
# command[check_load]=/usr/lib/nagios/plugins/check_load -r -w .15,.10,.05 -c .30,.25,.20
# command[check_hda1]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
# command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
# command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
Add part of the plugin
command[check_by_ssh]=/usr/lib/nagios/plugins/check_by_ssh $ARG1$
command[check_dhcp]=/usr/lib/nagios/plugins/check_dhcp $ARG1$
command[check_disk]=/usr/lib/nagios/plugins/check_disk $ARG1$
command[check_file_age]=/usr/lib/nagios/plugins/check_file_age $ARG1$
command[check_ftp]=/usr/lib/nagios/plugins/check_ftp $ARG1$
command[check_http]=/usr/lib/nagios/plugins/check_http $ARG1$
command[check_imap]=/usr/lib/nagios/plugins/check_imap $ARG1$
command[check_load]=/usr/lib/nagios/plugins/check_load $ARG1$
command[check_log]=/usr/lib/nagios/plugins/check_log $ARG1$
command[check_mysql]=/usr/lib/nagios/plugins/check_mysql $ARG1$
command[check_ntp]=/usr/lib/nagios/plugins/check_ntp $ARG1$
command[check_ntp_peer]=/usr/lib/nagios/plugins/check_ntp_peer $ARG1$
command[check_ntp_time]=/usr/lib/nagios/plugins/check_ntp_time $ARG1$
command[check_ping]=/usr/lib/nagios/plugins/check_ping $ARG1$
command[check_pop]=/usr/lib/nagios/plugins/check_pop $ARG1$
command[check_spop]=/usr/lib/nagios/plugins/check_spop $ARG1$
command[check_procs]=/usr/lib/nagios/plugins/check_procs $ARG1$
command[check_smtp]=/usr/lib/nagios/plugins/check_smtp $ARG1$
command[check_ssmtp]=/usr/lib/nagios/plugins/check_ssmtp $ARG1$
command[check_ssh]=/usr/lib/nagios/plugins/check_ssh $ARG1$
command[check_swap]=/usr/lib/nagios/plugins/check_swap $ARG1$
command[check_tcp]=/usr/lib/nagios/plugins/check_tcp $ARG1$
command[check_udp]=/usr/lib/nagios/plugins/check_udp $ARG1$
command[check_ups]=/usr/lib/nagios/plugins/check_ups $ARG1$
command[check_users]=/usr/lib/nagios/plugins/check_users $ARG1$
⑤ nrpe server activation and startup
# vi /etc/rc.conf
Add the following
nrpe_enable="YES"
# service nrpe start
※To verify that NRPE is running, execute the following command on the Nagios server. If the output looks like this, everything is OK.
# /usr/local/libexec/nagios/check_nrpe -H 192.168.11.85
NRPE v4.1.3
9.2 Nagios Server Side Configuration
① commands.cfg edit
# vi /usr/local/etc/nagios/objects/commands.cfg
Add to the last line
define command {
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
➁Edit and add korodes.cfg created when you added the host earlier
I'll add HTTP,SSH,FTP this time.
# vi /usr/local/etc/nagios/servers/korodes.cfg
# Add the following:
# 'HTTP' command definition
define service{
use local-service
host_name korodes
service_description HTTP
check_command check_http
}
# 'SSH' command definition
define service{
use local-service
host_name korodes
service_description SSH
check_command check_ssh
}
# 'FTP' command definition
define service{
use local-service
host_name korodes
service_description FTP
check_command check_ftp
}
➂ Restart Nagios
# service nagios restart
④ Access http://[Nagios Server IP Address]/nagios
Newly added monitoring services are added as shown in the figure below.
