check_ports - NRPE portaudit check

From TykWiki
Jump to navigationJump to search

It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE:

$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr
Nagios Plugin to monitor your FreeBSD Ports Tree for updates or
installed packages with known security vulnerabilities.

Configuring Nagios

Define a new service on the Nagios server, in /usr/local/etc/nagios/objects/services.cfg:

define service{
        use                             generic-service
        hostgroup_name                  freebsd-servers
        service_description             nrpe_check_ports
        check_command                   check_nrpe2!check_portaudit

I call the check check_portaudit to better remember what it is.

I want all my FreeBSD servers to have their ports checked, so I added the hostgroup freebsd-servers to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup freebsd-servers.

Install the plugin

Just install the port, easy as it gets. It installs /usr/ports/ports-mgmt/portaudit as a dependency, by the way:

sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/

Note: If this is the first time Portaudit (installed as a dependency) is used on the server, you need to download a fresh audit database before it will work. If you do not download it manually, it will happen automatically each night (called from periodic). To download a fresh audit database manually, run:

sudo portaudit -F

Configuring NRPE

Add the following line to /usr/local/etc/nrpe.cfg:


I call the check check_portaudit to better remember what it is.

Remember to restart NRPE after changing the config:

sudo /usr/local/etc/rc.d/nrpe2 restart