Installing NRPE: Difference between revisions
| No edit summary | |||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
| [[category:nagios]] | [[category:nagios]] | ||
| To install and configure NRPE on a FreeBSD server I first install the NRPE port: | == Nagios configuration == | ||
| To configure Nagios to use NRPE to gather information from remote hosts, first a command definition is needed in <code>/usr/local/etc/nagios/objects/commands.cfg</code>: | |||
| <pre> | |||
| # 'check_nrpe2' command definition /tyk | |||
| define command{ | |||
|         command_name    check_nrpe2 | |||
|         command_line    $USER1$/check_nrpe2 -H $HOSTADDRESS$ -c $ARG1$ | |||
| } | |||
| </pre> | |||
| == NRPE installation == | |||
| To install and configure NRPE on a FreeBSD server to monitor it with Nagios, I first install the NRPE port: | |||
| <pre> | <pre> | ||
| sudo portmaster /usr/ports/net-mgmt/nrpe2 | sudo portmaster /usr/ports/net-mgmt/nrpe2 | ||
| Line 7: | Line 18: | ||
| I always use SSL for NRPE even on LAN, so I check the SSL option and continue. If I am installing NRPE in a jail I remember to check "Compilation within jail(8)" in the options for <code>/usr/ports/net-mgmt/nagios-plugins</code> which will be installed as a dependency of <code>/usr/ports/net-mgmt/nrpe2</code>. | I always use SSL for NRPE even on LAN, so I check the SSL option and continue. If I am installing NRPE in a jail I remember to check "Compilation within jail(8)" in the options for <code>/usr/ports/net-mgmt/nagios-plugins</code> which will be installed as a dependency of <code>/usr/ports/net-mgmt/nrpe2</code>. | ||
| == NRPE Configuration == | |||
| After the installation is complete I copy the sample config and edit it: | After the installation is complete I copy the sample config and edit it: | ||
| <pre> | <pre> | ||
Latest revision as of 21:28, 17 January 2010
Nagios configuration
To configure Nagios to use NRPE to gather information from remote hosts, first a command definition is needed in /usr/local/etc/nagios/objects/commands.cfg:
# 'check_nrpe2' command definition /tyk
define command{
        command_name    check_nrpe2
        command_line    $USER1$/check_nrpe2 -H $HOSTADDRESS$ -c $ARG1$
}
NRPE installation
To install and configure NRPE on a FreeBSD server to monitor it with Nagios, I first install the NRPE port:
sudo portmaster /usr/ports/net-mgmt/nrpe2
I always use SSL for NRPE even on LAN, so I check the SSL option and continue. If I am installing NRPE in a jail I remember to check "Compilation within jail(8)" in the options for /usr/ports/net-mgmt/nagios-plugins which will be installed as a dependency of /usr/ports/net-mgmt/nrpe2.
NRPE Configuration
After the installation is complete I copy the sample config and edit it:
sudo cp /usr/local/etc/nrpe.cfg-sample /usr/local/etc/nrpe.cfg sudo ee /usr/local/etc/nrpe.cfg
The only options I change are allowed_hosts and I also change the line:
command[check_users]=/usr/local/libexec/nagios/check_users -w 5 -c 10
into:
command[check_users]=/usr/local/libexec/nagios/check_users -w 10 -c 20
or something like that. I normally have screen running with at least 4-5 tabs open and I don't want Nagios to throw a warning whenever I log on to the machine :)
If I am installing NRPE in a jail with only a root partition there is no reason to monitor /usr /var and /tmp as well - so in a jail I delete the following lines from /usr/local/etc/nrpe.cfg:
command[check_var]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /var command[check_tmp]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /tmp command[check_usr]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /usr
I also like monitor the installed ports on a FreeBSD server for security vulnerabilities, there is a seperate article on how to enable that. There is a bunch of other things that NRPE can do aside from the default things in the sample config that the port installs - the ones I have documented are all in the Nagios category.
I then enable NRPE in rc.conf:
sudo ee /etc/rc.conf nrpe2_enable="YES"
..and start NRPE:
sudo /usr/local/etc/rc.d/nrpe2 start
If I need to open up a firewall to allow the Nagios server to reach NRPE on this server, I allow incoming traffic to TCP port 5666 from the Nagios server to reach the machine running NRPE.
I then go add the machine to the Nagios server configs with the relevant hostgroups and/or services, restart Nagios, and go check the web interface and wait to see if everything is green, and if not, I probably need to adjust anything else in nrpe.cfg on the machine being monitored (or maybe there is actually a problem I need to go fix).