Installing NRPE: Difference between revisions
No edit summary |
|||
| Line 11: | Line 11: | ||
== NRPE installation == | == NRPE installation == | ||
To install and configure NRPE on a FreeBSD server I first install the NRPE port: | To install and configure NRPE on a FreeBSD server to monitor it with Nagios, I first install the NRPE port: | ||
<pre> | <pre> | ||
sudo portmaster /usr/ports/net-mgmt/nrpe2 | sudo portmaster /usr/ports/net-mgmt/nrpe2 | ||
Latest revision as of 21:28, 17 January 2010
Nagios configuration
To configure Nagios to use NRPE to gather information from remote hosts, first a command definition is needed in /usr/local/etc/nagios/objects/commands.cfg:
# 'check_nrpe2' command definition /tyk
define command{
command_name check_nrpe2
command_line $USER1$/check_nrpe2 -H $HOSTADDRESS$ -c $ARG1$
}
NRPE installation
To install and configure NRPE on a FreeBSD server to monitor it with Nagios, I first install the NRPE port:
sudo portmaster /usr/ports/net-mgmt/nrpe2
I always use SSL for NRPE even on LAN, so I check the SSL option and continue. If I am installing NRPE in a jail I remember to check "Compilation within jail(8)" in the options for /usr/ports/net-mgmt/nagios-plugins which will be installed as a dependency of /usr/ports/net-mgmt/nrpe2.
NRPE Configuration
After the installation is complete I copy the sample config and edit it:
sudo cp /usr/local/etc/nrpe.cfg-sample /usr/local/etc/nrpe.cfg sudo ee /usr/local/etc/nrpe.cfg
The only options I change are allowed_hosts and I also change the line:
command[check_users]=/usr/local/libexec/nagios/check_users -w 5 -c 10
into:
command[check_users]=/usr/local/libexec/nagios/check_users -w 10 -c 20
or something like that. I normally have screen running with at least 4-5 tabs open and I don't want Nagios to throw a warning whenever I log on to the machine :)
If I am installing NRPE in a jail with only a root partition there is no reason to monitor /usr /var and /tmp as well - so in a jail I delete the following lines from /usr/local/etc/nrpe.cfg:
command[check_var]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /var command[check_tmp]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /tmp command[check_usr]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /usr
I also like monitor the installed ports on a FreeBSD server for security vulnerabilities, there is a seperate article on how to enable that. There is a bunch of other things that NRPE can do aside from the default things in the sample config that the port installs - the ones I have documented are all in the Nagios category.
I then enable NRPE in rc.conf:
sudo ee /etc/rc.conf nrpe2_enable="YES"
..and start NRPE:
sudo /usr/local/etc/rc.d/nrpe2 start
If I need to open up a firewall to allow the Nagios server to reach NRPE on this server, I allow incoming traffic to TCP port 5666 from the Nagios server to reach the machine running NRPE.
I then go add the machine to the Nagios server configs with the relevant hostgroups and/or services, restart Nagios, and go check the web interface and wait to see if everything is green, and if not, I probably need to adjust anything else in nrpe.cfg on the machine being monitored (or maybe there is actually a problem I need to go fix).
