Installing NRPE

From TykWiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Nagios configuration

To configure Nagios to use NRPE to gather information from remote hosts, first a command definition is needed in /usr/local/etc/nagios/objects/commands.cfg: 

# 'check_nrpe2' command definition /tyk
define command{
        command_name    check_nrpe2
        command_line    $USER1$/check_nrpe2 -H $HOSTADDRESS$ -c $ARG1$
}

NRPE installation

To install and configure NRPE on a FreeBSD server to monitor it with Nagios, I first install the NRPE port: 

sudo portmaster /usr/ports/net-mgmt/nrpe2

I always use SSL for NRPE even on LAN, so I check the SSL option and continue. If I am installing NRPE in a jail I remember to check "Compilation within jail(8)" in the options for /usr/ports/net-mgmt/nagios-plugins which will be installed as a dependency of /usr/ports/net-mgmt/nrpe2.

NRPE Configuration

After the installation is complete I copy the sample config and edit it: 

sudo cp /usr/local/etc/nrpe.cfg-sample /usr/local/etc/nrpe.cfg
sudo ee /usr/local/etc/nrpe.cfg

The only options I change are allowed_hosts and I also change the line: 

command[check_users]=/usr/local/libexec/nagios/check_users -w 5 -c 10

into: 

command[check_users]=/usr/local/libexec/nagios/check_users -w 10 -c 20

or something like that. I normally have screen running with at least 4-5 tabs open and I don't want Nagios to throw a warning whenever I log on to the machine :)

If I am installing NRPE in a jail with only a root partition there is no reason to monitor /usr /var and /tmp as well - so in a jail I delete the following lines from /usr/local/etc/nrpe.cfg: 

command[check_var]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /var
command[check_tmp]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /tmp
command[check_usr]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /usr

I also like monitor the installed ports on a FreeBSD server for security vulnerabilities, there is a seperate article on how to enable that. There is a bunch of other things that NRPE can do aside from the default things in the sample config that the port installs - the ones I have documented are all in the Nagios category.

I then enable NRPE in rc.conf: 

sudo ee /etc/rc.conf
nrpe2_enable="YES"

..and start NRPE: 

sudo /usr/local/etc/rc.d/nrpe2 start

If I need to open up a firewall to allow the Nagios server to reach NRPE on this server, I allow incoming traffic to TCP port 5666 from the Nagios server to reach the machine running NRPE.

I then go add the machine to the Nagios server configs with the relevant hostgroups and/or services, restart Nagios, and go check the web interface and wait to see if everything is green, and if not, I probably need to adjust anything else in nrpe.cfg on the machine being monitored (or maybe there is actually a problem I need to go fix).

Retrieved from "https://tyk.wiki/index.php?title=Installing_NRPE&oldid=194"