nagios how repeat check service more time different argument - nagios

I have one host on nagios defined like that:
define host {
host_name my-host
address ip
display_name my-host
hostgroups windows,windows-process-count
use windows-server
_PROCESSNAME my-process1.exe
_PROCESSCOUNT 1
}
On this host I check only that my-process1.exe is up.
but I need to check more process (my-process1, my-process2 etc....)
I would like check more process, defining like that:
define host {
host_name my-host
address ip
display_name my-host
hostgroups windows,windows-process-count
use windows-server
_PROCESSNAME my-process1.exe
_PROCESSCOUNT 1
_PROCESSNAME2 my-process2.exe
_PROCESSCOUNT2 1
_PROCESSNAME2 my-process3.exe
_PROCESSCOUNT2 4
etc...... for x process that i must control on this server
}
but in this way i must define x services, x hostgroups and x commands.
This is very uncomfortable and not very elegant.
what is the best way to get this result?

Unfortunately I don't think there is an elegant way to do it as you would like to. I have always worked with Nagios using a service-oriented approach, means I define a monitoring for one service or process and then I link all the hosts or hostgroups that use that process and need monitoring, even if it is one server. For me, I found that as the most reliable, tidy and sustainable way.
If you can afford a generic alert when any of the service fails, you could prepare a custom command to check all of them in one separate script, I would not like to see it like this in my dashboard.
I know that it is what you want to avoid but, If I were you, and considering you have a single server to monitor these processes, I would prepare a separate service file, something like:
#!/bin/bash
srvCfg = "/etc/nagios3/conf.d/host1procs.cfg" # I am using Nagios over Debian
server="host1"
processes=("process1.exe" "process2.exe")
srvGroup="customservicegroup"
for proc in "${processes[#]}"; do
echo "define service{" >> $srvCfg
echo " use generic-service" >> $srvCfg
echo " host_name $server" >> $srvCfg
echo " servicegroups $srvGroup" >> $srvCfg
echo " service_description Process monitoring for $proc" >> $srvCfg
echo " check_command check_nt!PROCSTATE!-d SHOWALL -l $proc" >> $srvCfg
echo "}" >> $srvCfg
done
I assumed that your example is just an example and the process names are not actually iterable to generate the list. That script will result in a file like:
define service{
use generic-service
host_name host1
servicegroups customservicegroup
service_description Process monitoring for process1.exe
check_command check_nt!PROCSTATE!-d SHOWALL -l process1.exe
}
define service{
use generic-service
host_name host1
servicegroups customservicegroup
service_description Process monitoring for process2.exe
check_command check_nt!PROCSTATE!-d SHOWALL -l process2.exe
}
You will have to define the servicegroup if you want all of the services to be automatically in it, if not take out the servicegroups line.
I know it is not the answer you are looking for, but hope it helps

Related

nagios check_http HTTP CRITICAL - Unable to open TCP socket, works fine from command line

I have the following service definition:
define service{
use my-service ; Name of service template to use
host_name dra
service_description https://www.example.com
check_command check_http!-I my.ip.address --ssl -H www.example.com
notifications_enabled 1
retry_check_interval 2
normal_check_interval 5
contact_groups myadmins
}
The service check keeps failing with
Name or service not known
HTTP CRITICAL - Unable to open TCP socket
However, if I run http_check from the command line, I get a 200 OK result:
/usr/lib/nagios/plugins/check_http -I my.ip.address --ssl -H www.example.com -v
.....
HTTP OK: HTTP/1.1 200 OK - 9176 bytes in 0.074 second response time |time=0.073543s;;;0.000000 size=9176B;;;0
Note also that the URL in question works just fine from a browser, the certificate is valid, etc. I also use the exact same service definition for a bunch of other sites, and they all work fine. The only thing I can think of is that this remote host is running on DigitalOcean and has a "Floating IP" assigned to it. I tried replacing my.ip.address above (and also in the host definition of the nagios config file) with either the Floating IP or the "standard" IP assigned to the host, and it makes no difference.
How is it possible that the same command would fail when run by nagios, but succeed when run manually?
The answer to my question is: don't use check_http, use
use check_https_hostname, and
make sure that the host_name stanza is the actual hostname
which requires matching the host_name stanzas in all the service and host definitions in the same cfg file.
So:
define service{
use my-service ; Name of service template to use
host_name www.example.com
service_description https://www.example.com
check_command check_https_hostname
notifications_enabled 1
retry_check_interval 2
normal_check_interval 5
contact_groups myadmins
}
Here is why: it becomes clear by looking at the definitions of check_http and check_https_hostname which are in the /etc/nagios-plugins/config/http.cfg file in my installation.
# 'check_http' command definition
define command{
command_name check_http
command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' '$ARG1$'
}
# 'check_https_hostname' command definition
define command{
command_name check_https_hostname
command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' '$ARG1$'
}
You will notice that the -H and -I arguments in check_http get the same value $HOSTADDRESS$, while in check_https_hostname they get $HOSTNAME$ and $HOSTADDRESS$, respectively.
The fact that I built my original command as check_http!-I my.ip.address --ssl -H www.example.com did not really matter. In the end, the /usr/lib/nagios/plugins/check_http command got two values for -I and two for -H, and the second pair was being ignored.
This did break "thanks" to Cloudflare, because the IP address dynamically assigned by Cloudflare to my www.example.com was not the same as the actual host IP address that I had specified in my host definition.
Finally, I wanted to mention that what helped me figure this out was setting
debug_level=-1
debug_verbosity=1
in my /etc/nagios3/nagios.cfg file and then looking through /var/log/nagios3/nagios.debug.
Also, check out all the different variants of the check_http commands in /etc/nagios-plugins/config/http.cfg. There are some very useful ones.

How to output hostname in "service Description" for nagios core?

I have currently the following two service defined as below:
define service {
use my-webapp-service
hostgroup_name all
service_description System check - PING
check_command check_ping!100.0,20%!500.0,60%
}
define service {
use my-webapp-service
hostgroup_name all
service_description System check - Swap Usage
check_command check_nrpe!check_swap
check_interval 1
}
What I want is output string to be:
System check - PING - "Actual hostname where this alarm got fired off"
System check - Swap Usage - "Actual hostname where this alarm got fired off"
I think this could be possible but I just don't know how to make it possible.
Would sincerely appreciate your guidance on that.
Many Thanks
Output are handled by scripts. Default behavior is that script donĀ“t return hostname, because it is not necessary.
If you wanna add hostname in output, you must edit already exist scripts or create new one.
Here is basic info how create script for Nagios - http://www.yourownlinux.com/2014/06/how-to-create-nagios-plugin-using-bash-script.html
For your needs you must add $HOSTNAME to echo. For instance:
echo "$HOSTNAME - WARNING- $output"
If you want the script that is executing to be aware of the hostname, you'll need to pass the hostname as an argument to the Nagios command. That also means that the script will need to accept the hostname as an argument. Take for example:
define service {
use my-webapp-service
hostgroup_name all
service_description System check - PING
check_command check_ping!100.0,20%!500.0,60%
}
check_ping probably looks something like:
define command {
command_name check_ping
command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
}
The problem here is that the executable at $USER1$/check_ping doesn't know that you want to pass the host's name as an argument. So you'll need to make a wrapper script. I'm not going to write the script for you, but to give you a hint, the command definition would look something like:
define command {
command_name check_ping_print_hostname
command_line $USER1$/my_check_ping_wrapper.sh --hostname $HOSTNAME$ -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
}
And then the script at $USER1$/my_check_ping_wrapper.sh is obviously going to need grab that --hostname argument, and then pass the other arguments directly to check_ping, wait for the output, and then amend the output with the information given in the --hostname arg.
Hope this helps!

Nagios Monitoring Hosts with check_ping

I've deployed a new instance of Nagios on a fresh install of CentOS 7 via the EPEL repository. So the Nagios Core version is 3.5.1.
After installing nagios and nagios-plugins-all (via yum), I've created a number of hosts and service definitions, have tested my configuration with nagios -v /etc/nagios/nagios.cfg, and have Nagios up and running!
Unfortunately, my host checks are failing (although my service checks are working perfectly fine).
Within the Nagios Web GUI / Dashboard, if I drill down into a Host page with the "Host State Information", I see this being reported for "Status Information" (IP address removed):
Status Information: /usr/bin/ping -n -U -w 30 -c 5 {my-host-ip-address}
CRITICAL - Could not interpret output from ping command
So in my troubleshooting, I drilled down into the Nagios Plugins directory (/usr/lib64/nagios/plugins), and ran a test with the check_ping plugin consistent with the way check-host-alive runs the command (see below for my check-host-alive command definition):
./check_ping -H {my-ip-address} -w 3000.0,80% -c 5000.0,100% -p 5
This check_ping command returns the following output:
PING OK - Packet loss = 0%, RTA = 0.63
ms|rta=0.627000ms;3000.000000;5000.000000;0.000000 pl=0%;80;100;0
I haven't changed the definition of how check_ping works, and can confirm that I'm getting a "PING OK" whenever the command is run the same way that check-host-alive runs the command, so I cannot figure out what's going on!
Below are the command definitions for check-host-alive as well as check_ping.
# 'check-host-alive' command definition
define command{
command_name check-host-alive
command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5
}
{snip}
# 'check_ping' command definition
define command{
command_name check_ping
command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
}
Any suggestions on how I can fix my check-host-alive command definition to work properly and evaluate the output of check_ping properly?
Edit
Below is the full define host {} template I'm using:
define host {
host_name myers ; The name of this host template
alias Myers
address [redacted]
check_command check-host-alive
contact_groups admins
notifications_enabled 0 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
notification_period 24x7 ; Send host notifications at any time
register 1
max_check_attempts 2
}
For anyone else who runs into this issue, there's another option than changing permissions on ping. Simply change the host check command to use check_host rather than check_ping. While there are certainly some differences in the functionality, the overall end result is the same.
There are those who will say this isn't a good option because of the ability to range the check_ping command, but it should be remembered that host checks aren't even executed until all service checks for a given host have failed. Anyway, if you're interested in testing throughput, there are MUCH better ways of going about it than relying on ICMP, which is the lowest priority traffic type on a network.
I'm sure the OP is well on to other things by now, but hopefully someone else who has this issue will benefit.
I could not found the ping on /usr/bin/ping
# chmod u+s /bin/ping
# ls -al /bin/ping
-rwsr-xr-x 1 root root 40760 Sep 26 2013 /bin/ping*
Finally run the below command,
/usr/local/nagios/libexec/check_ping -H 127.0.0.1 -w 100.0,20% -c 500.0,60% -p 5
I was fairly certain that running chmod U+s /usr/bin/ping would solve the issue, but I was (and still am) wary about chmod'ing system files. It seems to me that there has to be a safer way to do it.
However, in the end, that's what I did - and it works. I don't like it, from a security standpoint.
I also had same problem and the above answers did not work for me. After some checking the issue further noticed that the reason is IP protocol. once I passed the correct IP protocol , It worked fine.
/usr/local/nagios/libexec/check_ping -H localhost -w 3000.0,80% -c 5000.0,100% -4
output
PING OK - Packet loss = 0%, RTA = 0.05 ms|rta=0.051000ms;3000.000000;5000.000000;0.000000 pl=0%;80;100;0
By default It's getting IPv6.
/usr/local/nagios/libexec/check_ping -H localhost -w 3000.0,80% -c 5000.0,100% -6
output
/sbin/ping6 -n -U -W 30 -c 5 localhost
CRITICAL - Could not interpret output from ping command
But when integrating with Nagios server, I could not able to pass this value as an argument. Therefore I have done below workaround in client side nrpe.cfg file
command[check_ping_args]=/usr/local/nagios/libexec/check_ping -H $ARG1$ -w $ARG2$ -c $ARG3$ -4
Here Host, warning and critical thresholds were passing by Nagios host as below,
define service{
use generic-service
hostgroup_name all-servers
service_description Host Ping Status
check_command check_nrpe_args!check_ping_args!localhost!3000.0,80%!5000.0,100%
}

Different Nagios email notifications for different services

I'm trying to send out a different style of notification for a specific service in Nagios, namely, when a user account gets locked out from AD. I don't need all the excess information associated with the usual emails (e.g. Host the service pertains to, IP address, service status, etc), as all the information I need is given in the SNMP trap sent from Windows in $SERVICEOUTPUT. However, I can't just change the notify-service-by-email command because I need to use the full output for all the other services.
I need to find a way to either:
Send out an email notification customized to this service
define command{
command_name notify-service-by-email
command_line $~LongOutputCommand~$
}
define command{
command_name notify-lockouts-by-email
command_line $-ShortOutputCommand~$
}
define service{
service_description Account Lockouts
service_notification notify-lockouts-by-email
...
}
Execute an if statement inside the command_line section of the Nagios command:
define command{
command_name notify-service-by-email
command_line if [ "$SERVICEDESC" == "Account Lockouts" ]; then $-ShortOutputCommand~$; else $~LongOutputCommand~$; fi
}
I don't believe it's possible for Nagios to do the first way because of the way it is programmed, but no matter how I try the second way it doesn't process it as a proper command ("if not recognized", etc).
You cannot put a "script" syntax on a command_line definition. Think the command_line as an handler to call a script in action: the logic, and a if statement is "logic", must be moved in the script you are calling. Inside the script just use the if statement on $1 (the positional variable for the first argument passed to the script) and then process the value of $1. So, if $1 (in our case if you pass $SERVICEDESC is to the script as first argument, inside the script it is referenced as $1) equal to...

Save ping results to text file with Computer name

I'd like to use a variation of the following batch script to save the results of a ping test to a folder on the network with the computer name appended to the file name or somewhere in the results.
ping www.google.com -n 1000 > pinglog.txt
type pinglog.txt
I need to perform some diagnostics on all computers of a network to determine whether a connection stability issue is router related, internet related or localised to just one of the computers.
The batch file will be stored on the network at \\192.168.1.254\ICT\Scripts, and I would like the log files saved to that location with the computer name added so that I can determine which PC the results belong to (eg. pinglog-reception.txt).
Can this be done? If so, how?
If you want to do this for different servers, then:
server=www.google.com
ping %server% -n 1000 > \\192.168.1.254\ICT\Scripts\%server%.txt
type \\192.168.1.254\ICT\Scripts\%server%.txt
If you want to do this for different querying computers on your own network, then see the other answer. You will need to use the network name for the file:
ping www.google.com -n 1000 > \\192.168.1.254\ICT\Scripts\pinglog-%COMPUTERNAME%.txt
Use the %COMPUTERNAME% environment variable:
ping www.google.com -n 1000 > pinglog-%COMPUTERNAME%.txt
pathping
would seem to be better suited to this than ping.

Resources