I am trying to make the communication between Nagios and Graphite but couldn't able to write Nagios performance data to the file.
I am referring below mentioned sites:
http://nagios.manubulon.com/traduction/docs25en/perfdata.html
http://nagios.manubulon.com/traduction/docs14en/xpdfile.html
To configure nagios.conf
http://nagios.manubulon.com/traduction/docs25en/configmain.html#host_perfdata_file
Please give some details on the perfdata file.
Make shure the file is writeable by the user your nagios is running with.
For Example:
If you use /usr/local/nagios/var/host-perfdata.dat to store your host performance data and your nagios is running with the user nagios the permission would look like:
-rw-rw-r-- nagios nagios host-perfdata
Related
Am trying to extract monitoring results for hosts configured in nagios in a output file. Changing "process-host-perfdata" command in /object/command.cfg.
Can I populate Contactgroup information along with host related data? If yes, please help how this can be done.
Yes that can be done. In fact you can configure Nagios to output any macros. Look for the below in your Nagios.cfg file
host_perfdata_file_template=[HOSTPERFDATA]\t$TIMET$\t$HOSTNAME$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$
Add the macros you want in the performance data output. You can also change the format etc if you want. You can find the macro list on Nagios documentation. Hope this helps.
I've been banging my head against the wall for the past few days on this and promise I looked everywhere. If I'm wrong please teach me with a link :)
I'm trying to schedule downtime for some services and haven't been able to make it happen via the command line or the web GUI. For some reason the only thing I can do is commit host comments/downtime via the GUI and nothing else anywhere else. I should also mention that a cronjob of the scheduled downtime will show up in the Nagios web interface comments, but still doesn't work. The only difference I notice is the author as indicated by the GUI for host down time is "nagiosadmin" and of the non-working downtimes is "nagios" I did try chown'ing file paths with nagiosadmin.
Here are the relevant deets:
nagios.cfg
check_external_commands=1
nagios_user=nagios
nagios_group=nagios
command_file=/usr/local/nagios/var/rw/nagios.cmd
I have changed the permissions and owners for this directory MANY times, nothing seems to work:
ls -l /usr/local/nagios/var/rw
prwxrwxrwx. 1 nagios nagcmd 0 Jan 29 21:27 nagios.cmd
srw-rw----. 1 nagios nagcmd 0 Jan 29 14:09 nagios.qh
I added users to groups that they don't really need to be in to no avail:
cat /etc/group:
nagcmd:x:505:nagios,nagiosadmin,apache
nagios:x:501:nagios,apache,nagiosadmin
The script is pointed to the correct file paths but again it won't work from the GUI anyway.
infra2 nagios: Error: External command failed -> SCHEDULE_HOST_DOWNTIME;deploy1;1422507601;1422536401;0;28800;neo-nagios;Scheduled Daily Downtime (low usage period) Jan 29 21:27:20 infra2 nagios: External command error: Command failed
I know this isn't the root of the problem as nothing works from command line but:
ls -l /usr/local/nagios/etc/cgi.cfg -rw-rw-r--. 1 nagios nagios 12015 Jan 29 14:06 /usr/local/nagios/etc/cgi.cfg
ls -l /usr/local/nagios/sbin/cmd.cgi -rwxrwxr-x. 1 nagios nagios 288424 Jan 28 10:17 /usr/local/nagios/sbin/cmd.cgi
GUI error I'm tired of seeing:
"Sorry, but you are not authorized to commit the specified command...yada"
What am I missing?!?! Please help! and thanks in advance
Personnally I use post/get while using the nagios cmd.cgi. You can use curl/wget/etc to call the command with the correct parameters to do what you want as if you used the GUI.
The easiest way is to look at what is sent when you execute a post/get command via the GUI and reproduce it through a wget/curl command. Works like a charm, I personally have automated processes while deploying that call the cmd.cgi from script and auto-downtime or disable/enable services by service or host.
There are some things that appear to be out of sync. In nagios.cfg, you have:
nagios_user=nagios
nagios_group=nagios
But then the group name on nagios.cmd is nagcmd, not nagios.
Additionally, you showed the group assignments for the nagios and nagcmd users, but what user is actually running the commands? Additionally, was nagcmd (or nagios) added as a group to the web user (www-data or apache, depending on the OS)?
Finally, there are some locations that need write permissions, as well. Making sure the correct permissions are added to those directories (and, again, the right users have the nagios or nagcmd group permissions) should help.
See this post for more information:
Nagios - Could not open command file /usr/local/nagios/var/rw/nagios.cmd’ for update
We have a few services which will startup and shutdown at various times. Due to this it is not possible to include them in the nagios configuration upfront.
I would like to periodically poll a DB or a file to enlist the dynamic services and modify the nagios config so that they show up on the Nagios dashboard.
Is there built-in support for such a thing in nagios? If not I would be restarting Nagios everytime the config is changed by a background process.
Thanks,
Yash
Yes. This can be done using the Nagios 'Command File' interface. For instance, I wrote an NRPE wrapper, called check_nrpe_retime, that uses the 'SCHEDULE_FORCED_SVC_CHECK' remote command to reschedule the next active check based on check results and other (external to Nagios) information. I set the Nagios config up with the 24x7 time period, then all the timing is controlled externally by check_nrpe_retime. Making it WAY easier to manager dynamic processes. External commands are described here and a list of commands is here.
I would like configure apache to create files with personalized owner:group and chmod.
I have an folder of website who need to be manipulated by apache + (ftp) user.
Actually i do an (where 'mygroup' is group of ftp users)
chown www-data:mygroup -R /my/website/files
chmod 770 -R /my/website/files
But when apache2 manipulate files and create files or folders, they have
-rw-r--r-- 1 www-data www-data
Any idea for configure apache2 ?
Edit: Debian 6
There is no real good way to do this AFAIK. Stock version of Apache doesn't have a mechanism to spawn workers under different users per request. All of its workers operate under the user and therefore can't write files as another.
That being said, there are some ways around this.
The first way will require you to run Apache as root. Apache, as it sits on your server, is running under an unprivileged user. Unprivileged users can't change the user that they run under. Only processes run as root can do that. If you are willing to run your Apache as root, there is a multi-process mod available here. What it does is allow you to run each VHOST under a different user (defined in your config). That means you would now also need to set up each user with their own VHOST. This way would work, but you are sacrificing a bit of security by doing this.
The second, more secure, but more "hacky" way to do it would be to run completely new and individual version of Apache for each user. So you have an Apache with its own set of config files JUST for userA, another Apache with its own different and separate set of configs just for userB, etc. Each instance of Apache could listen on a different port (i.e. userA's listens on port 8080, userB on port 8081...). Then you could use some kind of front end reverse proxy to sort it all out and route the traffic to the appropriate Apache instance.
Looks like you are working under openSUSE or SLES.
If so, take a look at the file /etc/apache2/uid.conf...
For the umask: not sure actually. What certainly works is to create a .profile file under the apache users home directory and set the umask in there. But I bet there is a more elegant solution!
I'm trying to develop an open source application to be sort like a centralized configuration management for all Unix platform like for example (changing root password, SSH configuration, DNS settings, /etc/hosts management.... and others).
I need your feedback for what do you recommend to use as the interface for all the configuration (list of scripts will be running in the Unix Servers as a clients to read the configuration and apply it in each system "Client===>to===>Server mode"
Should I use LDAP to host the configurations and any Unix OS can talk to the LDAP to get the configuration
or Should I just save the configuration in Database (e.g. MySQL) and build a web interface to read the database and print the configuration to the client ?
or you have any other idea?
You might look into something like Chef or Puppet instead. Why re-invent the wheel?
Curl can download a file from a URL and write that file to standard output. For example, executing curl -sS http://someHost/file.cfg will download "file.cfg" from the specified web server. The "-sS" options instruct Curl to print error messages but not any any progress diagnostics. By the way, Curl supports many protocols including HTTP, FTP and LDAP, so you have flexibility in the technology you want to use to host your centralised configuration repository (CCR).
You could use curl to retrieve a configuration file from the CCR, store the result in a local file and then parse that local file.
Check out Blueprint from DevStructure. It sounds like something along the lines of what you're trying to do. Basically it reverse engineers servers and detects everything that has changed from the install state. Open-source too.
https://github.com/devstructure/blueprint (Blueprint # Github)
We are also about to launch ConfigChief which is a central configuration repository that would do what you want: central point to store configuration (with all features like versioning, audit, ACL, inheritence, etc).
Once you have that, combined with change notification, you can just run a curl as Ciaran McHale says against the CCR and get your parsed configuration file back. This would eliminate the need for writing scripts to generate config files from the outside.
If you are interested, you can signup for a beta at http://woot.configchief.com
DISCLAIMER: I guess it is obvious from the first word!