Monday, February 2, 2015

Nagios monitoring by SSH

On remote host: 192.168.1.10

[root@ubuntu ~]# useradd nagios -m -d /home/nagios
[root@ubuntu ~]# su - nagios
[nagios@ubuntu ~]$ mkdir .ssh
[nagios@ubuntu ~]$ touch authorized_keys
[nagios@ubuntu ~]$ mkdir /home/nagios/plugins
[nagios@ubuntu ~]$ passwd nagios >> put password for it

On Nagios server: 192.168.1.20

 login as nagios user:

su - nagios
now you should probably on /home/nagios/

nagios@xxx:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/nagios/.ssh/id_rsa): 
Created directory '/home/nagios/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/nagios/.ssh/id_rsa.
Your public key has been saved in /home/nagios/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 nagios@xxx
The key's randomart image is:
+--[ DSA 1024]----+
| .. |
| o.= |
| Boo |
| oo .. |
| S .. |
| o o . |
| o Eoo.|
| . . ++o|
| . ++.*|
+-----------------+

create /home/nagios/.ssh folder in remote host by ssh

nagios@xxx:~> ssh nagios@192.168.1.20 mkdir -p .ssh
nagios@192.168.1.20's password:

now add new public key to remote host to .ssh/authorized_keys :

nagios@xxx:~> cat .ssh/id_rsa.pub | ssh nagios@192.168.1.20 'cat >> .ssh/authorized_keys'
nagios@192.168.1.20's password:

 try to login ssh without type password

ssh nagios@192.168.1.20

 if above still not working try following below.
  • Put the public key in .ssh/authorized_keys2
  • Change the permissions of .ssh to 700
  • Change the permissions of .ssh/authorized_keys2 to 640

Now make sure you can ssh to the client without putting in your password.

cd /usr/local/nagios/libexec/
scp * nagios@192.168.1.20:/home/nagios/plugins/


Now on the server
[nagios@xxx ~]$ /usr/local/icinga/libexec/check_by_ssh -H 192.168.1.20 -C "/home/nagios/plugins/check_users -w 0 -c 1" -t 20
USERS CRITICAL - 2 users currently logged in |users=2;0;1;0


example for command.cfg

define command {
command_name check_by_ssh
command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -C $ARG1$
}


and host.cfg

define service{
        use                             generic-service         
        host_name                       VIP-VAS-kannel-01
        service_description             CPU LOAD
        is_volatile                     0
        check_period                    24x7
        max_check_attempts              3
        normal_check_interval           1
        retry_check_interval            1
        notification_interval           120
        notification_period             24x7
        notification_options            w,u,c,r
        check_command                   check_by_ssh!"/home/nagios/plugins/check_load -w 80 -c 90" -t 60
        contact_groups                  RNDADMIN
        servicegroups                   CPULoad
        }


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)